aws-sdk-iam 1.0.0.rc3 → 1.0.0.rc4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: b08113dded27fb7c6eea7fececdcd93c5d55c135
4
- data.tar.gz: a24c642fcdc0837a45b1cea524f9b97d5008d11d
3
+ metadata.gz: 738dac965bcb0584bb038b74c3a257bbb8df62d6
4
+ data.tar.gz: 055a8de3fb34fb83a329a792880920d27820d63c
5
5
  SHA512:
6
- metadata.gz: 1d2cee07e97e49261368c6b906dab49aa9d760ae18fa5aed44e45e8939707eff3016a8a024b800de0a53823b90b5bab95044aaf0f0827d410abe5fdb6a172158
7
- data.tar.gz: 3780147243bc8dde015c247ccc2d66a327e3f8d8ac5c9513b252e8ca712be18f5a5a1888b0a27a426cec57076c777f0ea957d1f3fad7d1c972250cbf9a441442
6
+ metadata.gz: 0c59422e6e55a4856972f70253c6bd37cba09d325350deddf89c9e1ceff040c38ab5f00bb86a89373c6589c57bea7c003946e42414e754455ab53e75b82f4f8f
7
+ data.tar.gz: 2bfc5f30e6e27f381c6187e8bc830cb1c3389b035386d1953b80e20705ad4b1a9f5bd2bfcfd70c1d90d22b2c21c7b5ed6c38d898d771db6cd3491223b75f106f
data/lib/aws-sdk-iam.rb CHANGED
@@ -64,6 +64,6 @@ require_relative 'aws-sdk-iam/customizations'
64
64
  # @service
65
65
  module Aws::IAM
66
66
 
67
- GEM_VERSION = '1.0.0.rc3'
67
+ GEM_VERSION = '1.0.0.rc4'
68
68
 
69
69
  end
@@ -18,6 +18,7 @@ require 'aws-sdk-core/plugins/regional_endpoint.rb'
18
18
  require 'aws-sdk-core/plugins/response_paging.rb'
19
19
  require 'aws-sdk-core/plugins/stub_responses.rb'
20
20
  require 'aws-sdk-core/plugins/idempotency_token.rb'
21
+ require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
21
22
  require 'aws-sdk-core/plugins/signature_v4.rb'
22
23
  require 'aws-sdk-core/plugins/protocols/query.rb'
23
24
 
@@ -45,6 +46,7 @@ module Aws::IAM
45
46
  add_plugin(Aws::Plugins::ResponsePaging)
46
47
  add_plugin(Aws::Plugins::StubResponses)
47
48
  add_plugin(Aws::Plugins::IdempotencyToken)
49
+ add_plugin(Aws::Plugins::JsonvalueConverter)
48
50
  add_plugin(Aws::Plugins::SignatureV4)
49
51
  add_plugin(Aws::Plugins::Protocols::Query)
50
52
 
@@ -177,7 +179,9 @@ module Aws::IAM
177
179
  req.send_request(options)
178
180
  end
179
181
 
180
- # Adds the specified IAM role to the specified instance profile.
182
+ # Adds the specified IAM role to the specified instance profile. An
183
+ # instance profile can contain only one role, and this limit cannot be
184
+ # increased.
181
185
  #
182
186
  # <note markdown="1"> The caller of this API must be granted the `PassRole` permission on
183
187
  # the IAM role by a permission policy.
@@ -211,7 +215,7 @@ module Aws::IAM
211
215
  # This parameter allows (per its [regex pattern][1]) a string of
212
216
  # characters consisting of upper and lowercase alphanumeric characters
213
217
  # with no spaces. You can also include any of the following characters:
214
- # =,.@-
218
+ # \_+=,.@-
215
219
  #
216
220
  #
217
221
  #
@@ -332,13 +336,16 @@ module Aws::IAM
332
336
  req.send_request(options)
333
337
  end
334
338
 
335
- # Attaches the specified managed policy to the specified IAM role.
339
+ # Attaches the specified managed policy to the specified IAM role. When
340
+ # you attach a managed policy to a role, the managed policy becomes part
341
+ # of the role's permission (access) policy.
342
+ #
343
+ # <note markdown="1"> You cannot use a managed policy as the role's trust policy. The
344
+ # role's trust policy is created at the same time as the role, using
345
+ # CreateRole. You can update a role's trust policy using
346
+ # UpdateAssumeRolePolicy.
336
347
  #
337
- # When you attach a managed policy to a role, the managed policy becomes
338
- # part of the role's permission (access) policy. You cannot use a
339
- # managed policy as the role's trust policy. The role's trust policy
340
- # is created at the same time as the role, using CreateRole. You can
341
- # update a role's trust policy using UpdateAssumeRolePolicy.
348
+ # </note>
342
349
  #
343
350
  # Use this API to attach a *managed* policy to a role. To embed an
344
351
  # inline policy in a role, use PutRolePolicy. For more information about
@@ -355,7 +362,7 @@ module Aws::IAM
355
362
  # This parameter allows (per its [regex pattern][1]) a string of
356
363
  # characters consisting of upper and lowercase alphanumeric characters
357
364
  # with no spaces. You can also include any of the following characters:
358
- # =,.@-
365
+ # \_+=,.@-
359
366
  #
360
367
  #
361
368
  #
@@ -728,6 +735,7 @@ module Aws::IAM
728
735
  # resp.instance_profile.roles[0].arn #=> String
729
736
  # resp.instance_profile.roles[0].create_date #=> Time
730
737
  # resp.instance_profile.roles[0].assume_role_policy_document #=> String
738
+ # resp.instance_profile.roles[0].description #=> String
731
739
  #
732
740
  # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateInstanceProfile AWS API Documentation
733
741
  #
@@ -1142,8 +1150,10 @@ module Aws::IAM
1142
1150
  # This parameter allows (per its [regex pattern][1]) a string of
1143
1151
  # characters consisting of upper and lowercase alphanumeric characters
1144
1152
  # with no spaces. You can also include any of the following characters:
1145
- # =,.@-. Role names are not distinguished by case. For example, you
1146
- # cannot create roles named both "PRODROLE" and "prodrole".
1153
+ # \_+=,.@-
1154
+ #
1155
+ # Role names are not distinguished by case. For example, you cannot
1156
+ # create roles named both "PRODROLE" and "prodrole".
1147
1157
  #
1148
1158
  #
1149
1159
  #
@@ -1165,6 +1175,9 @@ module Aws::IAM
1165
1175
  #
1166
1176
  # [1]: http://wikipedia.org/wiki/regex
1167
1177
  #
1178
+ # @option params [String] :description
1179
+ # A customer-provided description of the role.
1180
+ #
1168
1181
  # @return [Types::CreateRoleResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1169
1182
  #
1170
1183
  # * {Types::CreateRoleResponse#role #role} => Types::Role
@@ -1175,6 +1188,7 @@ module Aws::IAM
1175
1188
  # path: "pathType",
1176
1189
  # role_name: "roleNameType", # required
1177
1190
  # assume_role_policy_document: "policyDocumentType", # required
1191
+ # description: "roleDescriptionType",
1178
1192
  # })
1179
1193
  #
1180
1194
  # @example Response structure
@@ -1185,6 +1199,7 @@ module Aws::IAM
1185
1199
  # resp.role.arn #=> String
1186
1200
  # resp.role.create_date #=> Time
1187
1201
  # resp.role.assume_role_policy_document #=> String
1202
+ # resp.role.description #=> String
1188
1203
  #
1189
1204
  # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateRole AWS API Documentation
1190
1205
  #
@@ -1276,6 +1291,68 @@ module Aws::IAM
1276
1291
  req.send_request(options)
1277
1292
  end
1278
1293
 
1294
+ # Creates an IAM role that is linked to a specific AWS service. The
1295
+ # service controls the attached policies and when the role can be
1296
+ # deleted. This helps ensure that the service is not broken by an
1297
+ # unexpectedly changed or deleted role, which could put your AWS
1298
+ # resources into an unknown state. Allowing the service to control the
1299
+ # role helps improve service stability and proper cleanup when a service
1300
+ # and its role are no longer needed.
1301
+ #
1302
+ # The name of the role is autogenerated by combining the string that you
1303
+ # specify for the `AWSServiceName` parameter with the string that you
1304
+ # specify for the `CustomSuffix` parameter. The resulting name must be
1305
+ # unique in your account or the request fails.
1306
+ #
1307
+ # To attach a policy to this service-linked role, you must make the
1308
+ # request using the AWS service that depends on this role.
1309
+ #
1310
+ # @option params [required, String] :aws_service_name
1311
+ # The AWS service to which this role is attached. You use a string
1312
+ # similar to a URL but without the http:// in front. For example:
1313
+ # `elasticbeanstalk.amazonaws.com`
1314
+ #
1315
+ # @option params [String] :description
1316
+ # The description of the role.
1317
+ #
1318
+ # @option params [String] :custom_suffix
1319
+ # A string that you provide, which is combined with the service name to
1320
+ # form the complete role name. If you make multiple requests for the
1321
+ # same service, then you must supply a different `CustomSuffix` for each
1322
+ # request. Otherwise the request fails with a duplicate role name error.
1323
+ # For example, you could add `-1` or `-debug` to the suffix.
1324
+ #
1325
+ # @return [Types::CreateServiceLinkedRoleResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1326
+ #
1327
+ # * {Types::CreateServiceLinkedRoleResponse#role #role} => Types::Role
1328
+ #
1329
+ # @example Request syntax with placeholder values
1330
+ #
1331
+ # resp = client.create_service_linked_role({
1332
+ # aws_service_name: "groupNameType", # required
1333
+ # description: "roleDescriptionType",
1334
+ # custom_suffix: "customSuffixType",
1335
+ # })
1336
+ #
1337
+ # @example Response structure
1338
+ #
1339
+ # resp.role.path #=> String
1340
+ # resp.role.role_name #=> String
1341
+ # resp.role.role_id #=> String
1342
+ # resp.role.arn #=> String
1343
+ # resp.role.create_date #=> Time
1344
+ # resp.role.assume_role_policy_document #=> String
1345
+ # resp.role.description #=> String
1346
+ #
1347
+ # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceLinkedRole AWS API Documentation
1348
+ #
1349
+ # @overload create_service_linked_role(params = {})
1350
+ # @param [Hash] params ({})
1351
+ def create_service_linked_role(params = {}, options = {})
1352
+ req = build_request(:create_service_linked_role, params)
1353
+ req.send_request(options)
1354
+ end
1355
+
1279
1356
  # Generates a set of credentials consisting of a user name and password
1280
1357
  # that can be used to access the service specified in the request. These
1281
1358
  # credentials are generated by IAM, and can be used only for the
@@ -1532,7 +1609,7 @@ module Aws::IAM
1532
1609
  # This parameter allows (per its [regex pattern][1]) a string of
1533
1610
  # characters consisting of upper and lowercase alphanumeric characters
1534
1611
  # with no spaces. You can also include any of the following characters:
1535
- # =/:,.@-
1612
+ # =,.@:/-
1536
1613
  #
1537
1614
  #
1538
1615
  #
@@ -1992,7 +2069,7 @@ module Aws::IAM
1992
2069
  # This parameter allows (per its [regex pattern][1]) a string of
1993
2070
  # characters consisting of upper and lowercase alphanumeric characters
1994
2071
  # with no spaces. You can also include any of the following characters:
1995
- # =,.@-
2072
+ # \_+=,.@-
1996
2073
  #
1997
2074
  #
1998
2075
  #
@@ -2034,7 +2111,7 @@ module Aws::IAM
2034
2111
  # This parameter allows (per its [regex pattern][1]) a string of
2035
2112
  # characters consisting of upper and lowercase alphanumeric characters
2036
2113
  # with no spaces. You can also include any of the following characters:
2037
- # =,.@-
2114
+ # \_+=,.@-
2038
2115
  #
2039
2116
  #
2040
2117
  #
@@ -2406,7 +2483,7 @@ module Aws::IAM
2406
2483
  # This parameter allows (per its [regex pattern][1]) a string of
2407
2484
  # characters consisting of upper and lowercase alphanumeric characters
2408
2485
  # with no spaces. You can also include any of the following characters:
2409
- # =/:,.@-
2486
+ # =,.@:/-
2410
2487
  #
2411
2488
  #
2412
2489
  #
@@ -2499,7 +2576,7 @@ module Aws::IAM
2499
2576
  # This parameter allows (per its [regex pattern][1]) a string of
2500
2577
  # characters consisting of upper and lowercase alphanumeric characters
2501
2578
  # with no spaces. You can also include any of the following characters:
2502
- # =,.@-
2579
+ # \_+=,.@-
2503
2580
  #
2504
2581
  #
2505
2582
  #
@@ -2608,7 +2685,7 @@ module Aws::IAM
2608
2685
  # This parameter allows (per its [regex pattern][1]) a string of
2609
2686
  # characters consisting of upper and lowercase alphanumeric characters
2610
2687
  # with no spaces. You can also include any of the following characters:
2611
- # =/:,.@-
2688
+ # =,.@:/-
2612
2689
  #
2613
2690
  #
2614
2691
  #
@@ -2619,11 +2696,33 @@ module Aws::IAM
2619
2696
  #
2620
2697
  # The format for this parameter is a string of 6 digits.
2621
2698
  #
2699
+ # Submit your request immediately after generating the authentication
2700
+ # codes. If you generate the codes and then wait too long to submit the
2701
+ # request, the MFA device successfully associates with the user but the
2702
+ # MFA device becomes out of sync. This happens because time-based
2703
+ # one-time passwords (TOTP) expire after a short period of time. If this
2704
+ # happens, you can [resync the device][1].
2705
+ #
2706
+ #
2707
+ #
2708
+ # [1]: http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html
2709
+ #
2622
2710
  # @option params [required, String] :authentication_code_2
2623
2711
  # A subsequent authentication code emitted by the device.
2624
2712
  #
2625
2713
  # The format for this parameter is a string of 6 digits.
2626
2714
  #
2715
+ # Submit your request immediately after generating the authentication
2716
+ # codes. If you generate the codes and then wait too long to submit the
2717
+ # request, the MFA device successfully associates with the user but the
2718
+ # MFA device becomes out of sync. This happens because time-based
2719
+ # one-time passwords (TOTP) expire after a short period of time. If this
2720
+ # happens, you can [resync the device][1].
2721
+ #
2722
+ #
2723
+ #
2724
+ # [1]: http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html
2725
+ #
2627
2726
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
2628
2727
  #
2629
2728
  # @example Request syntax with placeholder values
@@ -2815,6 +2914,7 @@ module Aws::IAM
2815
2914
  # resp.role_detail_list[0].instance_profile_list[0].roles[0].arn #=> String
2816
2915
  # resp.role_detail_list[0].instance_profile_list[0].roles[0].create_date #=> Time
2817
2916
  # resp.role_detail_list[0].instance_profile_list[0].roles[0].assume_role_policy_document #=> String
2917
+ # resp.role_detail_list[0].instance_profile_list[0].roles[0].description #=> String
2818
2918
  # resp.role_detail_list[0].role_policy_list #=> Array
2819
2919
  # resp.role_detail_list[0].role_policy_list[0].policy_name #=> String
2820
2920
  # resp.role_detail_list[0].role_policy_list[0].policy_document #=> String
@@ -3268,6 +3368,7 @@ module Aws::IAM
3268
3368
  # resp.instance_profile.roles[0].arn #=> String
3269
3369
  # resp.instance_profile.roles[0].create_date #=> Time
3270
3370
  # resp.instance_profile.roles[0].assume_role_policy_document #=> String
3371
+ # resp.instance_profile.roles[0].description #=> String
3271
3372
  #
3272
3373
  # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetInstanceProfile AWS API Documentation
3273
3374
  #
@@ -3531,7 +3632,7 @@ module Aws::IAM
3531
3632
  # This parameter allows (per its [regex pattern][1]) a string of
3532
3633
  # characters consisting of upper and lowercase alphanumeric characters
3533
3634
  # with no spaces. You can also include any of the following characters:
3534
- # =,.@-
3635
+ # \_+=,.@-
3535
3636
  #
3536
3637
  #
3537
3638
  #
@@ -3555,6 +3656,7 @@ module Aws::IAM
3555
3656
  # resp.role.arn #=> String
3556
3657
  # resp.role.create_date #=> Time
3557
3658
  # resp.role.assume_role_policy_document #=> String
3659
+ # resp.role.description #=> String
3558
3660
  #
3559
3661
  # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRole AWS API Documentation
3560
3662
  #
@@ -3599,7 +3701,7 @@ module Aws::IAM
3599
3701
  # This parameter allows (per its [regex pattern][1]) a string of
3600
3702
  # characters consisting of upper and lowercase alphanumeric characters
3601
3703
  # with no spaces. You can also include any of the following characters:
3602
- # =,.@-
3704
+ # \_+=,.@-
3603
3705
  #
3604
3706
  #
3605
3707
  #
@@ -4202,7 +4304,7 @@ module Aws::IAM
4202
4304
  # This parameter allows (per its [regex pattern][1]) a string of
4203
4305
  # characters consisting of upper and lowercase alphanumeric characters
4204
4306
  # with no spaces. You can also include any of the following characters:
4205
- # =,.@-
4307
+ # \_+=,.@-
4206
4308
  #
4207
4309
  #
4208
4310
  #
@@ -4771,6 +4873,7 @@ module Aws::IAM
4771
4873
  # resp.instance_profiles[0].roles[0].arn #=> String
4772
4874
  # resp.instance_profiles[0].roles[0].create_date #=> Time
4773
4875
  # resp.instance_profiles[0].roles[0].assume_role_policy_document #=> String
4876
+ # resp.instance_profiles[0].roles[0].description #=> String
4774
4877
  # resp.is_truncated #=> Boolean
4775
4878
  # resp.marker #=> String
4776
4879
  #
@@ -4801,7 +4904,7 @@ module Aws::IAM
4801
4904
  # This parameter allows (per its [regex pattern][1]) a string of
4802
4905
  # characters consisting of upper and lowercase alphanumeric characters
4803
4906
  # with no spaces. You can also include any of the following characters:
4804
- # =,.@-
4907
+ # \_+=,.@-
4805
4908
  #
4806
4909
  #
4807
4910
  #
@@ -4854,6 +4957,7 @@ module Aws::IAM
4854
4957
  # resp.instance_profiles[0].roles[0].arn #=> String
4855
4958
  # resp.instance_profiles[0].roles[0].create_date #=> Time
4856
4959
  # resp.instance_profiles[0].roles[0].assume_role_policy_document #=> String
4960
+ # resp.instance_profiles[0].roles[0].description #=> String
4857
4961
  # resp.is_truncated #=> Boolean
4858
4962
  # resp.marker #=> String
4859
4963
  #
@@ -5164,7 +5268,7 @@ module Aws::IAM
5164
5268
  # This parameter allows (per its [regex pattern][1]) a string of
5165
5269
  # characters consisting of upper and lowercase alphanumeric characters
5166
5270
  # with no spaces. You can also include any of the following characters:
5167
- # =,.@-
5271
+ # \_+=,.@-
5168
5272
  #
5169
5273
  #
5170
5274
  #
@@ -5287,6 +5391,7 @@ module Aws::IAM
5287
5391
  # resp.roles[0].arn #=> String
5288
5392
  # resp.roles[0].create_date #=> Time
5289
5393
  # resp.roles[0].assume_role_policy_document #=> String
5394
+ # resp.roles[0].description #=> String
5290
5395
  # resp.is_truncated #=> Boolean
5291
5396
  # resp.marker #=> String
5292
5397
  #
@@ -5982,7 +6087,7 @@ module Aws::IAM
5982
6087
  # This parameter allows (per its [regex pattern][1]) a string of
5983
6088
  # characters consisting of upper and lowercase alphanumeric characters
5984
6089
  # with no spaces. You can also include any of the following characters:
5985
- # =,.@-
6090
+ # \_+=,.@-
5986
6091
  #
5987
6092
  #
5988
6093
  #
@@ -6165,7 +6270,7 @@ module Aws::IAM
6165
6270
  # Make sure you do not have any Amazon EC2 instances running with the
6166
6271
  # role you are about to remove from the instance profile. Removing a
6167
6272
  # role from an instance profile that is associated with a running
6168
- # instance break any applications running on the instance.
6273
+ # instance might break any applications running on the instance.
6169
6274
  #
6170
6275
  # For more information about IAM roles, go to [Working with Roles][1].
6171
6276
  # For more information about instance profiles, go to [About Instance
@@ -6194,7 +6299,7 @@ module Aws::IAM
6194
6299
  # This parameter allows (per its [regex pattern][1]) a string of
6195
6300
  # characters consisting of upper and lowercase alphanumeric characters
6196
6301
  # with no spaces. You can also include any of the following characters:
6197
- # =,.@-
6302
+ # \_+=,.@-
6198
6303
  #
6199
6304
  #
6200
6305
  #
@@ -7160,7 +7265,7 @@ module Aws::IAM
7160
7265
  # This parameter allows (per its [regex pattern][1]) a string of
7161
7266
  # characters consisting of upper and lowercase alphanumeric characters
7162
7267
  # with no spaces. You can also include any of the following characters:
7163
- # =,.@-
7268
+ # \_+=,.@-
7164
7269
  #
7165
7270
  #
7166
7271
  #
@@ -7397,6 +7502,44 @@ module Aws::IAM
7397
7502
  req.send_request(options)
7398
7503
  end
7399
7504
 
7505
+ # Modifies the description of a role.
7506
+ #
7507
+ # @option params [required, String] :role_name
7508
+ # The name of the role that you want to modify.
7509
+ #
7510
+ # @option params [required, String] :description
7511
+ # The new description that you want to apply to the specified role.
7512
+ #
7513
+ # @return [Types::UpdateRoleDescriptionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
7514
+ #
7515
+ # * {Types::UpdateRoleDescriptionResponse#role #role} => Types::Role
7516
+ #
7517
+ # @example Request syntax with placeholder values
7518
+ #
7519
+ # resp = client.update_role_description({
7520
+ # role_name: "roleNameType", # required
7521
+ # description: "roleDescriptionType", # required
7522
+ # })
7523
+ #
7524
+ # @example Response structure
7525
+ #
7526
+ # resp.role.path #=> String
7527
+ # resp.role.role_name #=> String
7528
+ # resp.role.role_id #=> String
7529
+ # resp.role.arn #=> String
7530
+ # resp.role.create_date #=> Time
7531
+ # resp.role.assume_role_policy_document #=> String
7532
+ # resp.role.description #=> String
7533
+ #
7534
+ # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRoleDescription AWS API Documentation
7535
+ #
7536
+ # @overload update_role_description(params = {})
7537
+ # @param [Hash] params ({})
7538
+ def update_role_description(params = {}, options = {})
7539
+ req = build_request(:update_role_description, params)
7540
+ req.send_request(options)
7541
+ end
7542
+
7400
7543
  # Updates the metadata document for an existing SAML provider resource
7401
7544
  # object.
7402
7545
  #
@@ -8108,7 +8251,7 @@ module Aws::IAM
8108
8251
  params: params,
8109
8252
  config: config)
8110
8253
  context[:gem_name] = 'aws-sdk-iam'
8111
- context[:gem_version] = '1.0.0.rc3'
8254
+ context[:gem_version] = '1.0.0.rc4'
8112
8255
  Seahorse::Client::Request.new(handlers, context)
8113
8256
  end
8114
8257
 
@@ -52,6 +52,8 @@ module Aws::IAM
52
52
  CreateRoleResponse = Shapes::StructureShape.new(name: 'CreateRoleResponse')
53
53
  CreateSAMLProviderRequest = Shapes::StructureShape.new(name: 'CreateSAMLProviderRequest')
54
54
  CreateSAMLProviderResponse = Shapes::StructureShape.new(name: 'CreateSAMLProviderResponse')
55
+ CreateServiceLinkedRoleRequest = Shapes::StructureShape.new(name: 'CreateServiceLinkedRoleRequest')
56
+ CreateServiceLinkedRoleResponse = Shapes::StructureShape.new(name: 'CreateServiceLinkedRoleResponse')
55
57
  CreateServiceSpecificCredentialRequest = Shapes::StructureShape.new(name: 'CreateServiceSpecificCredentialRequest')
56
58
  CreateServiceSpecificCredentialResponse = Shapes::StructureShape.new(name: 'CreateServiceSpecificCredentialResponse')
57
59
  CreateUserRequest = Shapes::StructureShape.new(name: 'CreateUserRequest')
@@ -264,6 +266,7 @@ module Aws::IAM
264
266
  SimulationPolicyListType = Shapes::ListShape.new(name: 'SimulationPolicyListType')
265
267
  Statement = Shapes::StructureShape.new(name: 'Statement')
266
268
  StatementListType = Shapes::ListShape.new(name: 'StatementListType')
269
+ UnmodifiableEntityException = Shapes::StructureShape.new(name: 'UnmodifiableEntityException')
267
270
  UnrecognizedPublicKeyEncodingException = Shapes::StructureShape.new(name: 'UnrecognizedPublicKeyEncodingException')
268
271
  UpdateAccessKeyRequest = Shapes::StructureShape.new(name: 'UpdateAccessKeyRequest')
269
272
  UpdateAccountPasswordPolicyRequest = Shapes::StructureShape.new(name: 'UpdateAccountPasswordPolicyRequest')
@@ -271,6 +274,8 @@ module Aws::IAM
271
274
  UpdateGroupRequest = Shapes::StructureShape.new(name: 'UpdateGroupRequest')
272
275
  UpdateLoginProfileRequest = Shapes::StructureShape.new(name: 'UpdateLoginProfileRequest')
273
276
  UpdateOpenIDConnectProviderThumbprintRequest = Shapes::StructureShape.new(name: 'UpdateOpenIDConnectProviderThumbprintRequest')
277
+ UpdateRoleDescriptionRequest = Shapes::StructureShape.new(name: 'UpdateRoleDescriptionRequest')
278
+ UpdateRoleDescriptionResponse = Shapes::StructureShape.new(name: 'UpdateRoleDescriptionResponse')
274
279
  UpdateSAMLProviderRequest = Shapes::StructureShape.new(name: 'UpdateSAMLProviderRequest')
275
280
  UpdateSAMLProviderResponse = Shapes::StructureShape.new(name: 'UpdateSAMLProviderResponse')
276
281
  UpdateSSHPublicKeyRequest = Shapes::StructureShape.new(name: 'UpdateSSHPublicKeyRequest')
@@ -308,6 +313,7 @@ module Aws::IAM
308
313
  credentialReportExpiredExceptionMessage = Shapes::StringShape.new(name: 'credentialReportExpiredExceptionMessage')
309
314
  credentialReportNotPresentExceptionMessage = Shapes::StringShape.new(name: 'credentialReportNotPresentExceptionMessage')
310
315
  credentialReportNotReadyExceptionMessage = Shapes::StringShape.new(name: 'credentialReportNotReadyExceptionMessage')
316
+ customSuffixType = Shapes::StringShape.new(name: 'customSuffixType')
311
317
  dateType = Shapes::TimestampShape.new(name: 'dateType')
312
318
  deleteConflictMessage = Shapes::StringShape.new(name: 'deleteConflictMessage')
313
319
  duplicateCertificateMessage = Shapes::StringShape.new(name: 'duplicateCertificateMessage')
@@ -359,6 +365,7 @@ module Aws::IAM
359
365
  publicKeyFingerprintType = Shapes::StringShape.new(name: 'publicKeyFingerprintType')
360
366
  publicKeyIdType = Shapes::StringShape.new(name: 'publicKeyIdType')
361
367
  publicKeyMaterialType = Shapes::StringShape.new(name: 'publicKeyMaterialType')
368
+ roleDescriptionType = Shapes::StringShape.new(name: 'roleDescriptionType')
362
369
  roleDetailListType = Shapes::ListShape.new(name: 'roleDetailListType')
363
370
  roleListType = Shapes::ListShape.new(name: 'roleListType')
364
371
  roleNameType = Shapes::StringShape.new(name: 'roleNameType')
@@ -378,6 +385,7 @@ module Aws::IAM
378
385
  summaryValueType = Shapes::IntegerShape.new(name: 'summaryValueType')
379
386
  thumbprintListType = Shapes::ListShape.new(name: 'thumbprintListType')
380
387
  thumbprintType = Shapes::StringShape.new(name: 'thumbprintType')
388
+ unmodifiableEntityMessage = Shapes::StringShape.new(name: 'unmodifiableEntityMessage')
381
389
  unrecognizedPublicKeyEncodingMessage = Shapes::StringShape.new(name: 'unrecognizedPublicKeyEncodingMessage')
382
390
  userDetailListType = Shapes::ListShape.new(name: 'userDetailListType')
383
391
  userListType = Shapes::ListShape.new(name: 'userListType')
@@ -507,6 +515,7 @@ module Aws::IAM
507
515
  CreateRoleRequest.add_member(:path, Shapes::ShapeRef.new(shape: pathType, location_name: "Path"))
508
516
  CreateRoleRequest.add_member(:role_name, Shapes::ShapeRef.new(shape: roleNameType, required: true, location_name: "RoleName"))
509
517
  CreateRoleRequest.add_member(:assume_role_policy_document, Shapes::ShapeRef.new(shape: policyDocumentType, required: true, location_name: "AssumeRolePolicyDocument"))
518
+ CreateRoleRequest.add_member(:description, Shapes::ShapeRef.new(shape: roleDescriptionType, location_name: "Description"))
510
519
  CreateRoleRequest.struct_class = Types::CreateRoleRequest
511
520
 
512
521
  CreateRoleResponse.add_member(:role, Shapes::ShapeRef.new(shape: Role, required: true, location_name: "Role"))
@@ -519,6 +528,14 @@ module Aws::IAM
519
528
  CreateSAMLProviderResponse.add_member(:saml_provider_arn, Shapes::ShapeRef.new(shape: arnType, location_name: "SAMLProviderArn"))
520
529
  CreateSAMLProviderResponse.struct_class = Types::CreateSAMLProviderResponse
521
530
 
531
+ CreateServiceLinkedRoleRequest.add_member(:aws_service_name, Shapes::ShapeRef.new(shape: groupNameType, required: true, location_name: "AWSServiceName"))
532
+ CreateServiceLinkedRoleRequest.add_member(:description, Shapes::ShapeRef.new(shape: roleDescriptionType, location_name: "Description"))
533
+ CreateServiceLinkedRoleRequest.add_member(:custom_suffix, Shapes::ShapeRef.new(shape: customSuffixType, location_name: "CustomSuffix"))
534
+ CreateServiceLinkedRoleRequest.struct_class = Types::CreateServiceLinkedRoleRequest
535
+
536
+ CreateServiceLinkedRoleResponse.add_member(:role, Shapes::ShapeRef.new(shape: Role, location_name: "Role"))
537
+ CreateServiceLinkedRoleResponse.struct_class = Types::CreateServiceLinkedRoleResponse
538
+
522
539
  CreateServiceSpecificCredentialRequest.add_member(:user_name, Shapes::ShapeRef.new(shape: userNameType, required: true, location_name: "UserName"))
523
540
  CreateServiceSpecificCredentialRequest.add_member(:service_name, Shapes::ShapeRef.new(shape: serviceName, required: true, location_name: "ServiceName"))
524
541
  CreateServiceSpecificCredentialRequest.struct_class = Types::CreateServiceSpecificCredentialRequest
@@ -1208,6 +1225,7 @@ module Aws::IAM
1208
1225
  Role.add_member(:arn, Shapes::ShapeRef.new(shape: arnType, required: true, location_name: "Arn"))
1209
1226
  Role.add_member(:create_date, Shapes::ShapeRef.new(shape: dateType, required: true, location_name: "CreateDate"))
1210
1227
  Role.add_member(:assume_role_policy_document, Shapes::ShapeRef.new(shape: policyDocumentType, location_name: "AssumeRolePolicyDocument"))
1228
+ Role.add_member(:description, Shapes::ShapeRef.new(shape: roleDescriptionType, location_name: "Description"))
1211
1229
  Role.struct_class = Types::Role
1212
1230
 
1213
1231
  RoleDetail.add_member(:path, Shapes::ShapeRef.new(shape: pathType, location_name: "Path"))
@@ -1361,6 +1379,13 @@ module Aws::IAM
1361
1379
  UpdateOpenIDConnectProviderThumbprintRequest.add_member(:thumbprint_list, Shapes::ShapeRef.new(shape: thumbprintListType, required: true, location_name: "ThumbprintList"))
1362
1380
  UpdateOpenIDConnectProviderThumbprintRequest.struct_class = Types::UpdateOpenIDConnectProviderThumbprintRequest
1363
1381
 
1382
+ UpdateRoleDescriptionRequest.add_member(:role_name, Shapes::ShapeRef.new(shape: roleNameType, required: true, location_name: "RoleName"))
1383
+ UpdateRoleDescriptionRequest.add_member(:description, Shapes::ShapeRef.new(shape: roleDescriptionType, required: true, location_name: "Description"))
1384
+ UpdateRoleDescriptionRequest.struct_class = Types::UpdateRoleDescriptionRequest
1385
+
1386
+ UpdateRoleDescriptionResponse.add_member(:role, Shapes::ShapeRef.new(shape: Role, location_name: "Role"))
1387
+ UpdateRoleDescriptionResponse.struct_class = Types::UpdateRoleDescriptionResponse
1388
+
1364
1389
  UpdateSAMLProviderRequest.add_member(:saml_metadata_document, Shapes::ShapeRef.new(shape: SAMLMetadataDocumentType, required: true, location_name: "SAMLMetadataDocument"))
1365
1390
  UpdateSAMLProviderRequest.add_member(:saml_provider_arn, Shapes::ShapeRef.new(shape: arnType, required: true, location_name: "SAMLProviderArn"))
1366
1391
  UpdateSAMLProviderRequest.struct_class = Types::UpdateSAMLProviderRequest
@@ -1524,6 +1549,7 @@ module Aws::IAM
1524
1549
  o.errors << Shapes::ShapeRef.new(shape: NoSuchEntityException)
1525
1550
  o.errors << Shapes::ShapeRef.new(shape: EntityAlreadyExistsException)
1526
1551
  o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
1552
+ o.errors << Shapes::ShapeRef.new(shape: UnmodifiableEntityException)
1527
1553
  o.errors << Shapes::ShapeRef.new(shape: ServiceFailureException)
1528
1554
  end)
1529
1555
 
@@ -1559,6 +1585,7 @@ module Aws::IAM
1559
1585
  o.errors << Shapes::ShapeRef.new(shape: NoSuchEntityException)
1560
1586
  o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
1561
1587
  o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
1588
+ o.errors << Shapes::ShapeRef.new(shape: UnmodifiableEntityException)
1562
1589
  o.errors << Shapes::ShapeRef.new(shape: ServiceFailureException)
1563
1590
  end)
1564
1591
 
@@ -1691,6 +1718,7 @@ module Aws::IAM
1691
1718
  o.input = Shapes::ShapeRef.new(shape: CreateRoleRequest)
1692
1719
  o.output = Shapes::ShapeRef.new(shape: CreateRoleResponse)
1693
1720
  o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
1721
+ o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
1694
1722
  o.errors << Shapes::ShapeRef.new(shape: EntityAlreadyExistsException)
1695
1723
  o.errors << Shapes::ShapeRef.new(shape: MalformedPolicyDocumentException)
1696
1724
  o.errors << Shapes::ShapeRef.new(shape: ServiceFailureException)
@@ -1708,6 +1736,18 @@ module Aws::IAM
1708
1736
  o.errors << Shapes::ShapeRef.new(shape: ServiceFailureException)
1709
1737
  end)
1710
1738
 
1739
+ api.add_operation(:create_service_linked_role, Seahorse::Model::Operation.new.tap do |o|
1740
+ o.name = "CreateServiceLinkedRole"
1741
+ o.http_method = "POST"
1742
+ o.http_request_uri = "/"
1743
+ o.input = Shapes::ShapeRef.new(shape: CreateServiceLinkedRoleRequest)
1744
+ o.output = Shapes::ShapeRef.new(shape: CreateServiceLinkedRoleResponse)
1745
+ o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
1746
+ o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
1747
+ o.errors << Shapes::ShapeRef.new(shape: NoSuchEntityException)
1748
+ o.errors << Shapes::ShapeRef.new(shape: ServiceFailureException)
1749
+ end)
1750
+
1711
1751
  api.add_operation(:create_service_specific_credential, Seahorse::Model::Operation.new.tap do |o|
1712
1752
  o.name = "CreateServiceSpecificCredential"
1713
1753
  o.http_method = "POST"
@@ -1880,6 +1920,7 @@ module Aws::IAM
1880
1920
  o.errors << Shapes::ShapeRef.new(shape: NoSuchEntityException)
1881
1921
  o.errors << Shapes::ShapeRef.new(shape: DeleteConflictException)
1882
1922
  o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
1923
+ o.errors << Shapes::ShapeRef.new(shape: UnmodifiableEntityException)
1883
1924
  o.errors << Shapes::ShapeRef.new(shape: ServiceFailureException)
1884
1925
  end)
1885
1926
 
@@ -1891,6 +1932,7 @@ module Aws::IAM
1891
1932
  o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
1892
1933
  o.errors << Shapes::ShapeRef.new(shape: NoSuchEntityException)
1893
1934
  o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
1935
+ o.errors << Shapes::ShapeRef.new(shape: UnmodifiableEntityException)
1894
1936
  o.errors << Shapes::ShapeRef.new(shape: ServiceFailureException)
1895
1937
  end)
1896
1938
 
@@ -2003,6 +2045,7 @@ module Aws::IAM
2003
2045
  o.errors << Shapes::ShapeRef.new(shape: NoSuchEntityException)
2004
2046
  o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
2005
2047
  o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
2048
+ o.errors << Shapes::ShapeRef.new(shape: UnmodifiableEntityException)
2006
2049
  o.errors << Shapes::ShapeRef.new(shape: ServiceFailureException)
2007
2050
  end)
2008
2051
 
@@ -2686,6 +2729,7 @@ module Aws::IAM
2686
2729
  o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
2687
2730
  o.errors << Shapes::ShapeRef.new(shape: MalformedPolicyDocumentException)
2688
2731
  o.errors << Shapes::ShapeRef.new(shape: NoSuchEntityException)
2732
+ o.errors << Shapes::ShapeRef.new(shape: UnmodifiableEntityException)
2689
2733
  o.errors << Shapes::ShapeRef.new(shape: ServiceFailureException)
2690
2734
  end)
2691
2735
 
@@ -2720,6 +2764,7 @@ module Aws::IAM
2720
2764
  o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
2721
2765
  o.errors << Shapes::ShapeRef.new(shape: NoSuchEntityException)
2722
2766
  o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
2767
+ o.errors << Shapes::ShapeRef.new(shape: UnmodifiableEntityException)
2723
2768
  o.errors << Shapes::ShapeRef.new(shape: ServiceFailureException)
2724
2769
  end)
2725
2770
 
@@ -2834,6 +2879,7 @@ module Aws::IAM
2834
2879
  o.errors << Shapes::ShapeRef.new(shape: NoSuchEntityException)
2835
2880
  o.errors << Shapes::ShapeRef.new(shape: MalformedPolicyDocumentException)
2836
2881
  o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
2882
+ o.errors << Shapes::ShapeRef.new(shape: UnmodifiableEntityException)
2837
2883
  o.errors << Shapes::ShapeRef.new(shape: ServiceFailureException)
2838
2884
  end)
2839
2885
 
@@ -2873,6 +2919,17 @@ module Aws::IAM
2873
2919
  o.errors << Shapes::ShapeRef.new(shape: ServiceFailureException)
2874
2920
  end)
2875
2921
 
2922
+ api.add_operation(:update_role_description, Seahorse::Model::Operation.new.tap do |o|
2923
+ o.name = "UpdateRoleDescription"
2924
+ o.http_method = "POST"
2925
+ o.http_request_uri = "/"
2926
+ o.input = Shapes::ShapeRef.new(shape: UpdateRoleDescriptionRequest)
2927
+ o.output = Shapes::ShapeRef.new(shape: UpdateRoleDescriptionResponse)
2928
+ o.errors << Shapes::ShapeRef.new(shape: NoSuchEntityException)
2929
+ o.errors << Shapes::ShapeRef.new(shape: UnmodifiableEntityException)
2930
+ o.errors << Shapes::ShapeRef.new(shape: ServiceFailureException)
2931
+ end)
2932
+
2876
2933
  api.add_operation(:update_saml_provider, Seahorse::Model::Operation.new.tap do |o|
2877
2934
  o.name = "UpdateSAMLProvider"
2878
2935
  o.http_method = "POST"
@@ -152,7 +152,7 @@ module Aws::IAM
152
152
  # This parameter allows (per its [regex pattern][1]) a string of
153
153
  # characters consisting of upper and lowercase alphanumeric characters
154
154
  # with no spaces. You can also include any of the following characters:
155
- # =,.@-
155
+ # \_+=,.@-
156
156
  #
157
157
  #
158
158
  #
@@ -187,7 +187,7 @@ module Aws::IAM
187
187
  # This parameter allows (per its [regex pattern][1]) a string of
188
188
  # characters consisting of upper and lowercase alphanumeric characters
189
189
  # with no spaces. You can also include any of the following characters:
190
- # =,.@-
190
+ # \_+=,.@-
191
191
  #
192
192
  #
193
193
  #
@@ -87,10 +87,32 @@ module Aws::IAM
87
87
  # An authentication code emitted by the device.
88
88
  #
89
89
  # The format for this parameter is a string of 6 digits.
90
+ #
91
+ # Submit your request immediately after generating the authentication
92
+ # codes. If you generate the codes and then wait too long to submit the
93
+ # request, the MFA device successfully associates with the user but the
94
+ # MFA device becomes out of sync. This happens because time-based
95
+ # one-time passwords (TOTP) expire after a short period of time. If this
96
+ # happens, you can [resync the device][1].
97
+ #
98
+ #
99
+ #
100
+ # [1]: http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html
90
101
  # @option options [required, String] :authentication_code_2
91
102
  # A subsequent authentication code emitted by the device.
92
103
  #
93
104
  # The format for this parameter is a string of 6 digits.
105
+ #
106
+ # Submit your request immediately after generating the authentication
107
+ # codes. If you generate the codes and then wait too long to submit the
108
+ # request, the MFA device successfully associates with the user but the
109
+ # MFA device becomes out of sync. This happens because time-based
110
+ # one-time passwords (TOTP) expire after a short period of time. If this
111
+ # happens, you can [resync the device][1].
112
+ #
113
+ #
114
+ #
115
+ # [1]: http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html
94
116
  # @return [EmptyStructure]
95
117
  def associate(options = {})
96
118
  options = options.merge(
@@ -193,7 +193,7 @@ module Aws::IAM
193
193
  # This parameter allows (per its [regex pattern][1]) a string of
194
194
  # characters consisting of upper and lowercase alphanumeric characters
195
195
  # with no spaces. You can also include any of the following characters:
196
- # =,.@-
196
+ # \_+=,.@-
197
197
  #
198
198
  #
199
199
  #
@@ -326,7 +326,7 @@ module Aws::IAM
326
326
  # This parameter allows (per its [regex pattern][1]) a string of
327
327
  # characters consisting of upper and lowercase alphanumeric characters
328
328
  # with no spaces. You can also include any of the following characters:
329
- # =,.@-
329
+ # \_+=,.@-
330
330
  #
331
331
  #
332
332
  #
@@ -321,6 +321,7 @@ module Aws::IAM
321
321
  # path: "pathType",
322
322
  # role_name: "roleNameType", # required
323
323
  # assume_role_policy_document: "policyDocumentType", # required
324
+ # description: "roleDescriptionType",
324
325
  # })
325
326
  # @param [Hash] options ({})
326
327
  # @option options [String] :path
@@ -347,8 +348,10 @@ module Aws::IAM
347
348
  # This parameter allows (per its [regex pattern][1]) a string of
348
349
  # characters consisting of upper and lowercase alphanumeric characters
349
350
  # with no spaces. You can also include any of the following characters:
350
- # =,.@-. Role names are not distinguished by case. For example, you
351
- # cannot create roles named both "PRODROLE" and "prodrole".
351
+ # \_+=,.@-
352
+ #
353
+ # Role names are not distinguished by case. For example, you cannot
354
+ # create roles named both "PRODROLE" and "prodrole".
352
355
  #
353
356
  #
354
357
  #
@@ -368,6 +371,8 @@ module Aws::IAM
368
371
  #
369
372
  #
370
373
  # [1]: http://wikipedia.org/wiki/regex
374
+ # @option options [String] :description
375
+ # A customer-provided description of the role.
371
376
  # @return [Role]
372
377
  def create_role(options = {})
373
378
  resp = @client.create_role(options)
@@ -56,7 +56,7 @@ module Aws::IAM
56
56
 
57
57
  # The Amazon Resource Name (ARN) specifying the role. For more
58
58
  # information about ARNs and how to use them in policies, see [IAM
59
- # Identifiers][1] in the *Using IAM* guide.
59
+ # Identifiers][1] in the *IAM User Guide* guide.
60
60
  #
61
61
  #
62
62
  #
@@ -83,6 +83,12 @@ module Aws::IAM
83
83
  data.assume_role_policy_document
84
84
  end
85
85
 
86
+ # A description of the role that you provide.
87
+ # @return [String]
88
+ def description
89
+ data.description
90
+ end
91
+
86
92
  # @!endgroup
87
93
 
88
94
  # @return [Client]
@@ -75,7 +75,7 @@ module Aws::IAM
75
75
  #
76
76
  # @!attribute [rw] service_name
77
77
  # The name of the AWS service with which this access key was most
78
- # recently used. This field is null when:
78
+ # recently used. This field displays "N/A" when:
79
79
  #
80
80
  # * The user does not have an access key.
81
81
  #
@@ -87,7 +87,7 @@ module Aws::IAM
87
87
  #
88
88
  # @!attribute [rw] region
89
89
  # The AWS region where this access key was most recently used. This
90
- # field is null when:
90
+ # field is displays "N/A" when:
91
91
  #
92
92
  # * The user does not have an access key.
93
93
  #
@@ -199,7 +199,7 @@ module Aws::IAM
199
199
  # This parameter allows (per its [regex pattern][1]) a string of
200
200
  # characters consisting of upper and lowercase alphanumeric characters
201
201
  # with no spaces. You can also include any of the following
202
- # characters: =,.@-
202
+ # characters: \_+=,.@-
203
203
  #
204
204
  #
205
205
  #
@@ -312,7 +312,7 @@ module Aws::IAM
312
312
  # This parameter allows (per its [regex pattern][1]) a string of
313
313
  # characters consisting of upper and lowercase alphanumeric characters
314
314
  # with no spaces. You can also include any of the following
315
- # characters: =,.@-
315
+ # characters: \_+=,.@-
316
316
  #
317
317
  #
318
318
  #
@@ -1032,6 +1032,7 @@ module Aws::IAM
1032
1032
  # path: "pathType",
1033
1033
  # role_name: "roleNameType", # required
1034
1034
  # assume_role_policy_document: "policyDocumentType", # required
1035
+ # description: "roleDescriptionType",
1035
1036
  # }
1036
1037
  #
1037
1038
  # @!attribute [rw] path
@@ -1060,9 +1061,10 @@ module Aws::IAM
1060
1061
  # This parameter allows (per its [regex pattern][1]) a string of
1061
1062
  # characters consisting of upper and lowercase alphanumeric characters
1062
1063
  # with no spaces. You can also include any of the following
1063
- # characters: =,.@-. Role names are not distinguished by case. For
1064
- # example, you cannot create roles named both "PRODROLE" and
1065
- # "prodrole".
1064
+ # characters: \_+=,.@-
1065
+ #
1066
+ # Role names are not distinguished by case. For example, you cannot
1067
+ # create roles named both "PRODROLE" and "prodrole".
1066
1068
  #
1067
1069
  #
1068
1070
  #
@@ -1086,12 +1088,17 @@ module Aws::IAM
1086
1088
  # [1]: http://wikipedia.org/wiki/regex
1087
1089
  # @return [String]
1088
1090
  #
1091
+ # @!attribute [rw] description
1092
+ # A customer-provided description of the role.
1093
+ # @return [String]
1094
+ #
1089
1095
  # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateRoleRequest AWS API Documentation
1090
1096
  #
1091
1097
  class CreateRoleRequest < Struct.new(
1092
1098
  :path,
1093
1099
  :role_name,
1094
- :assume_role_policy_document)
1100
+ :assume_role_policy_document,
1101
+ :description)
1095
1102
  include Aws::Structure
1096
1103
  end
1097
1104
 
@@ -1167,6 +1174,54 @@ module Aws::IAM
1167
1174
  include Aws::Structure
1168
1175
  end
1169
1176
 
1177
+ # @note When making an API call, you may pass CreateServiceLinkedRoleRequest
1178
+ # data as a hash:
1179
+ #
1180
+ # {
1181
+ # aws_service_name: "groupNameType", # required
1182
+ # description: "roleDescriptionType",
1183
+ # custom_suffix: "customSuffixType",
1184
+ # }
1185
+ #
1186
+ # @!attribute [rw] aws_service_name
1187
+ # The AWS service to which this role is attached. You use a string
1188
+ # similar to a URL but without the http:// in front. For example:
1189
+ # `elasticbeanstalk.amazonaws.com`
1190
+ # @return [String]
1191
+ #
1192
+ # @!attribute [rw] description
1193
+ # The description of the role.
1194
+ # @return [String]
1195
+ #
1196
+ # @!attribute [rw] custom_suffix
1197
+ # A string that you provide, which is combined with the service name
1198
+ # to form the complete role name. If you make multiple requests for
1199
+ # the same service, then you must supply a different `CustomSuffix`
1200
+ # for each request. Otherwise the request fails with a duplicate role
1201
+ # name error. For example, you could add `-1` or `-debug` to the
1202
+ # suffix.
1203
+ # @return [String]
1204
+ #
1205
+ # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceLinkedRoleRequest AWS API Documentation
1206
+ #
1207
+ class CreateServiceLinkedRoleRequest < Struct.new(
1208
+ :aws_service_name,
1209
+ :description,
1210
+ :custom_suffix)
1211
+ include Aws::Structure
1212
+ end
1213
+
1214
+ # @!attribute [rw] role
1215
+ # A Role object that contains details about the newly created role.
1216
+ # @return [Types::Role]
1217
+ #
1218
+ # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceLinkedRoleResponse AWS API Documentation
1219
+ #
1220
+ class CreateServiceLinkedRoleResponse < Struct.new(
1221
+ :role)
1222
+ include Aws::Structure
1223
+ end
1224
+
1170
1225
  # @note When making an API call, you may pass CreateServiceSpecificCredentialRequest
1171
1226
  # data as a hash:
1172
1227
  #
@@ -1376,7 +1431,7 @@ module Aws::IAM
1376
1431
  # This parameter allows (per its [regex pattern][1]) a string of
1377
1432
  # characters consisting of upper and lowercase alphanumeric characters
1378
1433
  # with no spaces. You can also include any of the following
1379
- # characters: =/:,.@-
1434
+ # characters: =,.@:/-
1380
1435
  #
1381
1436
  #
1382
1437
  #
@@ -1690,7 +1745,7 @@ module Aws::IAM
1690
1745
  # This parameter allows (per its [regex pattern][1]) a string of
1691
1746
  # characters consisting of upper and lowercase alphanumeric characters
1692
1747
  # with no spaces. You can also include any of the following
1693
- # characters: =,.@-
1748
+ # characters: \_+=,.@-
1694
1749
  #
1695
1750
  #
1696
1751
  #
@@ -1731,7 +1786,7 @@ module Aws::IAM
1731
1786
  # This parameter allows (per its [regex pattern][1]) a string of
1732
1787
  # characters consisting of upper and lowercase alphanumeric characters
1733
1788
  # with no spaces. You can also include any of the following
1734
- # characters: =,.@-
1789
+ # characters: \_+=,.@-
1735
1790
  #
1736
1791
  #
1737
1792
  #
@@ -2000,7 +2055,7 @@ module Aws::IAM
2000
2055
  # This parameter allows (per its [regex pattern][1]) a string of
2001
2056
  # characters consisting of upper and lowercase alphanumeric characters
2002
2057
  # with no spaces. You can also include any of the following
2003
- # characters: =/:,.@-
2058
+ # characters: =,.@:/-
2004
2059
  #
2005
2060
  #
2006
2061
  #
@@ -2070,7 +2125,7 @@ module Aws::IAM
2070
2125
  # This parameter allows (per its [regex pattern][1]) a string of
2071
2126
  # characters consisting of upper and lowercase alphanumeric characters
2072
2127
  # with no spaces. You can also include any of the following
2073
- # characters: =,.@-
2128
+ # characters: \_+=,.@-
2074
2129
  #
2075
2130
  #
2076
2131
  #
@@ -2167,7 +2222,7 @@ module Aws::IAM
2167
2222
  # This parameter allows (per its [regex pattern][1]) a string of
2168
2223
  # characters consisting of upper and lowercase alphanumeric characters
2169
2224
  # with no spaces. You can also include any of the following
2170
- # characters: =/:,.@-
2225
+ # characters: =,.@:/-
2171
2226
  #
2172
2227
  #
2173
2228
  #
@@ -2178,12 +2233,34 @@ module Aws::IAM
2178
2233
  # An authentication code emitted by the device.
2179
2234
  #
2180
2235
  # The format for this parameter is a string of 6 digits.
2236
+ #
2237
+ # Submit your request immediately after generating the authentication
2238
+ # codes. If you generate the codes and then wait too long to submit
2239
+ # the request, the MFA device successfully associates with the user
2240
+ # but the MFA device becomes out of sync. This happens because
2241
+ # time-based one-time passwords (TOTP) expire after a short period of
2242
+ # time. If this happens, you can [resync the device][1].
2243
+ #
2244
+ #
2245
+ #
2246
+ # [1]: http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html
2181
2247
  # @return [String]
2182
2248
  #
2183
2249
  # @!attribute [rw] authentication_code_2
2184
2250
  # A subsequent authentication code emitted by the device.
2185
2251
  #
2186
2252
  # The format for this parameter is a string of 6 digits.
2253
+ #
2254
+ # Submit your request immediately after generating the authentication
2255
+ # codes. If you generate the codes and then wait too long to submit
2256
+ # the request, the MFA device successfully associates with the user
2257
+ # but the MFA device becomes out of sync. This happens because
2258
+ # time-based one-time passwords (TOTP) expire after a short period of
2259
+ # time. If this happens, you can [resync the device][1].
2260
+ #
2261
+ #
2262
+ #
2263
+ # [1]: http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html
2187
2264
  # @return [String]
2188
2265
  #
2189
2266
  # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/EnableMFADeviceRequest AWS API Documentation
@@ -2435,7 +2512,8 @@ module Aws::IAM
2435
2512
  # request.
2436
2513
  #
2437
2514
  # @!attribute [rw] password_policy
2438
- # Contains information about the account password policy.
2515
+ # A structure that contains details about the account's password
2516
+ # policy.
2439
2517
  # @return [Types::PasswordPolicy]
2440
2518
  #
2441
2519
  # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountPasswordPolicyResponse AWS API Documentation
@@ -2986,7 +3064,7 @@ module Aws::IAM
2986
3064
  # This parameter allows (per its [regex pattern][1]) a string of
2987
3065
  # characters consisting of upper and lowercase alphanumeric characters
2988
3066
  # with no spaces. You can also include any of the following
2989
- # characters: =,.@-
3067
+ # characters: \_+=,.@-
2990
3068
  #
2991
3069
  #
2992
3070
  #
@@ -3050,7 +3128,7 @@ module Aws::IAM
3050
3128
  # This parameter allows (per its [regex pattern][1]) a string of
3051
3129
  # characters consisting of upper and lowercase alphanumeric characters
3052
3130
  # with no spaces. You can also include any of the following
3053
- # characters: =,.@-
3131
+ # characters: \_+=,.@-
3054
3132
  #
3055
3133
  #
3056
3134
  #
@@ -3805,7 +3883,7 @@ module Aws::IAM
3805
3883
  # This parameter allows (per its [regex pattern][1]) a string of
3806
3884
  # characters consisting of upper and lowercase alphanumeric characters
3807
3885
  # with no spaces. You can also include any of the following
3808
- # characters: =,.@-
3886
+ # characters: \_+=,.@-
3809
3887
  #
3810
3888
  #
3811
3889
  #
@@ -4382,7 +4460,7 @@ module Aws::IAM
4382
4460
  # This parameter allows (per its [regex pattern][1]) a string of
4383
4461
  # characters consisting of upper and lowercase alphanumeric characters
4384
4462
  # with no spaces. You can also include any of the following
4385
- # characters: =,.@-
4463
+ # characters: \_+=,.@-
4386
4464
  #
4387
4465
  #
4388
4466
  #
@@ -4851,7 +4929,7 @@ module Aws::IAM
4851
4929
  # This parameter allows (per its [regex pattern][1]) a string of
4852
4930
  # characters consisting of upper and lowercase alphanumeric characters
4853
4931
  # with no spaces. You can also include any of the following
4854
- # characters: =,.@-
4932
+ # characters: \_+=,.@-
4855
4933
  #
4856
4934
  #
4857
4935
  #
@@ -6244,7 +6322,7 @@ module Aws::IAM
6244
6322
  # This parameter allows (per its [regex pattern][1]) a string of
6245
6323
  # characters consisting of upper and lowercase alphanumeric characters
6246
6324
  # with no spaces. You can also include any of the following
6247
- # characters: =,.@-
6325
+ # characters: \_+=,.@-
6248
6326
  #
6249
6327
  #
6250
6328
  #
@@ -6411,7 +6489,7 @@ module Aws::IAM
6411
6489
  # This parameter allows (per its [regex pattern][1]) a string of
6412
6490
  # characters consisting of upper and lowercase alphanumeric characters
6413
6491
  # with no spaces. You can also include any of the following
6414
- # characters: =,.@-
6492
+ # characters: \_+=,.@-
6415
6493
  #
6416
6494
  #
6417
6495
  #
@@ -6640,15 +6718,8 @@ module Aws::IAM
6640
6718
  include Aws::Structure
6641
6719
  end
6642
6720
 
6643
- # Contains information about an IAM role.
6644
- #
6645
- # This data type is used as a response element in the following actions:
6646
- #
6647
- # * CreateRole
6648
- #
6649
- # * GetRole
6650
- #
6651
- # * ListRoles
6721
+ # Contains information about an IAM role. This structure is returned as
6722
+ # a response element in several APIs that interact with roles.
6652
6723
  #
6653
6724
  # @!attribute [rw] path
6654
6725
  # The path to the role. For more information about paths, see [IAM
@@ -6676,7 +6747,7 @@ module Aws::IAM
6676
6747
  # @!attribute [rw] arn
6677
6748
  # The Amazon Resource Name (ARN) specifying the role. For more
6678
6749
  # information about ARNs and how to use them in policies, see [IAM
6679
- # Identifiers][1] in the *Using IAM* guide.
6750
+ # Identifiers][1] in the *IAM User Guide* guide.
6680
6751
  #
6681
6752
  #
6682
6753
  #
@@ -6696,6 +6767,10 @@ module Aws::IAM
6696
6767
  # The policy that grants an entity permission to assume the role.
6697
6768
  # @return [String]
6698
6769
  #
6770
+ # @!attribute [rw] description
6771
+ # A description of the role that you provide.
6772
+ # @return [String]
6773
+ #
6699
6774
  # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/Role AWS API Documentation
6700
6775
  #
6701
6776
  class Role < Struct.new(
@@ -6704,7 +6779,8 @@ module Aws::IAM
6704
6779
  :role_id,
6705
6780
  :arn,
6706
6781
  :create_date,
6707
- :assume_role_policy_document)
6782
+ :assume_role_policy_document,
6783
+ :description)
6708
6784
  include Aws::Structure
6709
6785
  end
6710
6786
 
@@ -7833,7 +7909,7 @@ module Aws::IAM
7833
7909
  # This parameter allows (per its [regex pattern][1]) a string of
7834
7910
  # characters consisting of upper and lowercase alphanumeric characters
7835
7911
  # with no spaces. You can also include any of the following
7836
- # characters: =,.@-
7912
+ # characters: \_+=,.@-
7837
7913
  #
7838
7914
  #
7839
7915
  #
@@ -8017,6 +8093,41 @@ module Aws::IAM
8017
8093
  include Aws::Structure
8018
8094
  end
8019
8095
 
8096
+ # @note When making an API call, you may pass UpdateRoleDescriptionRequest
8097
+ # data as a hash:
8098
+ #
8099
+ # {
8100
+ # role_name: "roleNameType", # required
8101
+ # description: "roleDescriptionType", # required
8102
+ # }
8103
+ #
8104
+ # @!attribute [rw] role_name
8105
+ # The name of the role that you want to modify.
8106
+ # @return [String]
8107
+ #
8108
+ # @!attribute [rw] description
8109
+ # The new description that you want to apply to the specified role.
8110
+ # @return [String]
8111
+ #
8112
+ # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRoleDescriptionRequest AWS API Documentation
8113
+ #
8114
+ class UpdateRoleDescriptionRequest < Struct.new(
8115
+ :role_name,
8116
+ :description)
8117
+ include Aws::Structure
8118
+ end
8119
+
8120
+ # @!attribute [rw] role
8121
+ # A structure that contains details about the modified role.
8122
+ # @return [Types::Role]
8123
+ #
8124
+ # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRoleDescriptionResponse AWS API Documentation
8125
+ #
8126
+ class UpdateRoleDescriptionResponse < Struct.new(
8127
+ :role)
8128
+ include Aws::Structure
8129
+ end
8130
+
8020
8131
  # @note When making an API call, you may pass UpdateSAMLProviderRequest
8021
8132
  # data as a hash:
8022
8133
  #
@@ -8770,7 +8881,7 @@ module Aws::IAM
8770
8881
  # @return [String]
8771
8882
  #
8772
8883
  # @!attribute [rw] user
8773
- # The user to whom the MFA device is assigned.
8884
+ # The IAM user associated with this virtual MFA device.
8774
8885
  # @return [Types::User]
8775
8886
  #
8776
8887
  # @!attribute [rw] enable_date
@@ -395,7 +395,7 @@ module Aws::IAM
395
395
  # This parameter allows (per its [regex pattern][1]) a string of
396
396
  # characters consisting of upper and lowercase alphanumeric characters
397
397
  # with no spaces. You can also include any of the following characters:
398
- # =/:,.@-
398
+ # =,.@:/-
399
399
  #
400
400
  #
401
401
  #
@@ -404,10 +404,32 @@ module Aws::IAM
404
404
  # An authentication code emitted by the device.
405
405
  #
406
406
  # The format for this parameter is a string of 6 digits.
407
+ #
408
+ # Submit your request immediately after generating the authentication
409
+ # codes. If you generate the codes and then wait too long to submit the
410
+ # request, the MFA device successfully associates with the user but the
411
+ # MFA device becomes out of sync. This happens because time-based
412
+ # one-time passwords (TOTP) expire after a short period of time. If this
413
+ # happens, you can [resync the device][1].
414
+ #
415
+ #
416
+ #
417
+ # [1]: http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html
407
418
  # @option options [required, String] :authentication_code_2
408
419
  # A subsequent authentication code emitted by the device.
409
420
  #
410
421
  # The format for this parameter is a string of 6 digits.
422
+ #
423
+ # Submit your request immediately after generating the authentication
424
+ # codes. If you generate the codes and then wait too long to submit the
425
+ # request, the MFA device successfully associates with the user but the
426
+ # MFA device becomes out of sync. This happens because time-based
427
+ # one-time passwords (TOTP) expire after a short period of time. If this
428
+ # happens, you can [resync the device][1].
429
+ #
430
+ #
431
+ #
432
+ # [1]: http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html
411
433
  # @return [MfaDevice]
412
434
  def enable_mfa(options = {})
413
435
  options = options.merge(user_name: @name)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-iam
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0.rc3
4
+ version: 1.0.0.rc4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-03-07 00:00:00.000000000 Z
11
+ date: 2017-04-26 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core