get_role_credentials
(**kwargs)¶Returns the STS short-term credentials for a given role name that is assigned to the user.
See also: AWS API Documentation
Request Syntax
response = client.get_role_credentials(
roleName='string',
accountId='string',
accessToken='string'
)
[REQUIRED]
The friendly name of the role that is assigned to the user.
[REQUIRED]
The identifier for the AWS account that is assigned to the user.
[REQUIRED]
The token issued by the CreateToken
API call. For more information, see CreateToken in the IAM Identity Center OIDC API Reference Guide .
dict
Response Syntax
{
'roleCredentials': {
'accessKeyId': 'string',
'secretAccessKey': 'string',
'sessionToken': 'string',
'expiration': 123
}
}
Response Structure
(dict) --
roleCredentials (dict) --
The credentials for the role that is assigned to the user.
accessKeyId (string) --
The identifier used for the temporary security credentials. For more information, see Using Temporary Security Credentials to Request Access to AWS Resources in the AWS IAM User Guide .
secretAccessKey (string) --
The key that is used to sign the request. For more information, see Using Temporary Security Credentials to Request Access to AWS Resources in the AWS IAM User Guide .
sessionToken (string) --
The token used for temporary credentials. For more information, see Using Temporary Security Credentials to Request Access to AWS Resources in the AWS IAM User Guide .
expiration (integer) --
The date on which temporary security credentials expire.
Exceptions
SSO.Client.exceptions.InvalidRequestException
SSO.Client.exceptions.UnauthorizedException
SSO.Client.exceptions.TooManyRequestsException
SSO.Client.exceptions.ResourceNotFoundException