|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Delphi ActiveX) AWS Security Token Service (STS) AssumeRoleSee more AWS Security Token Service ExamplesReturns a set of temporary security credentials that you can use to access AWS resources. These temporary credentials consist of an access key ID, a secret access key, and a security token. Typically, you use AssumeRole within your account or for cross-account access. For more information, see https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html
uses Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics, Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB; ... procedure TForm1.Button1Click(Sender: TObject); var rest: TChilkatRest; bTls: Integer; port: Integer; bAutoReconnect: Integer; success: Integer; authAws: TChilkatAuthAws; responseXml: WideString; xml: TChilkatXml; AssumeRoleResponse_xmlns: WideString; SourceIdentity: WideString; Arn: WideString; AssumedRoleId: WideString; AccessKeyId: WideString; SecretAccessKey: WideString; SessionToken: WideString; Expiration: WideString; PackedPolicySize: Integer; RequestId: WideString; begin // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. rest := TChilkatRest.Create(Self); // Connect to the Amazon AWS REST server. // such as https://sts.us-west-2.amazonaws.com/ bTls := 1; port := 443; bAutoReconnect := 1; success := rest.Connect('sts.us-west-2.amazonaws.com',port,bTls,bAutoReconnect); // Provide AWS credentials for the REST call. authAws := TChilkatAuthAws.Create(Self); authAws.AccessKey := 'AWS_ACCESS_KEY'; authAws.SecretKey := 'AWS_SECRET_KEY'; // the region should match our URL above.. // See https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html authAws.Region := 'us-west-2'; authAws.ServiceName := 'sts'; rest.SetAuthAws(authAws.ControlInterface); // Sample Request // https://sts.amazonaws.com/ // ?Version=2011-06-15 // &Action=AssumeRole // &RoleSessionName=testAR // &RoleArn=arn:aws:iam::123456789012:role/demo // &PolicyArns.member.1.arn=arn:aws:iam::123456789012:policy/demopolicy1 // &PolicyArns.member.2.arn=arn:aws:iam::123456789012:policy/demopolicy2 // &Policy={"Version":"2012-10-17","Statement":[{"Sid":"Stmt1", // "Effect":"Allow","Action":"s3:*","Resource":"*"}]} // &DurationSeconds=3600 // &Tags.member.1.Key=Project // &Tags.member.1.Value=Pegasus // &Tags.member.2.Key=Team // &Tags.member.2.Value=Engineering // &Tags.member.3.Key=Cost-Center // &Tags.member.3.Value=12345 // &TransitiveTagKeys.member.1=Project // &TransitiveTagKeys.member.2=Cost-Center // &ExternalId=123ABC // &SourceIdentity=Alice // &AUTHPARAMS rest.AddQueryParam('Version','2011-06-15'); rest.AddQueryParam('Action','AssumeRole'); rest.AddQueryParam('DurationSeconds','3600'); rest.AddQueryParam('RoleSessionName','testAR'); rest.AddQueryParam('RoleArn','arn:aws:iam::123456789012:role/demo'); rest.AddQueryParam('PolicyArns.member.1.arn','arn:aws:iam::123456789012:policy/demopolicy1'); rest.AddQueryParam('PolicyArns.member.2.arn','arn:aws:iam::123456789012:policy/demopolicy2'); rest.AddQueryParam('Policy','{"Version":"2012-10-17","Statement":[{"Sid":"Stmt1","Effect":"Allow","Action":"s3:*","Resource":"*"}]}'); rest.AddQueryParam('Tags.member.1.Key','Project'); rest.AddQueryParam('Tags.member.1.Value','Pegasus'); rest.AddQueryParam('Tags.member.2.Key','Team'); rest.AddQueryParam('Tags.member.2.Value','Engineering'); rest.AddQueryParam('Tags.member.3.Key','Cost-Center'); rest.AddQueryParam('Tags.member.3.Value','12345'); rest.AddQueryParam('TransitiveTagKeys.member.1','Project'); rest.AddQueryParam('TransitiveTagKeys.member.2','Cost-Center'); rest.AddQueryParam('ExternalId','123ABC'); rest.AddQueryParam('SourceIdentity','Alice'); responseXml := rest.FullRequestNoBody('GET','/'); if (rest.LastMethodSuccess <> 1) then begin Memo1.Lines.Add(rest.LastErrorText); Exit; end; // A successful response will have a status code equal to 200. if (rest.ResponseStatusCode <> 200) then begin Memo1.Lines.Add('response status code = ' + IntToStr(rest.ResponseStatusCode)); Memo1.Lines.Add('response status text = ' + rest.ResponseStatusText); Memo1.Lines.Add('response header: ' + rest.ResponseHeader); Memo1.Lines.Add('response body: ' + responseXml); Exit; end; // Examine the successful XML response (shown below) xml := TChilkatXml.Create(Self); xml.LoadXml(responseXml); Memo1.Lines.Add(xml.GetXml()); // Sample response: // <AssumeRoleResponse xmlns="https://sts.amazonaws.com/doc/2011-06-15/"> // <AssumeRoleResult> // <SourceIdentity>Alice</SourceIdentity> // <AssumedRoleUser> // <Arn>arn:aws:sts::123456789012:assumed-role/demo/TestAR</Arn> // <AssumedRoleId>ARO123EXAMPLE123:TestAR</AssumedRoleId> // </AssumedRoleUser> // <Credentials> // <AccessKeyId>ASIAIOSFODNN7EXAMPLE</AccessKeyId> // <SecretAccessKey>wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY</SecretAccessKey> // <SessionToken> // AQoDYXdzEPT//////////wEXAMPLEtc764bNrC9SAPBSM22wDOk4x4HIZ8j4FZTwdQW // LWsKWHGBuFqwAeMicRXmxfpSPfIeoIYRqTflfKD8YUuwthAx7mSEI/qkPpKPi/kMcGd // QrmGdeehM4IC1NtBmUpp2wUE8phUZampKsburEDy0KPkyQDYwT7WZ0wq5VSXDvp75YU // 9HFvlRd8Tx6q6fE8YQcHNVXAkiY9q6d+xo0rKwT38xVqr7ZD0u0iPPkUL64lIZbqBAz // +scqKmlzm8FDrypNC9Yjc8fPOLn9FX9KSYvKTr4rvx3iSIlTJabIQwj2ICCR/oLxBA== // </SessionToken> // <Expiration>2019-11-09T13:34:41Z</Expiration> // </Credentials> // <PackedPolicySize>6</PackedPolicySize> // </AssumeRoleResult> // <ResponseMetadata> // <RequestId>c6104cbe-af31-11e0-8154-cbc7ccf896c7</RequestId> // </ResponseMetadata> // </AssumeRoleResponse> // Sample parse code: AssumeRoleResponse_xmlns := xml.GetAttrValue('xmlns'); SourceIdentity := xml.GetChildContent('AssumeRoleResult|SourceIdentity'); Arn := xml.GetChildContent('AssumeRoleResult|AssumedRoleUser|Arn'); AssumedRoleId := xml.GetChildContent('AssumeRoleResult|AssumedRoleUser|AssumedRoleId'); AccessKeyId := xml.GetChildContent('AssumeRoleResult|Credentials|AccessKeyId'); SecretAccessKey := xml.GetChildContent('AssumeRoleResult|Credentials|SecretAccessKey'); SessionToken := xml.GetChildContent('AssumeRoleResult|Credentials|SessionToken'); Expiration := xml.GetChildContent('AssumeRoleResult|Credentials|Expiration'); PackedPolicySize := xml.GetChildIntValue('AssumeRoleResult|PackedPolicySize'); RequestId := xml.GetChildContent('ResponseMetadata|RequestId'); // Save the session token XML to a file for use by another Chilkat example.. success := xml.SaveXml('qa_data/tokens/aws_session_token.xml'); end; |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.