|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Delphi DLL) AWS Security Token Service (STS) AssumeRoleSee more AWS Security Token Service ExamplesReturns a set of temporary security credentials that you can use to access AWS resources. These temporary credentials consist of an access key ID, a secret access key, and a security token. Typically, you use AssumeRole within your account or for cross-account access. For more information, see https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html
uses Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics, Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, AuthAws, Rest, Xml; ... procedure TForm1.Button1Click(Sender: TObject); var rest: HCkRest; bTls: Boolean; port: Integer; bAutoReconnect: Boolean; success: Boolean; authAws: HCkAuthAws; responseXml: PWideChar; xml: HCkXml; AssumeRoleResponse_xmlns: PWideChar; SourceIdentity: PWideChar; Arn: PWideChar; AssumedRoleId: PWideChar; AccessKeyId: PWideChar; SecretAccessKey: PWideChar; SessionToken: PWideChar; Expiration: PWideChar; PackedPolicySize: Integer; RequestId: PWideChar; begin // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. rest := CkRest_Create(); // Connect to the Amazon AWS REST server. // such as https://sts.us-west-2.amazonaws.com/ bTls := True; port := 443; bAutoReconnect := True; success := CkRest_Connect(rest,'sts.us-west-2.amazonaws.com',port,bTls,bAutoReconnect); // Provide AWS credentials for the REST call. authAws := CkAuthAws_Create(); CkAuthAws_putAccessKey(authAws,'AWS_ACCESS_KEY'); CkAuthAws_putSecretKey(authAws,'AWS_SECRET_KEY'); // the region should match our URL above.. // See https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html CkAuthAws_putRegion(authAws,'us-west-2'); CkAuthAws_putServiceName(authAws,'sts'); CkRest_SetAuthAws(rest,authAws); // Sample Request // https://sts.amazonaws.com/ // ?Version=2011-06-15 // &Action=AssumeRole // &RoleSessionName=testAR // &RoleArn=arn:aws:iam::123456789012:role/demo // &PolicyArns.member.1.arn=arn:aws:iam::123456789012:policy/demopolicy1 // &PolicyArns.member.2.arn=arn:aws:iam::123456789012:policy/demopolicy2 // &Policy={"Version":"2012-10-17","Statement":[{"Sid":"Stmt1", // "Effect":"Allow","Action":"s3:*","Resource":"*"}]} // &DurationSeconds=3600 // &Tags.member.1.Key=Project // &Tags.member.1.Value=Pegasus // &Tags.member.2.Key=Team // &Tags.member.2.Value=Engineering // &Tags.member.3.Key=Cost-Center // &Tags.member.3.Value=12345 // &TransitiveTagKeys.member.1=Project // &TransitiveTagKeys.member.2=Cost-Center // &ExternalId=123ABC // &SourceIdentity=Alice // &AUTHPARAMS CkRest_AddQueryParam(rest,'Version','2011-06-15'); CkRest_AddQueryParam(rest,'Action','AssumeRole'); CkRest_AddQueryParam(rest,'DurationSeconds','3600'); CkRest_AddQueryParam(rest,'RoleSessionName','testAR'); CkRest_AddQueryParam(rest,'RoleArn','arn:aws:iam::123456789012:role/demo'); CkRest_AddQueryParam(rest,'PolicyArns.member.1.arn','arn:aws:iam::123456789012:policy/demopolicy1'); CkRest_AddQueryParam(rest,'PolicyArns.member.2.arn','arn:aws:iam::123456789012:policy/demopolicy2'); CkRest_AddQueryParam(rest,'Policy','{"Version":"2012-10-17","Statement":[{"Sid":"Stmt1","Effect":"Allow","Action":"s3:*","Resource":"*"}]}'); CkRest_AddQueryParam(rest,'Tags.member.1.Key','Project'); CkRest_AddQueryParam(rest,'Tags.member.1.Value','Pegasus'); CkRest_AddQueryParam(rest,'Tags.member.2.Key','Team'); CkRest_AddQueryParam(rest,'Tags.member.2.Value','Engineering'); CkRest_AddQueryParam(rest,'Tags.member.3.Key','Cost-Center'); CkRest_AddQueryParam(rest,'Tags.member.3.Value','12345'); CkRest_AddQueryParam(rest,'TransitiveTagKeys.member.1','Project'); CkRest_AddQueryParam(rest,'TransitiveTagKeys.member.2','Cost-Center'); CkRest_AddQueryParam(rest,'ExternalId','123ABC'); CkRest_AddQueryParam(rest,'SourceIdentity','Alice'); responseXml := CkRest__fullRequestNoBody(rest,'GET','/'); if (CkRest_getLastMethodSuccess(rest) <> True) then begin Memo1.Lines.Add(CkRest__lastErrorText(rest)); Exit; end; // A successful response will have a status code equal to 200. if (CkRest_getResponseStatusCode(rest) <> 200) then begin Memo1.Lines.Add('response status code = ' + IntToStr(CkRest_getResponseStatusCode(rest))); Memo1.Lines.Add('response status text = ' + CkRest__responseStatusText(rest)); Memo1.Lines.Add('response header: ' + CkRest__responseHeader(rest)); Memo1.Lines.Add('response body: ' + responseXml); Exit; end; // Examine the successful XML response (shown below) xml := CkXml_Create(); CkXml_LoadXml(xml,responseXml); Memo1.Lines.Add(CkXml__getXml(xml)); // Sample response: // <AssumeRoleResponse xmlns="https://sts.amazonaws.com/doc/2011-06-15/"> // <AssumeRoleResult> // <SourceIdentity>Alice</SourceIdentity> // <AssumedRoleUser> // <Arn>arn:aws:sts::123456789012:assumed-role/demo/TestAR</Arn> // <AssumedRoleId>ARO123EXAMPLE123:TestAR</AssumedRoleId> // </AssumedRoleUser> // <Credentials> // <AccessKeyId>ASIAIOSFODNN7EXAMPLE</AccessKeyId> // <SecretAccessKey>wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY</SecretAccessKey> // <SessionToken> // AQoDYXdzEPT//////////wEXAMPLEtc764bNrC9SAPBSM22wDOk4x4HIZ8j4FZTwdQW // LWsKWHGBuFqwAeMicRXmxfpSPfIeoIYRqTflfKD8YUuwthAx7mSEI/qkPpKPi/kMcGd // QrmGdeehM4IC1NtBmUpp2wUE8phUZampKsburEDy0KPkyQDYwT7WZ0wq5VSXDvp75YU // 9HFvlRd8Tx6q6fE8YQcHNVXAkiY9q6d+xo0rKwT38xVqr7ZD0u0iPPkUL64lIZbqBAz // +scqKmlzm8FDrypNC9Yjc8fPOLn9FX9KSYvKTr4rvx3iSIlTJabIQwj2ICCR/oLxBA== // </SessionToken> // <Expiration>2019-11-09T13:34:41Z</Expiration> // </Credentials> // <PackedPolicySize>6</PackedPolicySize> // </AssumeRoleResult> // <ResponseMetadata> // <RequestId>c6104cbe-af31-11e0-8154-cbc7ccf896c7</RequestId> // </ResponseMetadata> // </AssumeRoleResponse> // Sample parse code: AssumeRoleResponse_xmlns := CkXml__getAttrValue(xml,'xmlns'); SourceIdentity := CkXml__getChildContent(xml,'AssumeRoleResult|SourceIdentity'); Arn := CkXml__getChildContent(xml,'AssumeRoleResult|AssumedRoleUser|Arn'); AssumedRoleId := CkXml__getChildContent(xml,'AssumeRoleResult|AssumedRoleUser|AssumedRoleId'); AccessKeyId := CkXml__getChildContent(xml,'AssumeRoleResult|Credentials|AccessKeyId'); SecretAccessKey := CkXml__getChildContent(xml,'AssumeRoleResult|Credentials|SecretAccessKey'); SessionToken := CkXml__getChildContent(xml,'AssumeRoleResult|Credentials|SessionToken'); Expiration := CkXml__getChildContent(xml,'AssumeRoleResult|Credentials|Expiration'); PackedPolicySize := CkXml_GetChildIntValue(xml,'AssumeRoleResult|PackedPolicySize'); RequestId := CkXml__getChildContent(xml,'ResponseMetadata|RequestId'); // Save the session token XML to a file for use by another Chilkat example.. success := CkXml_SaveXml(xml,'qa_data/tokens/aws_session_token.xml'); CkRest_Dispose(rest); CkAuthAws_Dispose(authAws); CkXml_Dispose(xml); end; |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.