Skip to content

STSClient

Index > STS > STSClient

Auto-generated documentation for STS type annotations stubs module mypy-boto3-sts.

STSClient

Type annotations and code completion for boto3.client("sts"). boto3 documentation

Usage example
from boto3.session import Session
from mypy_boto3_sts.client import STSClient

def get_sts_client() -> STSClient:
    return Session().client("sts")

Exceptions

boto3 client exceptions are generated in runtime. This class provides code completion for boto3.client("sts").exceptions structure.

Usage example
client = boto3.client("sts")

try:
    do_something(client)
except (
    client.ClientError,
    client.ExpiredTokenException,
    client.IDPCommunicationErrorException,
    client.IDPRejectedClaimException,
    client.InvalidAuthorizationMessageException,
    client.InvalidIdentityTokenException,
    client.MalformedPolicyDocumentException,
    client.PackedPolicyTooLargeException,
    client.RegionDisabledException,
) as e:
    print(e)
Type checking example
from mypy_boto3_sts.client import Exceptions

def handle_error(exc: Exceptions.ClientError) -> None:
    ...

Methods

assume_role

Returns a set of temporary security credentials that you can use to access Amazon Web Services resources that you might not normally have access to.

Type annotations and code completion for boto3.client("sts").assume_role method. boto3 documentation

Method definition
def assume_role(
    self,
    *,
    RoleArn: str,
    RoleSessionName: str,
    PolicyArns: Sequence[PolicyDescriptorTypeTypeDef] = ...,  # (1)
    Policy: str = ...,
    DurationSeconds: int = ...,
    Tags: Sequence[TagTypeDef] = ...,  # (2)
    TransitiveTagKeys: Sequence[str] = ...,
    ExternalId: str = ...,
    SerialNumber: str = ...,
    TokenCode: str = ...,
    SourceIdentity: str = ...,
) -> AssumeRoleResponseTypeDef:  # (3)
    ...
  1. See PolicyDescriptorTypeTypeDef
  2. See TagTypeDef
  3. See AssumeRoleResponseTypeDef
Usage example with kwargs
kwargs: AssumeRoleRequestRequestTypeDef = {  # (1)
    "RoleArn": ...,
    "RoleSessionName": ...,
}

parent.assume_role(**kwargs)
  1. See AssumeRoleRequestRequestTypeDef

assume_role_with_saml

Returns a set of temporary security credentials for users who have been authenticated via a SAML authentication response.

Type annotations and code completion for boto3.client("sts").assume_role_with_saml method. boto3 documentation

Method definition
def assume_role_with_saml(
    self,
    *,
    RoleArn: str,
    PrincipalArn: str,
    SAMLAssertion: str,
    PolicyArns: Sequence[PolicyDescriptorTypeTypeDef] = ...,  # (1)
    Policy: str = ...,
    DurationSeconds: int = ...,
) -> AssumeRoleWithSAMLResponseTypeDef:  # (2)
    ...
  1. See PolicyDescriptorTypeTypeDef
  2. See AssumeRoleWithSAMLResponseTypeDef
Usage example with kwargs
kwargs: AssumeRoleWithSAMLRequestRequestTypeDef = {  # (1)
    "RoleArn": ...,
    "PrincipalArn": ...,
    "SAMLAssertion": ...,
}

parent.assume_role_with_saml(**kwargs)
  1. See AssumeRoleWithSAMLRequestRequestTypeDef

assume_role_with_web_identity

Returns a set of temporary security credentials for users who have been authenticated in a mobile or web application with a web identity provider.

Type annotations and code completion for boto3.client("sts").assume_role_with_web_identity method. boto3 documentation

Method definition
def assume_role_with_web_identity(
    self,
    *,
    RoleArn: str,
    RoleSessionName: str,
    WebIdentityToken: str,
    ProviderId: str = ...,
    PolicyArns: Sequence[PolicyDescriptorTypeTypeDef] = ...,  # (1)
    Policy: str = ...,
    DurationSeconds: int = ...,
) -> AssumeRoleWithWebIdentityResponseTypeDef:  # (2)
    ...
  1. See PolicyDescriptorTypeTypeDef
  2. See AssumeRoleWithWebIdentityResponseTypeDef
Usage example with kwargs
kwargs: AssumeRoleWithWebIdentityRequestRequestTypeDef = {  # (1)
    "RoleArn": ...,
    "RoleSessionName": ...,
    "WebIdentityToken": ...,
}

parent.assume_role_with_web_identity(**kwargs)
  1. See AssumeRoleWithWebIdentityRequestRequestTypeDef

can_paginate

Check if an operation can be paginated.

Type annotations and code completion for boto3.client("sts").can_paginate method. boto3 documentation

Method definition
def can_paginate(
    self,
    operation_name: str,
) -> bool:
    ...

close

Closes underlying endpoint connections.

Type annotations and code completion for boto3.client("sts").close method. boto3 documentation

Method definition
def close(
    self,
) -> None:
    ...

decode_authorization_message

Decodes additional information about the authorization status of a request from an encoded message returned in response to an Amazon Web Services request.

Type annotations and code completion for boto3.client("sts").decode_authorization_message method. boto3 documentation

Method definition
def decode_authorization_message(
    self,
    *,
    EncodedMessage: str,
) -> DecodeAuthorizationMessageResponseTypeDef:  # (1)
    ...
  1. See DecodeAuthorizationMessageResponseTypeDef
Usage example with kwargs
kwargs: DecodeAuthorizationMessageRequestRequestTypeDef = {  # (1)
    "EncodedMessage": ...,
}

parent.decode_authorization_message(**kwargs)
  1. See DecodeAuthorizationMessageRequestRequestTypeDef

generate_presigned_url

Generate a presigned url given a client, its method, and arguments.

Type annotations and code completion for boto3.client("sts").generate_presigned_url method. boto3 documentation

Method definition
def generate_presigned_url(
    self,
    ClientMethod: str,
    Params: Mapping[str, Any] = ...,
    ExpiresIn: int = 3600,
    HttpMethod: str = ...,
) -> str:
    ...

get_access_key_info

Returns the account identifier for the specified access key ID.

Type annotations and code completion for boto3.client("sts").get_access_key_info method. boto3 documentation

Method definition
def get_access_key_info(
    self,
    *,
    AccessKeyId: str,
) -> GetAccessKeyInfoResponseTypeDef:  # (1)
    ...
  1. See GetAccessKeyInfoResponseTypeDef
Usage example with kwargs
kwargs: GetAccessKeyInfoRequestRequestTypeDef = {  # (1)
    "AccessKeyId": ...,
}

parent.get_access_key_info(**kwargs)
  1. See GetAccessKeyInfoRequestRequestTypeDef

get_caller_identity

Returns details about the IAM user or role whose credentials are used to call the operation.

Type annotations and code completion for boto3.client("sts").get_caller_identity method. boto3 documentation

Method definition
def get_caller_identity(
    self,
) -> GetCallerIdentityResponseTypeDef:  # (1)
    ...
  1. See GetCallerIdentityResponseTypeDef

get_federation_token

Returns a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) for a federated user.

Type annotations and code completion for boto3.client("sts").get_federation_token method. boto3 documentation

Method definition
def get_federation_token(
    self,
    *,
    Name: str,
    Policy: str = ...,
    PolicyArns: Sequence[PolicyDescriptorTypeTypeDef] = ...,  # (1)
    DurationSeconds: int = ...,
    Tags: Sequence[TagTypeDef] = ...,  # (2)
) -> GetFederationTokenResponseTypeDef:  # (3)
    ...
  1. See PolicyDescriptorTypeTypeDef
  2. See TagTypeDef
  3. See GetFederationTokenResponseTypeDef
Usage example with kwargs
kwargs: GetFederationTokenRequestRequestTypeDef = {  # (1)
    "Name": ...,
}

parent.get_federation_token(**kwargs)
  1. See GetFederationTokenRequestRequestTypeDef

get_session_token

Returns a set of temporary credentials for an Amazon Web Services account or IAM user.

Type annotations and code completion for boto3.client("sts").get_session_token method. boto3 documentation

Method definition
def get_session_token(
    self,
    *,
    DurationSeconds: int = ...,
    SerialNumber: str = ...,
    TokenCode: str = ...,
) -> GetSessionTokenResponseTypeDef:  # (1)
    ...
  1. See GetSessionTokenResponseTypeDef
Usage example with kwargs
kwargs: GetSessionTokenRequestRequestTypeDef = {  # (1)
    "DurationSeconds": ...,
}

parent.get_session_token(**kwargs)
  1. See GetSessionTokenRequestRequestTypeDef