// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.

// Package sts provides the client and types for making API

// requests to AWS Security Token Service.

//

// The AWS Security Token Service (STS) is a web service that enables you to

// request temporary, limited-privilege credentials for AWS Identity and Access

// Management (IAM) users or for users that you authenticate (federated users).

// This guide provides descriptions of the STS API. For more detailed information

// about using this service, go to Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html).

//

// For information about setting up signatures and authorization through the

// API, go to Signing AWS API Requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html)

// in the AWS General Reference. For general information about the Query API,

// go to Making Query Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html)

// in Using IAM. For information about using security tokens with other AWS

// products, go to AWS Services That Work with IAM (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html)

// in the IAM User Guide.

//

// If you're new to AWS and need additional technical information about a specific

// AWS product, you can find the product's technical documentation at http://aws.amazon.com/documentation/

// (http://aws.amazon.com/documentation/).

//

// Endpoints

//

// By default, AWS Security Token Service (STS) is available as a global service,

// and all AWS STS requests go to a single endpoint at https://sts.amazonaws.com.

// Global requests map to the US East (N. Virginia) region. AWS recommends using

// Regional AWS STS endpoints instead of the global endpoint to reduce latency,

// build in redundancy, and increase session token validity. For more information,

// see Managing AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)

// in the IAM User Guide.

//

// Most AWS Regions are enabled for operations in all AWS services by default.

// Those Regions are automatically activated for use with AWS STS. Some Regions,

// such as Asia Pacific (Hong Kong), must be manually enabled. To learn more

// about enabling and disabling AWS Regions, see Managing AWS Regions (https://docs.aws.amazon.com/general/latest/gr/rande-manage.html)

// in the AWS General Reference. When you enable these AWS Regions, they are

// automatically activated for use with AWS STS. You cannot activate the STS

// endpoint for a Region that is disabled. Tokens that are valid in all AWS

// Regions are longer than tokens that are valid in Regions that are enabled

// by default. Changing this setting might affect existing systems where you

// temporarily store tokens. For more information, see Managing Global Endpoint

// Session Tokens (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html#sts-regions-manage-tokens)

// in the IAM User Guide.

//

// After you activate a Region for use with AWS STS, you can direct AWS STS

// API calls to that Region. AWS STS recommends that you provide both the Region

// and endpoint when you make calls to a Regional endpoint. You can provide

// the Region alone for manually enabled Regions, such as Asia Pacific (Hong

// Kong). In this case, the calls are directed to the STS Regional endpoint.

// However, if you provide the Region alone for Regions enabled by default,

// the calls are directed to the global endpoint of https://sts.amazonaws.com.

//

// To view the list of AWS STS endpoints and whether they are active by default,

// see Writing Code to Use AWS STS Regions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html#id_credentials_temp_enable-regions_writing_code)

// in the IAM User Guide.

//

// Recording API requests

//

// STS supports AWS CloudTrail, which is a service that records AWS calls for

// your AWS account and delivers log files to an Amazon S3 bucket. By using

// information collected by CloudTrail, you can determine what requests were

// successfully made to STS, who made the request, when it was made, and so

// on.

//

// If you activate AWS STS endpoints in Regions other than the default global

// endpoint, then you must also turn on CloudTrail logging in those Regions.

// This is necessary to record any AWS STS API calls that are made in those

// Regions. For more information, see Turning On CloudTrail in Additional Regions

// (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/aggregating_logs_regions_turn_on_ct.html)

// in the AWS CloudTrail User Guide.

//

// AWS Security Token Service (STS) is a global service with a single endpoint

// at https://sts.amazonaws.com. Calls to this endpoint are logged as calls

// to a global service. However, because this endpoint is physically located

// in the US East (N. Virginia) Region, your logs list us-east-1 as the event

// Region. CloudTrail does not write these logs to the US East (Ohio) Region

// unless you choose to include global service logs in that Region. CloudTrail

// writes calls to all Regional endpoints to their respective Regions. For example,

// calls to sts.us-east-2.amazonaws.com are published to the US East (Ohio)

// Region and calls to sts.eu-central-1.amazonaws.com are published to the EU

// (Frankfurt) Region.

//

// To learn more about CloudTrail, including how to turn it on and find your

// log files, see the AWS CloudTrail User Guide (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/what_is_cloud_trail_top_level.html).

//

// See https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15 for more information on this service.

//

// See sts package documentation for more information.

// https://docs.aws.amazon.com/sdk-for-go/api/service/sts/

//

// Using the Client

//

// To contact AWS Security Token Service with the SDK use the New function to create

// a new service client. With that client you can make API requests to the service.

// These clients are safe to use concurrently.

//

// See the SDK's documentation for more information on how to use the SDK.

// https://docs.aws.amazon.com/sdk-for-go/api/

//

// See aws.Config documentation for more information on configuring SDK clients.

// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config

//

// See the AWS Security Token Service client STS for more

// information on creating client for this service.

// https://docs.aws.amazon.com/sdk-for-go/api/service/sts/#New

package sts