# AWS Security Token Service (STS)

**AWS Security Token Service (STS)** requests and manages temporary security credentials for AWS services.

## **Parameters**

Take a look at the configuration parameters for the connector. Parameters supported by [Double Braces expressions](https://docs.digibee.com/documentation/connectors-and-triggers/double-braces/overview) are marked with `(DB)`.

### **General tab**

<table data-full-width="true"><thead><tr><th>Parameter</th><th>Description</th><th>Default value</th><th>Data type</th></tr></thead><tbody><tr><td><strong>Account</strong></td><td>Account to be used. It must be an <strong>AWS V4</strong> account type.</td><td>N/A</td><td>String</td></tr><tr><td><strong>Label</strong></td><td>Identifier of the operation. Spaces are not allowed.</td><td>N/A</td><td>String</td></tr><tr><td><strong>Operation</strong></td><td>The operation to perform. The options are: <strong>assumeRole</strong>, <strong>getFederationToken</strong>, and <strong>getSessionToken</strong>.</td><td>assumeRole</td><td>String</td></tr><tr><td><strong>Role ARN</strong> <code>(DB)</code></td><td>The Amazon Resource Name (ARN) of the role to assume. This option is only available if the <strong>assumeRole</strong> operation is selected.</td><td>N/A</td><td>String</td></tr><tr><td><strong>Role Session Name</strong> <code>(DB)</code></td><td>A name that identifies the assumed role session. This option is only available if the <strong>assumeRole</strong> operation is selected.</td><td>N/A</td><td>String</td></tr><tr><td><strong>Federated Name</strong> <code>(DB)</code></td><td>The name of the federated user. This option is only available if the <strong>getFederationToken</strong> operation is selected.</td><td>N/A</td><td>String</td></tr><tr><td><strong>Fail On Error</strong></td><td>If the option is activated, the pipeline's execution with an error will be interrupted. Otherwise, the pipeline execution proceeds, but the result will show a false value for the "success" property.</td><td>False</td><td>Boolean</td></tr></tbody></table>

### **Advanced tab**

<table data-full-width="true"><thead><tr><th>Parameter</th><th>Description</th><th>Default value</th><th>Data type</th></tr></thead><tbody><tr><td><strong>Region</strong></td><td>The region in which the STS client must operate.</td><td>AWS Global</td><td>String</td></tr></tbody></table>

### **Documentation tab**

<table data-full-width="true"><thead><tr><th>Parameter</th><th>Description</th><th>Default value</th><th>Data type</th></tr></thead><tbody><tr><td><strong>Documentation</strong></td><td>Section for documenting any necessary information about the connector configuration and business rules.</td><td>N/A</td><td>String</td></tr></tbody></table>

{% hint style="info" %}
If the execution is successful, the output of the execution should have at least a property `"success": true`
{% endhint %}

## **Parameters additional information**

### **Operation**

Learn more about how the operations work:

* **assumeRole:** this operation provides temporary security credentials (access key ID, secret access key, and security token) for a user to assume a specified role that can be used for AWS requests.
* **getFederationToken:** this operation provides temporary security credentials for federated users who need access to AWS resources.
* **getSessionToken:** this operation provides a temporary session token for an AWS account or IAM user.