com.amazonaws.services.securitytoken.model
Class GetSessionTokenRequest

java.lang.Object
  com.amazonaws.AmazonWebServiceRequest
      com.amazonaws.services.securitytoken.model.GetSessionTokenRequest

public class GetSessionTokenRequest
extends AmazonWebServiceRequest

Container for the parameters to the GetSessionToken operation.

The GetSessionToken action returns a set of temporary credentials for an AWS account or IAM user. The credentials consist of an Access Key ID, a Secret Access Key, and a security token. These credentials are valid for the specified duration only. The session duration for IAM users can be between one and 36 hours, with a default of 12 hours. The session duration for AWS account owners is restricted to one hour. Providing the AWS Multi-Factor Authentication (MFA) device serial number and the token code is optional.

For more information about using GetSessionToken to create temporary credentials, go to Creating Temporary Credentials to Enable Access for IAM Users in Using IAM .

See Also:

AWSSecurityTokenService.getSessionToken(GetSessionTokenRequest)

Constructor Summary

GetSessionTokenRequest()
Default constructor for a new GetSessionTokenRequest object.

Method Summary

boolean	equals(Object obj)
Integer	getDurationSeconds() The duration, in seconds, that the credentials should remain valid.
String	getSerialNumber() The identification number of the MFA device for the user.
String	getTokenCode() The value provided by the MFA device.
int	hashCode()
void	setDurationSeconds(Integer durationSeconds) The duration, in seconds, that the credentials should remain valid.
void	setSerialNumber(String serialNumber) The identification number of the MFA device for the user.
void	setTokenCode(String tokenCode) The value provided by the MFA device.
String	toString() Returns a string representation of this object; useful for testing and debugging.
GetSessionTokenRequest	withDurationSeconds(Integer durationSeconds) The duration, in seconds, that the credentials should remain valid.
GetSessionTokenRequest	withSerialNumber(String serialNumber) The identification number of the MFA device for the user.
GetSessionTokenRequest	withTokenCode(String tokenCode) The value provided by the MFA device.

Methods inherited from class com.amazonaws.AmazonWebServiceRequest

copyPrivateRequestParameters, getDelegationToken, getRequestClientOptions, getRequestCredentials, setDelegationToken, setRequestCredentials

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

GetSessionTokenRequest

public GetSessionTokenRequest()

Default constructor for a new GetSessionTokenRequest object. Callers should use the setter or fluent setter (with...) methods to initialize this object after creating it.

Method Detail

getDurationSeconds

public Integer getDurationSeconds()

The duration, in seconds, that the credentials should remain valid. Acceptable durations for IAM user sessions range from 3600s (one hour) to 129600s (36 hours), with 43200s (12 hours) as the default. Sessions for AWS account owners are restricted to a maximum of 3600s (one hour).

Constraints:
Range: 3600 - 129600

Returns:

The duration, in seconds, that the credentials should remain valid. Acceptable durations for IAM user sessions range from 3600s (one hour) to 129600s (36 hours), with 43200s (12 hours) as the default. Sessions for AWS account owners are restricted to a maximum of 3600s (one hour).

setDurationSeconds

public void setDurationSeconds(Integer durationSeconds)

The duration, in seconds, that the credentials should remain valid. Acceptable durations for IAM user sessions range from 3600s (one hour) to 129600s (36 hours), with 43200s (12 hours) as the default. Sessions for AWS account owners are restricted to a maximum of 3600s (one hour).

Constraints:
Range: 3600 - 129600

Parameters:

durationSeconds - The duration, in seconds, that the credentials should remain valid. Acceptable durations for IAM user sessions range from 3600s (one hour) to 129600s (36 hours), with 43200s (12 hours) as the default. Sessions for AWS account owners are restricted to a maximum of 3600s (one hour).

withDurationSeconds

public GetSessionTokenRequest withDurationSeconds(Integer durationSeconds)

The duration, in seconds, that the credentials should remain valid. Acceptable durations for IAM user sessions range from 3600s (one hour) to 129600s (36 hours), with 43200s (12 hours) as the default. Sessions for AWS account owners are restricted to a maximum of 3600s (one hour).

Returns a reference to this object so that method calls can be chained together.

Constraints:
Range: 3600 - 129600

Parameters:

durationSeconds - The duration, in seconds, that the credentials should remain valid. Acceptable durations for IAM user sessions range from 3600s (one hour) to 129600s (36 hours), with 43200s (12 hours) as the default. Sessions for AWS account owners are restricted to a maximum of 3600s (one hour).

Returns:

A reference to this updated object so that method calls can be chained together.

getSerialNumber

public String getSerialNumber()

The identification number of the MFA device for the user. If the IAM user has a policy requiring MFA authentication (or is in a group requiring MFA authentication) to access resources, provide the device value here.

The value is in the Security Credentials tab of the user's details pane in the IAM console. If the IAM user has an active MFA device, the details pane displays a Multi-Factor Authentication Device value. The value is either for a virtual device, such as arn:aws:iam::123456789012:mfa/user, or it is the device serial number for a hardware device (usually the number from the back of the device), such as GAHT12345678. For more information, see Using Multi-Factor Authentication (MFA) Devices with AWS in Using IAM.

Constraints:
Length: 9 - 256
Pattern: [\w+=/:,.@-]*

Returns:

The identification number of the MFA device for the user. If the IAM user has a policy requiring MFA authentication (or is in a group requiring MFA authentication) to access resources, provide the device value here.

The value is in the Security Credentials tab of the user's details pane in the IAM console. If the IAM user has an active MFA device, the details pane displays a Multi-Factor Authentication Device value. The value is either for a virtual device, such as arn:aws:iam::123456789012:mfa/user, or it is the device serial number for a hardware device (usually the number from the back of the device), such as GAHT12345678. For more information, see Using Multi-Factor Authentication (MFA) Devices with AWS in Using IAM.

setSerialNumber

public void setSerialNumber(String serialNumber)

The identification number of the MFA device for the user. If the IAM user has a policy requiring MFA authentication (or is in a group requiring MFA authentication) to access resources, provide the device value here.

The value is in the Security Credentials tab of the user's details pane in the IAM console. If the IAM user has an active MFA device, the details pane displays a Multi-Factor Authentication Device value. The value is either for a virtual device, such as arn:aws:iam::123456789012:mfa/user, or it is the device serial number for a hardware device (usually the number from the back of the device), such as GAHT12345678. For more information, see Using Multi-Factor Authentication (MFA) Devices with AWS in Using IAM.

Constraints:
Length: 9 - 256
Pattern: [\w+=/:,.@-]*

Parameters:

serialNumber - The identification number of the MFA device for the user. If the IAM user has a policy requiring MFA authentication (or is in a group requiring MFA authentication) to access resources, provide the device value here.

The value is in the Security Credentials tab of the user's details pane in the IAM console. If the IAM user has an active MFA device, the details pane displays a Multi-Factor Authentication Device value. The value is either for a virtual device, such as arn:aws:iam::123456789012:mfa/user, or it is the device serial number for a hardware device (usually the number from the back of the device), such as GAHT12345678. For more information, see Using Multi-Factor Authentication (MFA) Devices with AWS in Using IAM.

withSerialNumber

public GetSessionTokenRequest withSerialNumber(String serialNumber)

The identification number of the MFA device for the user. If the IAM user has a policy requiring MFA authentication (or is in a group requiring MFA authentication) to access resources, provide the device value here.

The value is in the Security Credentials tab of the user's details pane in the IAM console. If the IAM user has an active MFA device, the details pane displays a Multi-Factor Authentication Device value. The value is either for a virtual device, such as arn:aws:iam::123456789012:mfa/user, or it is the device serial number for a hardware device (usually the number from the back of the device), such as GAHT12345678. For more information, see Using Multi-Factor Authentication (MFA) Devices with AWS in Using IAM.

Returns a reference to this object so that method calls can be chained together.

Constraints:
Length: 9 - 256
Pattern: [\w+=/:,.@-]*

Parameters:

serialNumber - The identification number of the MFA device for the user. If the IAM user has a policy requiring MFA authentication (or is in a group requiring MFA authentication) to access resources, provide the device value here.

The value is in the Security Credentials tab of the user's details pane in the IAM console. If the IAM user has an active MFA device, the details pane displays a Multi-Factor Authentication Device value. The value is either for a virtual device, such as arn:aws:iam::123456789012:mfa/user, or it is the device serial number for a hardware device (usually the number from the back of the device), such as GAHT12345678. For more information, see Using Multi-Factor Authentication (MFA) Devices with AWS in Using IAM.

Returns:

A reference to this updated object so that method calls can be chained together.

getTokenCode

public String getTokenCode()

The value provided by the MFA device. If the user has an access policy requiring an MFA code (or is in a group requiring an MFA code), provide the value here to get permission to resources as specified in the access policy. If MFA authentication is required, and the user does not provide a code when requesting a set of temporary security credentials, the user will receive an "access denied" response when requesting resources that require MFA authentication. For more information, see Using Multi-Factor Authentication (MFA) Devices with AWS in Using IAM.

Constraints:
Length: 6 - 6
Pattern: [\d]*

Returns:

The value provided by the MFA device. If the user has an access policy requiring an MFA code (or is in a group requiring an MFA code), provide the value here to get permission to resources as specified in the access policy. If MFA authentication is required, and the user does not provide a code when requesting a set of temporary security credentials, the user will receive an "access denied" response when requesting resources that require MFA authentication. For more information, see Using Multi-Factor Authentication (MFA) Devices with AWS in Using IAM.

setTokenCode

public void setTokenCode(String tokenCode)

The value provided by the MFA device. If the user has an access policy requiring an MFA code (or is in a group requiring an MFA code), provide the value here to get permission to resources as specified in the access policy. If MFA authentication is required, and the user does not provide a code when requesting a set of temporary security credentials, the user will receive an "access denied" response when requesting resources that require MFA authentication. For more information, see Using Multi-Factor Authentication (MFA) Devices with AWS in Using IAM.

Constraints:
Length: 6 - 6
Pattern: [\d]*

Parameters:

tokenCode - The value provided by the MFA device. If the user has an access policy requiring an MFA code (or is in a group requiring an MFA code), provide the value here to get permission to resources as specified in the access policy. If MFA authentication is required, and the user does not provide a code when requesting a set of temporary security credentials, the user will receive an "access denied" response when requesting resources that require MFA authentication. For more information, see Using Multi-Factor Authentication (MFA) Devices with AWS in Using IAM.

withTokenCode

public GetSessionTokenRequest withTokenCode(String tokenCode)

The value provided by the MFA device. If the user has an access policy requiring an MFA code (or is in a group requiring an MFA code), provide the value here to get permission to resources as specified in the access policy. If MFA authentication is required, and the user does not provide a code when requesting a set of temporary security credentials, the user will receive an "access denied" response when requesting resources that require MFA authentication. For more information, see Using Multi-Factor Authentication (MFA) Devices with AWS in Using IAM.

Returns a reference to this object so that method calls can be chained together.

Constraints:
Length: 6 - 6
Pattern: [\d]*

Parameters:

tokenCode - The value provided by the MFA device. If the user has an access policy requiring an MFA code (or is in a group requiring an MFA code), provide the value here to get permission to resources as specified in the access policy. If MFA authentication is required, and the user does not provide a code when requesting a set of temporary security credentials, the user will receive an "access denied" response when requesting resources that require MFA authentication. For more information, see Using Multi-Factor Authentication (MFA) Devices with AWS in Using IAM.

Returns:

A reference to this updated object so that method calls can be chained together.

toString

public String toString()

Returns a string representation of this object; useful for testing and debugging.

Overrides:

toString in class Object

Returns:

A string representation of this object.

See Also:

Object.toString()

hashCode

public int hashCode()

Overrides:

hashCode in class Object

equals

public boolean equals(Object obj)

Overrides:

equals in class Object