| // Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. |
| |
| package sts |
| |
| const ( |
| |
| // ErrCodeExpiredTokenException for service response error code |
| // "ExpiredTokenException". |
| // |
| // The web identity token that was passed is expired or is not valid. Get a |
| // new identity token from the identity provider and then retry the request. |
| ErrCodeExpiredTokenException = "ExpiredTokenException" |
| |
| // ErrCodeIDPCommunicationErrorException for service response error code |
| // "IDPCommunicationError". |
| // |
| // The request could not be fulfilled because the non-AWS identity provider |
| // (IDP) that was asked to verify the incoming identity token could not be reached. |
| // This is often a transient error caused by network conditions. Retry the request |
| // a limited number of times so that you don't exceed the request rate. If the |
| // error persists, the non-AWS identity provider might be down or not responding. |
| ErrCodeIDPCommunicationErrorException = "IDPCommunicationError" |
| |
| // ErrCodeIDPRejectedClaimException for service response error code |
| // "IDPRejectedClaim". |
| // |
| // The identity provider (IdP) reported that authentication failed. This might |
| // be because the claim is invalid. |
| // |
| // If this error is returned for the AssumeRoleWithWebIdentity operation, it |
| // can also mean that the claim has expired or has been explicitly revoked. |
| ErrCodeIDPRejectedClaimException = "IDPRejectedClaim" |
| |
| // ErrCodeInvalidAuthorizationMessageException for service response error code |
| // "InvalidAuthorizationMessageException". |
| // |
| // The error returned if the message passed to DecodeAuthorizationMessage was |
| // invalid. This can happen if the token contains invalid characters, such as |
| // linebreaks. |
| ErrCodeInvalidAuthorizationMessageException = "InvalidAuthorizationMessageException" |
| |
| // ErrCodeInvalidIdentityTokenException for service response error code |
| // "InvalidIdentityToken". |
| // |
| // The web identity token that was passed could not be validated by AWS. Get |
| // a new identity token from the identity provider and then retry the request. |
| ErrCodeInvalidIdentityTokenException = "InvalidIdentityToken" |
| |
| // ErrCodeMalformedPolicyDocumentException for service response error code |
| // "MalformedPolicyDocument". |
| // |
| // The request was rejected because the policy document was malformed. The error |
| // message describes the specific error. |
| ErrCodeMalformedPolicyDocumentException = "MalformedPolicyDocument" |
| |
| // ErrCodePackedPolicyTooLargeException for service response error code |
| // "PackedPolicyTooLarge". |
| // |
| // The request was rejected because the policy document was too large. The error |
| // message describes how big the policy document is, in packed form, as a percentage |
| // of what the API allows. |
| ErrCodePackedPolicyTooLargeException = "PackedPolicyTooLarge" |
| |
| // ErrCodeRegionDisabledException for service response error code |
| // "RegionDisabledException". |
| // |
| // STS is not activated in the requested region for the account that is being |
| // asked to generate credentials. The account administrator must use the IAM |
| // console to activate STS in that region. For more information, see Activating |
| // and Deactivating AWS STS in an AWS Region (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) |
| // in the IAM User Guide. |
| ErrCodeRegionDisabledException = "RegionDisabledException" |
| ) |