* Before using STS SDK, read description on role management in the RAM Manual, and read the STS API Documentation
use Sts\Request\V20150401 as Sts;
// Currently, STS can only issue a Token for resources required for your operations in the East China 1 (Hangzhou) region, but the Token issued can be used in all regions
// Only sub-account can use the role
$iClientProfile = DefaultProfile::getProfile("cn-hangzhou", "<acccess-key-id>", "<access-key-secret>");
$client = new DefaultAcsClient($iClientProfile);
// You can obtain the role resource descriptor from the resource details page on RAM console
$roleArn = "<role-arn>";
// When assuming a role (AssumeRole), you can assign an authorization policy to further limit the role permission.
// For details, refer to the "RAM Use Guide"
// The authorization policy indicates the read-only permission on all OSS resources
$request = new Sts\AssumeRoleRequest();
// RoleSessionName indicates the session name of a temporary ID which is used to distinguish different temporary temporary IDs
// You can use your customer's ID as the session name
$response = $client->doAction($request);
Thank you! We've received your feedback.