109 lines
6.4 KiB
Go
109 lines
6.4 KiB
Go
// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
|
|
|
|
// Package sts provides the client and types for making API
|
|
// requests to AWS Security Token Service.
|
|
//
|
|
// The AWS Security Token Service (STS) is a web service that enables you to
|
|
// request temporary, limited-privilege credentials for AWS Identity and Access
|
|
// Management (IAM) users or for users that you authenticate (federated users).
|
|
// This guide provides descriptions of the STS API. For more detailed information
|
|
// about using this service, go to Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html).
|
|
//
|
|
// For information about setting up signatures and authorization through the
|
|
// API, go to Signing AWS API Requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html)
|
|
// in the AWS General Reference. For general information about the Query API,
|
|
// go to Making Query Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html)
|
|
// in Using IAM. For information about using security tokens with other AWS
|
|
// products, go to AWS Services That Work with IAM (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// If you're new to AWS and need additional technical information about a specific
|
|
// AWS product, you can find the product's technical documentation at http://aws.amazon.com/documentation/
|
|
// (http://aws.amazon.com/documentation/).
|
|
//
|
|
// Endpoints
|
|
//
|
|
// By default, AWS Security Token Service (STS) is available as a global service,
|
|
// and all AWS STS requests go to a single endpoint at https://sts.amazonaws.com.
|
|
// Global requests map to the US East (N. Virginia) region. AWS recommends using
|
|
// Regional AWS STS endpoints instead of the global endpoint to reduce latency,
|
|
// build in redundancy, and increase session token validity. For more information,
|
|
// see Managing AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
|
|
// in the IAM User Guide.
|
|
//
|
|
// Most AWS Regions are enabled for operations in all AWS services by default.
|
|
// Those Regions are automatically activated for use with AWS STS. Some Regions,
|
|
// such as Asia Pacific (Hong Kong), must be manually enabled. To learn more
|
|
// about enabling and disabling AWS Regions, see Managing AWS Regions (https://docs.aws.amazon.com/general/latest/gr/rande-manage.html)
|
|
// in the AWS General Reference. When you enable these AWS Regions, they are
|
|
// automatically activated for use with AWS STS. You cannot activate the STS
|
|
// endpoint for a Region that is disabled. Tokens that are valid in all AWS
|
|
// Regions are longer than tokens that are valid in Regions that are enabled
|
|
// by default. Changing this setting might affect existing systems where you
|
|
// temporarily store tokens. For more information, see Managing Global Endpoint
|
|
// Session Tokens (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html#sts-regions-manage-tokens)
|
|
// in the IAM User Guide.
|
|
//
|
|
// After you activate a Region for use with AWS STS, you can direct AWS STS
|
|
// API calls to that Region. AWS STS recommends that you provide both the Region
|
|
// and endpoint when you make calls to a Regional endpoint. You can provide
|
|
// the Region alone for manually enabled Regions, such as Asia Pacific (Hong
|
|
// Kong). In this case, the calls are directed to the STS Regional endpoint.
|
|
// However, if you provide the Region alone for Regions enabled by default,
|
|
// the calls are directed to the global endpoint of https://sts.amazonaws.com.
|
|
//
|
|
// To view the list of AWS STS endpoints and whether they are active by default,
|
|
// see Writing Code to Use AWS STS Regions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html#id_credentials_temp_enable-regions_writing_code)
|
|
// in the IAM User Guide.
|
|
//
|
|
// Recording API requests
|
|
//
|
|
// STS supports AWS CloudTrail, which is a service that records AWS calls for
|
|
// your AWS account and delivers log files to an Amazon S3 bucket. By using
|
|
// information collected by CloudTrail, you can determine what requests were
|
|
// successfully made to STS, who made the request, when it was made, and so
|
|
// on.
|
|
//
|
|
// If you activate AWS STS endpoints in Regions other than the default global
|
|
// endpoint, then you must also turn on CloudTrail logging in those Regions.
|
|
// This is necessary to record any AWS STS API calls that are made in those
|
|
// Regions. For more information, see Turning On CloudTrail in Additional Regions
|
|
// (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/aggregating_logs_regions_turn_on_ct.html)
|
|
// in the AWS CloudTrail User Guide.
|
|
//
|
|
// AWS Security Token Service (STS) is a global service with a single endpoint
|
|
// at https://sts.amazonaws.com. Calls to this endpoint are logged as calls
|
|
// to a global service. However, because this endpoint is physically located
|
|
// in the US East (N. Virginia) Region, your logs list us-east-1 as the event
|
|
// Region. CloudTrail does not write these logs to the US East (Ohio) Region
|
|
// unless you choose to include global service logs in that Region. CloudTrail
|
|
// writes calls to all Regional endpoints to their respective Regions. For example,
|
|
// calls to sts.us-east-2.amazonaws.com are published to the US East (Ohio)
|
|
// Region and calls to sts.eu-central-1.amazonaws.com are published to the EU
|
|
// (Frankfurt) Region.
|
|
//
|
|
// To learn more about CloudTrail, including how to turn it on and find your
|
|
// log files, see the AWS CloudTrail User Guide (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/what_is_cloud_trail_top_level.html).
|
|
//
|
|
// See https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15 for more information on this service.
|
|
//
|
|
// See sts package documentation for more information.
|
|
// https://docs.aws.amazon.com/sdk-for-go/api/service/sts/
|
|
//
|
|
// Using the Client
|
|
//
|
|
// To contact AWS Security Token Service with the SDK use the New function to create
|
|
// a new service client. With that client you can make API requests to the service.
|
|
// These clients are safe to use concurrently.
|
|
//
|
|
// See the SDK's documentation for more information on how to use the SDK.
|
|
// https://docs.aws.amazon.com/sdk-for-go/api/
|
|
//
|
|
// See aws.Config documentation for more information on configuring SDK clients.
|
|
// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config
|
|
//
|
|
// See the AWS Security Token Service client STS for more
|
|
// information on creating client for this service.
|
|
// https://docs.aws.amazon.com/sdk-for-go/api/service/sts/#New
|
|
package sts
|