Skip to main content

Initializer

import "github.com/open-constructs/cdk-terrain-go/cdktn"

&cdktn.S3BackendAssumeRoleWithWebIdentityConfig {
	Duration: *string,
	Policy: *string,
	PolicyArns: *[]*string,
	RoleArn: *string,
	SessionName: *string,
	WebIdentityToken: *string,
	WebIdentityTokenFile: *string,
}

Properties

NameTypeDescription
Duration*string(Optional) The duration individual credentials will be valid.
Policy*string(Optional) IAM Policy JSON describing further restricting permissions for the IAM Role being assumed.
PolicyArns*[]*string(Optional) Set of Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the IAM Role being assumed.
RoleArn*string(Required) Amazon Resource Name (ARN) of the IAM Role to assume.
SessionName*string(Optional) Session name to use when assuming the role.
WebIdentityToken*string(Optional) The value of a web identity token from an OpenID Connect (OIDC) or OAuth provider.
WebIdentityTokenFile*string(Optional) File containing a web identity token from an OpenID Connect (OIDC) or OAuth provider.

DurationOptional

Duration *string
  • Type: *string
(Optional) The duration individual credentials will be valid. Credentials are automatically renewed up to the maximum defined by the AWS account. Specified using the format < hours >h< minutes >m< seconds >s with any unit being optional. For example, an hour and a half can be specified as 1h30m or 90m. Must be between 15 minutes (15m) and 12 hours (12h).

PolicyOptional

Policy *string
  • Type: *string
(Optional) IAM Policy JSON describing further restricting permissions for the IAM Role being assumed.

PolicyArnsOptional

PolicyArns *[]*string
  • Type: *[]*string
(Optional) Set of Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the IAM Role being assumed.

RoleArnOptional

RoleArn *string
  • Type: *string
(Required) Amazon Resource Name (ARN) of the IAM Role to assume. Can also be set with the AWS_ROLE_ARN environment variable.

SessionNameOptional

SessionName *string
  • Type: *string
(Optional) Session name to use when assuming the role. Can also be set with the AWS_ROLE_SESSION_NAME environment variable.

WebIdentityTokenOptional

WebIdentityToken *string
  • Type: *string
(Optional) The value of a web identity token from an OpenID Connect (OIDC) or OAuth provider. One of web_identity_token or web_identity_token_file is required.

WebIdentityTokenFileOptional

WebIdentityTokenFile *string
  • Type: *string
(Optional) File containing a web identity token from an OpenID Connect (OIDC) or OAuth provider. One of web_identity_token_file or web_identity_token is required. Can also be set with the AWS_WEB_IDENTITY_TOKEN_FILE environment variable.