aws-sdk-iam 1.34.0 → 1.39.0

data/lib/aws-sdk-iam/policy_version.rb

@@ -123,7 +123,8 @@ module Aws::IAM
     # Waiter polls an API operation until a resource enters a desired
     # state.
     #
-    # @note The waiting operation is performed on a copy. The original resource remains unchanged
+    # @note The waiting operation is performed on a copy. The original resource
+    #   remains unchanged.
     #
     # ## Basic Usage
     #
@@ -136,13 +137,15 @@ module Aws::IAM
     #
     # ## Example
     #
-    #     instance.wait_until(max_attempts:10, delay:5) {|instance| instance.state.name == 'running' }
+    #     instance.wait_until(max_attempts:10, delay:5) do |instance|
+    #       instance.state.name == 'running'
+    #     end
     #
     # ## Configuration
     #
     # You can configure the maximum number of polling attempts, and the
-    # delay (in seconds) between each polling attempt. The waiting condition is set
-    # by passing a block to {#wait_until}:
+    # delay (in seconds) between each polling attempt. The waiting condition is
+    # set by passing a block to {#wait_until}:
     #
     #     # poll for ~25 seconds
     #     resource.wait_until(max_attempts:5,delay:5) {|resource|...}
@@ -173,17 +176,16 @@ module Aws::IAM
     #       # resource did not enter the desired state in time
     #     end
     #
+    # @yieldparam [Resource] resource to be used in the waiting condition.
     #
-    # @yield param [Resource] resource to be used in the waiting condition
-    #
-    # @raise [Aws::Waiters::Errors::FailureStateError] Raised when the waiter terminates
-    #   because the waiter has entered a state that it will not transition
-    #   out of, preventing success.
+    # @raise [Aws::Waiters::Errors::FailureStateError] Raised when the waiter
+    #   terminates because the waiter has entered a state that it will not
+    #   transition out of, preventing success.
     #
     #   yet successful.
     #
-    # @raise [Aws::Waiters::Errors::UnexpectedError] Raised when an error is encountered
-    #   while polling for a resource that is not expected.
+    # @raise [Aws::Waiters::Errors::UnexpectedError] Raised when an error is
+    #   encountered while polling for a resource that is not expected.
     #
     # @raise [NotImplementedError] Raised when the resource does not
     #

data/lib/aws-sdk-iam/resource.rb

@@ -6,13 +6,18 @@
 # WARNING ABOUT GENERATED CODE
 
 module Aws::IAM
+
   # This class provides a resource oriented interface for IAM.
   # To create a resource object:
+  #
   #     resource = Aws::IAM::Resource.new(region: 'us-west-2')
+  #
   # You can supply a client object with custom configuration that will be used for all resource operations.
-  # If you do not pass +:client+, a default client will be constructed.
+  # If you do not pass `:client`, a default client will be constructed.
+  #
   #     client = Aws::IAM::Client.new(region: 'us-west-2')
   #     resource = Aws::IAM::Resource.new(client: client)
+  #
   class Resource
 
     # @param options ({})
@@ -168,7 +173,7 @@ module Aws::IAM
     #   the user.
     # @return [AccountPasswordPolicy]
     def create_account_password_policy(options = {})
-      resp = @client.update_account_password_policy(options)
+      @client.update_account_password_policy(options)
       AccountPasswordPolicy.new(client: @client)
     end
 
@@ -599,7 +604,7 @@ module Aws::IAM
     #   [1]: http://wikipedia.org/wiki/regex
     # @return [ServerCertificate]
     def create_server_certificate(options = {})
-      resp = @client.upload_server_certificate(options)
+      @client.upload_server_certificate(options)
       ServerCertificate.new(
         name: options[:server_certificate_name],
         client: @client

data/lib/aws-sdk-iam/role.rb

@@ -182,7 +182,8 @@ module Aws::IAM
     # Waiter polls an API operation until a resource enters a desired
     # state.
     #
-    # @note The waiting operation is performed on a copy. The original resource remains unchanged
+    # @note The waiting operation is performed on a copy. The original resource
+    #   remains unchanged.
     #
     # ## Basic Usage
     #
@@ -195,13 +196,15 @@ module Aws::IAM
     #
     # ## Example
     #
-    #     instance.wait_until(max_attempts:10, delay:5) {|instance| instance.state.name == 'running' }
+    #     instance.wait_until(max_attempts:10, delay:5) do |instance|
+    #       instance.state.name == 'running'
+    #     end
     #
     # ## Configuration
     #
     # You can configure the maximum number of polling attempts, and the
-    # delay (in seconds) between each polling attempt. The waiting condition is set
-    # by passing a block to {#wait_until}:
+    # delay (in seconds) between each polling attempt. The waiting condition is
+    # set by passing a block to {#wait_until}:
     #
     #     # poll for ~25 seconds
     #     resource.wait_until(max_attempts:5,delay:5) {|resource|...}
@@ -232,17 +235,16 @@ module Aws::IAM
     #       # resource did not enter the desired state in time
     #     end
     #
+    # @yieldparam [Resource] resource to be used in the waiting condition.
     #
-    # @yield param [Resource] resource to be used in the waiting condition
-    #
-    # @raise [Aws::Waiters::Errors::FailureStateError] Raised when the waiter terminates
-    #   because the waiter has entered a state that it will not transition
-    #   out of, preventing success.
+    # @raise [Aws::Waiters::Errors::FailureStateError] Raised when the waiter
+    #   terminates because the waiter has entered a state that it will not
+    #   transition out of, preventing success.
     #
     #   yet successful.
     #
-    # @raise [Aws::Waiters::Errors::UnexpectedError] Raised when an error is encountered
-    #   while polling for a resource that is not expected.
+    # @raise [Aws::Waiters::Errors::UnexpectedError] Raised when an error is
+    #   encountered while polling for a resource that is not expected.
     #
     # @raise [NotImplementedError] Raised when the resource does not
     #

data/lib/aws-sdk-iam/role_policy.rb

@@ -95,7 +95,8 @@ module Aws::IAM
     # Waiter polls an API operation until a resource enters a desired
     # state.
     #
-    # @note The waiting operation is performed on a copy. The original resource remains unchanged
+    # @note The waiting operation is performed on a copy. The original resource
+    #   remains unchanged.
     #
     # ## Basic Usage
     #
@@ -108,13 +109,15 @@ module Aws::IAM
     #
     # ## Example
     #
-    #     instance.wait_until(max_attempts:10, delay:5) {|instance| instance.state.name == 'running' }
+    #     instance.wait_until(max_attempts:10, delay:5) do |instance|
+    #       instance.state.name == 'running'
+    #     end
     #
     # ## Configuration
     #
     # You can configure the maximum number of polling attempts, and the
-    # delay (in seconds) between each polling attempt. The waiting condition is set
-    # by passing a block to {#wait_until}:
+    # delay (in seconds) between each polling attempt. The waiting condition is
+    # set by passing a block to {#wait_until}:
     #
     #     # poll for ~25 seconds
     #     resource.wait_until(max_attempts:5,delay:5) {|resource|...}
@@ -145,17 +148,16 @@ module Aws::IAM
     #       # resource did not enter the desired state in time
     #     end
     #
+    # @yieldparam [Resource] resource to be used in the waiting condition.
     #
-    # @yield param [Resource] resource to be used in the waiting condition
-    #
-    # @raise [Aws::Waiters::Errors::FailureStateError] Raised when the waiter terminates
-    #   because the waiter has entered a state that it will not transition
-    #   out of, preventing success.
+    # @raise [Aws::Waiters::Errors::FailureStateError] Raised when the waiter
+    #   terminates because the waiter has entered a state that it will not
+    #   transition out of, preventing success.
     #
     #   yet successful.
     #
-    # @raise [Aws::Waiters::Errors::UnexpectedError] Raised when an error is encountered
-    #   while polling for a resource that is not expected.
+    # @raise [Aws::Waiters::Errors::UnexpectedError] Raised when an error is
+    #   encountered while polling for a resource that is not expected.
     #
     # @raise [NotImplementedError] Raised when the resource does not
     #

data/lib/aws-sdk-iam/saml_provider.rb

@@ -91,7 +91,8 @@ module Aws::IAM
     # Waiter polls an API operation until a resource enters a desired
     # state.
     #
-    # @note The waiting operation is performed on a copy. The original resource remains unchanged
+    # @note The waiting operation is performed on a copy. The original resource
+    #   remains unchanged.
     #
     # ## Basic Usage
     #
@@ -104,13 +105,15 @@ module Aws::IAM
     #
     # ## Example
     #
-    #     instance.wait_until(max_attempts:10, delay:5) {|instance| instance.state.name == 'running' }
+    #     instance.wait_until(max_attempts:10, delay:5) do |instance|
+    #       instance.state.name == 'running'
+    #     end
     #
     # ## Configuration
     #
     # You can configure the maximum number of polling attempts, and the
-    # delay (in seconds) between each polling attempt. The waiting condition is set
-    # by passing a block to {#wait_until}:
+    # delay (in seconds) between each polling attempt. The waiting condition is
+    # set by passing a block to {#wait_until}:
     #
     #     # poll for ~25 seconds
     #     resource.wait_until(max_attempts:5,delay:5) {|resource|...}
@@ -141,17 +144,16 @@ module Aws::IAM
     #       # resource did not enter the desired state in time
     #     end
     #
+    # @yieldparam [Resource] resource to be used in the waiting condition.
     #
-    # @yield param [Resource] resource to be used in the waiting condition
-    #
-    # @raise [Aws::Waiters::Errors::FailureStateError] Raised when the waiter terminates
-    #   because the waiter has entered a state that it will not transition
-    #   out of, preventing success.
+    # @raise [Aws::Waiters::Errors::FailureStateError] Raised when the waiter
+    #   terminates because the waiter has entered a state that it will not
+    #   transition out of, preventing success.
     #
     #   yet successful.
     #
-    # @raise [Aws::Waiters::Errors::UnexpectedError] Raised when an error is encountered
-    #   while polling for a resource that is not expected.
+    # @raise [Aws::Waiters::Errors::UnexpectedError] Raised when an error is
+    #   encountered while polling for a resource that is not expected.
     #
     # @raise [NotImplementedError] Raised when the resource does not
     #

data/lib/aws-sdk-iam/server_certificate.rb

@@ -91,7 +91,8 @@ module Aws::IAM
     # Waiter polls an API operation until a resource enters a desired
     # state.
     #
-    # @note The waiting operation is performed on a copy. The original resource remains unchanged
+    # @note The waiting operation is performed on a copy. The original resource
+    #   remains unchanged.
     #
     # ## Basic Usage
     #
@@ -104,13 +105,15 @@ module Aws::IAM
     #
     # ## Example
     #
-    #     instance.wait_until(max_attempts:10, delay:5) {|instance| instance.state.name == 'running' }
+    #     instance.wait_until(max_attempts:10, delay:5) do |instance|
+    #       instance.state.name == 'running'
+    #     end
     #
     # ## Configuration
     #
     # You can configure the maximum number of polling attempts, and the
-    # delay (in seconds) between each polling attempt. The waiting condition is set
-    # by passing a block to {#wait_until}:
+    # delay (in seconds) between each polling attempt. The waiting condition is
+    # set by passing a block to {#wait_until}:
     #
     #     # poll for ~25 seconds
     #     resource.wait_until(max_attempts:5,delay:5) {|resource|...}
@@ -141,17 +144,16 @@ module Aws::IAM
     #       # resource did not enter the desired state in time
     #     end
     #
+    # @yieldparam [Resource] resource to be used in the waiting condition.
     #
-    # @yield param [Resource] resource to be used in the waiting condition
-    #
-    # @raise [Aws::Waiters::Errors::FailureStateError] Raised when the waiter terminates
-    #   because the waiter has entered a state that it will not transition
-    #   out of, preventing success.
+    # @raise [Aws::Waiters::Errors::FailureStateError] Raised when the waiter
+    #   terminates because the waiter has entered a state that it will not
+    #   transition out of, preventing success.
     #
     #   yet successful.
     #
-    # @raise [Aws::Waiters::Errors::UnexpectedError] Raised when an error is encountered
-    #   while polling for a resource that is not expected.
+    # @raise [Aws::Waiters::Errors::UnexpectedError] Raised when an error is
+    #   encountered while polling for a resource that is not expected.
     #
     # @raise [NotImplementedError] Raised when the resource does not
     #
@@ -231,7 +233,7 @@ module Aws::IAM
     # @return [ServerCertificate]
     def update(options = {})
       options = options.merge(server_certificate_name: @name)
-      resp = @client.update_server_certificate(options)
+      @client.update_server_certificate(options)
       ServerCertificate.new(
         name: options[:new_server_certificate_name],
         client: @client

data/lib/aws-sdk-iam/signing_certificate.rb

@@ -95,7 +95,8 @@ module Aws::IAM
     # Waiter polls an API operation until a resource enters a desired
     # state.
     #
-    # @note The waiting operation is performed on a copy. The original resource remains unchanged
+    # @note The waiting operation is performed on a copy. The original resource
+    #   remains unchanged.
     #
     # ## Basic Usage
     #
@@ -108,13 +109,15 @@ module Aws::IAM
     #
     # ## Example
     #
-    #     instance.wait_until(max_attempts:10, delay:5) {|instance| instance.state.name == 'running' }
+    #     instance.wait_until(max_attempts:10, delay:5) do |instance|
+    #       instance.state.name == 'running'
+    #     end
     #
     # ## Configuration
     #
     # You can configure the maximum number of polling attempts, and the
-    # delay (in seconds) between each polling attempt. The waiting condition is set
-    # by passing a block to {#wait_until}:
+    # delay (in seconds) between each polling attempt. The waiting condition is
+    # set by passing a block to {#wait_until}:
     #
     #     # poll for ~25 seconds
     #     resource.wait_until(max_attempts:5,delay:5) {|resource|...}
@@ -145,17 +148,16 @@ module Aws::IAM
     #       # resource did not enter the desired state in time
     #     end
     #
+    # @yieldparam [Resource] resource to be used in the waiting condition.
     #
-    # @yield param [Resource] resource to be used in the waiting condition
-    #
-    # @raise [Aws::Waiters::Errors::FailureStateError] Raised when the waiter terminates
-    #   because the waiter has entered a state that it will not transition
-    #   out of, preventing success.
+    # @raise [Aws::Waiters::Errors::FailureStateError] Raised when the waiter
+    #   terminates because the waiter has entered a state that it will not
+    #   transition out of, preventing success.
     #
     #   yet successful.
     #
-    # @raise [Aws::Waiters::Errors::UnexpectedError] Raised when an error is encountered
-    #   while polling for a resource that is not expected.
+    # @raise [Aws::Waiters::Errors::UnexpectedError] Raised when an error is
+    #   encountered while polling for a resource that is not expected.
     #
     # @raise [NotImplementedError] Raised when the resource does not
     #

data/lib/aws-sdk-iam/types.rb

@@ -600,8 +600,8 @@ module Aws::IAM
     # is used when evaluating the `Condition` elements of the input
     # policies.
     #
-    # This data type is used as an input parameter to ` SimulateCustomPolicy
-    # ` and ` SimulatePrincipalPolicy `.
+    # This data type is used as an input parameter to SimulateCustomPolicy
+    # and SimulatePrincipalPolicy.
     #
     # @note When making an API call, you may pass ContextEntry
     #   data as a hash:
@@ -3005,6 +3005,7 @@ module Aws::IAM
     #
     #       {
     #         arn: "arnType", # required
+    #         granularity: "SERVICE_LEVEL", # accepts SERVICE_LEVEL, ACTION_LEVEL
     #       }
     #
     # @!attribute [rw] arn
@@ -3013,16 +3014,30 @@ module Aws::IAM
     #   in an attempt to access an AWS service.
     #   @return [String]
     #
+    # @!attribute [rw] granularity
+    #   The level of detail that you want to generate. You can specify
+    #   whether you want to generate information about the last attempt to
+    #   access services or actions. If you specify service-level
+    #   granularity, this operation generates only service data. If you
+    #   specify action-level granularity, it generates service and action
+    #   data. If you don't include this optional parameter, the operation
+    #   generates service data.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateServiceLastAccessedDetailsRequest AWS API Documentation
     #
     class GenerateServiceLastAccessedDetailsRequest < Struct.new(
-      :arn)
+      :arn,
+      :granularity)
       include Aws::Structure
     end
 
     # @!attribute [rw] job_id
-    #   The job ID that you can use in the GetServiceLastAccessedDetails or
-    #   GetServiceLastAccessedDetailsWithEntities operations.
+    #   The `JobId` that you can use in the GetServiceLastAccessedDetails or
+    #   GetServiceLastAccessedDetailsWithEntities operations. The `JobId`
+    #   returned by `GenerateServiceLastAccessedDetail` must be used by the
+    #   same role within a session, or by the same user when used to call
+    #   `GetServiceLastAccessedDetail`.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateServiceLastAccessedDetailsResponse AWS API Documentation
@@ -4134,7 +4149,10 @@ module Aws::IAM
     #
     # @!attribute [rw] job_id
     #   The ID of the request generated by the
-    #   GenerateServiceLastAccessedDetails operation.
+    #   GenerateServiceLastAccessedDetails operation. The `JobId` returned
+    #   by `GenerateServiceLastAccessedDetail` must be used by the same role
+    #   within a session, or by the same user when used to call
+    #   `GetServiceLastAccessedDetail`.
     #   @return [String]
     #
     # @!attribute [rw] max_items
@@ -4170,6 +4188,12 @@ module Aws::IAM
     #   The status of the job.
     #   @return [String]
     #
+    # @!attribute [rw] job_type
+    #   The type of job. Service jobs return information about when each
+    #   service was last accessed. Action jobs also include information
+    #   about when tracked actions within the service were last accessed.
+    #   @return [String]
+    #
     # @!attribute [rw] job_creation_date
     #   The date and time, in [ISO 8601 date-time format][1], when the
     #   report job was created.
@@ -4221,6 +4245,7 @@ module Aws::IAM
     #
     class GetServiceLastAccessedDetailsResponse < Struct.new(
       :job_status,
+      :job_type,
       :job_creation_date,
       :services_last_accessed,
       :job_completion_date,
@@ -9112,6 +9137,19 @@ module Aws::IAM
     #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period
     #   @return [String]
     #
+    # @!attribute [rw] last_authenticated_region
+    #   The Region from which the authenticated entity (user or role) last
+    #   attempted to access the service. AWS does not report unauthenticated
+    #   requests.
+    #
+    #   This field is null if no IAM entities attempted to access the
+    #   service within the [reporting period][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period
+    #   @return [String]
+    #
     # @!attribute [rw] total_authenticated_entities
     #   The total number of authenticated principals (root user, IAM users,
     #   or IAM roles) that have attempted to access the service.
@@ -9124,6 +9162,21 @@ module Aws::IAM
     #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period
     #   @return [Integer]
     #
+    # @!attribute [rw] tracked_actions_last_accessed
+    #   An object that contains details about the most recent attempt to
+    #   access a tracked action within the service.
+    #
+    #   This field is null if there no tracked actions or if the principal
+    #   did not use the tracked actions within the [reporting period][1].
+    #   This field is also null if the report was generated at the service
+    #   level and not the action level. For more information, see the
+    #   `Granularity` field in GenerateServiceLastAccessedDetails.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period
+    #   @return [Array<Types::TrackedActionLastAccessed>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ServiceLastAccessed AWS API Documentation
     #
     class ServiceLastAccessed < Struct.new(
@@ -9131,7 +9184,9 @@ module Aws::IAM
       :last_authenticated,
       :service_namespace,
       :last_authenticated_entity,
-      :total_authenticated_entities)
+      :last_authenticated_region,
+      :total_authenticated_entities,
+      :tracked_actions_last_accessed)
       include Aws::Structure
     end
 
@@ -9710,7 +9765,7 @@ module Aws::IAM
     #   this operation. An IAM entity can only have one permissions boundary
     #   in effect at a time. For example, if a permissions boundary is
     #   attached to an entity and you pass in a different permissions
-    #   boundary policy using this parameter, then the new permission
+    #   boundary policy using this parameter, then the new permissions
     #   boundary policy is used for the simulation. For more information
     #   about permissions boundaries, see [Permissions Boundaries for IAM
     #   Entities][1] in the *IAM User Guide*. The policy input is specified
@@ -10076,6 +10131,66 @@ module Aws::IAM
       include Aws::Structure
     end
 
+    # Contains details about the most recent attempt to access an action
+    # within the service.
+    #
+    # This data type is used as a response element in the
+    # GetServiceLastAccessedDetails operation.
+    #
+    # @!attribute [rw] action_name
+    #   The name of the tracked action to which access was attempted.
+    #   Tracked actions are actions that report activity to IAM.
+    #   @return [String]
+    #
+    # @!attribute [rw] last_accessed_entity
+    #   The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS
+    #   resources.
+    #
+    #   For more information about ARNs, go to [Amazon Resource Names (ARNs)
+    #   and AWS Service Namespaces][1] in the *AWS General Reference*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
+    #   @return [String]
+    #
+    # @!attribute [rw] last_accessed_time
+    #   The date and time, in [ISO 8601 date-time format][1], when an
+    #   authenticated entity most recently attempted to access the tracked
+    #   service. AWS does not report unauthenticated requests.
+    #
+    #   This field is null if no IAM entities attempted to access the
+    #   service within the [reporting period][2].
+    #
+    #
+    #
+    #   [1]: http://www.iso.org/iso/iso8601
+    #   [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period
+    #   @return [Time]
+    #
+    # @!attribute [rw] last_accessed_region
+    #   The Region from which the authenticated entity (user or role) last
+    #   attempted to access the tracked action. AWS does not report
+    #   unauthenticated requests.
+    #
+    #   This field is null if no IAM entities attempted to access the
+    #   service within the [reporting period][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TrackedActionLastAccessed AWS API Documentation
+    #
+    class TrackedActionLastAccessed < Struct.new(
+      :action_name,
+      :last_accessed_entity,
+      :last_accessed_time,
+      :last_accessed_region)
+      include Aws::Structure
+    end
+
     # The request was rejected because only the service that depends on the
     # service-linked role can modify or delete the role on your behalf. The
     # error message includes the name of the service that depends on this