STS

GetCallerIdentity, AssumeRole (and web-identity / SAML variants), GetSessionToken.

Query (Action parameter) multi-tenant 5 operations

Quick start

import boto3
sts = boto3.client("sts", endpoint_url="http://localhost:4566",
                   region_name="us-east-1",
                   aws_access_key_id="test", aws_secret_access_key="test")
print(sts.get_caller_identity())

Supported operations

5 operations exposed by this service as of MiniStack 1.3.14. Extracted directly from the handler dispatch in the source module.

AssumeRole AssumeRoleWithWebIdentity GetAccessKeyInfo GetCallerIdentity GetSessionToken

CloudFormation

No CloudFormation resource types map to this service yet. Resources can still be created via the SDK or CLI.

Known limitations

AssumeRole returns credentials without validating the target role's trust policy.

Source

ministack/services/sts.py:43-147

Read the source to verify the ops list above — dispatch tables and handler functions are the ground truth.

See also: all services · configuration · limitations.