amazonka-2.0: Comprehensive Amazon Web Services SDK.
Copyright(c) 2013-2023 Brendan Hay
LicenseMozilla Public License, v. 2.0.
MaintainerBrendan Hay <brendan.g.hay+amazonka@gmail.com>
Stabilityprovisional
Portabilitynon-portable (GHC extensions)
Safe HaskellSafe-Inferred
LanguageHaskell2010

Amazonka.Auth.SSO

Description

 
Synopsis

Documentation

data CachedAccessToken Source #

Constructors

CachedAccessToken 

Fields

Instances

Instances details
FromJSON CachedAccessToken Source # 
Instance details

Defined in Amazonka.Auth.SSO

Methods

parseJSON :: Value -> Parser CachedAccessToken #

parseJSONList :: Value -> Parser [CachedAccessToken] #

Generic CachedAccessToken Source # 
Instance details

Defined in Amazonka.Auth.SSO

Associated Types

type Rep CachedAccessToken :: Type -> Type #

Methods

from :: CachedAccessToken -> Rep CachedAccessToken x #

to :: Rep CachedAccessToken x -> CachedAccessToken #

Show CachedAccessToken Source # 
Instance details

Defined in Amazonka.Auth.SSO

Methods

showsPrec :: Int -> CachedAccessToken -> ShowS #

show :: CachedAccessToken -> String #

showList :: [CachedAccessToken] -> ShowS #

Eq CachedAccessToken Source # 
Instance details

Defined in Amazonka.Auth.SSO

Methods

(==) :: CachedAccessToken -> CachedAccessToken -> Bool #

(/=) :: CachedAccessToken -> CachedAccessToken -> Bool #

type Rep CachedAccessToken Source # 
Instance details

Defined in Amazonka.Auth.SSO

type Rep CachedAccessToken = D1 ('MetaData "CachedAccessToken" "Amazonka.Auth.SSO" "amazonka-2.0-48plDWnPMAk3PGO79vdSa0" 'False) (C1 ('MetaCons "CachedAccessToken" 'PrefixI 'True) ((S1 ('MetaSel ('Just "startUrl") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text) :*: S1 ('MetaSel ('Just "region") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Region)) :*: (S1 ('MetaSel ('Just "accessToken") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Sensitive Text)) :*: S1 ('MetaSel ('Just "expiresAt") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 UTCTime))))

cachedAccessToken_startUrl :: Lens' CachedAccessToken Text Source #

cachedAccessToken_region :: Lens' CachedAccessToken Region Source #

cachedAccessToken_accessToken :: Lens' CachedAccessToken (Sensitive Text) Source #

cachedAccessToken_expiresAt :: Lens' CachedAccessToken UTCTime Source #

fromSSO Source #

Arguments

:: forall m withAuth. MonadIO m 
=> FilePath 
-> Region 
-> Text

Account ID

-> Text

Role Name

-> Env' withAuth 
-> m Env 

Assume a role using an SSO Token.

The user must have previously called aws sso login, and pass in the path to the cached token file, along with SSO region, account ID and role name. (fromFilePath understands the sso_ variables used by the official AWS CLI and will call fromSSO for you.) This function uses fetchAuthInBackground to refresh the credentials as long as the token in the sso/cache file is not expired. When it has, the user will need to aws sso login again.

https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html

relativeCachedTokenFile :: MonadIO m => Text -> m FilePath Source #

Return the cached token file for a given sso_start_url

Matches botocore, so that we find tokens produced by aws sso login.

readCachedAccessToken :: MonadIO m => FilePath -> m CachedAccessToken Source #

roleCredentialsToAuthEnv :: RoleCredentials -> AuthEnv Source #