public static final class AssumeRoleWithOIDCRequest.Builder extends Object
| 限定符和类型 | 方法和说明 |
|---|---|
AssumeRoleWithOIDCRequest |
build() |
AssumeRoleWithOIDCRequest.Builder |
durationSeconds(Long durationSeconds)
The validity period of the STS token.
|
AssumeRoleWithOIDCRequest.Builder |
OIDCProviderArn(String OIDCProviderArn)
The Alibaba Cloud Resource Name (ARN) of the OIDC IdP.
|
AssumeRoleWithOIDCRequest.Builder |
OIDCToken(String OIDCToken)
The OIDC token that is issued by the external IdP.
|
AssumeRoleWithOIDCRequest.Builder |
policy(String policy)
The policy that specifies the permissions of the returned STS token.
|
AssumeRoleWithOIDCRequest.Builder |
roleArn(String roleArn)
The ARN of the RAM role.
|
AssumeRoleWithOIDCRequest.Builder |
roleSessionName(String roleSessionName)
The custom name of the role session.
|
public AssumeRoleWithOIDCRequest.Builder durationSeconds(Long durationSeconds)
Default value: 3600. Minimum value: 900. Maximum value: the value of the `MaxSessionDuration` parameter. For more information about how to specify `MaxSessionDuration`, see [CreateRole](~~28710~~) or [UpdateRole](~~28712~~).
public AssumeRoleWithOIDCRequest.Builder OIDCProviderArn(String OIDCProviderArn)
You can view the ARN in the RAM console or by calling operations. * For more information about how to view the ARN in the RAM console, see [View the information about an OIDC IdP](~~327123~~). * For more information about how to view the ARN by calling operations, see [GetOIDCProvider](~~327126~~) or [ListOIDCProviders](~~327127~~).
public AssumeRoleWithOIDCRequest.Builder OIDCToken(String OIDCToken)
The OIDC token must be 4 to 20,000 characters in length. > You must enter the original OIDC token. You do not need to enter the Base64-encoded OIDC token.
public AssumeRoleWithOIDCRequest.Builder policy(String policy)
* If you specify this parameter, the permissions of the returned STS token are the permissions that are included in the value of this parameter and owned by the RAM role. * If you do not specify this parameter, the returned STS token has all the permissions of the RAM role. The value must be 1 to 2,048 characters in length.
public AssumeRoleWithOIDCRequest.Builder roleArn(String roleArn)
You can view the ARN in the RAM console or by calling operations. * For more information about how to view the ARN in the RAM console, see [How do I view the ARN of the RAM role?](~~39744~~) * For more information about how to view the ARN by calling operations, see [ListRoles](~~28713~~) or [GetRole](~~28711~~).
public AssumeRoleWithOIDCRequest.Builder roleSessionName(String roleSessionName)
Set this parameter based on your business requirements. In most cases, this parameter is set to the identity of the user who calls the operation, for example, the username. In ActionTrail logs, you can distinguish the users who assume the same RAM role to perform operations based on the value of the RoleSessionName parameter. This way, you can perform user-specific auditing. The value can contain letters, digits, periods (.), at signs (@), hyphens (-), and underscores (\_). The value must be 2 to 64 characters in length.
public AssumeRoleWithOIDCRequest build()
Copyright © 2023. All rights reserved.