/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/sts/STS_EXPORTS.h>
#include <aws/sts/STSRequest.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <aws/core/utils/memory/stl/AWSVector.h>
#include <aws/sts/model/PolicyDescriptorType.h>
#include <aws/sts/model/Tag.h>
#include <utility>
namespace Aws
{
namespace STS
{
namespace Model
{
/**
*/
class GetFederationTokenRequest : public STSRequest
{
public:
AWS_STS_API GetFederationTokenRequest();
// Service request name is the Operation name which will send this request out,
// each operation should has unique request name, so that we can get operation's name from this request.
// Note: this is not true for response, multiple operations may have the same response name,
// so we can not get operation's name from response.
inline virtual const char* GetServiceRequestName() const override { return "GetFederationToken"; }
AWS_STS_API Aws::String SerializePayload() const override;
protected:
AWS_STS_API void DumpBodyToUrl(Aws::Http::URI& uri ) const override;
public:
/**
* <p>The name of the federated user. The name is used as an identifier for the
* temporary security credentials (such as <code>Bob</code>). For example, you can
* reference the federated user name in a resource-based policy, such as in an
* Amazon S3 bucket policy.</p> <p>The regex used to validate this parameter is a
* string of characters consisting of upper- and lower-case alphanumeric characters
* with no spaces. You can also include underscores or any of the following
* characters: =,.@-</p>
*/
inline const Aws::String& GetName() const{ return m_name; }
/**
* <p>The name of the federated user. The name is used as an identifier for the
* temporary security credentials (such as <code>Bob</code>). For example, you can
* reference the federated user name in a resource-based policy, such as in an
* Amazon S3 bucket policy.</p> <p>The regex used to validate this parameter is a
* string of characters consisting of upper- and lower-case alphanumeric characters
* with no spaces. You can also include underscores or any of the following
* characters: =,.@-</p>
*/
inline bool NameHasBeenSet() const { return m_nameHasBeenSet; }
/**
* <p>The name of the federated user. The name is used as an identifier for the
* temporary security credentials (such as <code>Bob</code>). For example, you can
* reference the federated user name in a resource-based policy, such as in an
* Amazon S3 bucket policy.</p> <p>The regex used to validate this parameter is a
* string of characters consisting of upper- and lower-case alphanumeric characters
* with no spaces. You can also include underscores or any of the following
* characters: =,.@-</p>
*/
inline void SetName(const Aws::String& value) { m_nameHasBeenSet = true; m_name = value; }
/**
* <p>The name of the federated user. The name is used as an identifier for the
* temporary security credentials (such as <code>Bob</code>). For example, you can
* reference the federated user name in a resource-based policy, such as in an
* Amazon S3 bucket policy.</p> <p>The regex used to validate this parameter is a
* string of characters consisting of upper- and lower-case alphanumeric characters
* with no spaces. You can also include underscores or any of the following
* characters: =,.@-</p>
*/
inline void SetName(Aws::String&& value) { m_nameHasBeenSet = true; m_name = std::move(value); }
/**
* <p>The name of the federated user. The name is used as an identifier for the
* temporary security credentials (such as <code>Bob</code>). For example, you can
* reference the federated user name in a resource-based policy, such as in an
* Amazon S3 bucket policy.</p> <p>The regex used to validate this parameter is a
* string of characters consisting of upper- and lower-case alphanumeric characters
* with no spaces. You can also include underscores or any of the following
* characters: =,.@-</p>
*/
inline void SetName(const char* value) { m_nameHasBeenSet = true; m_name.assign(value); }
/**
* <p>The name of the federated user. The name is used as an identifier for the
* temporary security credentials (such as <code>Bob</code>). For example, you can
* reference the federated user name in a resource-based policy, such as in an
* Amazon S3 bucket policy.</p> <p>The regex used to validate this parameter is a
* string of characters consisting of upper- and lower-case alphanumeric characters
* with no spaces. You can also include underscores or any of the following
* characters: =,.@-</p>
*/
inline GetFederationTokenRequest& WithName(const Aws::String& value) { SetName(value); return *this;}
/**
* <p>The name of the federated user. The name is used as an identifier for the
* temporary security credentials (such as <code>Bob</code>). For example, you can
* reference the federated user name in a resource-based policy, such as in an
* Amazon S3 bucket policy.</p> <p>The regex used to validate this parameter is a
* string of characters consisting of upper- and lower-case alphanumeric characters
* with no spaces. You can also include underscores or any of the following
* characters: =,.@-</p>
*/
inline GetFederationTokenRequest& WithName(Aws::String&& value) { SetName(std::move(value)); return *this;}
/**
* <p>The name of the federated user. The name is used as an identifier for the
* temporary security credentials (such as <code>Bob</code>). For example, you can
* reference the federated user name in a resource-based policy, such as in an
* Amazon S3 bucket policy.</p> <p>The regex used to validate this parameter is a
* string of characters consisting of upper- and lower-case alphanumeric characters
* with no spaces. You can also include underscores or any of the following
* characters: =,.@-</p>
*/
inline GetFederationTokenRequest& WithName(const char* value) { SetName(value); return *this;}
/**
* <p>An IAM policy in JSON format that you want to use as an inline session
* policy.</p> <p>You must pass an inline or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policy</a> to this operation. You can pass a single JSON policy document to use
* as an inline session policy. You can also specify up to 10 managed policy Amazon
* Resource Names (ARNs) to use as managed session policies.</p> <p>This parameter
* is optional. However, if you do not pass any session policies, then the
* resulting federated user session has no permissions.</p> <p>When you pass
* session policies, the session permissions are the intersection of the IAM user
* policies and the session policies that you pass. This gives you a way to further
* restrict the permissions for a federated user. You cannot use session policies
* to grant more permissions than those that are defined in the permissions policy
* of the IAM user. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The resulting credentials can
* be used to access a resource that has a resource-based policy. If that policy
* specifically references the federated user session in the <code>Principal</code>
* element of the policy, the session has the permissions allowed by the policy.
* These permissions are granted in addition to the permissions that are granted by
* the session policies.</p> <p>The plaintext that you use for both inline and
* managed session policies can't exceed 2,048 characters. The JSON policy
* characters can be any ASCII character from the space character to the end of the
* valid character list (\u0020 through \u00FF). It can also include the tab
* (\u0009), linefeed (\u000A), and carriage return (\u000D) characters.</p>
* <p>An Amazon Web Services conversion compresses the passed inline session
* policy, managed policy ARNs, and session tags into a packed binary format that
* has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for
* your request are to the upper size limit.</p>
*/
inline const Aws::String& GetPolicy() const{ return m_policy; }
/**
* <p>An IAM policy in JSON format that you want to use as an inline session
* policy.</p> <p>You must pass an inline or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policy</a> to this operation. You can pass a single JSON policy document to use
* as an inline session policy. You can also specify up to 10 managed policy Amazon
* Resource Names (ARNs) to use as managed session policies.</p> <p>This parameter
* is optional. However, if you do not pass any session policies, then the
* resulting federated user session has no permissions.</p> <p>When you pass
* session policies, the session permissions are the intersection of the IAM user
* policies and the session policies that you pass. This gives you a way to further
* restrict the permissions for a federated user. You cannot use session policies
* to grant more permissions than those that are defined in the permissions policy
* of the IAM user. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The resulting credentials can
* be used to access a resource that has a resource-based policy. If that policy
* specifically references the federated user session in the <code>Principal</code>
* element of the policy, the session has the permissions allowed by the policy.
* These permissions are granted in addition to the permissions that are granted by
* the session policies.</p> <p>The plaintext that you use for both inline and
* managed session policies can't exceed 2,048 characters. The JSON policy
* characters can be any ASCII character from the space character to the end of the
* valid character list (\u0020 through \u00FF). It can also include the tab
* (\u0009), linefeed (\u000A), and carriage return (\u000D) characters.</p>
* <p>An Amazon Web Services conversion compresses the passed inline session
* policy, managed policy ARNs, and session tags into a packed binary format that
* has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for
* your request are to the upper size limit.</p>
*/
inline bool PolicyHasBeenSet() const { return m_policyHasBeenSet; }
/**
* <p>An IAM policy in JSON format that you want to use as an inline session
* policy.</p> <p>You must pass an inline or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policy</a> to this operation. You can pass a single JSON policy document to use
* as an inline session policy. You can also specify up to 10 managed policy Amazon
* Resource Names (ARNs) to use as managed session policies.</p> <p>This parameter
* is optional. However, if you do not pass any session policies, then the
* resulting federated user session has no permissions.</p> <p>When you pass
* session policies, the session permissions are the intersection of the IAM user
* policies and the session policies that you pass. This gives you a way to further
* restrict the permissions for a federated user. You cannot use session policies
* to grant more permissions than those that are defined in the permissions policy
* of the IAM user. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The resulting credentials can
* be used to access a resource that has a resource-based policy. If that policy
* specifically references the federated user session in the <code>Principal</code>
* element of the policy, the session has the permissions allowed by the policy.
* These permissions are granted in addition to the permissions that are granted by
* the session policies.</p> <p>The plaintext that you use for both inline and
* managed session policies can't exceed 2,048 characters. The JSON policy
* characters can be any ASCII character from the space character to the end of the
* valid character list (\u0020 through \u00FF). It can also include the tab
* (\u0009), linefeed (\u000A), and carriage return (\u000D) characters.</p>
* <p>An Amazon Web Services conversion compresses the passed inline session
* policy, managed policy ARNs, and session tags into a packed binary format that
* has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for
* your request are to the upper size limit.</p>
*/
inline void SetPolicy(const Aws::String& value) { m_policyHasBeenSet = true; m_policy = value; }
/**
* <p>An IAM policy in JSON format that you want to use as an inline session
* policy.</p> <p>You must pass an inline or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policy</a> to this operation. You can pass a single JSON policy document to use
* as an inline session policy. You can also specify up to 10 managed policy Amazon
* Resource Names (ARNs) to use as managed session policies.</p> <p>This parameter
* is optional. However, if you do not pass any session policies, then the
* resulting federated user session has no permissions.</p> <p>When you pass
* session policies, the session permissions are the intersection of the IAM user
* policies and the session policies that you pass. This gives you a way to further
* restrict the permissions for a federated user. You cannot use session policies
* to grant more permissions than those that are defined in the permissions policy
* of the IAM user. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The resulting credentials can
* be used to access a resource that has a resource-based policy. If that policy
* specifically references the federated user session in the <code>Principal</code>
* element of the policy, the session has the permissions allowed by the policy.
* These permissions are granted in addition to the permissions that are granted by
* the session policies.</p> <p>The plaintext that you use for both inline and
* managed session policies can't exceed 2,048 characters. The JSON policy
* characters can be any ASCII character from the space character to the end of the
* valid character list (\u0020 through \u00FF). It can also include the tab
* (\u0009), linefeed (\u000A), and carriage return (\u000D) characters.</p>
* <p>An Amazon Web Services conversion compresses the passed inline session
* policy, managed policy ARNs, and session tags into a packed binary format that
* has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for
* your request are to the upper size limit.</p>
*/
inline void SetPolicy(Aws::String&& value) { m_policyHasBeenSet = true; m_policy = std::move(value); }
/**
* <p>An IAM policy in JSON format that you want to use as an inline session
* policy.</p> <p>You must pass an inline or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policy</a> to this operation. You can pass a single JSON policy document to use
* as an inline session policy. You can also specify up to 10 managed policy Amazon
* Resource Names (ARNs) to use as managed session policies.</p> <p>This parameter
* is optional. However, if you do not pass any session policies, then the
* resulting federated user session has no permissions.</p> <p>When you pass
* session policies, the session permissions are the intersection of the IAM user
* policies and the session policies that you pass. This gives you a way to further
* restrict the permissions for a federated user. You cannot use session policies
* to grant more permissions than those that are defined in the permissions policy
* of the IAM user. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The resulting credentials can
* be used to access a resource that has a resource-based policy. If that policy
* specifically references the federated user session in the <code>Principal</code>
* element of the policy, the session has the permissions allowed by the policy.
* These permissions are granted in addition to the permissions that are granted by
* the session policies.</p> <p>The plaintext that you use for both inline and
* managed session policies can't exceed 2,048 characters. The JSON policy
* characters can be any ASCII character from the space character to the end of the
* valid character list (\u0020 through \u00FF). It can also include the tab
* (\u0009), linefeed (\u000A), and carriage return (\u000D) characters.</p>
* <p>An Amazon Web Services conversion compresses the passed inline session
* policy, managed policy ARNs, and session tags into a packed binary format that
* has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for
* your request are to the upper size limit.</p>
*/
inline void SetPolicy(const char* value) { m_policyHasBeenSet = true; m_policy.assign(value); }
/**
* <p>An IAM policy in JSON format that you want to use as an inline session
* policy.</p> <p>You must pass an inline or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policy</a> to this operation. You can pass a single JSON policy document to use
* as an inline session policy. You can also specify up to 10 managed policy Amazon
* Resource Names (ARNs) to use as managed session policies.</p> <p>This parameter
* is optional. However, if you do not pass any session policies, then the
* resulting federated user session has no permissions.</p> <p>When you pass
* session policies, the session permissions are the intersection of the IAM user
* policies and the session policies that you pass. This gives you a way to further
* restrict the permissions for a federated user. You cannot use session policies
* to grant more permissions than those that are defined in the permissions policy
* of the IAM user. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The resulting credentials can
* be used to access a resource that has a resource-based policy. If that policy
* specifically references the federated user session in the <code>Principal</code>
* element of the policy, the session has the permissions allowed by the policy.
* These permissions are granted in addition to the permissions that are granted by
* the session policies.</p> <p>The plaintext that you use for both inline and
* managed session policies can't exceed 2,048 characters. The JSON policy
* characters can be any ASCII character from the space character to the end of the
* valid character list (\u0020 through \u00FF). It can also include the tab
* (\u0009), linefeed (\u000A), and carriage return (\u000D) characters.</p>
* <p>An Amazon Web Services conversion compresses the passed inline session
* policy, managed policy ARNs, and session tags into a packed binary format that
* has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for
* your request are to the upper size limit.</p>
*/
inline GetFederationTokenRequest& WithPolicy(const Aws::String& value) { SetPolicy(value); return *this;}
/**
* <p>An IAM policy in JSON format that you want to use as an inline session
* policy.</p> <p>You must pass an inline or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policy</a> to this operation. You can pass a single JSON policy document to use
* as an inline session policy. You can also specify up to 10 managed policy Amazon
* Resource Names (ARNs) to use as managed session policies.</p> <p>This parameter
* is optional. However, if you do not pass any session policies, then the
* resulting federated user session has no permissions.</p> <p>When you pass
* session policies, the session permissions are the intersection of the IAM user
* policies and the session policies that you pass. This gives you a way to further
* restrict the permissions for a federated user. You cannot use session policies
* to grant more permissions than those that are defined in the permissions policy
* of the IAM user. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The resulting credentials can
* be used to access a resource that has a resource-based policy. If that policy
* specifically references the federated user session in the <code>Principal</code>
* element of the policy, the session has the permissions allowed by the policy.
* These permissions are granted in addition to the permissions that are granted by
* the session policies.</p> <p>The plaintext that you use for both inline and
* managed session policies can't exceed 2,048 characters. The JSON policy
* characters can be any ASCII character from the space character to the end of the
* valid character list (\u0020 through \u00FF). It can also include the tab
* (\u0009), linefeed (\u000A), and carriage return (\u000D) characters.</p>
* <p>An Amazon Web Services conversion compresses the passed inline session
* policy, managed policy ARNs, and session tags into a packed binary format that
* has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for
* your request are to the upper size limit.</p>
*/
inline GetFederationTokenRequest& WithPolicy(Aws::String&& value) { SetPolicy(std::move(value)); return *this;}
/**
* <p>An IAM policy in JSON format that you want to use as an inline session
* policy.</p> <p>You must pass an inline or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policy</a> to this operation. You can pass a single JSON policy document to use
* as an inline session policy. You can also specify up to 10 managed policy Amazon
* Resource Names (ARNs) to use as managed session policies.</p> <p>This parameter
* is optional. However, if you do not pass any session policies, then the
* resulting federated user session has no permissions.</p> <p>When you pass
* session policies, the session permissions are the intersection of the IAM user
* policies and the session policies that you pass. This gives you a way to further
* restrict the permissions for a federated user. You cannot use session policies
* to grant more permissions than those that are defined in the permissions policy
* of the IAM user. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The resulting credentials can
* be used to access a resource that has a resource-based policy. If that policy
* specifically references the federated user session in the <code>Principal</code>
* element of the policy, the session has the permissions allowed by the policy.
* These permissions are granted in addition to the permissions that are granted by
* the session policies.</p> <p>The plaintext that you use for both inline and
* managed session policies can't exceed 2,048 characters. The JSON policy
* characters can be any ASCII character from the space character to the end of the
* valid character list (\u0020 through \u00FF). It can also include the tab
* (\u0009), linefeed (\u000A), and carriage return (\u000D) characters.</p>
* <p>An Amazon Web Services conversion compresses the passed inline session
* policy, managed policy ARNs, and session tags into a packed binary format that
* has a separate limit. Your request can fail for this limit even if your
* plaintext meets the other requirements. The <code>PackedPolicySize</code>
* response element indicates by percentage how close the policies and tags for
* your request are to the upper size limit.</p>
*/
inline GetFederationTokenRequest& WithPolicy(const char* value) { SetPolicy(value); return *this;}
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to
* use as a managed session policy. The policies must exist in the same account as
* the IAM user that is requesting federated access.</p> <p>You must pass an inline
* or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policy</a> to this operation. You can pass a single JSON policy document to use
* as an inline session policy. You can also specify up to 10 managed policy Amazon
* Resource Names (ARNs) to use as managed session policies. The plaintext that you
* use for both inline and managed session policies can't exceed 2,048 characters.
* You can provide up to 10 managed policy ARNs. For more information about ARNs,
* see <a
* href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon
* Resource Names (ARNs) and Amazon Web Services Service Namespaces</a> in the
* Amazon Web Services General Reference.</p> <p>This parameter is optional.
* However, if you do not pass any session policies, then the resulting federated
* user session has no permissions.</p> <p>When you pass session policies, the
* session permissions are the intersection of the IAM user policies and the
* session policies that you pass. This gives you a way to further restrict the
* permissions for a federated user. You cannot use session policies to grant more
* permissions than those that are defined in the permissions policy of the IAM
* user. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The resulting credentials can
* be used to access a resource that has a resource-based policy. If that policy
* specifically references the federated user session in the <code>Principal</code>
* element of the policy, the session has the permissions allowed by the policy.
* These permissions are granted in addition to the permissions that are granted by
* the session policies.</p> <p>An Amazon Web Services conversion compresses
* the passed inline session policy, managed policy ARNs, and session tags into a
* packed binary format that has a separate limit. Your request can fail for this
* limit even if your plaintext meets the other requirements. The
* <code>PackedPolicySize</code> response element indicates by percentage how close
* the policies and tags for your request are to the upper size limit.</p>
*/
inline const Aws::Vector<PolicyDescriptorType>& GetPolicyArns() const{ return m_policyArns; }
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to
* use as a managed session policy. The policies must exist in the same account as
* the IAM user that is requesting federated access.</p> <p>You must pass an inline
* or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policy</a> to this operation. You can pass a single JSON policy document to use
* as an inline session policy. You can also specify up to 10 managed policy Amazon
* Resource Names (ARNs) to use as managed session policies. The plaintext that you
* use for both inline and managed session policies can't exceed 2,048 characters.
* You can provide up to 10 managed policy ARNs. For more information about ARNs,
* see <a
* href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon
* Resource Names (ARNs) and Amazon Web Services Service Namespaces</a> in the
* Amazon Web Services General Reference.</p> <p>This parameter is optional.
* However, if you do not pass any session policies, then the resulting federated
* user session has no permissions.</p> <p>When you pass session policies, the
* session permissions are the intersection of the IAM user policies and the
* session policies that you pass. This gives you a way to further restrict the
* permissions for a federated user. You cannot use session policies to grant more
* permissions than those that are defined in the permissions policy of the IAM
* user. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The resulting credentials can
* be used to access a resource that has a resource-based policy. If that policy
* specifically references the federated user session in the <code>Principal</code>
* element of the policy, the session has the permissions allowed by the policy.
* These permissions are granted in addition to the permissions that are granted by
* the session policies.</p> <p>An Amazon Web Services conversion compresses
* the passed inline session policy, managed policy ARNs, and session tags into a
* packed binary format that has a separate limit. Your request can fail for this
* limit even if your plaintext meets the other requirements. The
* <code>PackedPolicySize</code> response element indicates by percentage how close
* the policies and tags for your request are to the upper size limit.</p>
*/
inline bool PolicyArnsHasBeenSet() const { return m_policyArnsHasBeenSet; }
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to
* use as a managed session policy. The policies must exist in the same account as
* the IAM user that is requesting federated access.</p> <p>You must pass an inline
* or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policy</a> to this operation. You can pass a single JSON policy document to use
* as an inline session policy. You can also specify up to 10 managed policy Amazon
* Resource Names (ARNs) to use as managed session policies. The plaintext that you
* use for both inline and managed session policies can't exceed 2,048 characters.
* You can provide up to 10 managed policy ARNs. For more information about ARNs,
* see <a
* href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon
* Resource Names (ARNs) and Amazon Web Services Service Namespaces</a> in the
* Amazon Web Services General Reference.</p> <p>This parameter is optional.
* However, if you do not pass any session policies, then the resulting federated
* user session has no permissions.</p> <p>When you pass session policies, the
* session permissions are the intersection of the IAM user policies and the
* session policies that you pass. This gives you a way to further restrict the
* permissions for a federated user. You cannot use session policies to grant more
* permissions than those that are defined in the permissions policy of the IAM
* user. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The resulting credentials can
* be used to access a resource that has a resource-based policy. If that policy
* specifically references the federated user session in the <code>Principal</code>
* element of the policy, the session has the permissions allowed by the policy.
* These permissions are granted in addition to the permissions that are granted by
* the session policies.</p> <p>An Amazon Web Services conversion compresses
* the passed inline session policy, managed policy ARNs, and session tags into a
* packed binary format that has a separate limit. Your request can fail for this
* limit even if your plaintext meets the other requirements. The
* <code>PackedPolicySize</code> response element indicates by percentage how close
* the policies and tags for your request are to the upper size limit.</p>
*/
inline void SetPolicyArns(const Aws::Vector<PolicyDescriptorType>& value) { m_policyArnsHasBeenSet = true; m_policyArns = value; }
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to
* use as a managed session policy. The policies must exist in the same account as
* the IAM user that is requesting federated access.</p> <p>You must pass an inline
* or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policy</a> to this operation. You can pass a single JSON policy document to use
* as an inline session policy. You can also specify up to 10 managed policy Amazon
* Resource Names (ARNs) to use as managed session policies. The plaintext that you
* use for both inline and managed session policies can't exceed 2,048 characters.
* You can provide up to 10 managed policy ARNs. For more information about ARNs,
* see <a
* href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon
* Resource Names (ARNs) and Amazon Web Services Service Namespaces</a> in the
* Amazon Web Services General Reference.</p> <p>This parameter is optional.
* However, if you do not pass any session policies, then the resulting federated
* user session has no permissions.</p> <p>When you pass session policies, the
* session permissions are the intersection of the IAM user policies and the
* session policies that you pass. This gives you a way to further restrict the
* permissions for a federated user. You cannot use session policies to grant more
* permissions than those that are defined in the permissions policy of the IAM
* user. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The resulting credentials can
* be used to access a resource that has a resource-based policy. If that policy
* specifically references the federated user session in the <code>Principal</code>
* element of the policy, the session has the permissions allowed by the policy.
* These permissions are granted in addition to the permissions that are granted by
* the session policies.</p> <p>An Amazon Web Services conversion compresses
* the passed inline session policy, managed policy ARNs, and session tags into a
* packed binary format that has a separate limit. Your request can fail for this
* limit even if your plaintext meets the other requirements. The
* <code>PackedPolicySize</code> response element indicates by percentage how close
* the policies and tags for your request are to the upper size limit.</p>
*/
inline void SetPolicyArns(Aws::Vector<PolicyDescriptorType>&& value) { m_policyArnsHasBeenSet = true; m_policyArns = std::move(value); }
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to
* use as a managed session policy. The policies must exist in the same account as
* the IAM user that is requesting federated access.</p> <p>You must pass an inline
* or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policy</a> to this operation. You can pass a single JSON policy document to use
* as an inline session policy. You can also specify up to 10 managed policy Amazon
* Resource Names (ARNs) to use as managed session policies. The plaintext that you
* use for both inline and managed session policies can't exceed 2,048 characters.
* You can provide up to 10 managed policy ARNs. For more information about ARNs,
* see <a
* href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon
* Resource Names (ARNs) and Amazon Web Services Service Namespaces</a> in the
* Amazon Web Services General Reference.</p> <p>This parameter is optional.
* However, if you do not pass any session policies, then the resulting federated
* user session has no permissions.</p> <p>When you pass session policies, the
* session permissions are the intersection of the IAM user policies and the
* session policies that you pass. This gives you a way to further restrict the
* permissions for a federated user. You cannot use session policies to grant more
* permissions than those that are defined in the permissions policy of the IAM
* user. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The resulting credentials can
* be used to access a resource that has a resource-based policy. If that policy
* specifically references the federated user session in the <code>Principal</code>
* element of the policy, the session has the permissions allowed by the policy.
* These permissions are granted in addition to the permissions that are granted by
* the session policies.</p> <p>An Amazon Web Services conversion compresses
* the passed inline session policy, managed policy ARNs, and session tags into a
* packed binary format that has a separate limit. Your request can fail for this
* limit even if your plaintext meets the other requirements. The
* <code>PackedPolicySize</code> response element indicates by percentage how close
* the policies and tags for your request are to the upper size limit.</p>
*/
inline GetFederationTokenRequest& WithPolicyArns(const Aws::Vector<PolicyDescriptorType>& value) { SetPolicyArns(value); return *this;}
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to
* use as a managed session policy. The policies must exist in the same account as
* the IAM user that is requesting federated access.</p> <p>You must pass an inline
* or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policy</a> to this operation. You can pass a single JSON policy document to use
* as an inline session policy. You can also specify up to 10 managed policy Amazon
* Resource Names (ARNs) to use as managed session policies. The plaintext that you
* use for both inline and managed session policies can't exceed 2,048 characters.
* You can provide up to 10 managed policy ARNs. For more information about ARNs,
* see <a
* href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon
* Resource Names (ARNs) and Amazon Web Services Service Namespaces</a> in the
* Amazon Web Services General Reference.</p> <p>This parameter is optional.
* However, if you do not pass any session policies, then the resulting federated
* user session has no permissions.</p> <p>When you pass session policies, the
* session permissions are the intersection of the IAM user policies and the
* session policies that you pass. This gives you a way to further restrict the
* permissions for a federated user. You cannot use session policies to grant more
* permissions than those that are defined in the permissions policy of the IAM
* user. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The resulting credentials can
* be used to access a resource that has a resource-based policy. If that policy
* specifically references the federated user session in the <code>Principal</code>
* element of the policy, the session has the permissions allowed by the policy.
* These permissions are granted in addition to the permissions that are granted by
* the session policies.</p> <p>An Amazon Web Services conversion compresses
* the passed inline session policy, managed policy ARNs, and session tags into a
* packed binary format that has a separate limit. Your request can fail for this
* limit even if your plaintext meets the other requirements. The
* <code>PackedPolicySize</code> response element indicates by percentage how close
* the policies and tags for your request are to the upper size limit.</p>
*/
inline GetFederationTokenRequest& WithPolicyArns(Aws::Vector<PolicyDescriptorType>&& value) { SetPolicyArns(std::move(value)); return *this;}
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to
* use as a managed session policy. The policies must exist in the same account as
* the IAM user that is requesting federated access.</p> <p>You must pass an inline
* or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policy</a> to this operation. You can pass a single JSON policy document to use
* as an inline session policy. You can also specify up to 10 managed policy Amazon
* Resource Names (ARNs) to use as managed session policies. The plaintext that you
* use for both inline and managed session policies can't exceed 2,048 characters.
* You can provide up to 10 managed policy ARNs. For more information about ARNs,
* see <a
* href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon
* Resource Names (ARNs) and Amazon Web Services Service Namespaces</a> in the
* Amazon Web Services General Reference.</p> <p>This parameter is optional.
* However, if you do not pass any session policies, then the resulting federated
* user session has no permissions.</p> <p>When you pass session policies, the
* session permissions are the intersection of the IAM user policies and the
* session policies that you pass. This gives you a way to further restrict the
* permissions for a federated user. You cannot use session policies to grant more
* permissions than those that are defined in the permissions policy of the IAM
* user. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The resulting credentials can
* be used to access a resource that has a resource-based policy. If that policy
* specifically references the federated user session in the <code>Principal</code>
* element of the policy, the session has the permissions allowed by the policy.
* These permissions are granted in addition to the permissions that are granted by
* the session policies.</p> <p>An Amazon Web Services conversion compresses
* the passed inline session policy, managed policy ARNs, and session tags into a
* packed binary format that has a separate limit. Your request can fail for this
* limit even if your plaintext meets the other requirements. The
* <code>PackedPolicySize</code> response element indicates by percentage how close
* the policies and tags for your request are to the upper size limit.</p>
*/
inline GetFederationTokenRequest& AddPolicyArns(const PolicyDescriptorType& value) { m_policyArnsHasBeenSet = true; m_policyArns.push_back(value); return *this; }
/**
* <p>The Amazon Resource Names (ARNs) of the IAM managed policies that you want to
* use as a managed session policy. The policies must exist in the same account as
* the IAM user that is requesting federated access.</p> <p>You must pass an inline
* or managed <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">session
* policy</a> to this operation. You can pass a single JSON policy document to use
* as an inline session policy. You can also specify up to 10 managed policy Amazon
* Resource Names (ARNs) to use as managed session policies. The plaintext that you
* use for both inline and managed session policies can't exceed 2,048 characters.
* You can provide up to 10 managed policy ARNs. For more information about ARNs,
* see <a
* href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon
* Resource Names (ARNs) and Amazon Web Services Service Namespaces</a> in the
* Amazon Web Services General Reference.</p> <p>This parameter is optional.
* However, if you do not pass any session policies, then the resulting federated
* user session has no permissions.</p> <p>When you pass session policies, the
* session permissions are the intersection of the IAM user policies and the
* session policies that you pass. This gives you a way to further restrict the
* permissions for a federated user. You cannot use session policies to grant more
* permissions than those that are defined in the permissions policy of the IAM
* user. For more information, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session">Session
* Policies</a> in the <i>IAM User Guide</i>.</p> <p>The resulting credentials can
* be used to access a resource that has a resource-based policy. If that policy
* specifically references the federated user session in the <code>Principal</code>
* element of the policy, the session has the permissions allowed by the policy.
* These permissions are granted in addition to the permissions that are granted by
* the session policies.</p> <p>An Amazon Web Services conversion compresses
* the passed inline session policy, managed policy ARNs, and session tags into a
* packed binary format that has a separate limit. Your request can fail for this
* limit even if your plaintext meets the other requirements. The
* <code>PackedPolicySize</code> response element indicates by percentage how close
* the policies and tags for your request are to the upper size limit.</p>
*/
inline GetFederationTokenRequest& AddPolicyArns(PolicyDescriptorType&& value) { m_policyArnsHasBeenSet = true; m_policyArns.push_back(std::move(value)); return *this; }
/**
* <p>The duration, in seconds, that the session should last. Acceptable durations
* for federation sessions range from 900 seconds (15 minutes) to 129,600 seconds
* (36 hours), with 43,200 seconds (12 hours) as the default. Sessions obtained
* using root user credentials are restricted to a maximum of 3,600 seconds (one
* hour). If the specified duration is longer than one hour, the session obtained
* by using root user credentials defaults to one hour.</p>
*/
inline int GetDurationSeconds() const{ return m_durationSeconds; }
/**
* <p>The duration, in seconds, that the session should last. Acceptable durations
* for federation sessions range from 900 seconds (15 minutes) to 129,600 seconds
* (36 hours), with 43,200 seconds (12 hours) as the default. Sessions obtained
* using root user credentials are restricted to a maximum of 3,600 seconds (one
* hour). If the specified duration is longer than one hour, the session obtained
* by using root user credentials defaults to one hour.</p>
*/
inline bool DurationSecondsHasBeenSet() const { return m_durationSecondsHasBeenSet; }
/**
* <p>The duration, in seconds, that the session should last. Acceptable durations
* for federation sessions range from 900 seconds (15 minutes) to 129,600 seconds
* (36 hours), with 43,200 seconds (12 hours) as the default. Sessions obtained
* using root user credentials are restricted to a maximum of 3,600 seconds (one
* hour). If the specified duration is longer than one hour, the session obtained
* by using root user credentials defaults to one hour.</p>
*/
inline void SetDurationSeconds(int value) { m_durationSecondsHasBeenSet = true; m_durationSeconds = value; }
/**
* <p>The duration, in seconds, that the session should last. Acceptable durations
* for federation sessions range from 900 seconds (15 minutes) to 129,600 seconds
* (36 hours), with 43,200 seconds (12 hours) as the default. Sessions obtained
* using root user credentials are restricted to a maximum of 3,600 seconds (one
* hour). If the specified duration is longer than one hour, the session obtained
* by using root user credentials defaults to one hour.</p>
*/
inline GetFederationTokenRequest& WithDurationSeconds(int value) { SetDurationSeconds(value); return *this;}
/**
* <p>A list of session tags. Each session tag consists of a key name and an
* associated value. For more information about session tags, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing
* Session Tags in STS</a> in the <i>IAM User Guide</i>.</p> <p>This parameter is
* optional. You can pass up to 50 session tags. The plaintext session tag keys
* can’t exceed 128 characters and the values can’t exceed 256 characters. For
* these and additional limits, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
* and STS Character Limits</a> in the <i>IAM User Guide</i>.</p> <p>An
* Amazon Web Services conversion compresses the passed inline session policy,
* managed policy ARNs, and session tags into a packed binary format that has a
* separate limit. Your request can fail for this limit even if your plaintext
* meets the other requirements. The <code>PackedPolicySize</code> response element
* indicates by percentage how close the policies and tags for your request are to
* the upper size limit.</p> <p>You can pass a session tag with the same
* key as a tag that is already attached to the user you are federating. When you
* do, session tags override a user tag with the same key. </p> <p>Tag key–value
* pairs are not case sensitive, but case is preserved. This means that you cannot
* have separate <code>Department</code> and <code>department</code> tag keys.
* Assume that the role has the <code>Department</code>=<code>Marketing</code> tag
* and you pass the <code>department</code>=<code>engineering</code> session tag.
* <code>Department</code> and <code>department</code> are not saved as separate
* tags, and the session tag passed in the request takes precedence over the role
* tag.</p>
*/
inline const Aws::Vector<Tag>& GetTags() const{ return m_tags; }
/**
* <p>A list of session tags. Each session tag consists of a key name and an
* associated value. For more information about session tags, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing
* Session Tags in STS</a> in the <i>IAM User Guide</i>.</p> <p>This parameter is
* optional. You can pass up to 50 session tags. The plaintext session tag keys
* can’t exceed 128 characters and the values can’t exceed 256 characters. For
* these and additional limits, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
* and STS Character Limits</a> in the <i>IAM User Guide</i>.</p> <p>An
* Amazon Web Services conversion compresses the passed inline session policy,
* managed policy ARNs, and session tags into a packed binary format that has a
* separate limit. Your request can fail for this limit even if your plaintext
* meets the other requirements. The <code>PackedPolicySize</code> response element
* indicates by percentage how close the policies and tags for your request are to
* the upper size limit.</p> <p>You can pass a session tag with the same
* key as a tag that is already attached to the user you are federating. When you
* do, session tags override a user tag with the same key. </p> <p>Tag key–value
* pairs are not case sensitive, but case is preserved. This means that you cannot
* have separate <code>Department</code> and <code>department</code> tag keys.
* Assume that the role has the <code>Department</code>=<code>Marketing</code> tag
* and you pass the <code>department</code>=<code>engineering</code> session tag.
* <code>Department</code> and <code>department</code> are not saved as separate
* tags, and the session tag passed in the request takes precedence over the role
* tag.</p>
*/
inline bool TagsHasBeenSet() const { return m_tagsHasBeenSet; }
/**
* <p>A list of session tags. Each session tag consists of a key name and an
* associated value. For more information about session tags, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing
* Session Tags in STS</a> in the <i>IAM User Guide</i>.</p> <p>This parameter is
* optional. You can pass up to 50 session tags. The plaintext session tag keys
* can’t exceed 128 characters and the values can’t exceed 256 characters. For
* these and additional limits, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
* and STS Character Limits</a> in the <i>IAM User Guide</i>.</p> <p>An
* Amazon Web Services conversion compresses the passed inline session policy,
* managed policy ARNs, and session tags into a packed binary format that has a
* separate limit. Your request can fail for this limit even if your plaintext
* meets the other requirements. The <code>PackedPolicySize</code> response element
* indicates by percentage how close the policies and tags for your request are to
* the upper size limit.</p> <p>You can pass a session tag with the same
* key as a tag that is already attached to the user you are federating. When you
* do, session tags override a user tag with the same key. </p> <p>Tag key–value
* pairs are not case sensitive, but case is preserved. This means that you cannot
* have separate <code>Department</code> and <code>department</code> tag keys.
* Assume that the role has the <code>Department</code>=<code>Marketing</code> tag
* and you pass the <code>department</code>=<code>engineering</code> session tag.
* <code>Department</code> and <code>department</code> are not saved as separate
* tags, and the session tag passed in the request takes precedence over the role
* tag.</p>
*/
inline void SetTags(const Aws::Vector<Tag>& value) { m_tagsHasBeenSet = true; m_tags = value; }
/**
* <p>A list of session tags. Each session tag consists of a key name and an
* associated value. For more information about session tags, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing
* Session Tags in STS</a> in the <i>IAM User Guide</i>.</p> <p>This parameter is
* optional. You can pass up to 50 session tags. The plaintext session tag keys
* can’t exceed 128 characters and the values can’t exceed 256 characters. For
* these and additional limits, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
* and STS Character Limits</a> in the <i>IAM User Guide</i>.</p> <p>An
* Amazon Web Services conversion compresses the passed inline session policy,
* managed policy ARNs, and session tags into a packed binary format that has a
* separate limit. Your request can fail for this limit even if your plaintext
* meets the other requirements. The <code>PackedPolicySize</code> response element
* indicates by percentage how close the policies and tags for your request are to
* the upper size limit.</p> <p>You can pass a session tag with the same
* key as a tag that is already attached to the user you are federating. When you
* do, session tags override a user tag with the same key. </p> <p>Tag key–value
* pairs are not case sensitive, but case is preserved. This means that you cannot
* have separate <code>Department</code> and <code>department</code> tag keys.
* Assume that the role has the <code>Department</code>=<code>Marketing</code> tag
* and you pass the <code>department</code>=<code>engineering</code> session tag.
* <code>Department</code> and <code>department</code> are not saved as separate
* tags, and the session tag passed in the request takes precedence over the role
* tag.</p>
*/
inline void SetTags(Aws::Vector<Tag>&& value) { m_tagsHasBeenSet = true; m_tags = std::move(value); }
/**
* <p>A list of session tags. Each session tag consists of a key name and an
* associated value. For more information about session tags, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing
* Session Tags in STS</a> in the <i>IAM User Guide</i>.</p> <p>This parameter is
* optional. You can pass up to 50 session tags. The plaintext session tag keys
* can’t exceed 128 characters and the values can’t exceed 256 characters. For
* these and additional limits, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
* and STS Character Limits</a> in the <i>IAM User Guide</i>.</p> <p>An
* Amazon Web Services conversion compresses the passed inline session policy,
* managed policy ARNs, and session tags into a packed binary format that has a
* separate limit. Your request can fail for this limit even if your plaintext
* meets the other requirements. The <code>PackedPolicySize</code> response element
* indicates by percentage how close the policies and tags for your request are to
* the upper size limit.</p> <p>You can pass a session tag with the same
* key as a tag that is already attached to the user you are federating. When you
* do, session tags override a user tag with the same key. </p> <p>Tag key–value
* pairs are not case sensitive, but case is preserved. This means that you cannot
* have separate <code>Department</code> and <code>department</code> tag keys.
* Assume that the role has the <code>Department</code>=<code>Marketing</code> tag
* and you pass the <code>department</code>=<code>engineering</code> session tag.
* <code>Department</code> and <code>department</code> are not saved as separate
* tags, and the session tag passed in the request takes precedence over the role
* tag.</p>
*/
inline GetFederationTokenRequest& WithTags(const Aws::Vector<Tag>& value) { SetTags(value); return *this;}
/**
* <p>A list of session tags. Each session tag consists of a key name and an
* associated value. For more information about session tags, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing
* Session Tags in STS</a> in the <i>IAM User Guide</i>.</p> <p>This parameter is
* optional. You can pass up to 50 session tags. The plaintext session tag keys
* can’t exceed 128 characters and the values can’t exceed 256 characters. For
* these and additional limits, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
* and STS Character Limits</a> in the <i>IAM User Guide</i>.</p> <p>An
* Amazon Web Services conversion compresses the passed inline session policy,
* managed policy ARNs, and session tags into a packed binary format that has a
* separate limit. Your request can fail for this limit even if your plaintext
* meets the other requirements. The <code>PackedPolicySize</code> response element
* indicates by percentage how close the policies and tags for your request are to
* the upper size limit.</p> <p>You can pass a session tag with the same
* key as a tag that is already attached to the user you are federating. When you
* do, session tags override a user tag with the same key. </p> <p>Tag key–value
* pairs are not case sensitive, but case is preserved. This means that you cannot
* have separate <code>Department</code> and <code>department</code> tag keys.
* Assume that the role has the <code>Department</code>=<code>Marketing</code> tag
* and you pass the <code>department</code>=<code>engineering</code> session tag.
* <code>Department</code> and <code>department</code> are not saved as separate
* tags, and the session tag passed in the request takes precedence over the role
* tag.</p>
*/
inline GetFederationTokenRequest& WithTags(Aws::Vector<Tag>&& value) { SetTags(std::move(value)); return *this;}
/**
* <p>A list of session tags. Each session tag consists of a key name and an
* associated value. For more information about session tags, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing
* Session Tags in STS</a> in the <i>IAM User Guide</i>.</p> <p>This parameter is
* optional. You can pass up to 50 session tags. The plaintext session tag keys
* can’t exceed 128 characters and the values can’t exceed 256 characters. For
* these and additional limits, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
* and STS Character Limits</a> in the <i>IAM User Guide</i>.</p> <p>An
* Amazon Web Services conversion compresses the passed inline session policy,
* managed policy ARNs, and session tags into a packed binary format that has a
* separate limit. Your request can fail for this limit even if your plaintext
* meets the other requirements. The <code>PackedPolicySize</code> response element
* indicates by percentage how close the policies and tags for your request are to
* the upper size limit.</p> <p>You can pass a session tag with the same
* key as a tag that is already attached to the user you are federating. When you
* do, session tags override a user tag with the same key. </p> <p>Tag key–value
* pairs are not case sensitive, but case is preserved. This means that you cannot
* have separate <code>Department</code> and <code>department</code> tag keys.
* Assume that the role has the <code>Department</code>=<code>Marketing</code> tag
* and you pass the <code>department</code>=<code>engineering</code> session tag.
* <code>Department</code> and <code>department</code> are not saved as separate
* tags, and the session tag passed in the request takes precedence over the role
* tag.</p>
*/
inline GetFederationTokenRequest& AddTags(const Tag& value) { m_tagsHasBeenSet = true; m_tags.push_back(value); return *this; }
/**
* <p>A list of session tags. Each session tag consists of a key name and an
* associated value. For more information about session tags, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html">Passing
* Session Tags in STS</a> in the <i>IAM User Guide</i>.</p> <p>This parameter is
* optional. You can pass up to 50 session tags. The plaintext session tag keys
* can’t exceed 128 characters and the values can’t exceed 256 characters. For
* these and additional limits, see <a
* href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length">IAM
* and STS Character Limits</a> in the <i>IAM User Guide</i>.</p> <p>An
* Amazon Web Services conversion compresses the passed inline session policy,
* managed policy ARNs, and session tags into a packed binary format that has a
* separate limit. Your request can fail for this limit even if your plaintext
* meets the other requirements. The <code>PackedPolicySize</code> response element
* indicates by percentage how close the policies and tags for your request are to
* the upper size limit.</p> <p>You can pass a session tag with the same
* key as a tag that is already attached to the user you are federating. When you
* do, session tags override a user tag with the same key. </p> <p>Tag key–value
* pairs are not case sensitive, but case is preserved. This means that you cannot
* have separate <code>Department</code> and <code>department</code> tag keys.
* Assume that the role has the <code>Department</code>=<code>Marketing</code> tag
* and you pass the <code>department</code>=<code>engineering</code> session tag.
* <code>Department</code> and <code>department</code> are not saved as separate
* tags, and the session tag passed in the request takes precedence over the role
* tag.</p>
*/
inline GetFederationTokenRequest& AddTags(Tag&& value) { m_tagsHasBeenSet = true; m_tags.push_back(std::move(value)); return *this; }
private:
Aws::String m_name;
bool m_nameHasBeenSet = false;
Aws::String m_policy;
bool m_policyHasBeenSet = false;
Aws::Vector<PolicyDescriptorType> m_policyArns;
bool m_policyArnsHasBeenSet = false;
int m_durationSeconds;
bool m_durationSecondsHasBeenSet = false;
Aws::Vector<Tag> m_tags;
bool m_tagsHasBeenSet = false;
};
} // namespace Model
} // namespace STS
} // namespace Aws