aws-sdk-core 3.122.1 → 3.123.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 537c37ff87364e7db7df2b499b7e82544a3912b817b32d4b43ae81a32c511f7b
4
- data.tar.gz: 7deac3f2493760b46f54ae0f54022878641023f54566af10d56e270ea7590935
3
+ metadata.gz: 361f40271ca2518c380ab89eaaab1922d017b3c8a6d35b0492d92e234730b9d4
4
+ data.tar.gz: 1cc223ef8460881b2d94da8e1f10b4226fbab5419e91ac6c712ab701b0e62a4b
5
5
  SHA512:
6
- metadata.gz: 63aa35b1adf4d9f660f35af4f174922fe417b9f1124602d493d4fcc90c256e8ffb472489c606746f8c06f72f71c9faa33a8a1746d7496e1fc76a2a8d138a5b7e
7
- data.tar.gz: 113f6de79f057dd502327550b44566f52f291f1358817778dc915849c4838b29f9724f1cd4ad5f75b2df153675e058982b26a47ffbc585d008b280fb87744417
6
+ metadata.gz: 2696936a66a24fc8d5094d5787b0039e974d7a23ba7218d571bda19f090bc836344987121c8ab0d2fca91c7b9b84398a2715674eac9dbb1d6b8fc286ae9e494a
7
+ data.tar.gz: da67f89367288d43599d1f5b84bfe6a28c3d50da43d7afad5b6f8490744dacda575bd247a2f1642e2be6d6d32bda977e178ab6bf9a5d5dcb9a6ed25c348c53b9
data/CHANGELOG.md CHANGED
@@ -1,6 +1,11 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 3.123.0 (2021-11-23)
5
+ ------------------
6
+
7
+ * Feature - Updated Aws::STS::Client with the latest API changes.
8
+
4
9
  3.122.1 (2021-11-09)
5
10
  ------------------
6
11
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 3.122.1
1
+ 3.123.0
@@ -530,7 +530,7 @@ module Aws::SSO
530
530
  params: params,
531
531
  config: config)
532
532
  context[:gem_name] = 'aws-sdk-core'
533
- context[:gem_version] = '3.122.1'
533
+ context[:gem_version] = '3.123.0'
534
534
  Seahorse::Client::Request.new(handlers, context)
535
535
  end
536
536
 
data/lib/aws-sdk-sso.rb CHANGED
@@ -50,6 +50,6 @@ require_relative 'aws-sdk-sso/customizations'
50
50
  # @!group service
51
51
  module Aws::SSO
52
52
 
53
- GEM_VERSION = '3.122.1'
53
+ GEM_VERSION = '3.123.0'
54
54
 
55
55
  end
@@ -350,15 +350,15 @@ module Aws::STS
350
350
  # `AssumeRole` within your account or for cross-account access. For a
351
351
  # comparison of `AssumeRole` with other API operations that produce
352
352
  # temporary credentials, see [Requesting Temporary Security
353
- # Credentials][1] and [Comparing the STS API operations][2] in the *IAM
354
- # User Guide*.
353
+ # Credentials][1] and [Comparing the Amazon Web Services STS API
354
+ # operations][2] in the *IAM User Guide*.
355
355
  #
356
356
  # **Permissions**
357
357
  #
358
358
  # The temporary security credentials created by `AssumeRole` can be used
359
359
  # to make API calls to any Amazon Web Services service with the
360
- # following exception: You cannot call the STS `GetFederationToken` or
361
- # `GetSessionToken` API operations.
360
+ # following exception: You cannot call the Amazon Web Services STS
361
+ # `GetFederationToken` or `GetSessionToken` API operations.
362
362
  #
363
363
  # (Optional) You can pass inline or managed [session policies][3] to
364
364
  # this operation. You can pass a single JSON policy document to use as
@@ -375,28 +375,37 @@ module Aws::STS
375
375
  # assumed. For more information, see [Session Policies][3] in the *IAM
376
376
  # User Guide*.
377
377
  #
378
- # To assume a role from a different account, your account must be
379
- # trusted by the role. The trust relationship is defined in the role's
380
- # trust policy when the role is created. That trust policy states which
381
- # accounts are allowed to delegate that access to users in the account.
378
+ # When you create a role, you create two policies: A role trust policy
379
+ # that specifies *who* can assume the role and a permissions policy that
380
+ # specifies *what* can be done with the role. You specify the trusted
381
+ # principal who is allowed to assume the role in the role trust policy.
382
+ #
383
+ # To assume a role from a different account, your Amazon Web Services
384
+ # account must be trusted by the role. The trust relationship is defined
385
+ # in the role's trust policy when the role is created. That trust
386
+ # policy states which accounts are allowed to delegate that access to
387
+ # users in the account.
382
388
  #
383
389
  # A user who wants to access a role in a different account must also
384
390
  # have permissions that are delegated from the user account
385
391
  # administrator. The administrator must attach a policy that allows the
386
392
  # user to call `AssumeRole` for the ARN of the role in the other
387
- # account. If the user is in the same account as the role, then you can
388
- # do either of the following:
393
+ # account.
389
394
  #
390
- # * Attach a policy to the user (identical to the previous user in a
391
- # different account).
395
+ # To allow a user to assume a role in the same account, you can do
396
+ # either of the following:
397
+ #
398
+ # * Attach a policy to the user that allows the user to call
399
+ # `AssumeRole` (as long as the role's trust policy trusts the
400
+ # account).
392
401
  #
393
402
  # * Add the user as a principal directly in the role's trust policy.
394
403
  #
395
- # In this case, the trust policy acts as an IAM resource-based policy.
396
- # Users in the same account as the role do not need explicit permission
397
- # to assume the role. For more information about trust policies and
398
- # resource-based policies, see [IAM Policies][4] in the *IAM User
399
- # Guide*.
404
+ # You can do either because the role’s trust policy acts as an IAM
405
+ # resource-based policy. When a resource-based policy grants access to a
406
+ # principal in the same account, no additional identity-based policy is
407
+ # required. For more information about trust policies and resource-based
408
+ # policies, see [IAM Policies][4] in the *IAM User Guide*.
400
409
  #
401
410
  # **Tags**
402
411
  #
@@ -538,15 +547,25 @@ module Aws::STS
538
547
  #
539
548
  # @option params [Integer] :duration_seconds
540
549
  # The duration, in seconds, of the role session. The value specified can
541
- # can range from 900 seconds (15 minutes) up to the maximum session
542
- # duration that is set for the role. The maximum session duration
543
- # setting can have a value from 1 hour to 12 hours. If you specify a
544
- # value higher than this setting or the administrator setting (whichever
545
- # is lower), the operation fails. For example, if you specify a session
546
- # duration of 12 hours, but your administrator set the maximum session
547
- # duration to 6 hours, your operation fails. To learn how to view the
548
- # maximum value for your role, see [View the Maximum Session Duration
549
- # Setting for a Role][1] in the *IAM User Guide*.
550
+ # range from 900 seconds (15 minutes) up to the maximum session duration
551
+ # set for the role. The maximum session duration setting can have a
552
+ # value from 1 hour to 12 hours. If you specify a value higher than this
553
+ # setting or the administrator setting (whichever is lower), the
554
+ # operation fails. For example, if you specify a session duration of 12
555
+ # hours, but your administrator set the maximum session duration to 6
556
+ # hours, your operation fails.
557
+ #
558
+ # Role chaining limits your Amazon Web Services CLI or Amazon Web
559
+ # Services API role session to a maximum of one hour. When you use the
560
+ # `AssumeRole` API operation to assume a role, you can specify the
561
+ # duration of your role session with the `DurationSeconds` parameter.
562
+ # You can specify a parameter value of up to 43200 seconds (12 hours),
563
+ # depending on the maximum session duration setting for your role.
564
+ # However, if you assume a role using role chaining and provide a
565
+ # `DurationSeconds` parameter value greater than one hour, the operation
566
+ # fails. To learn how to view the maximum value for your role, see [View
567
+ # the Maximum Session Duration Setting for a Role][1] in the *IAM User
568
+ # Guide*.
550
569
  #
551
570
  # By default, the value is set to `3600` seconds.
552
571
  #
@@ -555,8 +574,8 @@ module Aws::STS
555
574
  # The request to the federation endpoint for a console sign-in token
556
575
  # takes a `SessionDuration` parameter that specifies the maximum length
557
576
  # of the console session. For more information, see [Creating a URL that
558
- # Enables Federated Users to Access the Management Console][2] in the
559
- # *IAM User Guide*.
577
+ # Enables Federated Users to Access the Amazon Web Services Management
578
+ # Console][2] in the *IAM User Guide*.
560
579
  #
561
580
  # </note>
562
581
  #
@@ -568,8 +587,8 @@ module Aws::STS
568
587
  # @option params [Array<Types::Tag>] :tags
569
588
  # A list of session tags that you want to pass. Each session tag
570
589
  # consists of a key name and an associated value. For more information
571
- # about session tags, see [Tagging STS Sessions][1] in the *IAM User
572
- # Guide*.
590
+ # about session tags, see [Tagging Amazon Web Services STS Sessions][1]
591
+ # in the *IAM User Guide*.
573
592
  #
574
593
  # This parameter is optional. You can pass up to 50 session tags. The
575
594
  # plaintext session tag keys can’t exceed 128 characters, and the values
@@ -798,8 +817,8 @@ module Aws::STS
798
817
  # user-specific credentials or configuration. For a comparison of
799
818
  # `AssumeRoleWithSAML` with the other API operations that produce
800
819
  # temporary credentials, see [Requesting Temporary Security
801
- # Credentials][1] and [Comparing the STS API operations][2] in the *IAM
802
- # User Guide*.
820
+ # Credentials][1] and [Comparing the Amazon Web Services STS API
821
+ # operations][2] in the *IAM User Guide*.
803
822
  #
804
823
  # The temporary security credentials returned by this operation consist
805
824
  # of an access key ID, a secret access key, and a security token.
@@ -1051,8 +1070,8 @@ module Aws::STS
1051
1070
  # The request to the federation endpoint for a console sign-in token
1052
1071
  # takes a `SessionDuration` parameter that specifies the maximum length
1053
1072
  # of the console session. For more information, see [Creating a URL that
1054
- # Enables Federated Users to Access the Management Console][2] in the
1055
- # *IAM User Guide*.
1073
+ # Enables Federated Users to Access the Amazon Web Services Management
1074
+ # Console][2] in the *IAM User Guide*.
1056
1075
  #
1057
1076
  # </note>
1058
1077
  #
@@ -1172,8 +1191,8 @@ module Aws::STS
1172
1191
  # a token from the web identity provider. For a comparison of
1173
1192
  # `AssumeRoleWithWebIdentity` with the other API operations that produce
1174
1193
  # temporary credentials, see [Requesting Temporary Security
1175
- # Credentials][5] and [Comparing the STS API operations][6] in the *IAM
1176
- # User Guide*.
1194
+ # Credentials][5] and [Comparing the Amazon Web Services STS API
1195
+ # operations][6] in the *IAM User Guide*.
1177
1196
  #
1178
1197
  # The temporary security credentials returned by this API consist of an
1179
1198
  # access key ID, a secret access key, and a security token. Applications
@@ -1433,8 +1452,8 @@ module Aws::STS
1433
1452
  # The request to the federation endpoint for a console sign-in token
1434
1453
  # takes a `SessionDuration` parameter that specifies the maximum length
1435
1454
  # of the console session. For more information, see [Creating a URL that
1436
- # Enables Federated Users to Access the Management Console][2] in the
1437
- # *IAM User Guide*.
1455
+ # Enables Federated Users to Access the Amazon Web Services Management
1456
+ # Console][2] in the *IAM User Guide*.
1438
1457
  #
1439
1458
  # </note>
1440
1459
  #
@@ -1540,17 +1559,17 @@ module Aws::STS
1540
1559
  # </note>
1541
1560
  #
1542
1561
  # The message is encoded because the details of the authorization status
1543
- # can constitute privileged information that the user who requested the
1562
+ # can contain privileged information that the user who requested the
1544
1563
  # operation should not see. To decode an authorization status message, a
1545
- # user must be granted permissions via an IAM policy to request the
1546
- # `DecodeAuthorizationMessage` (`sts:DecodeAuthorizationMessage`)
1564
+ # user must be granted permissions through an IAM [policy][1] to request
1565
+ # the `DecodeAuthorizationMessage` (`sts:DecodeAuthorizationMessage`)
1547
1566
  # action.
1548
1567
  #
1549
1568
  # The decoded message includes the following type of information:
1550
1569
  #
1551
1570
  # * Whether the request was denied due to an explicit deny or due to the
1552
1571
  # absence of an explicit allow. For more information, see [Determining
1553
- # Whether a Request is Allowed or Denied][1] in the *IAM User Guide*.
1572
+ # Whether a Request is Allowed or Denied][2] in the *IAM User Guide*.
1554
1573
  #
1555
1574
  # * The principal who made the request.
1556
1575
  #
@@ -1562,7 +1581,8 @@ module Aws::STS
1562
1581
  #
1563
1582
  #
1564
1583
  #
1565
- # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-denyallow
1584
+ # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html
1585
+ # [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-denyallow
1566
1586
  #
1567
1587
  # @option params [required, String] :encoded_message
1568
1588
  # The encoded message that was returned with the response.
@@ -1757,8 +1777,8 @@ module Aws::STS
1757
1777
  # can be safely stored, usually in a server-based application. For a
1758
1778
  # comparison of `GetFederationToken` with the other API operations that
1759
1779
  # produce temporary credentials, see [Requesting Temporary Security
1760
- # Credentials][1] and [Comparing the STS API operations][2] in the *IAM
1761
- # User Guide*.
1780
+ # Credentials][1] and [Comparing the Amazon Web Services STS API
1781
+ # operations][2] in the *IAM User Guide*.
1762
1782
  #
1763
1783
  # <note markdown="1"> You can create a mobile-based or browser-based app that can
1764
1784
  # authenticate users using a web identity provider like Login with
@@ -1782,7 +1802,7 @@ module Aws::STS
1782
1802
  # The temporary credentials are valid for the specified duration, from
1783
1803
  # 900 seconds (15 minutes) up to a maximum of 129,600 seconds (36
1784
1804
  # hours). The default session duration is 43,200 seconds (12 hours).
1785
- # Temporary credentials that are obtained by using Amazon Web Services
1805
+ # Temporary credentials obtained by using the Amazon Web Services
1786
1806
  # account root user credentials have a maximum duration of 3,600 seconds
1787
1807
  # (1 hour).
1788
1808
  #
@@ -1837,65 +1857,6 @@ module Aws::STS
1837
1857
  #
1838
1858
  # </note>
1839
1859
  #
1840
- # You can also call `GetFederationToken` using the security credentials
1841
- # of an Amazon Web Services account root user, but we do not recommend
1842
- # it. Instead, we recommend that you create an IAM user for the purpose
1843
- # of the proxy application. Then attach a policy to the IAM user that
1844
- # limits federated users to only the actions and resources that they
1845
- # need to access. For more information, see [IAM Best Practices][5] in
1846
- # the *IAM User Guide*.
1847
- #
1848
- # **Session duration**
1849
- #
1850
- # The temporary credentials are valid for the specified duration, from
1851
- # 900 seconds (15 minutes) up to a maximum of 129,600 seconds (36
1852
- # hours). The default session duration is 43,200 seconds (12 hours).
1853
- # Temporary credentials that are obtained by using Amazon Web Services
1854
- # account root user credentials have a maximum duration of 3,600 seconds
1855
- # (1 hour).
1856
- #
1857
- # **Permissions**
1858
- #
1859
- # You can use the temporary credentials created by `GetFederationToken`
1860
- # in any Amazon Web Services service except the following:
1861
- #
1862
- # * You cannot call any IAM operations using the CLI or the Amazon Web
1863
- # Services API.
1864
- #
1865
- # * You cannot call any STS operations except `GetCallerIdentity`.
1866
- #
1867
- # You must pass an inline or managed [session policy][6] to this
1868
- # operation. You can pass a single JSON policy document to use as an
1869
- # inline session policy. You can also specify up to 10 managed policies
1870
- # to use as managed session policies. The plain text that you use for
1871
- # both inline and managed session policies can't exceed 2,048
1872
- # characters.
1873
- #
1874
- # Though the session policy parameters are optional, if you do not pass
1875
- # a policy, then the resulting federated user session has no
1876
- # permissions. When you pass session policies, the session permissions
1877
- # are the intersection of the IAM user policies and the session policies
1878
- # that you pass. This gives you a way to further restrict the
1879
- # permissions for a federated user. You cannot use session policies to
1880
- # grant more permissions than those that are defined in the permissions
1881
- # policy of the IAM user. For more information, see [Session
1882
- # Policies][6] in the *IAM User Guide*. For information about using
1883
- # `GetFederationToken` to create temporary security credentials, see
1884
- # [GetFederationToken—Federation Through a Custom Identity Broker][7].
1885
- #
1886
- # You can use the credentials to access a resource that has a
1887
- # resource-based policy. If that policy specifically references the
1888
- # federated user session in the `Principal` element of the policy, the
1889
- # session has the permissions allowed by the policy. These permissions
1890
- # are granted in addition to the permissions granted by the session
1891
- # policies.
1892
- #
1893
- # **Tags**
1894
- #
1895
- # (Optional) You can pass tag key-value pairs to your session. These are
1896
- # called session tags. For more information about session tags, see
1897
- # [Passing Session Tags in STS][8] in the *IAM User Guide*.
1898
- #
1899
1860
  # An administrator must grant you the permissions necessary to pass
1900
1861
  # session tags. The administrator can also create granular permissions
1901
1862
  # to allow you to pass only specific session tags. For more information,
@@ -2164,8 +2125,8 @@ module Aws::STS
2164
2125
  # correct MFA code, then the API returns an access denied error. For a
2165
2126
  # comparison of `GetSessionToken` with the other API operations that
2166
2127
  # produce temporary credentials, see [Requesting Temporary Security
2167
- # Credentials][1] and [Comparing the STS API operations][2] in the *IAM
2168
- # User Guide*.
2128
+ # Credentials][1] and [Comparing the Amazon Web Services STS API
2129
+ # operations][2] in the *IAM User Guide*.
2169
2130
  #
2170
2131
  # **Session Duration**
2171
2132
  #
@@ -2233,8 +2194,8 @@ module Aws::STS
2233
2194
  # The value is either the serial number for a hardware device (such as
2234
2195
  # `GAHT12345678`) or an Amazon Resource Name (ARN) for a virtual device
2235
2196
  # (such as `arn:aws:iam::123456789012:mfa/user`). You can find the
2236
- # device for an IAM user by going to the Management Console and viewing
2237
- # the user's security credentials.
2197
+ # device for an IAM user by going to the Amazon Web Services Management
2198
+ # Console and viewing the user's security credentials.
2238
2199
  #
2239
2200
  # The regex used to validate this parameter is a string of characters
2240
2201
  # consisting of upper- and lower-case alphanumeric characters with no
@@ -2312,7 +2273,7 @@ module Aws::STS
2312
2273
  params: params,
2313
2274
  config: config)
2314
2275
  context[:gem_name] = 'aws-sdk-core'
2315
- context[:gem_version] = '3.122.1'
2276
+ context[:gem_version] = '3.123.0'
2316
2277
  Seahorse::Client::Request.new(handlers, context)
2317
2278
  end
2318
2279
 
@@ -132,16 +132,25 @@ module Aws::STS
132
132
  #
133
133
  # @!attribute [rw] duration_seconds
134
134
  # The duration, in seconds, of the role session. The value specified
135
- # can can range from 900 seconds (15 minutes) up to the maximum
136
- # session duration that is set for the role. The maximum session
137
- # duration setting can have a value from 1 hour to 12 hours. If you
138
- # specify a value higher than this setting or the administrator
139
- # setting (whichever is lower), the operation fails. For example, if
140
- # you specify a session duration of 12 hours, but your administrator
141
- # set the maximum session duration to 6 hours, your operation fails.
142
- # To learn how to view the maximum value for your role, see [View the
143
- # Maximum Session Duration Setting for a Role][1] in the *IAM User
144
- # Guide*.
135
+ # can range from 900 seconds (15 minutes) up to the maximum session
136
+ # duration set for the role. The maximum session duration setting can
137
+ # have a value from 1 hour to 12 hours. If you specify a value higher
138
+ # than this setting or the administrator setting (whichever is lower),
139
+ # the operation fails. For example, if you specify a session duration
140
+ # of 12 hours, but your administrator set the maximum session duration
141
+ # to 6 hours, your operation fails.
142
+ #
143
+ # Role chaining limits your Amazon Web Services CLI or Amazon Web
144
+ # Services API role session to a maximum of one hour. When you use the
145
+ # `AssumeRole` API operation to assume a role, you can specify the
146
+ # duration of your role session with the `DurationSeconds` parameter.
147
+ # You can specify a parameter value of up to 43200 seconds (12 hours),
148
+ # depending on the maximum session duration setting for your role.
149
+ # However, if you assume a role using role chaining and provide a
150
+ # `DurationSeconds` parameter value greater than one hour, the
151
+ # operation fails. To learn how to view the maximum value for your
152
+ # role, see [View the Maximum Session Duration Setting for a Role][1]
153
+ # in the *IAM User Guide*.
145
154
  #
146
155
  # By default, the value is set to `3600` seconds.
147
156
  #
@@ -150,8 +159,8 @@ module Aws::STS
150
159
  # credentials. The request to the federation endpoint for a console
151
160
  # sign-in token takes a `SessionDuration` parameter that specifies the
152
161
  # maximum length of the console session. For more information, see
153
- # [Creating a URL that Enables Federated Users to Access the
154
- # Management Console][2] in the *IAM User Guide*.
162
+ # [Creating a URL that Enables Federated Users to Access the Amazon
163
+ # Web Services Management Console][2] in the *IAM User Guide*.
155
164
  #
156
165
  # </note>
157
166
  #
@@ -164,8 +173,8 @@ module Aws::STS
164
173
  # @!attribute [rw] tags
165
174
  # A list of session tags that you want to pass. Each session tag
166
175
  # consists of a key name and an associated value. For more information
167
- # about session tags, see [Tagging STS Sessions][1] in the *IAM User
168
- # Guide*.
176
+ # about session tags, see [Tagging Amazon Web Services STS
177
+ # Sessions][1] in the *IAM User Guide*.
169
178
  #
170
179
  # This parameter is optional. You can pass up to 50 session tags. The
171
180
  # plaintext session tag keys can’t exceed 128 characters, and the
@@ -516,8 +525,8 @@ module Aws::STS
516
525
  # credentials. The request to the federation endpoint for a console
517
526
  # sign-in token takes a `SessionDuration` parameter that specifies the
518
527
  # maximum length of the console session. For more information, see
519
- # [Creating a URL that Enables Federated Users to Access the
520
- # Management Console][2] in the *IAM User Guide*.
528
+ # [Creating a URL that Enables Federated Users to Access the Amazon
529
+ # Web Services Management Console][2] in the *IAM User Guide*.
521
530
  #
522
531
  # </note>
523
532
  #
@@ -802,8 +811,8 @@ module Aws::STS
802
811
  # credentials. The request to the federation endpoint for a console
803
812
  # sign-in token takes a `SessionDuration` parameter that specifies the
804
813
  # maximum length of the console session. For more information, see
805
- # [Creating a URL that Enables Federated Users to Access the
806
- # Management Console][2] in the *IAM User Guide*.
814
+ # [Creating a URL that Enables Federated Users to Access the Amazon
815
+ # Web Services Management Console][2] in the *IAM User Guide*.
807
816
  #
808
817
  # </note>
809
818
  #
@@ -1012,7 +1021,7 @@ module Aws::STS
1012
1021
  # returned in response to an Amazon Web Services request.
1013
1022
  #
1014
1023
  # @!attribute [rw] decoded_message
1015
- # An XML document that contains the decoded message.
1024
+ # The API returns a response with the decoded message.
1016
1025
  # @return [String]
1017
1026
  #
1018
1027
  # @see http://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/DecodeAuthorizationMessageResponse AWS API Documentation
@@ -1396,8 +1405,8 @@ module Aws::STS
1396
1405
  # The value is either the serial number for a hardware device (such as
1397
1406
  # `GAHT12345678`) or an Amazon Resource Name (ARN) for a virtual
1398
1407
  # device (such as `arn:aws:iam::123456789012:mfa/user`). You can find
1399
- # the device for an IAM user by going to the Management Console and
1400
- # viewing the user's security credentials.
1408
+ # the device for an IAM user by going to the Amazon Web Services
1409
+ # Management Console and viewing the user's security credentials.
1401
1410
  #
1402
1411
  # The regex used to validate this parameter is a string of characters
1403
1412
  # consisting of upper- and lower-case alphanumeric characters with no
@@ -1546,7 +1555,7 @@ module Aws::STS
1546
1555
  #
1547
1556
  #
1548
1557
  # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html
1549
- # [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html
1558
+ # [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length
1550
1559
  #
1551
1560
  # @!attribute [rw] message
1552
1561
  # @return [String]
@@ -1612,7 +1621,8 @@ module Aws::STS
1612
1621
  # You can pass custom key-value pair attributes when you assume a role
1613
1622
  # or federate a user. These are called session tags. You can then use
1614
1623
  # the session tags to control access to resources. For more information,
1615
- # see [Tagging STS Sessions][1] in the *IAM User Guide*.
1624
+ # see [Tagging Amazon Web Services STS Sessions][1] in the *IAM User
1625
+ # Guide*.
1616
1626
  #
1617
1627
  #
1618
1628
  #
data/lib/aws-sdk-sts.rb CHANGED
@@ -50,6 +50,6 @@ require_relative 'aws-sdk-sts/customizations'
50
50
  # @!group service
51
51
  module Aws::STS
52
52
 
53
- GEM_VERSION = '3.122.1'
53
+ GEM_VERSION = '3.123.0'
54
54
 
55
55
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.122.1
4
+ version: 3.123.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-11-09 00:00:00.000000000 Z
11
+ date: 2021-11-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: jmespath