<?xml version="1.0"?>
<wsdl:definitions
  targetNamespace="https://sts.amazonaws.com/doc/2011-06-15/"
  xmlns:tns="https://sts.amazonaws.com/doc/2011-06-15/"
  xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
  xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
  xmlns:wsa="http://www.w3.org/2005/08/addressing/"
  xmlns:xs="http://www.w3.org/2001/XMLSchema">

  <wsdl:types>

    <xs:schema
      targetNamespace="https://sts.amazonaws.com/doc/2011-06-15/"
      elementFormDefault="qualified">

      <xs:element name="ResponseMetadata">
        <xs:complexType>
          <xs:sequence>
            <xs:element name="RequestId" type="xs:string"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="Error">
        <xs:complexType>
          <xs:sequence>
            <xs:element name="Type">
              <xs:simpleType>
                <xs:restriction base="xs:string">
                  <xs:enumeration value="Receiver"/>
                  <xs:enumeration value="Sender"/>
                </xs:restriction>
              </xs:simpleType>
            </xs:element>
            <xs:element name="Code" type="xs:string"/>
            <xs:element name="Message" type="xs:string"/>
            <xs:element name="Detail">
              <xs:complexType>
                <xs:sequence>
                  <xs:any maxOccurs="unbounded" minOccurs="0" namespace="##any" processContents="lax"/>
                </xs:sequence>
                <xs:anyAttribute namespace="##other" processContents="lax"/>
              </xs:complexType>
            </xs:element>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="ErrorResponse">
        <xs:complexType>
          <xs:sequence>
            <xs:element ref="tns:Error" maxOccurs="unbounded"/>
            <xs:element name="RequestId" type="xs:string"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="AssumeRoleWithWebIdentity">
        <xs:complexType>
          <xs:sequence>
            <xs:element name="RoleArn" type="tns:arnType"/>
            <xs:element name="RoleSessionName" type="tns:roleSessionNameType"/>
            <xs:element name="WebIdentityToken" type="tns:clientTokenType"/>
            <xs:element name="ProviderId" type="tns:urlType" minOccurs="0"/>
            <xs:element name="Policy" type="tns:sessionPolicyDocumentType" minOccurs="0"/>
            <xs:element name="DurationSeconds" type="tns:roleDurationSecondsType" minOccurs="0"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="AssumeRoleWithWebIdentityResponse">
        <xs:complexType>
          <xs:sequence>
            <xs:element ref="tns:AssumeRoleWithWebIdentityResult"/>
            <xs:element ref="tns:ResponseMetadata" minOccurs="1"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="AssumeRoleWithWebIdentityResult">
        <xs:complexType>
          <xs:sequence>
            <xs:element name="Credentials" type="tns:Credentials" minOccurs="0"/>
            <xs:element name="SubjectFromWebIdentityToken" type="tns:webIdentitySubjectType" minOccurs="0"/>
            <xs:element name="AssumedRoleUser" type="tns:AssumedRoleUser" minOccurs="0"/>
            <xs:element name="PackedPolicySize" type="tns:nonNegativeIntegerType" minOccurs="0"/>
            <xs:element name="Provider" type="xs:string" minOccurs="0"/>
            <xs:element name="Audience" type="xs:string" minOccurs="0"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="GetCallerIdentity">
        <xs:complexType>
          <xs:sequence>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="GetCallerIdentityResponse">
        <xs:complexType>
          <xs:sequence>
            <xs:element ref="tns:GetCallerIdentityResult"/>
            <xs:element ref="tns:ResponseMetadata" minOccurs="1"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="GetCallerIdentityResult">
        <xs:complexType>
          <xs:sequence>
            <xs:element name="UserId" type="xs:string" minOccurs="0"/>
            <xs:element name="Account" type="xs:string" minOccurs="0"/>
            <xs:element name="Arn" type="tns:arnType" minOccurs="0"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="DecodeAuthorizationMessage">
        <xs:complexType>
          <xs:sequence>
            <xs:element name="EncodedMessage" type="tns:encodedMessageType"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="DecodeAuthorizationMessageResponse">
        <xs:complexType>
          <xs:sequence>
            <xs:element ref="tns:DecodeAuthorizationMessageResult"/>
            <xs:element ref="tns:ResponseMetadata" minOccurs="1"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="DecodeAuthorizationMessageResult">
        <xs:complexType>
          <xs:sequence>
            <xs:element name="DecodedMessage" type="xs:string" minOccurs="0"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="GetSessionToken">
        <xs:complexType>
          <xs:sequence>
            <xs:element name="DurationSeconds" type="tns:durationSecondsType" minOccurs="0"/>
            <xs:element name="SerialNumber" type="tns:serialNumberType" minOccurs="0"/>
            <xs:element name="TokenCode" type="tns:tokenCodeType" minOccurs="0"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="GetSessionTokenResponse">
        <xs:complexType>
          <xs:sequence>
            <xs:element ref="tns:GetSessionTokenResult"/>
            <xs:element ref="tns:ResponseMetadata" minOccurs="1"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="GetSessionTokenResult">
        <xs:complexType>
          <xs:sequence>
            <xs:element name="Credentials" type="tns:Credentials" minOccurs="0"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="AssumeRole">
        <xs:complexType>
          <xs:sequence>
            <xs:element name="RoleArn" type="tns:arnType"/>
            <xs:element name="RoleSessionName" type="tns:roleSessionNameType"/>
            <xs:element name="Policy" type="tns:sessionPolicyDocumentType" minOccurs="0"/>
            <xs:element name="DurationSeconds" type="tns:roleDurationSecondsType" minOccurs="0"/>
            <xs:element name="ExternalId" type="tns:externalIdType" minOccurs="0"/>
            <xs:element name="SerialNumber" type="tns:serialNumberType" minOccurs="0"/>
            <xs:element name="TokenCode" type="tns:tokenCodeType" minOccurs="0"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="AssumeRoleResponse">
        <xs:complexType>
          <xs:sequence>
            <xs:element ref="tns:AssumeRoleResult"/>
            <xs:element ref="tns:ResponseMetadata" minOccurs="1"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="AssumeRoleResult">
        <xs:complexType>
          <xs:sequence>
            <xs:element name="Credentials" type="tns:Credentials" minOccurs="0"/>
            <xs:element name="AssumedRoleUser" type="tns:AssumedRoleUser" minOccurs="0"/>
            <xs:element name="PackedPolicySize" type="tns:nonNegativeIntegerType" minOccurs="0"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="GetFederationToken">
        <xs:complexType>
          <xs:sequence>
            <xs:element name="Name" type="tns:userNameType"/>
            <xs:element name="Policy" type="tns:sessionPolicyDocumentType" minOccurs="0"/>
            <xs:element name="DurationSeconds" type="tns:durationSecondsType" minOccurs="0"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="GetFederationTokenResponse">
        <xs:complexType>
          <xs:sequence>
            <xs:element ref="tns:GetFederationTokenResult"/>
            <xs:element ref="tns:ResponseMetadata" minOccurs="1"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="GetFederationTokenResult">
        <xs:complexType>
          <xs:sequence>
            <xs:element name="Credentials" type="tns:Credentials" minOccurs="0"/>
            <xs:element name="FederatedUser" type="tns:FederatedUser" minOccurs="0"/>
            <xs:element name="PackedPolicySize" type="tns:nonNegativeIntegerType" minOccurs="0"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="AssumeRoleWithSAML">
        <xs:complexType>
          <xs:sequence>
            <xs:element name="RoleArn" type="tns:arnType"/>
            <xs:element name="PrincipalArn" type="tns:arnType"/>
            <xs:element name="SAMLAssertion" type="tns:SAMLAssertionType"/>
            <xs:element name="Policy" type="tns:sessionPolicyDocumentType" minOccurs="0"/>
            <xs:element name="DurationSeconds" type="tns:roleDurationSecondsType" minOccurs="0"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="AssumeRoleWithSAMLResponse">
        <xs:complexType>
          <xs:sequence>
            <xs:element ref="tns:AssumeRoleWithSAMLResult"/>
            <xs:element ref="tns:ResponseMetadata" minOccurs="1"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:element name="AssumeRoleWithSAMLResult">
        <xs:complexType>
          <xs:sequence>
            <xs:element name="Credentials" type="tns:Credentials" minOccurs="0"/>
            <xs:element name="AssumedRoleUser" type="tns:AssumedRoleUser" minOccurs="0"/>
            <xs:element name="PackedPolicySize" type="tns:nonNegativeIntegerType" minOccurs="0"/>
            <xs:element name="Subject" type="xs:string" minOccurs="0"/>
            <xs:element name="SubjectType" type="xs:string" minOccurs="0"/>
            <xs:element name="Issuer" type="xs:string" minOccurs="0"/>
            <xs:element name="Audience" type="xs:string" minOccurs="0"/>
            <xs:element name="NameQualifier" type="xs:string" minOccurs="0"/>
          </xs:sequence>
        </xs:complexType>
      </xs:element>

      <xs:complexType name="Credentials">
        <xs:sequence>
            <xs:element name="AccessKeyId" type="tns:accessKeyIdType"/>
            <xs:element name="SecretAccessKey" type="xs:string"/>
            <xs:element name="SessionToken" type="xs:string"/>
            <xs:element name="Expiration" type="xs:dateTime"/>
        </xs:sequence>
      </xs:complexType>

      <xs:simpleType name="roleSessionNameType">
        <xs:restriction base="xs:string">
          <xs:pattern value="[\w+=,.@-]*"/>
          <xs:minLength value="2"/>
          <xs:maxLength value="64"/>
        </xs:restriction>
      </xs:simpleType>

      <xs:simpleType name="userNameType">
        <xs:restriction base="xs:string">
          <xs:pattern value="[\w+=,.@-]*"/>
          <xs:minLength value="2"/>
          <xs:maxLength value="32"/>
        </xs:restriction>
      </xs:simpleType>

      <xs:simpleType name="sessionPolicyDocumentType">
        <xs:restriction base="xs:string">
          <xs:pattern value="[\u0009\u000A\u000D\u0020-\u00FF]+"/>
          <xs:minLength value="1"/>
          <xs:maxLength value="2048"/>
        </xs:restriction>
      </xs:simpleType>

      <xs:simpleType name="assumedRoleIdType">
        <xs:restriction base="xs:string">
          <xs:pattern value="[\w+=,.@:-]*"/>
          <xs:minLength value="2"/>
          <xs:maxLength value="96"/>
        </xs:restriction>
      </xs:simpleType>

      <xs:simpleType name="urlType">
        <xs:restriction base="xs:string">
          <xs:minLength value="4"/>
          <xs:maxLength value="2048"/>
        </xs:restriction>
      </xs:simpleType>

      <xs:simpleType name="federatedIdType">
        <xs:restriction base="xs:string">
          <xs:pattern value="[\w+=,.@\:-]*"/>
          <xs:minLength value="2"/>
          <xs:maxLength value="96"/>
        </xs:restriction>
      </xs:simpleType>

      <xs:simpleType name="encodedMessageType">
        <xs:restriction base="xs:string">
          <xs:minLength value="1"/>
          <xs:maxLength value="10240"/>
        </xs:restriction>
      </xs:simpleType>

      <xs:simpleType name="arnType">
        <xs:restriction base="xs:string">
          <xs:pattern value="[\u0009\u000A\u000D\u0020-\u007E\u0085\u00A0-\uD7FF\uE000-\uFFFD\u10000-\u10FFFF]+"/>
          <xs:minLength value="20"/>
          <xs:maxLength value="2048"/>
        </xs:restriction>
      </xs:simpleType>

      <xs:simpleType name="accessKeyIdType">
        <xs:restriction base="xs:string">
          <xs:pattern value="[\w]*"/>
          <xs:minLength value="16"/>
          <xs:maxLength value="32"/>
        </xs:restriction>
      </xs:simpleType>

      <xs:complexType name="FederatedUser">
        <xs:sequence>
            <xs:element name="FederatedUserId" type="tns:federatedIdType"/>
            <xs:element name="Arn" type="tns:arnType"/>
        </xs:sequence>
      </xs:complexType>

      <xs:simpleType name="durationSecondsType">
        <xs:restriction base="xs:integer">
        </xs:restriction>
      </xs:simpleType>

      <xs:simpleType name="tokenCodeType">
        <xs:restriction base="xs:string">
          <xs:pattern value="[\d]*"/>
          <xs:length value="6"/>
        </xs:restriction>
      </xs:simpleType>

      <xs:simpleType name="SAMLAssertionType">
        <xs:restriction base="xs:string">
          <xs:minLength value="4"/>
          <xs:maxLength value="50000"/>
        </xs:restriction>
      </xs:simpleType>

      <xs:simpleType name="roleDurationSecondsType">
        <xs:restriction base="xs:integer">
        </xs:restriction>
      </xs:simpleType>

      <xs:simpleType name="webIdentitySubjectType">
        <xs:restriction base="xs:string">
          <xs:minLength value="6"/>
          <xs:maxLength value="255"/>
        </xs:restriction>
      </xs:simpleType>

      <xs:simpleType name="clientTokenType">
        <xs:restriction base="xs:string">
          <xs:minLength value="4"/>
          <xs:maxLength value="2048"/>
        </xs:restriction>
      </xs:simpleType>

      <xs:simpleType name="externalIdType">
        <xs:restriction base="xs:string">
          <xs:pattern value="[\w+=,.@:\/-]*"/>
          <xs:minLength value="2"/>
          <xs:maxLength value="1224"/>
        </xs:restriction>
      </xs:simpleType>

      <xs:simpleType name="nonNegativeIntegerType">
        <xs:restriction base="xs:integer">
        </xs:restriction>
      </xs:simpleType>

      <xs:complexType name="AssumedRoleUser">
        <xs:sequence>
            <xs:element name="AssumedRoleId" type="tns:assumedRoleIdType"/>
            <xs:element name="Arn" type="tns:arnType"/>
        </xs:sequence>
      </xs:complexType>

      <xs:simpleType name="serialNumberType">
        <xs:restriction base="xs:string">
          <xs:pattern value="[\w+=/:,.@-]*"/>
          <xs:minLength value="9"/>
          <xs:maxLength value="256"/>
        </xs:restriction>
      </xs:simpleType>

    </xs:schema>

  </wsdl:types>

  <wsdl:message name="AssumeRoleWithWebIdentityRequestMsg">
    <wsdl:part element="tns:AssumeRoleWithWebIdentity" name="body"/>
  </wsdl:message>

  <wsdl:message name="AssumeRoleWithWebIdentityResponseMsg">
    <wsdl:part element="tns:AssumeRoleWithWebIdentityResponse" name="body"/>
  </wsdl:message>

  <wsdl:message name="GetCallerIdentityRequestMsg">
    <wsdl:part element="tns:GetCallerIdentity" name="body"/>
  </wsdl:message>

  <wsdl:message name="GetCallerIdentityResponseMsg">
    <wsdl:part element="tns:GetCallerIdentityResponse" name="body"/>
  </wsdl:message>

  <wsdl:message name="DecodeAuthorizationMessageRequestMsg">
    <wsdl:part element="tns:DecodeAuthorizationMessage" name="body"/>
  </wsdl:message>

  <wsdl:message name="DecodeAuthorizationMessageResponseMsg">
    <wsdl:part element="tns:DecodeAuthorizationMessageResponse" name="body"/>
  </wsdl:message>

  <wsdl:message name="GetSessionTokenRequestMsg">
    <wsdl:part element="tns:GetSessionToken" name="body"/>
  </wsdl:message>

  <wsdl:message name="GetSessionTokenResponseMsg">
    <wsdl:part element="tns:GetSessionTokenResponse" name="body"/>
  </wsdl:message>

  <wsdl:message name="AssumeRoleRequestMsg">
    <wsdl:part element="tns:AssumeRole" name="body"/>
  </wsdl:message>

  <wsdl:message name="AssumeRoleResponseMsg">
    <wsdl:part element="tns:AssumeRoleResponse" name="body"/>
  </wsdl:message>

  <wsdl:message name="GetFederationTokenRequestMsg">
    <wsdl:part element="tns:GetFederationToken" name="body"/>
  </wsdl:message>

  <wsdl:message name="GetFederationTokenResponseMsg">
    <wsdl:part element="tns:GetFederationTokenResponse" name="body"/>
  </wsdl:message>

  <wsdl:message name="AssumeRoleWithSAMLRequestMsg">
    <wsdl:part element="tns:AssumeRoleWithSAML" name="body"/>
  </wsdl:message>

  <wsdl:message name="AssumeRoleWithSAMLResponseMsg">
    <wsdl:part element="tns:AssumeRoleWithSAMLResponse" name="body"/>
  </wsdl:message>

  <wsdl:portType name="AWSSecurityTokenServiceV20110615PortType">

    <wsdl:operation name="AssumeRoleWithWebIdentity">
      <wsdl:input message="tns:AssumeRoleWithWebIdentityRequestMsg" wsa:Action="urn:AssumeRoleWithWebIdentity"/>
      <wsdl:output message="tns:AssumeRoleWithWebIdentityResponseMsg" wsa:Action="urn:AssumeRoleWithWebIdentity:Response"/>
    </wsdl:operation>

    <wsdl:operation name="GetCallerIdentity">
      <wsdl:input message="tns:GetCallerIdentityRequestMsg" wsa:Action="urn:GetCallerIdentity"/>
      <wsdl:output message="tns:GetCallerIdentityResponseMsg" wsa:Action="urn:GetCallerIdentity:Response"/>
    </wsdl:operation>

    <wsdl:operation name="DecodeAuthorizationMessage">
      <wsdl:input message="tns:DecodeAuthorizationMessageRequestMsg" wsa:Action="urn:DecodeAuthorizationMessage"/>
      <wsdl:output message="tns:DecodeAuthorizationMessageResponseMsg" wsa:Action="urn:DecodeAuthorizationMessage:Response"/>
    </wsdl:operation>

    <wsdl:operation name="GetSessionToken">
      <wsdl:input message="tns:GetSessionTokenRequestMsg" wsa:Action="urn:GetSessionToken"/>
      <wsdl:output message="tns:GetSessionTokenResponseMsg" wsa:Action="urn:GetSessionToken:Response"/>
    </wsdl:operation>

    <wsdl:operation name="AssumeRole">
      <wsdl:input message="tns:AssumeRoleRequestMsg" wsa:Action="urn:AssumeRole"/>
      <wsdl:output message="tns:AssumeRoleResponseMsg" wsa:Action="urn:AssumeRole:Response"/>
    </wsdl:operation>

    <wsdl:operation name="GetFederationToken">
      <wsdl:input message="tns:GetFederationTokenRequestMsg" wsa:Action="urn:GetFederationToken"/>
      <wsdl:output message="tns:GetFederationTokenResponseMsg" wsa:Action="urn:GetFederationToken:Response"/>
    </wsdl:operation>

    <wsdl:operation name="AssumeRoleWithSAML">
      <wsdl:input message="tns:AssumeRoleWithSAMLRequestMsg" wsa:Action="urn:AssumeRoleWithSAML"/>
      <wsdl:output message="tns:AssumeRoleWithSAMLResponseMsg" wsa:Action="urn:AssumeRoleWithSAML:Response"/>
    </wsdl:operation>

  </wsdl:portType>

  <wsdl:binding name="AWSSecurityTokenServiceV20110615Binding" type="tns:AWSSecurityTokenServiceV20110615PortType">

    <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>

    <wsdl:operation name="AssumeRoleWithWebIdentity">
      <soap:operation soapAction="AssumeRoleWithWebIdentity"/>
      <wsdl:input><soap:body use="literal"/></wsdl:input>
      <wsdl:output><soap:body use="literal"/></wsdl:output>
    </wsdl:operation>

    <wsdl:operation name="GetCallerIdentity">
      <soap:operation soapAction="GetCallerIdentity"/>
      <wsdl:input><soap:body use="literal"/></wsdl:input>
      <wsdl:output><soap:body use="literal"/></wsdl:output>
    </wsdl:operation>

    <wsdl:operation name="DecodeAuthorizationMessage">
      <soap:operation soapAction="DecodeAuthorizationMessage"/>
      <wsdl:input><soap:body use="literal"/></wsdl:input>
      <wsdl:output><soap:body use="literal"/></wsdl:output>
    </wsdl:operation>

    <wsdl:operation name="GetSessionToken">
      <soap:operation soapAction="GetSessionToken"/>
      <wsdl:input><soap:body use="literal"/></wsdl:input>
      <wsdl:output><soap:body use="literal"/></wsdl:output>
    </wsdl:operation>

    <wsdl:operation name="AssumeRole">
      <soap:operation soapAction="AssumeRole"/>
      <wsdl:input><soap:body use="literal"/></wsdl:input>
      <wsdl:output><soap:body use="literal"/></wsdl:output>
    </wsdl:operation>

    <wsdl:operation name="GetFederationToken">
      <soap:operation soapAction="GetFederationToken"/>
      <wsdl:input><soap:body use="literal"/></wsdl:input>
      <wsdl:output><soap:body use="literal"/></wsdl:output>
    </wsdl:operation>

    <wsdl:operation name="AssumeRoleWithSAML">
      <soap:operation soapAction="AssumeRoleWithSAML"/>
      <wsdl:input><soap:body use="literal"/></wsdl:input>
      <wsdl:output><soap:body use="literal"/></wsdl:output>
    </wsdl:operation>

  </wsdl:binding>

  <wsdl:service name="AWSSecurityTokenServiceV20110615">
    <wsdl:port name="AWSSecurityTokenServiceV20110615Port" binding="tns:AWSSecurityTokenServiceV20110615Binding">
      <soap:address location="https://sts.amazonaws.com"/>
    </wsdl:port>
  </wsdl:service>

</wsdl:definitions>