Manualshelf

User guide

ManualsBrandsAmazon ManualsComputer equipmentAWS SDK
61626364656667686970
GetSessionTokenRequest session_token_request = new GetSessionTokenRequest();
session_token_request.setDurationSeconds(7200); // optional.
The duration of temporary credentials can range from 900 seconds (15 minutes) to 129600 seconds
(36 hours) for IAM users. If a duration isn't specified, then 43200 seconds (12 hours) is used by
default.
For a root AWS account, the valid range of temporary credentials is from 900 to 3600 seconds (1
hour), with a default value of 3600 seconds if no duration is specified.
Important
It is strongly recommended, from a security standpoint, that you use IAM users instead of
the root account for AWS access. For more information, see IAM Best Practices in the AWS
Identity and Access Management User Guide.
4. Call getSessionToken on the STS client to get a session token, using the GetSessionTokenRequest
object:
GetSessionTokenResult session_token_result =
sts_client.getSessionToken(session_token_request);
5. Get session credentials using the result of the call to getSessionToken:
Credentials session_creds = session_token_result.getCredentials();
The session credentials provide access only for the duration that was specified by the
GetSessionTokenRequest object. Once the credentials expire, you will need to call
getSessionToken again to obtain a new session token for continued access to AWS.
Use the temporary credentials to access AWS
resources
Once you have temporary security credentials, you can use them to initialize an AWS service client to
use its resources, using the technique described in Explicitly Specifying Credentials (p. 12).
For example, to create an S3 client using temporary service credentials:
BasicSessionCredentials basic_session_creds = new BasicSessionCredentials(
session_creds.getAccessKeyId(),
session_creds.getSecretAccessKey(),
session_creds.getSessionToken());
AmazonS3Client s3 = new AmazonS3Client(basic_session_creds);
You can now use the AmazonS3Client object to make Amazon S3 requests.
Version v1.0.0
63
AWS SDK for Java Developer Guide
Use the temporary credentials to access AWS resources