com.aliyun.sts20150401.models

类 AssumeRoleRequest

java.lang.Object

com.aliyun.tea.TeaModel

com.aliyun.sts20150401.models.AssumeRoleRequest

public class AssumeRoleRequest
extends com.aliyun.tea.TeaModel

字段概要

字段

限定符和类型	字段和说明
Long	durationSeconds The validity period of the STS token.
String	externalId The external ID of the RAM role.
String	policy The policy that specifies the permissions of the returned STS token.
String	roleArn The Alibaba Cloud Resource Name (ARN) of the RAM role.
String	roleSessionName The custom name of the role session.
String	sourceIdentity

构造器概要

构造器

构造器和说明
AssumeRoleRequest()

方法概要

限定符和类型	方法和说明
static AssumeRoleRequest	build(Map<String,?> map)
Long	getDurationSeconds()
String	getExternalId()
String	getPolicy()
String	getRoleArn()
String	getRoleSessionName()
String	getSourceIdentity()
AssumeRoleRequest	setDurationSeconds(Long durationSeconds)
AssumeRoleRequest	setExternalId(String externalId)
AssumeRoleRequest	setPolicy(String policy)
AssumeRoleRequest	setRoleArn(String roleArn)
AssumeRoleRequest	setRoleSessionName(String roleSessionName)
AssumeRoleRequest	setSourceIdentity(String sourceIdentity)

从类继承的方法 com.aliyun.tea.TeaModel

build, buildMap, confirmType, confirmType, parseObject, toMap, toMap, toModel, validate, validateParams

从类继承的方法 java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

字段详细资料

durationSeconds

@NameInMap(value="DurationSeconds")
public Long durationSeconds

The validity period of the STS token. Unit: seconds.

Minimum value: 900. Maximum value: the value of the MaxSessionDuration parameter. Default value: 3600.

You can call the CreateRole or UpdateRole operation to configure the MaxSessionDuration parameter. For more information, see CreateRole or UpdateRole.

example:

3600

externalId

@NameInMap(value="ExternalId")
public String externalId

The external ID of the RAM role.

This parameter is provided by an external party and is used to prevent the confused deputy problem. For more information, see Use ExternalId to prevent the confused deputy problem.

The value must be 2 to 1,224 characters in length and can contain letters, digits, and the following special characters: = , . @ : / - _. The regular expression for this parameter is [\\w+=,.@:\\/-]*.

example:

abcd1234

policy

@NameInMap(value="Policy")
public String policy

The policy that specifies the permissions of the returned STS token. You can use this parameter to grant the STS token fewer permissions than the permissions granted to the RAM role.

• If you specify this parameter, the permissions of the returned STS token are the permissions that are included in the value of this parameter and owned by the RAM role.
• If you do not specify this parameter, the returned STS token has all the permissions of the RAM role.

The value must be 1 to 2,048 characters in length.

For more information about policy elements and sample policies, see Policy elements and Overview of sample policies.

example:

{"Statement": [{"Action": [""],"Effect": "Allow","Resource": [""]}],"Version":"1"}

roleArn

@NameInMap(value="RoleArn")
public String roleArn

The Alibaba Cloud Resource Name (ARN) of the RAM role.

The trusted entity of the RAM role is an Alibaba Cloud account. For more information, see Create a RAM role for a trusted Alibaba Cloud account or CreateRole.

Format: acs:ram::<account_id>:role/<role_name>.

You can view the ARN in the RAM console or by calling operations. The following items describe the validity periods of storage addresses:

• For more information about how to view the ARN in the RAM console, see How do I find the ARN of the RAM role?
• For more information about how to view the ARN by calling operations, see ListRoles or GetRole.

This parameter is required.

example:

acs:ram::123456789012****:role/adminrole

roleSessionName

@NameInMap(value="RoleSessionName")
public String roleSessionName

The custom name of the role session.

Set this parameter based on your business requirements. In most cases, you can set this parameter to the identity of the API caller. For example, you can specify a username. You can specify RoleSessionName to identify API callers that assume the same RAM role in ActionTrail logs. This allows you to track the users that perform the operations.

The value must be 2 to 64 characters in length and can contain letters, digits, and the following special characters: . @ - _.

This parameter is required.

example:

alice

sourceIdentity

@NameInMap(value="SourceIdentity")
public String sourceIdentity

构造器详细资料

AssumeRoleRequest

public AssumeRoleRequest()

方法详细资料

build

public static AssumeRoleRequest build(Map<String,?> map)
                               throws Exception

抛出:

Exception

setDurationSeconds

public AssumeRoleRequest setDurationSeconds(Long durationSeconds)

getDurationSeconds

public Long getDurationSeconds()

setExternalId

public AssumeRoleRequest setExternalId(String externalId)

getExternalId

public String getExternalId()

setPolicy

public AssumeRoleRequest setPolicy(String policy)

getPolicy

public String getPolicy()

setRoleArn

public AssumeRoleRequest setRoleArn(String roleArn)

getRoleArn

public String getRoleArn()

setRoleSessionName

public AssumeRoleRequest setRoleSessionName(String roleSessionName)

getRoleSessionName

public String getRoleSessionName()

setSourceIdentity

public AssumeRoleRequest setSourceIdentity(String sourceIdentity)

getSourceIdentity

public String getSourceIdentity()