Interface SsoClient
-
- All Superinterfaces:
AutoCloseable,AwsClient,SdkAutoCloseable,SdkClient
@Generated("software.amazon.awssdk:codegen") @ThreadSafe public interface SsoClient extends AwsClient
Service client for accessing SSO. This can be created using the staticbuilder()method.AWS IAM Identity Center (successor to AWS Single Sign-On) Portal is a web service that makes it easy for you to assign user access to IAM Identity Center resources such as the AWS access portal. Users can get AWS account applications and roles assigned to them and get federated into the application.
Although AWS Single Sign-On was renamed, the
ssoandidentitystoreAPI namespaces will continue to retain their original name for backward compatibility purposes. For more information, see IAM Identity Center rename.This reference guide describes the IAM Identity Center Portal operations that you can call programatically and includes detailed information on data types and errors.
AWS provides SDKs that consist of libraries and sample code for various programming languages and platforms, such as Java, Ruby, .Net, iOS, or Android. The SDKs provide a convenient way to create programmatic access to IAM Identity Center and other AWS services. For more information about the AWS SDKs, including how to download and install them, see Tools for Amazon Web Services.
-
-
Field Summary
Fields Modifier and Type Field Description static StringSERVICE_METADATA_IDValue for looking up the service's metadata from theServiceMetadataProvider.static StringSERVICE_NAME
-
Method Summary
All Methods Static Methods Instance Methods Default Methods Modifier and Type Method Description static SsoClientBuilderbuilder()Create a builder that can be used to configure and create aSsoClient.static SsoClientcreate()Create aSsoClientwith the region loaded from theDefaultAwsRegionProviderChainand credentials loaded from theDefaultCredentialsProvider.default GetRoleCredentialsResponsegetRoleCredentials(Consumer<GetRoleCredentialsRequest.Builder> getRoleCredentialsRequest)Returns the STS short-term credentials for a given role name that is assigned to the user.default GetRoleCredentialsResponsegetRoleCredentials(GetRoleCredentialsRequest getRoleCredentialsRequest)Returns the STS short-term credentials for a given role name that is assigned to the user.default ListAccountRolesResponselistAccountRoles(Consumer<ListAccountRolesRequest.Builder> listAccountRolesRequest)Lists all roles that are assigned to the user for a given AWS account.default ListAccountRolesResponselistAccountRoles(ListAccountRolesRequest listAccountRolesRequest)Lists all roles that are assigned to the user for a given AWS account.default ListAccountRolesIterablelistAccountRolesPaginator(Consumer<ListAccountRolesRequest.Builder> listAccountRolesRequest)Lists all roles that are assigned to the user for a given AWS account.default ListAccountRolesIterablelistAccountRolesPaginator(ListAccountRolesRequest listAccountRolesRequest)Lists all roles that are assigned to the user for a given AWS account.default ListAccountsResponselistAccounts(Consumer<ListAccountsRequest.Builder> listAccountsRequest)Lists all AWS accounts assigned to the user.default ListAccountsResponselistAccounts(ListAccountsRequest listAccountsRequest)Lists all AWS accounts assigned to the user.default ListAccountsIterablelistAccountsPaginator(Consumer<ListAccountsRequest.Builder> listAccountsRequest)Lists all AWS accounts assigned to the user.default ListAccountsIterablelistAccountsPaginator(ListAccountsRequest listAccountsRequest)Lists all AWS accounts assigned to the user.default LogoutResponselogout(Consumer<LogoutRequest.Builder> logoutRequest)Removes the locally stored SSO tokens from the client-side cache and sends an API call to the IAM Identity Center service to invalidate the corresponding server-side IAM Identity Center sign in session.default LogoutResponselogout(LogoutRequest logoutRequest)Removes the locally stored SSO tokens from the client-side cache and sends an API call to the IAM Identity Center service to invalidate the corresponding server-side IAM Identity Center sign in session.default SsoServiceClientConfigurationserviceClientConfiguration()static ServiceMetadataserviceMetadata()-
Methods inherited from interface software.amazon.awssdk.utils.SdkAutoCloseable
close
-
Methods inherited from interface software.amazon.awssdk.core.SdkClient
serviceName
-
-
-
-
Field Detail
-
SERVICE_NAME
static final String SERVICE_NAME
- See Also:
- Constant Field Values
-
SERVICE_METADATA_ID
static final String SERVICE_METADATA_ID
Value for looking up the service's metadata from theServiceMetadataProvider.- See Also:
- Constant Field Values
-
-
Method Detail
-
getRoleCredentials
default GetRoleCredentialsResponse getRoleCredentials(GetRoleCredentialsRequest getRoleCredentialsRequest) throws InvalidRequestException, UnauthorizedException, TooManyRequestsException, ResourceNotFoundException, AwsServiceException, SdkClientException, SsoException
Returns the STS short-term credentials for a given role name that is assigned to the user.
- Parameters:
getRoleCredentialsRequest-- Returns:
- Result of the GetRoleCredentials operation returned by the service.
- Throws:
InvalidRequestException- Indicates that a problem occurred with the input to the request. For example, a required parameter might be missing or out of range.UnauthorizedException- Indicates that the request is not authorized. This can happen due to an invalid access token in the request.TooManyRequestsException- Indicates that the request is being made too frequently and is more than what the server can handle.ResourceNotFoundException- The specified resource doesn't exist.SdkException- Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.SdkClientException- If any client side error occurs such as an IO related failure, failure to get credentials, etc.SsoException- Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.AwsServiceException- See Also:
- AWS API Documentation
-
getRoleCredentials
default GetRoleCredentialsResponse getRoleCredentials(Consumer<GetRoleCredentialsRequest.Builder> getRoleCredentialsRequest) throws InvalidRequestException, UnauthorizedException, TooManyRequestsException, ResourceNotFoundException, AwsServiceException, SdkClientException, SsoException
Returns the STS short-term credentials for a given role name that is assigned to the user.
This is a convenience which creates an instance of the
GetRoleCredentialsRequest.Builderavoiding the need to create one manually viaGetRoleCredentialsRequest.builder()- Parameters:
getRoleCredentialsRequest- AConsumerthat will call methods onGetRoleCredentialsRequest.Builderto create a request.- Returns:
- Result of the GetRoleCredentials operation returned by the service.
- Throws:
InvalidRequestException- Indicates that a problem occurred with the input to the request. For example, a required parameter might be missing or out of range.UnauthorizedException- Indicates that the request is not authorized. This can happen due to an invalid access token in the request.TooManyRequestsException- Indicates that the request is being made too frequently and is more than what the server can handle.ResourceNotFoundException- The specified resource doesn't exist.SdkException- Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.SdkClientException- If any client side error occurs such as an IO related failure, failure to get credentials, etc.SsoException- Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.AwsServiceException- See Also:
- AWS API Documentation
-
listAccountRoles
default ListAccountRolesResponse listAccountRoles(ListAccountRolesRequest listAccountRolesRequest) throws InvalidRequestException, UnauthorizedException, TooManyRequestsException, ResourceNotFoundException, AwsServiceException, SdkClientException, SsoException
Lists all roles that are assigned to the user for a given AWS account.
- Parameters:
listAccountRolesRequest-- Returns:
- Result of the ListAccountRoles operation returned by the service.
- Throws:
InvalidRequestException- Indicates that a problem occurred with the input to the request. For example, a required parameter might be missing or out of range.UnauthorizedException- Indicates that the request is not authorized. This can happen due to an invalid access token in the request.TooManyRequestsException- Indicates that the request is being made too frequently and is more than what the server can handle.ResourceNotFoundException- The specified resource doesn't exist.SdkException- Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.SdkClientException- If any client side error occurs such as an IO related failure, failure to get credentials, etc.SsoException- Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.AwsServiceException- See Also:
- AWS API Documentation
-
listAccountRoles
default ListAccountRolesResponse listAccountRoles(Consumer<ListAccountRolesRequest.Builder> listAccountRolesRequest) throws InvalidRequestException, UnauthorizedException, TooManyRequestsException, ResourceNotFoundException, AwsServiceException, SdkClientException, SsoException
Lists all roles that are assigned to the user for a given AWS account.
This is a convenience which creates an instance of the
ListAccountRolesRequest.Builderavoiding the need to create one manually viaListAccountRolesRequest.builder()- Parameters:
listAccountRolesRequest- AConsumerthat will call methods onListAccountRolesRequest.Builderto create a request.- Returns:
- Result of the ListAccountRoles operation returned by the service.
- Throws:
InvalidRequestException- Indicates that a problem occurred with the input to the request. For example, a required parameter might be missing or out of range.UnauthorizedException- Indicates that the request is not authorized. This can happen due to an invalid access token in the request.TooManyRequestsException- Indicates that the request is being made too frequently and is more than what the server can handle.ResourceNotFoundException- The specified resource doesn't exist.SdkException- Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.SdkClientException- If any client side error occurs such as an IO related failure, failure to get credentials, etc.SsoException- Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.AwsServiceException- See Also:
- AWS API Documentation
-
listAccountRolesPaginator
default ListAccountRolesIterable listAccountRolesPaginator(ListAccountRolesRequest listAccountRolesRequest) throws InvalidRequestException, UnauthorizedException, TooManyRequestsException, ResourceNotFoundException, AwsServiceException, SdkClientException, SsoException
Lists all roles that are assigned to the user for a given AWS account.
This is a variant of
listAccountRoles(software.amazon.awssdk.services.sso.model.ListAccountRolesRequest)operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Stream
2) Using For loopsoftware.amazon.awssdk.services.sso.paginators.ListAccountRolesIterable responses = client.listAccountRolesPaginator(request); responses.stream().forEach(....);{ @code software.amazon.awssdk.services.sso.paginators.ListAccountRolesIterable responses = client.listAccountRolesPaginator(request); for (software.amazon.awssdk.services.sso.model.ListAccountRolesResponse response : responses) { // do something; } }3) Use iterator directlysoftware.amazon.awssdk.services.sso.paginators.ListAccountRolesIterable responses = client.listAccountRolesPaginator(request); responses.iterator().forEachRemaining(....);Please notice that the configuration of maxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
listAccountRoles(software.amazon.awssdk.services.sso.model.ListAccountRolesRequest)operation.- Parameters:
listAccountRolesRequest-- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- Throws:
InvalidRequestException- Indicates that a problem occurred with the input to the request. For example, a required parameter might be missing or out of range.UnauthorizedException- Indicates that the request is not authorized. This can happen due to an invalid access token in the request.TooManyRequestsException- Indicates that the request is being made too frequently and is more than what the server can handle.ResourceNotFoundException- The specified resource doesn't exist.SdkException- Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.SdkClientException- If any client side error occurs such as an IO related failure, failure to get credentials, etc.SsoException- Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.AwsServiceException- See Also:
- AWS API Documentation
-
listAccountRolesPaginator
default ListAccountRolesIterable listAccountRolesPaginator(Consumer<ListAccountRolesRequest.Builder> listAccountRolesRequest) throws InvalidRequestException, UnauthorizedException, TooManyRequestsException, ResourceNotFoundException, AwsServiceException, SdkClientException, SsoException
Lists all roles that are assigned to the user for a given AWS account.
This is a variant of
listAccountRoles(software.amazon.awssdk.services.sso.model.ListAccountRolesRequest)operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Stream
2) Using For loopsoftware.amazon.awssdk.services.sso.paginators.ListAccountRolesIterable responses = client.listAccountRolesPaginator(request); responses.stream().forEach(....);{ @code software.amazon.awssdk.services.sso.paginators.ListAccountRolesIterable responses = client.listAccountRolesPaginator(request); for (software.amazon.awssdk.services.sso.model.ListAccountRolesResponse response : responses) { // do something; } }3) Use iterator directlysoftware.amazon.awssdk.services.sso.paginators.ListAccountRolesIterable responses = client.listAccountRolesPaginator(request); responses.iterator().forEachRemaining(....);Please notice that the configuration of maxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
listAccountRoles(software.amazon.awssdk.services.sso.model.ListAccountRolesRequest)operation.This is a convenience which creates an instance of the
ListAccountRolesRequest.Builderavoiding the need to create one manually viaListAccountRolesRequest.builder()- Parameters:
listAccountRolesRequest- AConsumerthat will call methods onListAccountRolesRequest.Builderto create a request.- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- Throws:
InvalidRequestException- Indicates that a problem occurred with the input to the request. For example, a required parameter might be missing or out of range.UnauthorizedException- Indicates that the request is not authorized. This can happen due to an invalid access token in the request.TooManyRequestsException- Indicates that the request is being made too frequently and is more than what the server can handle.ResourceNotFoundException- The specified resource doesn't exist.SdkException- Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.SdkClientException- If any client side error occurs such as an IO related failure, failure to get credentials, etc.SsoException- Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.AwsServiceException- See Also:
- AWS API Documentation
-
listAccounts
default ListAccountsResponse listAccounts(ListAccountsRequest listAccountsRequest) throws InvalidRequestException, UnauthorizedException, TooManyRequestsException, ResourceNotFoundException, AwsServiceException, SdkClientException, SsoException
Lists all AWS accounts assigned to the user. These AWS accounts are assigned by the administrator of the account. For more information, see Assign User Access in the IAM Identity Center User Guide. This operation returns a paginated response.
- Parameters:
listAccountsRequest-- Returns:
- Result of the ListAccounts operation returned by the service.
- Throws:
InvalidRequestException- Indicates that a problem occurred with the input to the request. For example, a required parameter might be missing or out of range.UnauthorizedException- Indicates that the request is not authorized. This can happen due to an invalid access token in the request.TooManyRequestsException- Indicates that the request is being made too frequently and is more than what the server can handle.ResourceNotFoundException- The specified resource doesn't exist.SdkException- Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.SdkClientException- If any client side error occurs such as an IO related failure, failure to get credentials, etc.SsoException- Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.AwsServiceException- See Also:
- AWS API Documentation
-
listAccounts
default ListAccountsResponse listAccounts(Consumer<ListAccountsRequest.Builder> listAccountsRequest) throws InvalidRequestException, UnauthorizedException, TooManyRequestsException, ResourceNotFoundException, AwsServiceException, SdkClientException, SsoException
Lists all AWS accounts assigned to the user. These AWS accounts are assigned by the administrator of the account. For more information, see Assign User Access in the IAM Identity Center User Guide. This operation returns a paginated response.
This is a convenience which creates an instance of the
ListAccountsRequest.Builderavoiding the need to create one manually viaListAccountsRequest.builder()- Parameters:
listAccountsRequest- AConsumerthat will call methods onListAccountsRequest.Builderto create a request.- Returns:
- Result of the ListAccounts operation returned by the service.
- Throws:
InvalidRequestException- Indicates that a problem occurred with the input to the request. For example, a required parameter might be missing or out of range.UnauthorizedException- Indicates that the request is not authorized. This can happen due to an invalid access token in the request.TooManyRequestsException- Indicates that the request is being made too frequently and is more than what the server can handle.ResourceNotFoundException- The specified resource doesn't exist.SdkException- Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.SdkClientException- If any client side error occurs such as an IO related failure, failure to get credentials, etc.SsoException- Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.AwsServiceException- See Also:
- AWS API Documentation
-
listAccountsPaginator
default ListAccountsIterable listAccountsPaginator(ListAccountsRequest listAccountsRequest) throws InvalidRequestException, UnauthorizedException, TooManyRequestsException, ResourceNotFoundException, AwsServiceException, SdkClientException, SsoException
Lists all AWS accounts assigned to the user. These AWS accounts are assigned by the administrator of the account. For more information, see Assign User Access in the IAM Identity Center User Guide. This operation returns a paginated response.
This is a variant of
listAccounts(software.amazon.awssdk.services.sso.model.ListAccountsRequest)operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Stream
2) Using For loopsoftware.amazon.awssdk.services.sso.paginators.ListAccountsIterable responses = client.listAccountsPaginator(request); responses.stream().forEach(....);{ @code software.amazon.awssdk.services.sso.paginators.ListAccountsIterable responses = client.listAccountsPaginator(request); for (software.amazon.awssdk.services.sso.model.ListAccountsResponse response : responses) { // do something; } }3) Use iterator directlysoftware.amazon.awssdk.services.sso.paginators.ListAccountsIterable responses = client.listAccountsPaginator(request); responses.iterator().forEachRemaining(....);Please notice that the configuration of maxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
listAccounts(software.amazon.awssdk.services.sso.model.ListAccountsRequest)operation.- Parameters:
listAccountsRequest-- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- Throws:
InvalidRequestException- Indicates that a problem occurred with the input to the request. For example, a required parameter might be missing or out of range.UnauthorizedException- Indicates that the request is not authorized. This can happen due to an invalid access token in the request.TooManyRequestsException- Indicates that the request is being made too frequently and is more than what the server can handle.ResourceNotFoundException- The specified resource doesn't exist.SdkException- Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.SdkClientException- If any client side error occurs such as an IO related failure, failure to get credentials, etc.SsoException- Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.AwsServiceException- See Also:
- AWS API Documentation
-
listAccountsPaginator
default ListAccountsIterable listAccountsPaginator(Consumer<ListAccountsRequest.Builder> listAccountsRequest) throws InvalidRequestException, UnauthorizedException, TooManyRequestsException, ResourceNotFoundException, AwsServiceException, SdkClientException, SsoException
Lists all AWS accounts assigned to the user. These AWS accounts are assigned by the administrator of the account. For more information, see Assign User Access in the IAM Identity Center User Guide. This operation returns a paginated response.
This is a variant of
listAccounts(software.amazon.awssdk.services.sso.model.ListAccountsRequest)operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle making service calls for you.When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response pages by making service calls until there are no pages left or your iteration stops. If there are errors in your request, you will see the failures only after you start iterating through the iterable.
The following are few ways to iterate through the response pages:
1) Using a Stream
2) Using For loopsoftware.amazon.awssdk.services.sso.paginators.ListAccountsIterable responses = client.listAccountsPaginator(request); responses.stream().forEach(....);{ @code software.amazon.awssdk.services.sso.paginators.ListAccountsIterable responses = client.listAccountsPaginator(request); for (software.amazon.awssdk.services.sso.model.ListAccountsResponse response : responses) { // do something; } }3) Use iterator directlysoftware.amazon.awssdk.services.sso.paginators.ListAccountsIterable responses = client.listAccountsPaginator(request); responses.iterator().forEachRemaining(....);Please notice that the configuration of maxResults won't limit the number of results you get with the paginator. It only limits the number of results in each page.
Note: If you prefer to have control on service calls, use the
listAccounts(software.amazon.awssdk.services.sso.model.ListAccountsRequest)operation.This is a convenience which creates an instance of the
ListAccountsRequest.Builderavoiding the need to create one manually viaListAccountsRequest.builder()- Parameters:
listAccountsRequest- AConsumerthat will call methods onListAccountsRequest.Builderto create a request.- Returns:
- A custom iterable that can be used to iterate through all the response pages.
- Throws:
InvalidRequestException- Indicates that a problem occurred with the input to the request. For example, a required parameter might be missing or out of range.UnauthorizedException- Indicates that the request is not authorized. This can happen due to an invalid access token in the request.TooManyRequestsException- Indicates that the request is being made too frequently and is more than what the server can handle.ResourceNotFoundException- The specified resource doesn't exist.SdkException- Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.SdkClientException- If any client side error occurs such as an IO related failure, failure to get credentials, etc.SsoException- Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.AwsServiceException- See Also:
- AWS API Documentation
-
logout
default LogoutResponse logout(LogoutRequest logoutRequest) throws InvalidRequestException, UnauthorizedException, TooManyRequestsException, AwsServiceException, SdkClientException, SsoException
Removes the locally stored SSO tokens from the client-side cache and sends an API call to the IAM Identity Center service to invalidate the corresponding server-side IAM Identity Center sign in session.
If a user uses IAM Identity Center to access the AWS CLI, the user’s IAM Identity Center sign in session is used to obtain an IAM session, as specified in the corresponding IAM Identity Center permission set. More specifically, IAM Identity Center assumes an IAM role in the target account on behalf of the user, and the corresponding temporary AWS credentials are returned to the client.
After user logout, any existing IAM role sessions that were created by using IAM Identity Center permission sets continue based on the duration configured in the permission set. For more information, see User authentications in the IAM Identity Center User Guide.
- Parameters:
logoutRequest-- Returns:
- Result of the Logout operation returned by the service.
- Throws:
InvalidRequestException- Indicates that a problem occurred with the input to the request. For example, a required parameter might be missing or out of range.UnauthorizedException- Indicates that the request is not authorized. This can happen due to an invalid access token in the request.TooManyRequestsException- Indicates that the request is being made too frequently and is more than what the server can handle.SdkException- Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.SdkClientException- If any client side error occurs such as an IO related failure, failure to get credentials, etc.SsoException- Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.AwsServiceException- See Also:
- AWS API Documentation
-
logout
default LogoutResponse logout(Consumer<LogoutRequest.Builder> logoutRequest) throws InvalidRequestException, UnauthorizedException, TooManyRequestsException, AwsServiceException, SdkClientException, SsoException
Removes the locally stored SSO tokens from the client-side cache and sends an API call to the IAM Identity Center service to invalidate the corresponding server-side IAM Identity Center sign in session.
If a user uses IAM Identity Center to access the AWS CLI, the user’s IAM Identity Center sign in session is used to obtain an IAM session, as specified in the corresponding IAM Identity Center permission set. More specifically, IAM Identity Center assumes an IAM role in the target account on behalf of the user, and the corresponding temporary AWS credentials are returned to the client.
After user logout, any existing IAM role sessions that were created by using IAM Identity Center permission sets continue based on the duration configured in the permission set. For more information, see User authentications in the IAM Identity Center User Guide.
This is a convenience which creates an instance of the
LogoutRequest.Builderavoiding the need to create one manually viaLogoutRequest.builder()- Parameters:
logoutRequest- AConsumerthat will call methods onLogoutRequest.Builderto create a request.- Returns:
- Result of the Logout operation returned by the service.
- Throws:
InvalidRequestException- Indicates that a problem occurred with the input to the request. For example, a required parameter might be missing or out of range.UnauthorizedException- Indicates that the request is not authorized. This can happen due to an invalid access token in the request.TooManyRequestsException- Indicates that the request is being made too frequently and is more than what the server can handle.SdkException- Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.SdkClientException- If any client side error occurs such as an IO related failure, failure to get credentials, etc.SsoException- Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.AwsServiceException- See Also:
- AWS API Documentation
-
create
static SsoClient create()
Create aSsoClientwith the region loaded from theDefaultAwsRegionProviderChainand credentials loaded from theDefaultCredentialsProvider.
-
builder
static SsoClientBuilder builder()
Create a builder that can be used to configure and create aSsoClient.
-
serviceMetadata
static ServiceMetadata serviceMetadata()
-
serviceClientConfiguration
default SsoServiceClientConfiguration serviceClientConfiguration()
- Specified by:
serviceClientConfigurationin interfaceAwsClient- Specified by:
serviceClientConfigurationin interfaceSdkClient
-
-