Sample code for 30+ languages & platforms
Swift

AWS Security Token Service (STS) AssumeRole

See more AWS Security Token Service Examples

Returns a set of temporary security credentials that you can use to access AWS resources. These temporary credentials consist of an access key ID, a secret access key, and a security token. Typically, you use AssumeRole within your account or for cross-account access.

Chilkat Swift Downloads

Swift

func chilkatTest() {
    var success: Bool = false

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    let rest = CkoRest()!

    // Connect to the Amazon AWS REST server.
    // such as https://sts.us-west-2.amazonaws.com/
    var bTls: Bool = true
    var port: Int = 443
    var bAutoReconnect: Bool = true
    success = rest.connect(hostname: "sts.us-west-2.amazonaws.com", port: port, tls: bTls, autoReconnect: bAutoReconnect)

    // Provide AWS credentials for the REST call.
    let authAws = CkoAuthAws()!
    authAws.accessKey = "AWS_ACCESS_KEY"
    authAws.secretKey = "AWS_SECRET_KEY"
    // the region should match our URL above..
    // See https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html
    authAws.region = "us-west-2"
    authAws.serviceName = "sts"

    rest.setAuthAws(authProvider: authAws)

    // Sample Request
    // https://sts.amazonaws.com/
    // ?Version=2011-06-15
    // &Action=AssumeRole
    // &RoleSessionName=testAR
    // &RoleArn=arn:aws:iam::123456789012:role/demo
    // &PolicyArns.member.1.arn=arn:aws:iam::123456789012:policy/demopolicy1
    // &PolicyArns.member.2.arn=arn:aws:iam::123456789012:policy/demopolicy2
    // &Policy={"Version":"2012-10-17","Statement":[{"Sid":"Stmt1",
    // "Effect":"Allow","Action":"s3:*","Resource":"*"}]}
    // &DurationSeconds=3600
    // &Tags.member.1.Key=Project
    // &Tags.member.1.Value=Pegasus
    // &Tags.member.2.Key=Team
    // &Tags.member.2.Value=Engineering
    // &Tags.member.3.Key=Cost-Center
    // &Tags.member.3.Value=12345
    // &TransitiveTagKeys.member.1=Project
    // &TransitiveTagKeys.member.2=Cost-Center
    // &ExternalId=123ABC
    // &SourceIdentity=Alice
    // &AUTHPARAMS

    rest.addQueryParam(name: "Version", value: "2011-06-15")
    rest.addQueryParam(name: "Action", value: "AssumeRole")
    rest.addQueryParam(name: "DurationSeconds", value: "3600")

    rest.addQueryParam(name: "RoleSessionName", value: "testAR")
    rest.addQueryParam(name: "RoleArn", value: "arn:aws:iam::123456789012:role/demo")
    rest.addQueryParam(name: "PolicyArns.member.1.arn", value: "arn:aws:iam::123456789012:policy/demopolicy1")
    rest.addQueryParam(name: "PolicyArns.member.2.arn", value: "arn:aws:iam::123456789012:policy/demopolicy2")
    rest.addQueryParam(name: "Policy", value: "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"Stmt1\",\"Effect\":\"Allow\",\"Action\":\"s3:*\",\"Resource\":\"*\"}]}")
    rest.addQueryParam(name: "Tags.member.1.Key", value: "Project")
    rest.addQueryParam(name: "Tags.member.1.Value", value: "Pegasus")
    rest.addQueryParam(name: "Tags.member.2.Key", value: "Team")
    rest.addQueryParam(name: "Tags.member.2.Value", value: "Engineering")
    rest.addQueryParam(name: "Tags.member.3.Key", value: "Cost-Center")
    rest.addQueryParam(name: "Tags.member.3.Value", value: "12345")
    rest.addQueryParam(name: "TransitiveTagKeys.member.1", value: "Project")
    rest.addQueryParam(name: "TransitiveTagKeys.member.2", value: "Cost-Center")
    rest.addQueryParam(name: "ExternalId", value: "123ABC")
    rest.addQueryParam(name: "SourceIdentity", value: "Alice")

    var responseXml: String? = rest.fullRequestNoBody(httpVerb: "GET", uriPath: "/")
    if rest.lastMethodSuccess != true {
        print("\(rest.lastErrorText!)")
        return
    }

    // A successful response will have a status code equal to 200.
    if rest.responseStatusCode.intValue != 200 {
        print("response status code = \(rest.responseStatusCode.intValue)")
        print("response status text = \(rest.responseStatusText!)")
        print("response header: \(rest.responseHeader!)")
        print("response body: \(responseXml!)")
        return
    }

    // Examine the successful XML response (shown below)
    let xml = CkoXml()!
    xml.load(xmlData: responseXml)
    print("\(xml.getXml()!)")

    // Sample response:

    // <AssumeRoleResponse xmlns="https://sts.amazonaws.com/doc/2011-06-15/">
    //   <AssumeRoleResult>
    //   <SourceIdentity>Alice</SourceIdentity>
    //     <AssumedRoleUser>
    //       <Arn>arn:aws:sts::123456789012:assumed-role/demo/TestAR</Arn>
    //       <AssumedRoleId>ARO123EXAMPLE123:TestAR</AssumedRoleId>
    //     </AssumedRoleUser>
    //     <Credentials>
    //       <AccessKeyId>ASIAIOSFODNN7EXAMPLE</AccessKeyId>
    //       <SecretAccessKey>wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY</SecretAccessKey>
    //       <SessionToken>
    //        AQoDYXdzEPT//////////wEXAMPLEtc764bNrC9SAPBSM22wDOk4x4HIZ8j4FZTwdQW
    //        LWsKWHGBuFqwAeMicRXmxfpSPfIeoIYRqTflfKD8YUuwthAx7mSEI/qkPpKPi/kMcGd
    //        QrmGdeehM4IC1NtBmUpp2wUE8phUZampKsburEDy0KPkyQDYwT7WZ0wq5VSXDvp75YU
    //        9HFvlRd8Tx6q6fE8YQcHNVXAkiY9q6d+xo0rKwT38xVqr7ZD0u0iPPkUL64lIZbqBAz
    //        +scqKmlzm8FDrypNC9Yjc8fPOLn9FX9KSYvKTr4rvx3iSIlTJabIQwj2ICCR/oLxBA==
    //       </SessionToken>
    //       <Expiration>2019-11-09T13:34:41Z</Expiration>
    //     </Credentials>
    //     <PackedPolicySize>6</PackedPolicySize>
    //   </AssumeRoleResult>
    //   <ResponseMetadata>
    //     <RequestId>c6104cbe-af31-11e0-8154-cbc7ccf896c7</RequestId>
    //   </ResponseMetadata>
    // </AssumeRoleResponse>

    // Sample parse code:

    var AssumeRoleResponse_xmlns: String? = xml.getAttrValue(name: "xmlns")
    var SourceIdentity: String? = xml.getChildContent(tagPath: "AssumeRoleResult|SourceIdentity")
    var Arn: String? = xml.getChildContent(tagPath: "AssumeRoleResult|AssumedRoleUser|Arn")
    var AssumedRoleId: String? = xml.getChildContent(tagPath: "AssumeRoleResult|AssumedRoleUser|AssumedRoleId")
    var AccessKeyId: String? = xml.getChildContent(tagPath: "AssumeRoleResult|Credentials|AccessKeyId")
    var SecretAccessKey: String? = xml.getChildContent(tagPath: "AssumeRoleResult|Credentials|SecretAccessKey")
    var SessionToken: String? = xml.getChildContent(tagPath: "AssumeRoleResult|Credentials|SessionToken")
    var Expiration: String? = xml.getChildContent(tagPath: "AssumeRoleResult|Credentials|Expiration")
    var PackedPolicySize: Int = xml.getChildIntValue(tagPath: "AssumeRoleResult|PackedPolicySize").intValue
    var RequestId: String? = xml.getChildContent(tagPath: "ResponseMetadata|RequestId")

    // Save the session token XML to a file for use by another Chilkat example..
    success = xml.save(path: "qa_data/tokens/aws_session_token.xml")

}