CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/maven-com-amazonaws--aws-java-sdk-sts

Java client library for Amazon Web Services Security Token Service (AWS STS) enabling temporary security credentials and federated user access

Pending
Overview
Eval results
Files

client-management.mddocs/

Client Management

Core client creation, configuration, and lifecycle management functionality for AWS STS SDK. This includes synchronous and asynchronous client builders, endpoint configuration, region settings, and proper resource cleanup.

Capabilities

Synchronous Client Builder

Creates and configures synchronous STS clients using the builder pattern.

/**
 * Builder for creating synchronous STS clients
 */
public class AWSSecurityTokenServiceClientBuilder 
    extends AwsClientBuilder<AWSSecurityTokenServiceClientBuilder, AWSSecurityTokenService> {
    
    /**
     * Create a new builder instance with default configuration
     * @return Builder instance for method chaining
     */
    public static AWSSecurityTokenServiceClientBuilder standard();
    
    /**
     * Create a client with default configuration  
     * @return Configured AWSSecurityTokenService client
     */
    public static AWSSecurityTokenService defaultClient();
}

Usage Examples:

import com.amazonaws.services.securitytoken.AWSSecurityTokenService;
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder;
import com.amazonaws.regions.Regions;

// Create with default configuration
AWSSecurityTokenService stsClient = AWSSecurityTokenServiceClientBuilder.defaultClient();

// Create with custom configuration
AWSSecurityTokenService customClient = AWSSecurityTokenServiceClientBuilder.standard()
    .withRegion(Regions.US_WEST_2)
    .withCredentials(new DefaultAWSCredentialsProviderChain())
    .build();

// Create with custom endpoint
AWSSecurityTokenService regionalClient = AWSSecurityTokenServiceClientBuilder.standard()
    .withEndpointConfiguration(new EndpointConfiguration(
        "https://sts.us-west-2.amazonaws.com", 
        "us-west-2"
    ))
    .build();

Asynchronous Client Builder

Creates and configures asynchronous STS clients for non-blocking operations.

/**
 * Builder for creating asynchronous STS clients
 */
public class AWSSecurityTokenServiceAsyncClientBuilder 
    extends AwsAsyncClientBuilder<AWSSecurityTokenServiceAsyncClientBuilder, AWSSecurityTokenServiceAsync> {
    
    /**
     * Create a new async builder instance with default configuration
     * @return Async builder instance for method chaining
     */
    public static AWSSecurityTokenServiceAsyncClientBuilder standard();
    
    /**
     * Create an async client with default configuration
     * @return Configured AWSSecurityTokenServiceAsync client
     */
    public static AWSSecurityTokenServiceAsync defaultClient();
}

Usage Examples:

import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceAsync;
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceAsyncClientBuilder;
import java.util.concurrent.Future;

// Create async client with default configuration
AWSSecurityTokenServiceAsync asyncClient = AWSSecurityTokenServiceAsyncClientBuilder.defaultClient();

// Create with custom thread pool and configuration
AWSSecurityTokenServiceAsync customAsyncClient = AWSSecurityTokenServiceAsyncClientBuilder.standard()
    .withRegion(Regions.EU_WEST_1)
    .withExecutorFactory(() -> Executors.newFixedThreadPool(10))
    .build();

// Use async client
Future<GetCallerIdentityResult> future = asyncClient.getCallerIdentityAsync(
    new GetCallerIdentityRequest()
);
GetCallerIdentityResult result = future.get();

Client Configuration

Core client interface methods for endpoint configuration and resource management.

/**
 * Main interface for accessing AWS STS
 */
public interface AWSSecurityTokenService {
    
    /**
     * Overrides the default endpoint for this client
     * @param endpoint The endpoint or full URL for AWS STS
     * @deprecated Use AwsClientBuilder.setEndpointConfiguration instead
     */
    @Deprecated
    void setEndpoint(String endpoint);
    
    /**
     * Sets the regional endpoint for this client's service calls
     * @param region The region this client will communicate with
     * @deprecated Use AwsClientBuilder.setRegion instead
     */
    @Deprecated
    void setRegion(Region region);
    
    /**
     * Shuts down this client object, releasing any resources that might be held open
     * This is an optional method, but recommended for explicit resource cleanup
     */
    void shutdown();
    
    /**
     * Returns additional metadata for a previously executed successful request
     * @param request The originally executed request
     * @return The response metadata for the specified request, or null if none available
     */
    ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request);
    
    /**
     * The region metadata service name for computing region endpoints
     */
    String ENDPOINT_PREFIX = "sts";
}

Usage Examples:

import com.amazonaws.services.securitytoken.AWSSecurityTokenService;
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder;
import com.amazonaws.regions.Regions;

// Create client
AWSSecurityTokenService stsClient = AWSSecurityTokenServiceClientBuilder.standard()
    .withRegion(Regions.US_EAST_1)
    .build();

try {
    // Use client for operations
    GetCallerIdentityResult result = stsClient.getCallerIdentity(new GetCallerIdentityRequest());
    
    // Get response metadata for debugging
    ResponseMetadata metadata = stsClient.getCachedResponseMetadata(new GetCallerIdentityRequest());
    if (metadata != null) {
        System.out.println("Request ID: " + metadata.getRequestId());
    }
    
} finally {
    // Always shutdown client to release resources
    stsClient.shutdown();
}

Thread Safety and Best Practices

All AWS STS clients are thread-safe and can be shared across multiple threads. It's recommended to:

  1. Reuse clients: Create one client instance and reuse it across your application
  2. Proper shutdown: Always call shutdown() when done with a client
  3. Regional clients: Create separate clients for different AWS regions
  4. Connection pooling: Clients automatically manage HTTP connection pooling
  5. Credential management: Use credential providers rather than hard-coding credentials

Best Practice Example:

@Component
public class STSService {
    private final AWSSecurityTokenService stsClient;
    
    public STSService() {
        this.stsClient = AWSSecurityTokenServiceClientBuilder.standard()
            .withRegion(Regions.US_EAST_1)
            .withCredentials(new DefaultAWSCredentialsProviderChain())
            .build();
    }
    
    public GetCallerIdentityResult getCallerIdentity() {
        return stsClient.getCallerIdentity(new GetCallerIdentityRequest());
    }
    
    @PreDestroy
    public void shutdown() {
        if (stsClient != null) {
            stsClient.shutdown();
        }
    }
}

Install with Tessl CLI

npx tessl i tessl/maven-com-amazonaws--aws-java-sdk-sts

docs

client-management.md

federation.md

index.md

role-assumption.md

session-tokens.md

utilities.md

tile.json