hasAssumedRoleUser=> (is=>'ro',isa=>'Paws::STS::AssumedRoleUser');hasAudience=> (is=>'ro',isa=>'Str');hasCredentials=> (is=>'ro',isa=>'Paws::STS::Credentials');hasIssuer=> (is=>'ro',isa=>'Str');hasNameQualifier=> (is=>'ro',isa=>'Str');hasPackedPolicySize=> (is=>'ro',isa=>'Int');hasSourceIdentity=> (is=>'ro',isa=>'Str');hasSubject=> (is=>'ro',isa=>'Str');hasSubjectType=> (is=>'ro',isa=>'Str');has_request_id=> (is=>'ro',isa=>'Str');1;### main pod documentation begin ###=head1 NAMEPaws::STS::AssumeRoleWithSAMLResponse=head1 ATTRIBUTES=head2 AssumedRoleUser => L<Paws::STS::AssumedRoleUser>The identifiers for the temporary security credentials that theoperation returns.=head2 Audience => StrThe value of the C<Recipient> attribute of theC<SubjectConfirmationData> element of the SAML assertion.=head2 Credentials => L<Paws::STS::Credentials>The temporary security credentials, which include an access key ID, asecret access key, and a security (or session) token.The size of the security token that STS API operations return is notfixed. We strongly recommend that you make no assumptions about themaximum size.=head2 Issuer => StrThe value of the C<Issuer> element of the SAML assertion.=head2 NameQualifier => StrA hash value based on the concatenation of the following:=over=item *The C<Issuer> response value.=item *The AWS account ID.=item *The friendly name (the last part of the ARN) of the SAML provider inIAM.=backThe combination of C<NameQualifier> and C<Subject> can be used touniquely identify a federated user.The following pseudocode shows how the hash value is calculated:C<BASE64 ( SHA1 ( "https://example.com/saml" + "123456789012" +"/MySAMLIdP" ) )>=head2 PackedPolicySize => IntA percentage value that indicates the packed size of the sessionpolicies and session tags combined passed in the request. The requestfails if the packed size is greater than 100 percent, which means thepolicies and tags exceeded the allowed space.=head2 SourceIdentity => StrThe value in the C<SourceIdentity> attribute in the SAML assertion.You can require users to set a source identity value when they assume arole. You do this by using the C<sts:SourceIdentity> condition key in arole trust policy. That way, actions that are taken with the role areassociated with that user. After the source identity is set, the valuecannot be changed. It is present in the request for all actions thatare taken by the role and persists across chained role(https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts#iam-term-role-chaining)sessions. You can configure your SAML identity provider to use anattribute associated with your users, like user name or email, as thesource identity when calling C<AssumeRoleWithSAML>. You do this byadding an attribute to the SAML assertion. For more information aboutusing source identity, see Monitor and control actions taken withassumed rolesin the I<IAM User Guide>.The regex used to validate this parameter is a string of charactersconsisting of upper- and lower-case alphanumeric characters with nospaces. You can also include underscores or any of the followingcharacters: =,.@-=head2 Subject => StrThe value of the C<NameID> element in the C<Subject> element of theSAML assertion.=head2 SubjectType => StrThe format of the name ID, as defined by the C<Format> attribute in theC<NameID> element of the SAML assertion. Typical examples of the formatare C<transient> or C<persistent>.If the format includes the prefixC<urn:oasis:names:tc:SAML:2.0:nameid-format>, that prefix is removed.For example, C<urn:oasis:names:tc:SAML:2.0:nameid-format:transient> isreturned as C<transient>. If the format includes any other prefix, theformat is returned with no modifications.=head2 _request_id => Str=cut