aws-config/aws.sdk.kotlin.runtime.auth.credentials/StsWebIdentityCredentialsProvider/StsWebIdentityCredentialsProvider

StsWebIdentityCredentialsProvider

constructor(roleArn: String, webIdentityTokenFilePath: String, region: String?, roleSessionName: String? = null, duration: Duration = DEFAULT_CREDENTIALS_REFRESH_SECONDS.seconds, platformProvider: PlatformProvider = PlatformProvider.System, httpClient: HttpClientEngine? = null)

A CredentialsProvider that exchanges a Web Identity Token for credentials from the AWS Security Token Service (STS).

Parameters

roleArn

The ARN of the target role to assume, e.g. arn:aws:iam:123456789:role/example

webIdentityTokenFilePath

The path to the file containing a JWT token

region

The AWS region to assume the role in

roleSessionName

The name to associate with the session. Use the role session name to uniquely identify a session when the same role is assumed by different principals or for different reasons. In cross-account scenarios, the role session name is visible to, and can be logged by the account that owns the role. The role session name is also in the ARN of the assumed role principal.

duration

The expiry duration of the credentials. Defaults to 15 minutes if not set.

platformProvider

The platform API provider

httpClient

the HttpClientEngine instance to use to make requests. NOTE: This engine's resources and lifetime are NOT managed by the provider. Caller is responsible for closing.

constructor(webIdentityParameters: AssumeRoleWithWebIdentityParameters, region: String?, platformProvider: PlatformProvider = PlatformProvider.System, httpClient: HttpClientEngine? = null)