AWS SDK for Go code examples for AWS STS

Purpose

These examples demonstrate how to perform several AWS System Token Service (AWS STS) operations.

Prerequisites

You must have an AWS account, and have your default credentials and AWS Region configured as described in Configuring the AWS SDK for Go in the AWS SDK for Go Developer Guide.

Running the code

TakeRole/TakeRole.go

This example gets temporary security credentials to access resources.

go run TakeRole.go -r ROLE-ARN -S SESSION-NAME

• ROLE-ARN is the Amazon Resource Name (ARN) of the role to assume.
• SESSION-NAME is a unique identifier for the session.

The unit test mocks the service client and the AssumeRole function.

Notes

• We recommend that you grant this code least privilege, or at most the minimum permissions required to perform the task. For more information, see Grant Least Privilege in the AWS Identity and Access Management User Guide.
• This code has not been tested in all AWS Regions. Some AWS services are available only in specific Regions.
• Running this code might result in charges to your AWS account.

Running the unit tests

Unit tests should delete any resources they create. However, they might result in charges to your AWS account.

To run a unit test, enter the following.

go test

You should see something like the following, where PATH is the path to the folder containing the Go files.

PASS
ok      PATH 6.593s

To see any log messages, enter the following.

go test -test.v

You should see additional log messages. The last two lines should be similar to the previous output shown.

Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. SPDX-License-Identifier: Apache-2.0