There are a couple of examples on the AWS SDK how to get the credentials, e.g.:
But when I run these snippets I cannot import AWSSecurityTokenServiceClientBuilder:
// note that the AWS SDK is pretty brittle across versions.
import $ivy.`com.amazonaws:aws-java-sdk:1.7.4`
import $ivy.`org.apache.hadoop:hadoop-aws:2.7.3`
import com.amazonaws.auth.profile.ProfileCredentialsProvider
import com.amazonaws.services.securitytoken.model.AssumeRoleRequest
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder
var clientRegion = "*** Client region ***";
var roleARN = "*** ARN for role to be assumed ***";
var roleSessionName = "*** Role session name ***";
var stsClient = AWSSecurityTokenServiceClientBuilder.standard()
.withCredentials(new ProfileCredentialsProvider())
.withRegion(clientRegion)
.build()
var roleRequest = new AssumeRoleRequest()
.withRoleArn(roleARN)
.withRoleSessionName(roleSessionName)
var roleResponse = stsClient.assumeRole(roleRequest)
var sessionCredentials = roleResponse.getCredentials()
import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder
^cmd16.sc:13: not found: value AWSSecurityTokenServiceClientBuilder
var stsClient = AWSSecurityTokenServiceClientBuilder.standard()
^Compilation Failed
Compilation Failed
AFAICS, this class is not part of the AWS Java SDK until version 1.11.0.
You have to instantiate the AWSSecurityTokenServiceClient class yourself instead, without using the builder.
Call this constructor:
val stsClient = new AWSSecurityTokenServiceClient(new ProfileCredentialsProvider())
stsClient.setRegion(clientRegion)