AWS Security Token Service (STS) is a web service that enables you to request temporary, limited-privilege credentials for AWS Identity and Access Management (IAM) users or for users that you authenticate (federated users).
STS supports AWS CloudTrail, which is a service that records AWS calls for your AWS account and delivers log files to an Amazon S3 bucket. By using information collected by CloudTrail, you can determine what requests were successfully made to STS, who made the request, when it was made, and so on.
If you activate AWS STS endpoints in Regions other than the default global endpoint, then you must also turn on CloudTrail logging in those Regions. This is necessary to record any AWS STS API calls that are made in those Regions.
Below are the cmdlets which are available with AWS Security Token Service (STS)
CmdletName | ServiceOperation |
Convert-STSAuthorizationMessage | DecodeAuthorizationMessage |
Get-STSAccessKeyInfo | GetAccessKeyInfo |
Get-STSCallerIdentity | GetCallerIdentity |
Get-STSFederationToken | GetFederationToken |
Get-STSSessionToken | GetSessionToken |
Use-STSRole | AssumeRole |
Use-STSRoleWithSAML | AssumeRoleWithSAML |
Use-STSWebIdentityRole | AssumeRoleWithWebIdentity |
You can also check other AWS Services, and each services cmdlets we are providing.