When using plain auth credentials I can do:
ContextBuilder.newBuilder("aws-s3").credentials(keyId, key).buildView(BlobStoreContext.class);
... to access BlobStoreContext for S3.
In native Amazon java api I can use Security Token Service (STS) to assume role and use temporary credentials to access S3 or any other AWS service.
How do I do this in jclouds?
I figured it out.
This code snippet allows to assume role and use temp credentials to access S3:
STSApi api = ContextBuilder.newBuilder("sts").credentials(keyId,
key).buildApi(STSApi.class);
AssumeRoleOptions assumeRoleOptions = new AssumeRoleOptions().durationSeconds(3600).externalId(externalId);
final UserAndSessionCredentials credentials = api.assumeRole(roleArn, sessionName, assumeRoleOptions);
Supplier<Credentials> credentialsSupplier = new Supplier<Credentials>() {
@Override
public Credentials get() {
return credentials.getCredentials();
}
};
BlobStoreContext context = ContextBuilder.newBuilder("aws-s3").credentialsSupplier(credentialsSupplier).buildView(BlobStoreContext.class);