/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#![allow(clippy::result_large_err)]
use aws_config::meta::region::RegionProviderChain;
use aws_sdk_sts::{meta::PKG_VERSION, Client, Error};
use aws_types::region::Region;
use aws_types::sdk_config::SdkConfig;
use clap::Parser;
#[derive(Debug, Parser)]
struct Opt {
/// The AWS Region.
#[structopt(short, long)]
region: Option<String>,
/// Whether to display additional information.
#[structopt(short, long)]
verbose: bool,
/// Whether to display additional information.
#[structopt(long)]
role_arn: String,
/// Whether to display additional information.
#[structopt(long)]
role_session_name: Option<String>,
}
// Displays the STS AssumeRole Arn.
// snippet-start:[sts.rust.assume_role]
async fn assume_role(config: &SdkConfig, role_name: String, session_name: Option<String>) {
let provider = aws_config::sts::AssumeRoleProvider::builder(role_name)
.session_name(session_name.unwrap_or("rust_sdk_example_session".into()))
.configure(config)
.build()
.await;
let local_config = aws_config::from_env()
.credentials_provider(provider)
.load()
.await;
let client = Client::new(&local_config);
let req = client.get_caller_identity();
let resp = req.send().await;
match resp {
Ok(e) => {
println!("UserID : {}", e.user_id().unwrap_or_default());
println!("Account: {}", e.account().unwrap_or_default());
println!("Arn : {}", e.arn().unwrap_or_default());
}
Err(e) => println!("{:?}", e),
}
}
// snippet-end:[sts.rust.assume_role]
/// Assumes another role and display some information about the role assumed
///
/// # Arguments
///
/// * `[-r REGION]` - The Region in which the client is created.
/// If not supplied, uses the value of the **AWS_REGION** environment variable.
/// If the environment variable is not set, defaults to **us-west-2**.
/// * `[--role-arn ROLE_ARN]` - The ARN of the IAM role to assume.
/// * `[--role-session-name ROLE_SESSION_NAME]` - The name of the session.
/// * `[-v]` - Whether to display information.
#[tokio::main]
async fn main() -> Result<(), Error> {
tracing_subscriber::fmt::init();
let Opt {
region,
verbose,
role_arn,
role_session_name,
} = Opt::parse();
let region_provider = RegionProviderChain::first_try(region.map(Region::new))
.or_default_provider()
.or_else(Region::new("us-west-2"));
println!();
if verbose {
println!("STS client version: {}", PKG_VERSION);
println!(
"Region: {}",
region_provider.region().await.unwrap().as_ref()
);
println!();
}
let shared_config = aws_config::from_env().region(region_provider).load().await;
assume_role(&shared_config, role_arn, role_session_name).await;
Ok(())
}
[package]
name = "sts_implement"
version = "0.1.0"
edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
aws-config = { version = "1.1.1", features = ["behavior-version-latest"] }
aws-sdk-sts = "1.9.0"
tokio = { version = "1", features = ["full"] }
aws-smithy-types = { version = "1.0.1" }
aws-types = { version = "1.0.1" }
clap = { version = "~4.4", features = ["derive"] }
tracing-subscriber = { version = "0.3.15", features = ["env-filter"]