assume-role-with-web-identity

The aws sts assume-role-with-web-identity command is used to request temporary security credentials for users authenticated through a web or mobile application or using a web identity provider like Amazon Cognito. This command is essential for creating temporary access and managing permissions for these users.

Syntax

aws sts assume-role-with-web-identity \
  --role-arn ROLE_ARN \
  --role-session-name SESSION_NAME \
  --web-identity-token WEB_IDENTITY_TOKEN

Options

• --role-arn: Specifies the Amazon Resource Name (ARN) of the role to assume.
• --role-session-name: Sets a name for the session.
• --web-identity-token: The web identity token for the provider.

See also the original AWS documentation.