Sample code for 30+ languages & platforms
Classic ASP

AWS Security Token Service (STS) AssumeRole

See more AWS Security Token Service Examples

Returns a set of temporary security credentials that you can use to access AWS resources. These temporary credentials consist of an access key ID, a secret access key, and a security token. Typically, you use AssumeRole within your account or for cross-account access.

Chilkat Classic ASP Downloads

Classic ASP
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<%
success = 0

' This example requires the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

set rest = Server.CreateObject("Chilkat.Rest")

' Connect to the Amazon AWS REST server.
' such as https://sts.us-west-2.amazonaws.com/
bTls = 1
port = 443
bAutoReconnect = 1
success = rest.Connect("sts.us-west-2.amazonaws.com",port,bTls,bAutoReconnect)

' Provide AWS credentials for the REST call.
set authAws = Server.CreateObject("Chilkat.AuthAws")
authAws.AccessKey = "AWS_ACCESS_KEY"
authAws.SecretKey = "AWS_SECRET_KEY"
' the region should match our URL above..
' See https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html
authAws.Region = "us-west-2"
authAws.ServiceName = "sts"

success = rest.SetAuthAws(authAws)

' Sample Request
' https://sts.amazonaws.com/
' ?Version=2011-06-15
' &Action=AssumeRole
' &RoleSessionName=testAR
' &RoleArn=arn:aws:iam::123456789012:role/demo
' &PolicyArns.member.1.arn=arn:aws:iam::123456789012:policy/demopolicy1
' &PolicyArns.member.2.arn=arn:aws:iam::123456789012:policy/demopolicy2
' &Policy={"Version":"2012-10-17","Statement":[{"Sid":"Stmt1",
' "Effect":"Allow","Action":"s3:*","Resource":"*"}]}
' &DurationSeconds=3600
' &Tags.member.1.Key=Project
' &Tags.member.1.Value=Pegasus
' &Tags.member.2.Key=Team
' &Tags.member.2.Value=Engineering
' &Tags.member.3.Key=Cost-Center
' &Tags.member.3.Value=12345
' &TransitiveTagKeys.member.1=Project
' &TransitiveTagKeys.member.2=Cost-Center
' &ExternalId=123ABC
' &SourceIdentity=Alice
' &AUTHPARAMS

success = rest.AddQueryParam("Version","2011-06-15")
success = rest.AddQueryParam("Action","AssumeRole")
success = rest.AddQueryParam("DurationSeconds","3600")

success = rest.AddQueryParam("RoleSessionName","testAR")
success = rest.AddQueryParam("RoleArn","arn:aws:iam::123456789012:role/demo")
success = rest.AddQueryParam("PolicyArns.member.1.arn","arn:aws:iam::123456789012:policy/demopolicy1")
success = rest.AddQueryParam("PolicyArns.member.2.arn","arn:aws:iam::123456789012:policy/demopolicy2")
success = rest.AddQueryParam("Policy","{""Version"":""2012-10-17"",""Statement"":[{""Sid"":""Stmt1"",""Effect"":""Allow"",""Action"":""s3:*"",""Resource"":""*""}]}")
success = rest.AddQueryParam("Tags.member.1.Key","Project")
success = rest.AddQueryParam("Tags.member.1.Value","Pegasus")
success = rest.AddQueryParam("Tags.member.2.Key","Team")
success = rest.AddQueryParam("Tags.member.2.Value","Engineering")
success = rest.AddQueryParam("Tags.member.3.Key","Cost-Center")
success = rest.AddQueryParam("Tags.member.3.Value","12345")
success = rest.AddQueryParam("TransitiveTagKeys.member.1","Project")
success = rest.AddQueryParam("TransitiveTagKeys.member.2","Cost-Center")
success = rest.AddQueryParam("ExternalId","123ABC")
success = rest.AddQueryParam("SourceIdentity","Alice")

responseXml = rest.FullRequestNoBody("GET","/")
If (rest.LastMethodSuccess <> 1) Then
    Response.Write "<pre>" & Server.HTMLEncode( rest.LastErrorText) & "</pre>"
    Response.End
End If

' A successful response will have a status code equal to 200.
If (rest.ResponseStatusCode <> 200) Then
    Response.Write "<pre>" & Server.HTMLEncode( "response status code = " & rest.ResponseStatusCode) & "</pre>"
    Response.Write "<pre>" & Server.HTMLEncode( "response status text = " & rest.ResponseStatusText) & "</pre>"
    Response.Write "<pre>" & Server.HTMLEncode( "response header: " & rest.ResponseHeader) & "</pre>"
    Response.Write "<pre>" & Server.HTMLEncode( "response body: " & responseXml) & "</pre>"
    Response.End
End If

' Examine the successful XML response (shown below)
set xml = Server.CreateObject("Chilkat.Xml")
success = xml.LoadXml(responseXml)
Response.Write "<pre>" & Server.HTMLEncode( xml.GetXml()) & "</pre>"

' Sample response:

' <AssumeRoleResponse xmlns="https://sts.amazonaws.com/doc/2011-06-15/">
'   <AssumeRoleResult>
'   <SourceIdentity>Alice</SourceIdentity>
'     <AssumedRoleUser>
'       <Arn>arn:aws:sts::123456789012:assumed-role/demo/TestAR</Arn>
'       <AssumedRoleId>ARO123EXAMPLE123:TestAR</AssumedRoleId>
'     </AssumedRoleUser>
'     <Credentials>
'       <AccessKeyId>ASIAIOSFODNN7EXAMPLE</AccessKeyId>
'       <SecretAccessKey>wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY</SecretAccessKey>
'       <SessionToken>
'        AQoDYXdzEPT//////////wEXAMPLEtc764bNrC9SAPBSM22wDOk4x4HIZ8j4FZTwdQW
'        LWsKWHGBuFqwAeMicRXmxfpSPfIeoIYRqTflfKD8YUuwthAx7mSEI/qkPpKPi/kMcGd
'        QrmGdeehM4IC1NtBmUpp2wUE8phUZampKsburEDy0KPkyQDYwT7WZ0wq5VSXDvp75YU
'        9HFvlRd8Tx6q6fE8YQcHNVXAkiY9q6d+xo0rKwT38xVqr7ZD0u0iPPkUL64lIZbqBAz
'        +scqKmlzm8FDrypNC9Yjc8fPOLn9FX9KSYvKTr4rvx3iSIlTJabIQwj2ICCR/oLxBA==
'       </SessionToken>
'       <Expiration>2019-11-09T13:34:41Z</Expiration>
'     </Credentials>
'     <PackedPolicySize>6</PackedPolicySize>
'   </AssumeRoleResult>
'   <ResponseMetadata>
'     <RequestId>c6104cbe-af31-11e0-8154-cbc7ccf896c7</RequestId>
'   </ResponseMetadata>
' </AssumeRoleResponse>

' Sample parse code:

AssumeRoleResponse_xmlns = xml.GetAttrValue("xmlns")
SourceIdentity = xml.GetChildContent("AssumeRoleResult|SourceIdentity")
Arn = xml.GetChildContent("AssumeRoleResult|AssumedRoleUser|Arn")
AssumedRoleId = xml.GetChildContent("AssumeRoleResult|AssumedRoleUser|AssumedRoleId")
AccessKeyId = xml.GetChildContent("AssumeRoleResult|Credentials|AccessKeyId")
SecretAccessKey = xml.GetChildContent("AssumeRoleResult|Credentials|SecretAccessKey")
SessionToken = xml.GetChildContent("AssumeRoleResult|Credentials|SessionToken")
Expiration = xml.GetChildContent("AssumeRoleResult|Credentials|Expiration")
PackedPolicySize = xml.GetChildIntValue("AssumeRoleResult|PackedPolicySize")
RequestId = xml.GetChildContent("ResponseMetadata|RequestId")

' Save the session token XML to a file for use by another Chilkat example..
success = xml.SaveXml("qa_data/tokens/aws_session_token.xml")

%>
</body>
</html>