aws_sdk_sts/operation/assume_root/builders.rs
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196
// Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
pub use crate::operation::assume_root::_assume_root_output::AssumeRootOutputBuilder;
pub use crate::operation::assume_root::_assume_root_input::AssumeRootInputBuilder;
impl crate::operation::assume_root::builders::AssumeRootInputBuilder {
/// Sends a request with this input using the given client.
pub async fn send_with(
self,
client: &crate::Client,
) -> ::std::result::Result<
crate::operation::assume_root::AssumeRootOutput,
::aws_smithy_runtime_api::client::result::SdkError<
crate::operation::assume_root::AssumeRootError,
::aws_smithy_runtime_api::client::orchestrator::HttpResponse,
>,
> {
let mut fluent_builder = client.assume_root();
fluent_builder.inner = self;
fluent_builder.send().await
}
}
/// Fluent builder constructing a request to `AssumeRoot`.
///
/// <p>Returns a set of short term credentials you can use to perform privileged tasks in a member account.</p>
/// <p>Before you can launch a privileged session, you must have enabled centralized root access in your organization. For steps to enable this feature, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-enable-root-access.html">Centralize root access for member accounts</a> in the <i>IAM User Guide</i>.</p><note>
/// <p>The global endpoint is not supported for AssumeRoot. You must send this request to a Regional STS endpoint. For more information, see <a href="https://docs.aws.amazon.com/STS/latest/APIReference/welcome.html#sts-endpoints">Endpoints</a>.</p>
/// </note>
/// <p>You can track AssumeRoot in CloudTrail logs to determine what actions were performed in a session. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-track-privileged-tasks.html">Track privileged tasks in CloudTrail</a> in the <i>IAM User Guide</i>.</p>
#[derive(::std::clone::Clone, ::std::fmt::Debug)]
pub struct AssumeRootFluentBuilder {
handle: ::std::sync::Arc<crate::client::Handle>,
inner: crate::operation::assume_root::builders::AssumeRootInputBuilder,
config_override: ::std::option::Option<crate::config::Builder>,
}
impl
crate::client::customize::internal::CustomizableSend<
crate::operation::assume_root::AssumeRootOutput,
crate::operation::assume_root::AssumeRootError,
> for AssumeRootFluentBuilder
{
fn send(
self,
config_override: crate::config::Builder,
) -> crate::client::customize::internal::BoxFuture<
crate::client::customize::internal::SendResult<
crate::operation::assume_root::AssumeRootOutput,
crate::operation::assume_root::AssumeRootError,
>,
> {
::std::boxed::Box::pin(async move { self.config_override(config_override).send().await })
}
}
impl AssumeRootFluentBuilder {
/// Creates a new `AssumeRootFluentBuilder`.
pub(crate) fn new(handle: ::std::sync::Arc<crate::client::Handle>) -> Self {
Self {
handle,
inner: ::std::default::Default::default(),
config_override: ::std::option::Option::None,
}
}
/// Access the AssumeRoot as a reference.
pub fn as_input(&self) -> &crate::operation::assume_root::builders::AssumeRootInputBuilder {
&self.inner
}
/// Sends the request and returns the response.
///
/// If an error occurs, an `SdkError` will be returned with additional details that
/// can be matched against.
///
/// By default, any retryable failures will be retried twice. Retry behavior
/// is configurable with the [RetryConfig](aws_smithy_types::retry::RetryConfig), which can be
/// set when configuring the client.
pub async fn send(
self,
) -> ::std::result::Result<
crate::operation::assume_root::AssumeRootOutput,
::aws_smithy_runtime_api::client::result::SdkError<
crate::operation::assume_root::AssumeRootError,
::aws_smithy_runtime_api::client::orchestrator::HttpResponse,
>,
> {
let input = self
.inner
.build()
.map_err(::aws_smithy_runtime_api::client::result::SdkError::construction_failure)?;
let runtime_plugins = crate::operation::assume_root::AssumeRoot::operation_runtime_plugins(
self.handle.runtime_plugins.clone(),
&self.handle.conf,
self.config_override,
);
crate::operation::assume_root::AssumeRoot::orchestrate(&runtime_plugins, input).await
}
/// Consumes this builder, creating a customizable operation that can be modified before being sent.
pub fn customize(
self,
) -> crate::client::customize::CustomizableOperation<
crate::operation::assume_root::AssumeRootOutput,
crate::operation::assume_root::AssumeRootError,
Self,
> {
crate::client::customize::CustomizableOperation::new(self)
}
pub(crate) fn config_override(mut self, config_override: impl ::std::convert::Into<crate::config::Builder>) -> Self {
self.set_config_override(::std::option::Option::Some(config_override.into()));
self
}
pub(crate) fn set_config_override(&mut self, config_override: ::std::option::Option<crate::config::Builder>) -> &mut Self {
self.config_override = config_override;
self
}
/// <p>The member account principal ARN or account ID.</p>
pub fn target_principal(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
self.inner = self.inner.target_principal(input.into());
self
}
/// <p>The member account principal ARN or account ID.</p>
pub fn set_target_principal(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
self.inner = self.inner.set_target_principal(input);
self
}
/// <p>The member account principal ARN or account ID.</p>
pub fn get_target_principal(&self) -> &::std::option::Option<::std::string::String> {
self.inner.get_target_principal()
}
/// <p>The identity based policy that scopes the session to the privileged tasks that can be performed. You can use one of following Amazon Web Services managed policies to scope root session actions. You can add additional customer managed policies to further limit the permissions for the root session.</p>
/// <ul>
/// <li>
/// <p><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMAuditRootUserCredentials">IAMAuditRootUserCredentials</a></p></li>
/// <li>
/// <p><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMCreateRootUserPassword">IAMCreateRootUserPassword</a></p></li>
/// <li>
/// <p><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMDeleteRootUserCredentials">IAMDeleteRootUserCredentials</a></p></li>
/// <li>
/// <p><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-S3UnlockBucketPolicy">S3UnlockBucketPolicy</a></p></li>
/// <li>
/// <p><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-SQSUnlockQueuePolicy">SQSUnlockQueuePolicy</a></p></li>
/// </ul>
pub fn task_policy_arn(mut self, input: crate::types::PolicyDescriptorType) -> Self {
self.inner = self.inner.task_policy_arn(input);
self
}
/// <p>The identity based policy that scopes the session to the privileged tasks that can be performed. You can use one of following Amazon Web Services managed policies to scope root session actions. You can add additional customer managed policies to further limit the permissions for the root session.</p>
/// <ul>
/// <li>
/// <p><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMAuditRootUserCredentials">IAMAuditRootUserCredentials</a></p></li>
/// <li>
/// <p><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMCreateRootUserPassword">IAMCreateRootUserPassword</a></p></li>
/// <li>
/// <p><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMDeleteRootUserCredentials">IAMDeleteRootUserCredentials</a></p></li>
/// <li>
/// <p><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-S3UnlockBucketPolicy">S3UnlockBucketPolicy</a></p></li>
/// <li>
/// <p><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-SQSUnlockQueuePolicy">SQSUnlockQueuePolicy</a></p></li>
/// </ul>
pub fn set_task_policy_arn(mut self, input: ::std::option::Option<crate::types::PolicyDescriptorType>) -> Self {
self.inner = self.inner.set_task_policy_arn(input);
self
}
/// <p>The identity based policy that scopes the session to the privileged tasks that can be performed. You can use one of following Amazon Web Services managed policies to scope root session actions. You can add additional customer managed policies to further limit the permissions for the root session.</p>
/// <ul>
/// <li>
/// <p><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMAuditRootUserCredentials">IAMAuditRootUserCredentials</a></p></li>
/// <li>
/// <p><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMCreateRootUserPassword">IAMCreateRootUserPassword</a></p></li>
/// <li>
/// <p><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-IAMDeleteRootUserCredentials">IAMDeleteRootUserCredentials</a></p></li>
/// <li>
/// <p><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-S3UnlockBucketPolicy">S3UnlockBucketPolicy</a></p></li>
/// <li>
/// <p><a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/security-iam-awsmanpol.html#security-iam-awsmanpol-SQSUnlockQueuePolicy">SQSUnlockQueuePolicy</a></p></li>
/// </ul>
pub fn get_task_policy_arn(&self) -> &::std::option::Option<crate::types::PolicyDescriptorType> {
self.inner.get_task_policy_arn()
}
/// <p>The duration, in seconds, of the privileged session. The value can range from 0 seconds up to the maximum session duration of 900 seconds (15 minutes). If you specify a value higher than this setting, the operation fails.</p>
/// <p>By default, the value is set to <code>900</code> seconds.</p>
pub fn duration_seconds(mut self, input: i32) -> Self {
self.inner = self.inner.duration_seconds(input);
self
}
/// <p>The duration, in seconds, of the privileged session. The value can range from 0 seconds up to the maximum session duration of 900 seconds (15 minutes). If you specify a value higher than this setting, the operation fails.</p>
/// <p>By default, the value is set to <code>900</code> seconds.</p>
pub fn set_duration_seconds(mut self, input: ::std::option::Option<i32>) -> Self {
self.inner = self.inner.set_duration_seconds(input);
self
}
/// <p>The duration, in seconds, of the privileged session. The value can range from 0 seconds up to the maximum session duration of 900 seconds (15 minutes). If you specify a value higher than this setting, the operation fails.</p>
/// <p>By default, the value is set to <code>900</code> seconds.</p>
pub fn get_duration_seconds(&self) -> &::std::option::Option<i32> {
self.inner.get_duration_seconds()
}
}