AWS Security Token Service (sts)

Updates

Actions

• AssumeRole
  
  Conditions
  
  • － aws:PrincipalTag/${TagKey}
  • － aws:SourceIdentity
• AssumeRoleWithSAML
  
  Conditions
  
  • － aws:PrincipalTag/${TagKey}
• AssumeRoleWithWebIdentity
  
  Conditions
  
  • － aws:PrincipalTag/${TagKey}
• GetFederationToken
  
  Conditions
  
  • － aws:PrincipalTag/${TagKey}
• TagSession
  
  Conditions
  
  • ＋ saml:aud
  • － aws:PrincipalTag/${TagKey}
• SetSourceIdentity
  
  Conditions
  
  • － aws:SourceIdentity

Conditions

• aws:TagKeys
  
  Type
  
  • String  ⟶  ArrayOfString

Deletions

Conditions

• aws:FederatedProvider
  
  • Description:  Filters access by the IdP that was used to authenticate the user
  • Type:  String
• aws:PrincipalTag/${TagKey}
  
  • Description:  Filters access by the tag associated with the principal that is making the request
  • Type:  String
• aws:SourceIdentity
  
  • Description:  Filters access by the source identity that is set on the caller
  • Type:  String