aws-sdk-iam 1.54.0 → 1.58.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-iam.rb +1 -1
- data/lib/aws-sdk-iam/account_password_policy.rb +2 -2
- data/lib/aws-sdk-iam/assume_role_policy.rb +3 -3
- data/lib/aws-sdk-iam/client.rb +767 -674
- data/lib/aws-sdk-iam/current_user.rb +7 -6
- data/lib/aws-sdk-iam/group.rb +5 -5
- data/lib/aws-sdk-iam/group_policy.rb +5 -5
- data/lib/aws-sdk-iam/login_profile.rb +4 -4
- data/lib/aws-sdk-iam/policy.rb +11 -5
- data/lib/aws-sdk-iam/resource.rb +27 -18
- data/lib/aws-sdk-iam/role.rb +3 -3
- data/lib/aws-sdk-iam/role_policy.rb +5 -5
- data/lib/aws-sdk-iam/types.rb +565 -504
- data/lib/aws-sdk-iam/user.rb +14 -13
- data/lib/aws-sdk-iam/user_policy.rb +5 -5
- metadata +4 -4
@@ -80,12 +80,13 @@ module Aws::IAM
|
|
80
80
|
end
|
81
81
|
|
82
82
|
# The date and time, in [ISO 8601 date-time format][1], when the user's
|
83
|
-
# password was last used to sign in to an
|
84
|
-
# websites that capture a user's last
|
85
|
-
# reports][2] topic in the *IAM User
|
86
|
-
# than once in a five-minute span,
|
87
|
-
# this field. If the field is null (no
|
88
|
-
# they never signed in with a password.
|
83
|
+
# password was last used to sign in to an Amazon Web Services website.
|
84
|
+
# For a list of Amazon Web Services websites that capture a user's last
|
85
|
+
# sign-in time, see the [Credential reports][2] topic in the *IAM User
|
86
|
+
# Guide*. If a password is used more than once in a five-minute span,
|
87
|
+
# only the first use is returned in this field. If the field is null (no
|
88
|
+
# value), then it indicates that they never signed in with a password.
|
89
|
+
# This can be because:
|
89
90
|
#
|
90
91
|
# * The user never had a password.
|
91
92
|
#
|
data/lib/aws-sdk-iam/group.rb
CHANGED
@@ -249,7 +249,7 @@ module Aws::IAM
|
|
249
249
|
# The Amazon Resource Name (ARN) of the IAM policy you want to attach.
|
250
250
|
#
|
251
251
|
# For more information about ARNs, see [Amazon Resource Names (ARNs)][1]
|
252
|
-
# in the *
|
252
|
+
# in the *Amazon Web Services General Reference*.
|
253
253
|
#
|
254
254
|
#
|
255
255
|
#
|
@@ -317,10 +317,10 @@ module Aws::IAM
|
|
317
317
|
# @option options [required, String] :policy_document
|
318
318
|
# The policy document.
|
319
319
|
#
|
320
|
-
# You must provide policies in JSON format in IAM. However, for
|
320
|
+
# You must provide policies in JSON format in IAM. However, for
|
321
321
|
# CloudFormation templates formatted in YAML, you can provide the policy
|
322
|
-
# in JSON or YAML format.
|
323
|
-
#
|
322
|
+
# in JSON or YAML format. CloudFormation always converts a YAML policy
|
323
|
+
# to JSON format before submitting it to = IAM.
|
324
324
|
#
|
325
325
|
# The [regex pattern][1] used to validate this parameter is a string of
|
326
326
|
# characters consisting of the following:
|
@@ -369,7 +369,7 @@ module Aws::IAM
|
|
369
369
|
# The Amazon Resource Name (ARN) of the IAM policy you want to detach.
|
370
370
|
#
|
371
371
|
# For more information about ARNs, see [Amazon Resource Names (ARNs)][1]
|
372
|
-
# in the *
|
372
|
+
# in the *Amazon Web Services General Reference*.
|
373
373
|
#
|
374
374
|
#
|
375
375
|
#
|
@@ -46,8 +46,8 @@ module Aws::IAM
|
|
46
46
|
# The policy document.
|
47
47
|
#
|
48
48
|
# IAM stores policies in JSON format. However, resources that were
|
49
|
-
# created using
|
50
|
-
#
|
49
|
+
# created using CloudFormation templates can be formatted in YAML.
|
50
|
+
# CloudFormation always converts a YAML policy to JSON format before
|
51
51
|
# submitting it to IAM.
|
52
52
|
# @return [String]
|
53
53
|
def policy_document
|
@@ -214,10 +214,10 @@ module Aws::IAM
|
|
214
214
|
# @option options [required, String] :policy_document
|
215
215
|
# The policy document.
|
216
216
|
#
|
217
|
-
# You must provide policies in JSON format in IAM. However, for
|
217
|
+
# You must provide policies in JSON format in IAM. However, for
|
218
218
|
# CloudFormation templates formatted in YAML, you can provide the policy
|
219
|
-
# in JSON or YAML format.
|
220
|
-
#
|
219
|
+
# in JSON or YAML format. CloudFormation always converts a YAML policy
|
220
|
+
# to JSON format before submitting it to = IAM.
|
221
221
|
#
|
222
222
|
# The [regex pattern][1] used to validate this parameter is a string of
|
223
223
|
# characters consisting of the following:
|
@@ -197,8 +197,8 @@ module Aws::IAM
|
|
197
197
|
# character range (`\u00FF`). You can also include the tab (`\u0009`),
|
198
198
|
# line feed (`\u000A`), and carriage return (`\u000D`) characters. Any
|
199
199
|
# of these characters are valid in a password. However, many tools, such
|
200
|
-
# as the
|
201
|
-
#
|
200
|
+
# as the Management Console, might restrict the ability to type certain
|
201
|
+
# characters because they have special meaning within that tool.
|
202
202
|
#
|
203
203
|
#
|
204
204
|
#
|
@@ -251,8 +251,8 @@ module Aws::IAM
|
|
251
251
|
# carriage return (`\u000D`)
|
252
252
|
#
|
253
253
|
# However, the format can be further restricted by the account
|
254
|
-
# administrator by setting a password policy on the
|
255
|
-
#
|
254
|
+
# administrator by setting a password policy on the account. For more
|
255
|
+
# information, see UpdateAccountPasswordPolicy.
|
256
256
|
#
|
257
257
|
#
|
258
258
|
#
|
data/lib/aws-sdk-iam/policy.rb
CHANGED
@@ -368,12 +368,17 @@ module Aws::IAM
|
|
368
368
|
# The JSON policy document that you want to use as the content for this
|
369
369
|
# new version of the policy.
|
370
370
|
#
|
371
|
-
# You must provide policies in JSON format in IAM. However, for
|
371
|
+
# You must provide policies in JSON format in IAM. However, for
|
372
372
|
# CloudFormation templates formatted in YAML, you can provide the policy
|
373
|
-
# in JSON or YAML format.
|
374
|
-
#
|
373
|
+
# in JSON or YAML format. CloudFormation always converts a YAML policy
|
374
|
+
# to JSON format before submitting it to IAM.
|
375
375
|
#
|
376
|
-
# The
|
376
|
+
# The maximum length of the policy document that you can pass in this
|
377
|
+
# operation, including whitespace, is listed below. To view the maximum
|
378
|
+
# character counts of a managed policy with no whitespaces, see [IAM and
|
379
|
+
# STS character quotas][1].
|
380
|
+
#
|
381
|
+
# The [regex pattern][2] used to validate this parameter is a string of
|
377
382
|
# characters consisting of the following:
|
378
383
|
#
|
379
384
|
# * Any printable ASCII character ranging from the space character
|
@@ -387,7 +392,8 @@ module Aws::IAM
|
|
387
392
|
#
|
388
393
|
#
|
389
394
|
#
|
390
|
-
# [1]:
|
395
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
|
396
|
+
# [2]: http://wikipedia.org/wiki/regex
|
391
397
|
# @option options [Boolean] :set_as_default
|
392
398
|
# Specifies whether to set this version as the policy's default
|
393
399
|
# version.
|
data/lib/aws-sdk-iam/resource.rb
CHANGED
@@ -45,7 +45,7 @@ module Aws::IAM
|
|
45
45
|
# @option options [required, String] :old_password
|
46
46
|
# The IAM user's current password.
|
47
47
|
# @option options [required, String] :new_password
|
48
|
-
# The new password. The new password must conform to the
|
48
|
+
# The new password. The new password must conform to the account's
|
49
49
|
# password policy, if one exists.
|
50
50
|
#
|
51
51
|
# The [regex pattern][1] that is used to validate this parameter is a
|
@@ -54,8 +54,8 @@ module Aws::IAM
|
|
54
54
|
# character range (`\u00FF`). You can also include the tab (`\u0009`),
|
55
55
|
# line feed (`\u000A`), and carriage return (`\u000D`) characters. Any
|
56
56
|
# of these characters are valid in a password. However, many tools, such
|
57
|
-
# as the
|
58
|
-
#
|
57
|
+
# as the Management Console, might restrict the ability to type certain
|
58
|
+
# characters because they have special meaning within that tool.
|
59
59
|
#
|
60
60
|
#
|
61
61
|
#
|
@@ -139,8 +139,8 @@ module Aws::IAM
|
|
139
139
|
# uses the default value of `false`. The result is that passwords do not
|
140
140
|
# require at least one lowercase character.
|
141
141
|
# @option options [Boolean] :allow_users_to_change_password
|
142
|
-
# Allows all IAM users in your account to use the
|
143
|
-
#
|
142
|
+
# Allows all IAM users in your account to use the Management Console to
|
143
|
+
# change their own passwords. For more information, see [Letting IAM
|
144
144
|
# users change their own passwords][1] in the *IAM User Guide*.
|
145
145
|
#
|
146
146
|
# If you do not specify a value for this parameter, then the operation
|
@@ -333,12 +333,20 @@ module Aws::IAM
|
|
333
333
|
# The JSON policy document that you want to use as the content for the
|
334
334
|
# new policy.
|
335
335
|
#
|
336
|
-
# You must provide policies in JSON format in IAM. However, for
|
336
|
+
# You must provide policies in JSON format in IAM. However, for
|
337
337
|
# CloudFormation templates formatted in YAML, you can provide the policy
|
338
|
-
# in JSON or YAML format.
|
339
|
-
#
|
338
|
+
# in JSON or YAML format. CloudFormation always converts a YAML policy
|
339
|
+
# to JSON format before submitting it to IAM.
|
340
340
|
#
|
341
|
-
# The
|
341
|
+
# The maximum length of the policy document that you can pass in this
|
342
|
+
# operation, including whitespace, is listed below. To view the maximum
|
343
|
+
# character counts of a managed policy with no whitespaces, see [IAM and
|
344
|
+
# STS character quotas][1].
|
345
|
+
#
|
346
|
+
# To learn more about JSON policy grammar, see [Grammar of the IAM JSON
|
347
|
+
# policy language][2] in the *IAM User Guide*.
|
348
|
+
#
|
349
|
+
# The [regex pattern][3] used to validate this parameter is a string of
|
342
350
|
# characters consisting of the following:
|
343
351
|
#
|
344
352
|
# * Any printable ASCII character ranging from the space character
|
@@ -352,7 +360,9 @@ module Aws::IAM
|
|
352
360
|
#
|
353
361
|
#
|
354
362
|
#
|
355
|
-
# [1]:
|
363
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
|
364
|
+
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html
|
365
|
+
# [3]: http://wikipedia.org/wiki/regex
|
356
366
|
# @option options [String] :description
|
357
367
|
# A friendly description of the policy.
|
358
368
|
#
|
@@ -432,10 +442,9 @@ module Aws::IAM
|
|
432
442
|
# permission to assume the role.
|
433
443
|
#
|
434
444
|
# In IAM, you must provide a JSON policy that has been converted to a
|
435
|
-
# string. However, for
|
436
|
-
#
|
437
|
-
#
|
438
|
-
# IAM.
|
445
|
+
# string. However, for CloudFormation templates formatted in YAML, you
|
446
|
+
# can provide the policy in JSON or YAML format. CloudFormation always
|
447
|
+
# converts a YAML policy to JSON format before submitting it to IAM.
|
439
448
|
#
|
440
449
|
# The [regex pattern][1] used to validate this parameter is a string of
|
441
450
|
# characters consisting of the following:
|
@@ -463,7 +472,7 @@ module Aws::IAM
|
|
463
472
|
# default maximum of one hour is applied. This setting can have a value
|
464
473
|
# from 1 hour to 12 hours.
|
465
474
|
#
|
466
|
-
# Anyone who assumes the role from the
|
475
|
+
# Anyone who assumes the role from the or API can use the
|
467
476
|
# `DurationSeconds` API parameter or the `duration-seconds` CLI
|
468
477
|
# parameter to request a longer session. The `MaxSessionDuration`
|
469
478
|
# setting determines the maximum duration that can be requested using
|
@@ -1005,9 +1014,9 @@ module Aws::IAM
|
|
1005
1014
|
# @option options [String] :scope
|
1006
1015
|
# The scope to use for filtering the results.
|
1007
1016
|
#
|
1008
|
-
# To list only
|
1009
|
-
# the customer managed policies in your
|
1010
|
-
# `Local`.
|
1017
|
+
# To list only Amazon Web Services managed policies, set `Scope` to
|
1018
|
+
# `AWS`. To list only the customer managed policies in your account, set
|
1019
|
+
# `Scope` to `Local`.
|
1011
1020
|
#
|
1012
1021
|
# This parameter is optional. If it is not included, or if it is set to
|
1013
1022
|
# `All`, all policies are returned.
|
data/lib/aws-sdk-iam/role.rb
CHANGED
@@ -94,7 +94,7 @@ module Aws::IAM
|
|
94
94
|
end
|
95
95
|
|
96
96
|
# The maximum session duration (in seconds) for the specified role.
|
97
|
-
# Anyone who uses the
|
97
|
+
# Anyone who uses the CLI, or API to assume the role can specify the
|
98
98
|
# duration using the optional `DurationSeconds` API parameter or
|
99
99
|
# `duration-seconds` CLI parameter.
|
100
100
|
# @return [Integer]
|
@@ -287,7 +287,7 @@ module Aws::IAM
|
|
287
287
|
# The Amazon Resource Name (ARN) of the IAM policy you want to attach.
|
288
288
|
#
|
289
289
|
# For more information about ARNs, see [Amazon Resource Names (ARNs)][1]
|
290
|
-
# in the *
|
290
|
+
# in the *Amazon Web Services General Reference*.
|
291
291
|
#
|
292
292
|
#
|
293
293
|
#
|
@@ -320,7 +320,7 @@ module Aws::IAM
|
|
320
320
|
# The Amazon Resource Name (ARN) of the IAM policy you want to detach.
|
321
321
|
#
|
322
322
|
# For more information about ARNs, see [Amazon Resource Names (ARNs)][1]
|
323
|
-
# in the *
|
323
|
+
# in the *Amazon Web Services General Reference*.
|
324
324
|
#
|
325
325
|
#
|
326
326
|
#
|
@@ -46,8 +46,8 @@ module Aws::IAM
|
|
46
46
|
# The policy document.
|
47
47
|
#
|
48
48
|
# IAM stores policies in JSON format. However, resources that were
|
49
|
-
# created using
|
50
|
-
#
|
49
|
+
# created using CloudFormation templates can be formatted in YAML.
|
50
|
+
# CloudFormation always converts a YAML policy to JSON format before
|
51
51
|
# submitting it to IAM.
|
52
52
|
# @return [String]
|
53
53
|
def policy_document
|
@@ -214,10 +214,10 @@ module Aws::IAM
|
|
214
214
|
# @option options [required, String] :policy_document
|
215
215
|
# The policy document.
|
216
216
|
#
|
217
|
-
# You must provide policies in JSON format in IAM. However, for
|
217
|
+
# You must provide policies in JSON format in IAM. However, for
|
218
218
|
# CloudFormation templates formatted in YAML, you can provide the policy
|
219
|
-
# in JSON or YAML format.
|
220
|
-
#
|
219
|
+
# in JSON or YAML format. CloudFormation always converts a YAML policy
|
220
|
+
# to JSON format before submitting it to IAM.
|
221
221
|
#
|
222
222
|
# The [regex pattern][1] used to validate this parameter is a string of
|
223
223
|
# characters consisting of the following:
|
data/lib/aws-sdk-iam/types.rb
CHANGED
@@ -11,9 +11,10 @@ module Aws::IAM
|
|
11
11
|
module Types
|
12
12
|
|
13
13
|
# An object that contains details about when a principal in the reported
|
14
|
-
#
|
15
|
-
# principal can be an IAM user, an IAM role, or the
|
16
|
-
# user within the reported Organizations
|
14
|
+
# Organizations entity last attempted to access an Amazon Web Services
|
15
|
+
# service. A principal can be an IAM user, an IAM role, or the Amazon
|
16
|
+
# Web Services account root user within the reported Organizations
|
17
|
+
# entity.
|
17
18
|
#
|
18
19
|
# This data type is a response element in the
|
19
20
|
# GetOrganizationsAccessReport operation.
|
@@ -26,12 +27,13 @@ module Aws::IAM
|
|
26
27
|
# The namespace of the service in which access was attempted.
|
27
28
|
#
|
28
29
|
# To learn the service namespace of a service, see [Actions,
|
29
|
-
# resources, and condition keys for
|
30
|
-
# Authorization Reference*. Choose the name of the
|
31
|
-
# details for that service. In the first paragraph,
|
32
|
-
# prefix. For example, `(service prefix: a4b)`. For
|
33
|
-
# about service namespaces, see [
|
34
|
-
# the *
|
30
|
+
# resources, and condition keys for Amazon Web Services services][1]
|
31
|
+
# in the *Service Authorization Reference*. Choose the name of the
|
32
|
+
# service to view details for that service. In the first paragraph,
|
33
|
+
# find the service prefix. For example, `(service prefix: a4b)`. For
|
34
|
+
# more information about service namespaces, see [Amazon Web Services
|
35
|
+
# service namespaces][2] in the *Amazon Web Services General
|
36
|
+
# Reference*.
|
35
37
|
#
|
36
38
|
#
|
37
39
|
#
|
@@ -54,7 +56,8 @@ module Aws::IAM
|
|
54
56
|
# @!attribute [rw] entity_path
|
55
57
|
# The path of the Organizations entity (root, organizational unit, or
|
56
58
|
# account) from which an authenticated principal last attempted to
|
57
|
-
# access the service.
|
59
|
+
# access the service. Amazon Web Services does not report
|
60
|
+
# unauthenticated requests.
|
58
61
|
#
|
59
62
|
# This field is null if no principals (IAM users, IAM roles, or root
|
60
63
|
# users) in the reported Organizations entity attempted to access the
|
@@ -68,7 +71,8 @@ module Aws::IAM
|
|
68
71
|
# @!attribute [rw] last_authenticated_time
|
69
72
|
# The date and time, in [ISO 8601 date-time format][1], when an
|
70
73
|
# authenticated principal most recently attempted to access the
|
71
|
-
# service.
|
74
|
+
# service. Amazon Web Services does not report unauthenticated
|
75
|
+
# requests.
|
72
76
|
#
|
73
77
|
# This field is null if no principals in the reported Organizations
|
74
78
|
# entity attempted to access the service within the [reporting
|
@@ -99,7 +103,7 @@ module Aws::IAM
|
|
99
103
|
include Aws::Structure
|
100
104
|
end
|
101
105
|
|
102
|
-
# Contains information about an
|
106
|
+
# Contains information about an Amazon Web Services access key.
|
103
107
|
#
|
104
108
|
# This data type is used as a response element in the CreateAccessKey
|
105
109
|
# and ListAccessKeys operations.
|
@@ -144,8 +148,9 @@ module Aws::IAM
|
|
144
148
|
include Aws::Structure
|
145
149
|
end
|
146
150
|
|
147
|
-
# Contains information about the last time an
|
148
|
-
# since IAM began tracking this information on April 22,
|
151
|
+
# Contains information about the last time an Amazon Web Services access
|
152
|
+
# key was used since IAM began tracking this information on April 22,
|
153
|
+
# 2015.
|
149
154
|
#
|
150
155
|
# This data type is used as a response element in the
|
151
156
|
# GetAccessKeyLastUsed operation.
|
@@ -168,9 +173,9 @@ module Aws::IAM
|
|
168
173
|
# @return [Time]
|
169
174
|
#
|
170
175
|
# @!attribute [rw] service_name
|
171
|
-
# The name of the
|
172
|
-
# recently used. The value of this field is "N/A" in
|
173
|
-
# situations:
|
176
|
+
# The name of the Amazon Web Services service with which this access
|
177
|
+
# key was most recently used. The value of this field is "N/A" in
|
178
|
+
# the following situations:
|
174
179
|
#
|
175
180
|
# * The user does not have an access key.
|
176
181
|
#
|
@@ -181,8 +186,8 @@ module Aws::IAM
|
|
181
186
|
# @return [String]
|
182
187
|
#
|
183
188
|
# @!attribute [rw] region
|
184
|
-
# The
|
185
|
-
#
|
189
|
+
# The Region where this access key was most recently used. The value
|
190
|
+
# for this field is "N/A" in the following situations:
|
186
191
|
#
|
187
192
|
# * The user does not have an access key.
|
188
193
|
#
|
@@ -191,8 +196,8 @@ module Aws::IAM
|
|
191
196
|
#
|
192
197
|
# * There is no sign-in data associated with the user.
|
193
198
|
#
|
194
|
-
# For more information about
|
195
|
-
#
|
199
|
+
# For more information about Regions, see [Regions and endpoints][1]
|
200
|
+
# in the Amazon Web Services General Reference.
|
196
201
|
#
|
197
202
|
#
|
198
203
|
#
|
@@ -209,7 +214,8 @@ module Aws::IAM
|
|
209
214
|
include Aws::Structure
|
210
215
|
end
|
211
216
|
|
212
|
-
# Contains information about an
|
217
|
+
# Contains information about an Amazon Web Services access key, without
|
218
|
+
# its secret key.
|
213
219
|
#
|
214
220
|
# This data type is used as a response element in the ListAccessKeys
|
215
221
|
# operation.
|
@@ -383,7 +389,7 @@ module Aws::IAM
|
|
383
389
|
# The Amazon Resource Name (ARN) of the IAM policy you want to attach.
|
384
390
|
#
|
385
391
|
# For more information about ARNs, see [Amazon Resource Names
|
386
|
-
# (ARNs)][1] in the *
|
392
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
387
393
|
#
|
388
394
|
#
|
389
395
|
#
|
@@ -425,7 +431,7 @@ module Aws::IAM
|
|
425
431
|
# The Amazon Resource Name (ARN) of the IAM policy you want to attach.
|
426
432
|
#
|
427
433
|
# For more information about ARNs, see [Amazon Resource Names
|
428
|
-
# (ARNs)][1] in the *
|
434
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
429
435
|
#
|
430
436
|
#
|
431
437
|
#
|
@@ -467,7 +473,7 @@ module Aws::IAM
|
|
467
473
|
# The Amazon Resource Name (ARN) of the IAM policy you want to attach.
|
468
474
|
#
|
469
475
|
# For more information about ARNs, see [Amazon Resource Names
|
470
|
-
# (ARNs)][1] in the *
|
476
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
471
477
|
#
|
472
478
|
#
|
473
479
|
#
|
@@ -535,11 +541,11 @@ module Aws::IAM
|
|
535
541
|
# @return [String]
|
536
542
|
#
|
537
543
|
# @!attribute [rw] policy_arn
|
538
|
-
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
539
|
-
# resources.
|
544
|
+
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
545
|
+
# Amazon Web Services resources.
|
540
546
|
#
|
541
547
|
# For more information about ARNs, go to [Amazon Resource Names
|
542
|
-
# (ARNs)][1] in the *
|
548
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
543
549
|
#
|
544
550
|
#
|
545
551
|
#
|
@@ -568,8 +574,8 @@ module Aws::IAM
|
|
568
574
|
# @return [String]
|
569
575
|
#
|
570
576
|
# @!attribute [rw] new_password
|
571
|
-
# The new password. The new password must conform to the
|
572
|
-
#
|
577
|
+
# The new password. The new password must conform to the account's
|
578
|
+
# password policy, if one exists.
|
573
579
|
#
|
574
580
|
# The [regex pattern][1] that is used to validate this parameter is a
|
575
581
|
# string of characters. That string can include almost any printable
|
@@ -577,9 +583,9 @@ module Aws::IAM
|
|
577
583
|
# ASCII character range (`\u00FF`). You can also include the tab
|
578
584
|
# (`\u0009`), line feed (`\u000A`), and carriage return (`\u000D`)
|
579
585
|
# characters. Any of these characters are valid in a password.
|
580
|
-
# However, many tools, such as the
|
581
|
-
#
|
582
|
-
#
|
586
|
+
# However, many tools, such as the Management Console, might restrict
|
587
|
+
# the ability to type certain characters because they have special
|
588
|
+
# meaning within that tool.
|
583
589
|
#
|
584
590
|
#
|
585
591
|
#
|
@@ -905,9 +911,9 @@ module Aws::IAM
|
|
905
911
|
# ASCII character range (`\u00FF`). You can also include the tab
|
906
912
|
# (`\u0009`), line feed (`\u000A`), and carriage return (`\u000D`)
|
907
913
|
# characters. Any of these characters are valid in a password.
|
908
|
-
# However, many tools, such as the
|
909
|
-
#
|
910
|
-
#
|
914
|
+
# However, many tools, such as the Management Console, might restrict
|
915
|
+
# the ability to type certain characters because they have special
|
916
|
+
# meaning within that tool.
|
911
917
|
#
|
912
918
|
#
|
913
919
|
#
|
@@ -966,10 +972,9 @@ module Aws::IAM
|
|
966
972
|
# only a hostname, like `https://server.example.org` or
|
967
973
|
# `https://example.com`.
|
968
974
|
#
|
969
|
-
# You cannot register the same provider multiple times in a single
|
975
|
+
# You cannot register the same provider multiple times in a single
|
970
976
|
# account. If you try to submit a URL that has already been used for
|
971
|
-
# an OpenID Connect provider in the
|
972
|
-
# error.
|
977
|
+
# an OpenID Connect provider in the account, you will get an error.
|
973
978
|
# @return [String]
|
974
979
|
#
|
975
980
|
# @!attribute [rw] client_id_list
|
@@ -1124,12 +1129,20 @@ module Aws::IAM
|
|
1124
1129
|
# The JSON policy document that you want to use as the content for the
|
1125
1130
|
# new policy.
|
1126
1131
|
#
|
1127
|
-
# You must provide policies in JSON format in IAM. However, for
|
1132
|
+
# You must provide policies in JSON format in IAM. However, for
|
1128
1133
|
# CloudFormation templates formatted in YAML, you can provide the
|
1129
|
-
# policy in JSON or YAML format.
|
1130
|
-
#
|
1134
|
+
# policy in JSON or YAML format. CloudFormation always converts a YAML
|
1135
|
+
# policy to JSON format before submitting it to IAM.
|
1131
1136
|
#
|
1132
|
-
# The
|
1137
|
+
# The maximum length of the policy document that you can pass in this
|
1138
|
+
# operation, including whitespace, is listed below. To view the
|
1139
|
+
# maximum character counts of a managed policy with no whitespaces,
|
1140
|
+
# see [IAM and STS character quotas][1].
|
1141
|
+
#
|
1142
|
+
# To learn more about JSON policy grammar, see [Grammar of the IAM
|
1143
|
+
# JSON policy language][2] in the *IAM User Guide*.
|
1144
|
+
#
|
1145
|
+
# The [regex pattern][3] used to validate this parameter is a string
|
1133
1146
|
# of characters consisting of the following:
|
1134
1147
|
#
|
1135
1148
|
# * Any printable ASCII character ranging from the space character
|
@@ -1143,7 +1156,9 @@ module Aws::IAM
|
|
1143
1156
|
#
|
1144
1157
|
#
|
1145
1158
|
#
|
1146
|
-
# [1]:
|
1159
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
|
1160
|
+
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html
|
1161
|
+
# [3]: http://wikipedia.org/wiki/regex
|
1147
1162
|
# @return [String]
|
1148
1163
|
#
|
1149
1164
|
# @!attribute [rw] description
|
@@ -1214,7 +1229,7 @@ module Aws::IAM
|
|
1214
1229
|
# to add a new version.
|
1215
1230
|
#
|
1216
1231
|
# For more information about ARNs, see [Amazon Resource Names
|
1217
|
-
# (ARNs)][1] in the *
|
1232
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
1218
1233
|
#
|
1219
1234
|
#
|
1220
1235
|
#
|
@@ -1225,12 +1240,17 @@ module Aws::IAM
|
|
1225
1240
|
# The JSON policy document that you want to use as the content for
|
1226
1241
|
# this new version of the policy.
|
1227
1242
|
#
|
1228
|
-
# You must provide policies in JSON format in IAM. However, for
|
1243
|
+
# You must provide policies in JSON format in IAM. However, for
|
1229
1244
|
# CloudFormation templates formatted in YAML, you can provide the
|
1230
|
-
# policy in JSON or YAML format.
|
1231
|
-
#
|
1245
|
+
# policy in JSON or YAML format. CloudFormation always converts a YAML
|
1246
|
+
# policy to JSON format before submitting it to IAM.
|
1232
1247
|
#
|
1233
|
-
# The
|
1248
|
+
# The maximum length of the policy document that you can pass in this
|
1249
|
+
# operation, including whitespace, is listed below. To view the
|
1250
|
+
# maximum character counts of a managed policy with no whitespaces,
|
1251
|
+
# see [IAM and STS character quotas][1].
|
1252
|
+
#
|
1253
|
+
# The [regex pattern][2] used to validate this parameter is a string
|
1234
1254
|
# of characters consisting of the following:
|
1235
1255
|
#
|
1236
1256
|
# * Any printable ASCII character ranging from the space character
|
@@ -1244,7 +1264,8 @@ module Aws::IAM
|
|
1244
1264
|
#
|
1245
1265
|
#
|
1246
1266
|
#
|
1247
|
-
# [1]:
|
1267
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
|
1268
|
+
# [2]: http://wikipedia.org/wiki/regex
|
1248
1269
|
# @return [String]
|
1249
1270
|
#
|
1250
1271
|
# @!attribute [rw] set_as_default
|
@@ -1339,10 +1360,9 @@ module Aws::IAM
|
|
1339
1360
|
# permission to assume the role.
|
1340
1361
|
#
|
1341
1362
|
# In IAM, you must provide a JSON policy that has been converted to a
|
1342
|
-
# string. However, for
|
1343
|
-
#
|
1344
|
-
#
|
1345
|
-
# submitting it to IAM.
|
1363
|
+
# string. However, for CloudFormation templates formatted in YAML, you
|
1364
|
+
# can provide the policy in JSON or YAML format. CloudFormation always
|
1365
|
+
# converts a YAML policy to JSON format before submitting it to IAM.
|
1346
1366
|
#
|
1347
1367
|
# The [regex pattern][1] used to validate this parameter is a string
|
1348
1368
|
# of characters consisting of the following:
|
@@ -1374,7 +1394,7 @@ module Aws::IAM
|
|
1374
1394
|
# the default maximum of one hour is applied. This setting can have a
|
1375
1395
|
# value from 1 hour to 12 hours.
|
1376
1396
|
#
|
1377
|
-
# Anyone who assumes the role from the
|
1397
|
+
# Anyone who assumes the role from the or API can use the
|
1378
1398
|
# `DurationSeconds` API parameter or the `duration-seconds` CLI
|
1379
1399
|
# parameter to request a longer session. The `MaxSessionDuration`
|
1380
1400
|
# setting determines the maximum duration that can be requested using
|
@@ -1548,16 +1568,16 @@ module Aws::IAM
|
|
1548
1568
|
# }
|
1549
1569
|
#
|
1550
1570
|
# @!attribute [rw] aws_service_name
|
1551
|
-
# The service principal for the
|
1552
|
-
# attached. You use a string similar to a URL but without
|
1553
|
-
# in front. For example: `elasticbeanstalk.amazonaws.com`.
|
1571
|
+
# The service principal for the Amazon Web Services service to which
|
1572
|
+
# this role is attached. You use a string similar to a URL but without
|
1573
|
+
# the http:// in front. For example: `elasticbeanstalk.amazonaws.com`.
|
1554
1574
|
#
|
1555
1575
|
# Service principals are unique and case-sensitive. To find the exact
|
1556
|
-
# service principal for your service-linked role, see [
|
1557
|
-
# that work with IAM][1] in the *IAM User Guide*.
|
1558
|
-
# services that have <b>Yes </b>in the **Service-Linked
|
1559
|
-
# Choose the **Yes** link to view the service-linked
|
1560
|
-
# documentation for that service.
|
1576
|
+
# service principal for your service-linked role, see [Amazon Web
|
1577
|
+
# Services services that work with IAM][1] in the *IAM User Guide*.
|
1578
|
+
# Look for the services that have <b>Yes </b>in the **Service-Linked
|
1579
|
+
# Role** column. Choose the **Yes** link to view the service-linked
|
1580
|
+
# role documentation for that service.
|
1561
1581
|
#
|
1562
1582
|
#
|
1563
1583
|
#
|
@@ -1628,9 +1648,9 @@ module Aws::IAM
|
|
1628
1648
|
# @return [String]
|
1629
1649
|
#
|
1630
1650
|
# @!attribute [rw] service_name
|
1631
|
-
# The name of the
|
1632
|
-
# credentials. The service you specify here is the only
|
1633
|
-
# can be accessed using these credentials.
|
1651
|
+
# The name of the Amazon Web Services service that is to be associated
|
1652
|
+
# with the credentials. The service you specify here is the only
|
1653
|
+
# service that can be accessed using these credentials.
|
1634
1654
|
# @return [String]
|
1635
1655
|
#
|
1636
1656
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceSpecificCredentialRequest AWS API Documentation
|
@@ -2179,7 +2199,7 @@ module Aws::IAM
|
|
2179
2199
|
# The Amazon Resource Name (ARN) of the IAM policy you want to delete.
|
2180
2200
|
#
|
2181
2201
|
# For more information about ARNs, see [Amazon Resource Names
|
2182
|
-
# (ARNs)][1] in the *
|
2202
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
2183
2203
|
#
|
2184
2204
|
#
|
2185
2205
|
#
|
@@ -2207,7 +2227,7 @@ module Aws::IAM
|
|
2207
2227
|
# to delete a version.
|
2208
2228
|
#
|
2209
2229
|
# For more information about ARNs, see [Amazon Resource Names
|
2210
|
-
# (ARNs)][1] in the *
|
2230
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
2211
2231
|
#
|
2212
2232
|
#
|
2213
2233
|
#
|
@@ -2717,7 +2737,7 @@ module Aws::IAM
|
|
2717
2737
|
# The Amazon Resource Name (ARN) of the IAM policy you want to detach.
|
2718
2738
|
#
|
2719
2739
|
# For more information about ARNs, see [Amazon Resource Names
|
2720
|
-
# (ARNs)][1] in the *
|
2740
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
2721
2741
|
#
|
2722
2742
|
#
|
2723
2743
|
#
|
@@ -2759,7 +2779,7 @@ module Aws::IAM
|
|
2759
2779
|
# The Amazon Resource Name (ARN) of the IAM policy you want to detach.
|
2760
2780
|
#
|
2761
2781
|
# For more information about ARNs, see [Amazon Resource Names
|
2762
|
-
# (ARNs)][1] in the *
|
2782
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
2763
2783
|
#
|
2764
2784
|
#
|
2765
2785
|
#
|
@@ -2801,7 +2821,7 @@ module Aws::IAM
|
|
2801
2821
|
# The Amazon Resource Name (ARN) of the IAM policy you want to detach.
|
2802
2822
|
#
|
2803
2823
|
# For more information about ARNs, see [Amazon Resource Names
|
2804
|
-
# (ARNs)][1] in the *
|
2824
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
2805
2825
|
#
|
2806
2826
|
#
|
2807
2827
|
#
|
@@ -2942,8 +2962,8 @@ module Aws::IAM
|
|
2942
2962
|
end
|
2943
2963
|
|
2944
2964
|
# An object that contains details about when the IAM entities (users or
|
2945
|
-
# roles) were last used in an attempt to access the specified
|
2946
|
-
# service.
|
2965
|
+
# roles) were last used in an attempt to access the specified Amazon Web
|
2966
|
+
# Services service.
|
2947
2967
|
#
|
2948
2968
|
# This data type is a response element in the
|
2949
2969
|
# GetServiceLastAccessedDetailsWithEntities operation.
|
@@ -2955,8 +2975,8 @@ module Aws::IAM
|
|
2955
2975
|
#
|
2956
2976
|
# @!attribute [rw] last_authenticated
|
2957
2977
|
# The date and time, in [ISO 8601 date-time format][1], when the
|
2958
|
-
# authenticated entity last attempted to access
|
2959
|
-
# report unauthenticated requests.
|
2978
|
+
# authenticated entity last attempted to access Amazon Web Services.
|
2979
|
+
# Amazon Web Services does not report unauthenticated requests.
|
2960
2980
|
#
|
2961
2981
|
# This field is null if no IAM entities attempted to access the
|
2962
2982
|
# service within the [reporting period][2].
|
@@ -2981,11 +3001,11 @@ module Aws::IAM
|
|
2981
3001
|
# This data type is an element of the EntityDetails object.
|
2982
3002
|
#
|
2983
3003
|
# @!attribute [rw] arn
|
2984
|
-
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
2985
|
-
# resources.
|
3004
|
+
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
3005
|
+
# Amazon Web Services resources.
|
2986
3006
|
#
|
2987
3007
|
# For more information about ARNs, go to [Amazon Resource Names
|
2988
|
-
# (ARNs)][1] in the *
|
3008
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
2989
3009
|
#
|
2990
3010
|
#
|
2991
3011
|
#
|
@@ -3127,15 +3147,15 @@ module Aws::IAM
|
|
3127
3147
|
# same account and specifies all resources (`*`), then the parameter
|
3128
3148
|
# is not returned.
|
3129
3149
|
#
|
3130
|
-
# When you make a cross-account request,
|
3131
|
-
# the trusting account and the trusted account. The
|
3132
|
-
# only if both evaluations return `true`. For more
|
3133
|
-
# how policies are evaluated, see [Evaluating
|
3134
|
-
# account][1].
|
3150
|
+
# When you make a cross-account request, Amazon Web Services evaluates
|
3151
|
+
# the request in the trusting account and the trusted account. The
|
3152
|
+
# request is allowed only if both evaluations return `true`. For more
|
3153
|
+
# information about how policies are evaluated, see [Evaluating
|
3154
|
+
# policies within a single account][1].
|
3135
3155
|
#
|
3136
|
-
# If an
|
3137
|
-
#
|
3138
|
-
#
|
3156
|
+
# If an Organizations SCP included in the evaluation denies access,
|
3157
|
+
# the simulation ends. In this case, policy evaluation does not
|
3158
|
+
# proceed any further and this parameter is not returned.
|
3139
3159
|
#
|
3140
3160
|
#
|
3141
3161
|
#
|
@@ -3192,22 +3212,22 @@ module Aws::IAM
|
|
3192
3212
|
# }
|
3193
3213
|
#
|
3194
3214
|
# @!attribute [rw] entity_path
|
3195
|
-
# The path of the
|
3196
|
-
#
|
3197
|
-
#
|
3198
|
-
#
|
3199
|
-
#
|
3200
|
-
#
|
3215
|
+
# The path of the Organizations entity (root, OU, or account). You can
|
3216
|
+
# build an entity path using the known structure of your organization.
|
3217
|
+
# For example, assume that your account ID is `123456789012` and its
|
3218
|
+
# parent OU ID is `ou-rge0-awsabcde`. The organization root ID is
|
3219
|
+
# `r-f6g7h8i9j0example` and your organization ID is `o-a1b2c3d4e5`.
|
3220
|
+
# Your entity path is
|
3201
3221
|
# `o-a1b2c3d4e5/r-f6g7h8i9j0example/ou-rge0-awsabcde/123456789012`.
|
3202
3222
|
# @return [String]
|
3203
3223
|
#
|
3204
3224
|
# @!attribute [rw] organizations_policy_id
|
3205
|
-
# The identifier of the
|
3206
|
-
#
|
3225
|
+
# The identifier of the Organizations service control policy (SCP).
|
3226
|
+
# This parameter is optional.
|
3207
3227
|
#
|
3208
3228
|
# This ID is used to generate information about when an account
|
3209
|
-
# principal that is limited by the SCP attempted to access an
|
3210
|
-
# service.
|
3229
|
+
# principal that is limited by the SCP attempted to access an Amazon
|
3230
|
+
# Web Services service.
|
3211
3231
|
# @return [String]
|
3212
3232
|
#
|
3213
3233
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateOrganizationsAccessReportRequest AWS API Documentation
|
@@ -3243,7 +3263,7 @@ module Aws::IAM
|
|
3243
3263
|
# @!attribute [rw] arn
|
3244
3264
|
# The ARN of the IAM resource (user, group, role, or managed policy)
|
3245
3265
|
# used to generate information about when the resource was last used
|
3246
|
-
# in an attempt to access an
|
3266
|
+
# in an attempt to access an Amazon Web Services service.
|
3247
3267
|
# @return [String]
|
3248
3268
|
#
|
3249
3269
|
# @!attribute [rw] granularity
|
@@ -3313,7 +3333,7 @@ module Aws::IAM
|
|
3313
3333
|
# returned by the ListAccessKeys action.
|
3314
3334
|
#
|
3315
3335
|
# @!attribute [rw] user_name
|
3316
|
-
# The name of the
|
3336
|
+
# The name of the IAM user that owns this access key.
|
3317
3337
|
# @return [String]
|
3318
3338
|
#
|
3319
3339
|
# @!attribute [rw] access_key_last_used
|
@@ -3529,7 +3549,7 @@ module Aws::IAM
|
|
3529
3549
|
# HTML request.
|
3530
3550
|
#
|
3531
3551
|
# For more information about ARNs, see [Amazon Resource Names
|
3532
|
-
# (ARNs)][1] in the *
|
3552
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
3533
3553
|
#
|
3534
3554
|
#
|
3535
3555
|
#
|
@@ -3652,9 +3672,9 @@ module Aws::IAM
|
|
3652
3672
|
# The policy document.
|
3653
3673
|
#
|
3654
3674
|
# IAM stores policies in JSON format. However, resources that were
|
3655
|
-
# created using
|
3656
|
-
#
|
3657
|
-
#
|
3675
|
+
# created using CloudFormation templates can be formatted in YAML.
|
3676
|
+
# CloudFormation always converts a YAML policy to JSON format before
|
3677
|
+
# submitting it to IAM.
|
3658
3678
|
# @return [String]
|
3659
3679
|
#
|
3660
3680
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroupPolicyResponse AWS API Documentation
|
@@ -3829,8 +3849,8 @@ module Aws::IAM
|
|
3829
3849
|
# Contains the response to a successful GetLoginProfile request.
|
3830
3850
|
#
|
3831
3851
|
# @!attribute [rw] login_profile
|
3832
|
-
# A structure containing the user name and
|
3833
|
-
# the user.
|
3852
|
+
# A structure containing the user name and the profile creation date
|
3853
|
+
# for the user.
|
3834
3854
|
# @return [Types::LoginProfile]
|
3835
3855
|
#
|
3836
3856
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetLoginProfileResponse AWS API Documentation
|
@@ -3854,7 +3874,7 @@ module Aws::IAM
|
|
3854
3874
|
# resource ARNs by using the ListOpenIDConnectProviders operation.
|
3855
3875
|
#
|
3856
3876
|
# For more information about ARNs, see [Amazon Resource Names
|
3857
|
-
# (ARNs)][1] in the *
|
3877
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
3858
3878
|
#
|
3859
3879
|
#
|
3860
3880
|
#
|
@@ -3891,7 +3911,7 @@ module Aws::IAM
|
|
3891
3911
|
#
|
3892
3912
|
# @!attribute [rw] create_date
|
3893
3913
|
# The date and time when the IAM OIDC provider resource object was
|
3894
|
-
# created in the
|
3914
|
+
# created in the account.
|
3895
3915
|
# @return [Time]
|
3896
3916
|
#
|
3897
3917
|
# @!attribute [rw] tags
|
@@ -4062,7 +4082,7 @@ module Aws::IAM
|
|
4062
4082
|
# information about.
|
4063
4083
|
#
|
4064
4084
|
# For more information about ARNs, see [Amazon Resource Names
|
4065
|
-
# (ARNs)][1] in the *
|
4085
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
4066
4086
|
#
|
4067
4087
|
#
|
4068
4088
|
#
|
@@ -4104,7 +4124,7 @@ module Aws::IAM
|
|
4104
4124
|
# information about.
|
4105
4125
|
#
|
4106
4126
|
# For more information about ARNs, see [Amazon Resource Names
|
4107
|
-
# (ARNs)][1] in the *
|
4127
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
4108
4128
|
#
|
4109
4129
|
#
|
4110
4130
|
#
|
@@ -4204,9 +4224,9 @@ module Aws::IAM
|
|
4204
4224
|
# The policy document.
|
4205
4225
|
#
|
4206
4226
|
# IAM stores policies in JSON format. However, resources that were
|
4207
|
-
# created using
|
4208
|
-
#
|
4209
|
-
#
|
4227
|
+
# created using CloudFormation templates can be formatted in YAML.
|
4228
|
+
# CloudFormation always converts a YAML policy to JSON format before
|
4229
|
+
# submitting it to IAM.
|
4210
4230
|
# @return [String]
|
4211
4231
|
#
|
4212
4232
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRolePolicyResponse AWS API Documentation
|
@@ -4273,7 +4293,7 @@ module Aws::IAM
|
|
4273
4293
|
# in IAM to get information about.
|
4274
4294
|
#
|
4275
4295
|
# For more information about ARNs, see [Amazon Resource Names
|
4276
|
-
# (ARNs)][1] in the *
|
4296
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
4277
4297
|
#
|
4278
4298
|
#
|
4279
4299
|
#
|
@@ -4567,17 +4587,17 @@ module Aws::IAM
|
|
4567
4587
|
# @return [String]
|
4568
4588
|
#
|
4569
4589
|
# @!attribute [rw] service_namespace
|
4570
|
-
# The service namespace for an
|
4571
|
-
# namespace to learn when the IAM entity last attempted to
|
4572
|
-
# specified service.
|
4590
|
+
# The service namespace for an Amazon Web Services service. Provide
|
4591
|
+
# the service namespace to learn when the IAM entity last attempted to
|
4592
|
+
# access the specified service.
|
4573
4593
|
#
|
4574
4594
|
# To learn the service namespace for a service, see [Actions,
|
4575
|
-
# resources, and condition keys for
|
4576
|
-
# Guide*. Choose the name of the service to view
|
4577
|
-
# service. In the first paragraph, find the service
|
4578
|
-
# example, `(service prefix: a4b)`. For more information
|
4579
|
-
# namespaces, see [
|
4580
|
-
# Reference*.
|
4595
|
+
# resources, and condition keys for Amazon Web Services services][1]
|
4596
|
+
# in the *IAM User Guide*. Choose the name of the service to view
|
4597
|
+
# details for that service. In the first paragraph, find the service
|
4598
|
+
# prefix. For example, `(service prefix: a4b)`. For more information
|
4599
|
+
# about service namespaces, see [Amazon Web Services service
|
4600
|
+
# namespaces][2] in the *Amazon Web Services General Reference*.
|
4581
4601
|
#
|
4582
4602
|
#
|
4583
4603
|
#
|
@@ -4644,7 +4664,7 @@ module Aws::IAM
|
|
4644
4664
|
# @!attribute [rw] entity_details_list
|
4645
4665
|
# An `EntityDetailsList` object that contains details about when an
|
4646
4666
|
# IAM entity (user or role) used group or policy permissions in an
|
4647
|
-
# attempt to access the specified
|
4667
|
+
# attempt to access the specified Amazon Web Services service.
|
4648
4668
|
# @return [Array<Types::EntityDetails>]
|
4649
4669
|
#
|
4650
4670
|
# @!attribute [rw] is_truncated
|
@@ -4778,9 +4798,9 @@ module Aws::IAM
|
|
4778
4798
|
# The policy document.
|
4779
4799
|
#
|
4780
4800
|
# IAM stores policies in JSON format. However, resources that were
|
4781
|
-
# created using
|
4782
|
-
#
|
4783
|
-
#
|
4801
|
+
# created using CloudFormation templates can be formatted in YAML.
|
4802
|
+
# CloudFormation always converts a YAML policy to JSON format before
|
4803
|
+
# submitting it to IAM.
|
4784
4804
|
# @return [String]
|
4785
4805
|
#
|
4786
4806
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUserPolicyResponse AWS API Documentation
|
@@ -4839,11 +4859,12 @@ module Aws::IAM
|
|
4839
4859
|
#
|
4840
4860
|
# You can use password last used information to identify unused
|
4841
4861
|
# credentials for deletion. For example, you might delete users who
|
4842
|
-
# did not sign in to
|
4843
|
-
# recommend that you adjust your evaluation window to
|
4844
|
-
# after May 23, 2018. Alternatively, if your users use
|
4845
|
-
# access
|
4846
|
-
# information because it is accurate for
|
4862
|
+
# did not sign in to Amazon Web Services in the last 90 days. In cases
|
4863
|
+
# like this, we recommend that you adjust your evaluation window to
|
4864
|
+
# include dates after May 23, 2018. Alternatively, if your users use
|
4865
|
+
# access keys to access Amazon Web Services programmatically you can
|
4866
|
+
# refer to access key last used information because it is accurate for
|
4867
|
+
# all dates.
|
4847
4868
|
#
|
4848
4869
|
#
|
4849
4870
|
#
|
@@ -4954,11 +4975,11 @@ module Aws::IAM
|
|
4954
4975
|
# @return [String]
|
4955
4976
|
#
|
4956
4977
|
# @!attribute [rw] arn
|
4957
|
-
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
4958
|
-
# resources.
|
4978
|
+
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
4979
|
+
# Amazon Web Services resources.
|
4959
4980
|
#
|
4960
4981
|
# For more information about ARNs, go to [Amazon Resource Names
|
4961
|
-
# (ARNs)][1] in the *
|
4982
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
4962
4983
|
#
|
4963
4984
|
#
|
4964
4985
|
#
|
@@ -5158,8 +5179,8 @@ module Aws::IAM
|
|
5158
5179
|
end
|
5159
5180
|
|
5160
5181
|
# The request was rejected because it attempted to create resources
|
5161
|
-
# beyond the current
|
5162
|
-
# limit exceeded.
|
5182
|
+
# beyond the current Amazon Web Services account limits. The error
|
5183
|
+
# message describes the limit exceeded.
|
5163
5184
|
#
|
5164
5185
|
# @!attribute [rw] message
|
5165
5186
|
# @return [String]
|
@@ -5296,8 +5317,8 @@ module Aws::IAM
|
|
5296
5317
|
# Contains the response to a successful ListAccountAliases request.
|
5297
5318
|
#
|
5298
5319
|
# @!attribute [rw] account_aliases
|
5299
|
-
# A list of aliases associated with the account.
|
5300
|
-
# alias per account.
|
5320
|
+
# A list of aliases associated with the account. Amazon Web Services
|
5321
|
+
# supports only one alias per account.
|
5301
5322
|
# @return [Array<String>]
|
5302
5323
|
#
|
5303
5324
|
# @!attribute [rw] is_truncated
|
@@ -5658,7 +5679,7 @@ module Aws::IAM
|
|
5658
5679
|
# the versions.
|
5659
5680
|
#
|
5660
5681
|
# For more information about ARNs, see [Amazon Resource Names
|
5661
|
-
# (ARNs)][1] in the *
|
5682
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
5662
5683
|
#
|
5663
5684
|
#
|
5664
5685
|
#
|
@@ -6058,10 +6079,10 @@ module Aws::IAM
|
|
6058
6079
|
# @!attribute [rw] instance_profile_name
|
6059
6080
|
# The name of the IAM instance profile whose tags you want to see.
|
6060
6081
|
#
|
6061
|
-
# This parameter
|
6062
|
-
# characters
|
6063
|
-
#
|
6064
|
-
# characters:
|
6082
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
6083
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
6084
|
+
# with no spaces. You can also include any of the following
|
6085
|
+
# characters: \_+=,.@-
|
6065
6086
|
#
|
6066
6087
|
#
|
6067
6088
|
#
|
@@ -6076,16 +6097,16 @@ module Aws::IAM
|
|
6076
6097
|
# @return [String]
|
6077
6098
|
#
|
6078
6099
|
# @!attribute [rw] max_items
|
6079
|
-
#
|
6080
|
-
#
|
6081
|
-
#
|
6082
|
-
#
|
6083
|
-
#
|
6084
|
-
# If you do not include this parameter,
|
6085
|
-
# IAM might return fewer results, even when
|
6086
|
-
# available. In that case, the `IsTruncated` response
|
6087
|
-
# `true`, and `Marker` contains a value to include in
|
6088
|
-
# call that tells the service where to continue from.
|
6100
|
+
# Use this only when paginating results to indicate the maximum number
|
6101
|
+
# of items you want in the response. If additional items exist beyond
|
6102
|
+
# the maximum you specify, the `IsTruncated` response element is
|
6103
|
+
# `true`.
|
6104
|
+
#
|
6105
|
+
# If you do not include this parameter, the number of items defaults
|
6106
|
+
# to 100. Note that IAM might return fewer results, even when there
|
6107
|
+
# are more results available. In that case, the `IsTruncated` response
|
6108
|
+
# element returns `true`, and `Marker` contains a value to include in
|
6109
|
+
# the subsequent call that tells the service where to continue from.
|
6089
6110
|
# @return [Integer]
|
6090
6111
|
#
|
6091
6112
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfileTagsRequest AWS API Documentation
|
@@ -6107,12 +6128,12 @@ module Aws::IAM
|
|
6107
6128
|
#
|
6108
6129
|
# @!attribute [rw] is_truncated
|
6109
6130
|
# A flag that indicates whether there are more items to return. If
|
6110
|
-
# your results were truncated, you can
|
6111
|
-
#
|
6112
|
-
#
|
6113
|
-
#
|
6114
|
-
# `IsTruncated` after every call to ensure that you
|
6115
|
-
# your results.
|
6131
|
+
# your results were truncated, you can make a subsequent pagination
|
6132
|
+
# request using the `Marker` request parameter to retrieve more items.
|
6133
|
+
# Note that IAM might return fewer than the `MaxItems` number of
|
6134
|
+
# results even when there are more results available. We recommend
|
6135
|
+
# that you check `IsTruncated` after every call to ensure that you
|
6136
|
+
# receive all your results.
|
6116
6137
|
# @return [Boolean]
|
6117
6138
|
#
|
6118
6139
|
# @!attribute [rw] marker
|
@@ -6320,10 +6341,10 @@ module Aws::IAM
|
|
6320
6341
|
# want to see. For virtual MFA devices, the serial number is the same
|
6321
6342
|
# as the ARN.
|
6322
6343
|
#
|
6323
|
-
# This parameter
|
6324
|
-
# characters
|
6325
|
-
#
|
6326
|
-
# characters:
|
6344
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
6345
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
6346
|
+
# with no spaces. You can also include any of the following
|
6347
|
+
# characters: \_+=,.@-
|
6327
6348
|
#
|
6328
6349
|
#
|
6329
6350
|
#
|
@@ -6338,16 +6359,16 @@ module Aws::IAM
|
|
6338
6359
|
# @return [String]
|
6339
6360
|
#
|
6340
6361
|
# @!attribute [rw] max_items
|
6341
|
-
#
|
6342
|
-
#
|
6343
|
-
#
|
6344
|
-
#
|
6345
|
-
#
|
6346
|
-
# If you do not include this parameter,
|
6347
|
-
# IAM might return fewer results, even when
|
6348
|
-
# available. In that case, the `IsTruncated` response
|
6349
|
-
# `true`, and `Marker` contains a value to include in
|
6350
|
-
# call that tells the service where to continue from.
|
6362
|
+
# Use this only when paginating results to indicate the maximum number
|
6363
|
+
# of items you want in the response. If additional items exist beyond
|
6364
|
+
# the maximum you specify, the `IsTruncated` response element is
|
6365
|
+
# `true`.
|
6366
|
+
#
|
6367
|
+
# If you do not include this parameter, the number of items defaults
|
6368
|
+
# to 100. Note that IAM might return fewer results, even when there
|
6369
|
+
# are more results available. In that case, the `IsTruncated` response
|
6370
|
+
# element returns `true`, and `Marker` contains a value to include in
|
6371
|
+
# the subsequent call that tells the service where to continue from.
|
6351
6372
|
# @return [Integer]
|
6352
6373
|
#
|
6353
6374
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADeviceTagsRequest AWS API Documentation
|
@@ -6369,12 +6390,12 @@ module Aws::IAM
|
|
6369
6390
|
#
|
6370
6391
|
# @!attribute [rw] is_truncated
|
6371
6392
|
# A flag that indicates whether there are more items to return. If
|
6372
|
-
# your results were truncated, you can
|
6373
|
-
#
|
6374
|
-
#
|
6375
|
-
#
|
6376
|
-
# `IsTruncated` after every call to ensure that you
|
6377
|
-
# your results.
|
6393
|
+
# your results were truncated, you can make a subsequent pagination
|
6394
|
+
# request using the `Marker` request parameter to retrieve more items.
|
6395
|
+
# Note that IAM might return fewer than the `MaxItems` number of
|
6396
|
+
# results even when there are more results available. We recommend
|
6397
|
+
# that you check `IsTruncated` after every call to ensure that you
|
6398
|
+
# receive all your results.
|
6378
6399
|
# @return [Boolean]
|
6379
6400
|
#
|
6380
6401
|
# @!attribute [rw] marker
|
@@ -6490,10 +6511,10 @@ module Aws::IAM
|
|
6490
6511
|
# The ARN of the OpenID Connect (OIDC) identity provider whose tags
|
6491
6512
|
# you want to see.
|
6492
6513
|
#
|
6493
|
-
# This parameter
|
6494
|
-
# characters
|
6495
|
-
#
|
6496
|
-
# characters:
|
6514
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
6515
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
6516
|
+
# with no spaces. You can also include any of the following
|
6517
|
+
# characters: \_+=,.@-
|
6497
6518
|
#
|
6498
6519
|
#
|
6499
6520
|
#
|
@@ -6508,16 +6529,16 @@ module Aws::IAM
|
|
6508
6529
|
# @return [String]
|
6509
6530
|
#
|
6510
6531
|
# @!attribute [rw] max_items
|
6511
|
-
#
|
6512
|
-
#
|
6513
|
-
#
|
6514
|
-
#
|
6515
|
-
#
|
6516
|
-
# If you do not include this parameter,
|
6517
|
-
# IAM might return fewer results, even when
|
6518
|
-
# available. In that case, the `IsTruncated` response
|
6519
|
-
# `true`, and `Marker` contains a value to include in
|
6520
|
-
# call that tells the service where to continue from.
|
6532
|
+
# Use this only when paginating results to indicate the maximum number
|
6533
|
+
# of items you want in the response. If additional items exist beyond
|
6534
|
+
# the maximum you specify, the `IsTruncated` response element is
|
6535
|
+
# `true`.
|
6536
|
+
#
|
6537
|
+
# If you do not include this parameter, the number of items defaults
|
6538
|
+
# to 100. Note that IAM might return fewer results, even when there
|
6539
|
+
# are more results available. In that case, the `IsTruncated` response
|
6540
|
+
# element returns `true`, and `Marker` contains a value to include in
|
6541
|
+
# the subsequent call that tells the service where to continue from.
|
6521
6542
|
# @return [Integer]
|
6522
6543
|
#
|
6523
6544
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviderTagsRequest AWS API Documentation
|
@@ -6539,12 +6560,12 @@ module Aws::IAM
|
|
6539
6560
|
#
|
6540
6561
|
# @!attribute [rw] is_truncated
|
6541
6562
|
# A flag that indicates whether there are more items to return. If
|
6542
|
-
# your results were truncated, you can
|
6543
|
-
#
|
6544
|
-
#
|
6545
|
-
#
|
6546
|
-
# `IsTruncated` after every call to ensure that you
|
6547
|
-
# your results.
|
6563
|
+
# your results were truncated, you can make a subsequent pagination
|
6564
|
+
# request using the `Marker` request parameter to retrieve more items.
|
6565
|
+
# Note that IAM might return fewer than the `MaxItems` number of
|
6566
|
+
# results even when there are more results available. We recommend
|
6567
|
+
# that you check `IsTruncated` after every call to ensure that you
|
6568
|
+
# receive all your results.
|
6548
6569
|
# @return [Boolean]
|
6549
6570
|
#
|
6550
6571
|
# @!attribute [rw] marker
|
@@ -6573,7 +6594,7 @@ module Aws::IAM
|
|
6573
6594
|
# request.
|
6574
6595
|
#
|
6575
6596
|
# @!attribute [rw] open_id_connect_provider_list
|
6576
|
-
# The list of IAM OIDC provider resource objects defined in the
|
6597
|
+
# The list of IAM OIDC provider resource objects defined in the
|
6577
6598
|
# account.
|
6578
6599
|
# @return [Array<Types::OpenIDConnectProviderListEntry>]
|
6579
6600
|
#
|
@@ -6595,12 +6616,13 @@ module Aws::IAM
|
|
6595
6616
|
# The namespace of the service that was accessed.
|
6596
6617
|
#
|
6597
6618
|
# To learn the service namespace of a service, see [Actions,
|
6598
|
-
# resources, and condition keys for
|
6599
|
-
# Authorization Reference*. Choose the name of the
|
6600
|
-
# details for that service. In the first paragraph,
|
6601
|
-
# prefix. For example, `(service prefix: a4b)`. For
|
6602
|
-
# about service namespaces, see [
|
6603
|
-
# the *
|
6619
|
+
# resources, and condition keys for Amazon Web Services services][1]
|
6620
|
+
# in the *Service Authorization Reference*. Choose the name of the
|
6621
|
+
# service to view details for that service. In the first paragraph,
|
6622
|
+
# find the service prefix. For example, `(service prefix: a4b)`. For
|
6623
|
+
# more information about service namespaces, see [Amazon Web Services
|
6624
|
+
# service namespaces][2] in the *Amazon Web Services General
|
6625
|
+
# Reference*.
|
6604
6626
|
#
|
6605
6627
|
#
|
6606
6628
|
#
|
@@ -6644,16 +6666,16 @@ module Aws::IAM
|
|
6644
6666
|
# @return [String]
|
6645
6667
|
#
|
6646
6668
|
# @!attribute [rw] service_namespaces
|
6647
|
-
# The service namespace for the
|
6648
|
-
# to list.
|
6669
|
+
# The service namespace for the Amazon Web Services services whose
|
6670
|
+
# policies you want to list.
|
6649
6671
|
#
|
6650
6672
|
# To learn the service namespace for a service, see [Actions,
|
6651
|
-
# resources, and condition keys for
|
6652
|
-
# Guide*. Choose the name of the service to view
|
6653
|
-
# service. In the first paragraph, find the service
|
6654
|
-
# example, `(service prefix: a4b)`. For more information
|
6655
|
-
# namespaces, see [
|
6656
|
-
# Reference*.
|
6673
|
+
# resources, and condition keys for Amazon Web Services services][1]
|
6674
|
+
# in the *IAM User Guide*. Choose the name of the service to view
|
6675
|
+
# details for that service. In the first paragraph, find the service
|
6676
|
+
# prefix. For example, `(service prefix: a4b)`. For more information
|
6677
|
+
# about service namespaces, see [Amazon Web Services service
|
6678
|
+
# namespaces][2] in the *Amazon Web Services General Reference*.
|
6657
6679
|
#
|
6658
6680
|
#
|
6659
6681
|
#
|
@@ -6716,9 +6738,9 @@ module Aws::IAM
|
|
6716
6738
|
# @!attribute [rw] scope
|
6717
6739
|
# The scope to use for filtering the results.
|
6718
6740
|
#
|
6719
|
-
# To list only
|
6720
|
-
# only the customer managed policies in your
|
6721
|
-
# to `Local`.
|
6741
|
+
# To list only Amazon Web Services managed policies, set `Scope` to
|
6742
|
+
# `AWS`. To list only the customer managed policies in your account,
|
6743
|
+
# set `Scope` to `Local`.
|
6722
6744
|
#
|
6723
6745
|
# This parameter is optional. If it is not included, or if it is set
|
6724
6746
|
# to `All`, all policies are returned.
|
@@ -6838,10 +6860,10 @@ module Aws::IAM
|
|
6838
6860
|
# The ARN of the IAM customer managed policy whose tags you want to
|
6839
6861
|
# see.
|
6840
6862
|
#
|
6841
|
-
# This parameter
|
6842
|
-
# characters
|
6843
|
-
#
|
6844
|
-
# characters:
|
6863
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
6864
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
6865
|
+
# with no spaces. You can also include any of the following
|
6866
|
+
# characters: \_+=,.@-
|
6845
6867
|
#
|
6846
6868
|
#
|
6847
6869
|
#
|
@@ -6856,16 +6878,16 @@ module Aws::IAM
|
|
6856
6878
|
# @return [String]
|
6857
6879
|
#
|
6858
6880
|
# @!attribute [rw] max_items
|
6859
|
-
#
|
6860
|
-
#
|
6861
|
-
#
|
6862
|
-
#
|
6863
|
-
#
|
6864
|
-
# If you do not include this parameter,
|
6865
|
-
# IAM might return fewer results, even when
|
6866
|
-
# available. In that case, the `IsTruncated` response
|
6867
|
-
# `true`, and `Marker` contains a value to include in
|
6868
|
-
# call that tells the service where to continue from.
|
6881
|
+
# Use this only when paginating results to indicate the maximum number
|
6882
|
+
# of items you want in the response. If additional items exist beyond
|
6883
|
+
# the maximum you specify, the `IsTruncated` response element is
|
6884
|
+
# `true`.
|
6885
|
+
#
|
6886
|
+
# If you do not include this parameter, the number of items defaults
|
6887
|
+
# to 100. Note that IAM might return fewer results, even when there
|
6888
|
+
# are more results available. In that case, the `IsTruncated` response
|
6889
|
+
# element returns `true`, and `Marker` contains a value to include in
|
6890
|
+
# the subsequent call that tells the service where to continue from.
|
6869
6891
|
# @return [Integer]
|
6870
6892
|
#
|
6871
6893
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyTagsRequest AWS API Documentation
|
@@ -6887,12 +6909,12 @@ module Aws::IAM
|
|
6887
6909
|
#
|
6888
6910
|
# @!attribute [rw] is_truncated
|
6889
6911
|
# A flag that indicates whether there are more items to return. If
|
6890
|
-
# your results were truncated, you can
|
6891
|
-
#
|
6892
|
-
#
|
6893
|
-
#
|
6894
|
-
# `IsTruncated` after every call to ensure that you
|
6895
|
-
# your results.
|
6912
|
+
# your results were truncated, you can make a subsequent pagination
|
6913
|
+
# request using the `Marker` request parameter to retrieve more items.
|
6914
|
+
# Note that IAM might return fewer than the `MaxItems` number of
|
6915
|
+
# results even when there are more results available. We recommend
|
6916
|
+
# that you check `IsTruncated` after every call to ensure that you
|
6917
|
+
# receive all your results.
|
6896
6918
|
# @return [Boolean]
|
6897
6919
|
#
|
6898
6920
|
# @!attribute [rw] marker
|
@@ -6925,7 +6947,7 @@ module Aws::IAM
|
|
6925
6947
|
# the versions.
|
6926
6948
|
#
|
6927
6949
|
# For more information about ARNs, see [Amazon Resource Names
|
6928
|
-
# (ARNs)][1] in the *
|
6950
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
6929
6951
|
#
|
6930
6952
|
#
|
6931
6953
|
#
|
@@ -7115,16 +7137,16 @@ module Aws::IAM
|
|
7115
7137
|
# @return [String]
|
7116
7138
|
#
|
7117
7139
|
# @!attribute [rw] max_items
|
7118
|
-
#
|
7119
|
-
#
|
7120
|
-
#
|
7121
|
-
#
|
7122
|
-
#
|
7123
|
-
# If you do not include this parameter,
|
7124
|
-
# IAM might return fewer results, even when
|
7125
|
-
# available. In that case, the `IsTruncated` response
|
7126
|
-
# `true`, and `Marker` contains a value to include in
|
7127
|
-
# call that tells the service where to continue from.
|
7140
|
+
# Use this only when paginating results to indicate the maximum number
|
7141
|
+
# of items you want in the response. If additional items exist beyond
|
7142
|
+
# the maximum you specify, the `IsTruncated` response element is
|
7143
|
+
# `true`.
|
7144
|
+
#
|
7145
|
+
# If you do not include this parameter, the number of items defaults
|
7146
|
+
# to 100. Note that IAM might return fewer results, even when there
|
7147
|
+
# are more results available. In that case, the `IsTruncated` response
|
7148
|
+
# element returns `true`, and `Marker` contains a value to include in
|
7149
|
+
# the subsequent call that tells the service where to continue from.
|
7128
7150
|
# @return [Integer]
|
7129
7151
|
#
|
7130
7152
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoleTagsRequest AWS API Documentation
|
@@ -7146,12 +7168,12 @@ module Aws::IAM
|
|
7146
7168
|
#
|
7147
7169
|
# @!attribute [rw] is_truncated
|
7148
7170
|
# A flag that indicates whether there are more items to return. If
|
7149
|
-
# your results were truncated, you can
|
7150
|
-
#
|
7151
|
-
#
|
7152
|
-
#
|
7153
|
-
# `IsTruncated` after every call to ensure that you
|
7154
|
-
# your results.
|
7171
|
+
# your results were truncated, you can make a subsequent pagination
|
7172
|
+
# request using the `Marker` request parameter to retrieve more items.
|
7173
|
+
# Note that IAM might return fewer than the `MaxItems` number of
|
7174
|
+
# results even when there are more results available. We recommend
|
7175
|
+
# that you check `IsTruncated` after every call to ensure that you
|
7176
|
+
# receive all your results.
|
7155
7177
|
# @return [Boolean]
|
7156
7178
|
#
|
7157
7179
|
# @!attribute [rw] marker
|
@@ -7273,10 +7295,10 @@ module Aws::IAM
|
|
7273
7295
|
# The ARN of the Security Assertion Markup Language (SAML) identity
|
7274
7296
|
# provider whose tags you want to see.
|
7275
7297
|
#
|
7276
|
-
# This parameter
|
7277
|
-
# characters
|
7278
|
-
#
|
7279
|
-
# characters:
|
7298
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
7299
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
7300
|
+
# with no spaces. You can also include any of the following
|
7301
|
+
# characters: \_+=,.@-
|
7280
7302
|
#
|
7281
7303
|
#
|
7282
7304
|
#
|
@@ -7291,16 +7313,16 @@ module Aws::IAM
|
|
7291
7313
|
# @return [String]
|
7292
7314
|
#
|
7293
7315
|
# @!attribute [rw] max_items
|
7294
|
-
#
|
7295
|
-
#
|
7296
|
-
#
|
7297
|
-
#
|
7298
|
-
#
|
7299
|
-
# If you do not include this parameter,
|
7300
|
-
# IAM might return fewer results, even when
|
7301
|
-
# available. In that case, the `IsTruncated` response
|
7302
|
-
# `true`, and `Marker` contains a value to include in
|
7303
|
-
# call that tells the service where to continue from.
|
7316
|
+
# Use this only when paginating results to indicate the maximum number
|
7317
|
+
# of items you want in the response. If additional items exist beyond
|
7318
|
+
# the maximum you specify, the `IsTruncated` response element is
|
7319
|
+
# `true`.
|
7320
|
+
#
|
7321
|
+
# If you do not include this parameter, the number of items defaults
|
7322
|
+
# to 100. Note that IAM might return fewer results, even when there
|
7323
|
+
# are more results available. In that case, the `IsTruncated` response
|
7324
|
+
# element returns `true`, and `Marker` contains a value to include in
|
7325
|
+
# the subsequent call that tells the service where to continue from.
|
7304
7326
|
# @return [Integer]
|
7305
7327
|
#
|
7306
7328
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviderTagsRequest AWS API Documentation
|
@@ -7323,12 +7345,12 @@ module Aws::IAM
|
|
7323
7345
|
#
|
7324
7346
|
# @!attribute [rw] is_truncated
|
7325
7347
|
# A flag that indicates whether there are more items to return. If
|
7326
|
-
# your results were truncated, you can
|
7327
|
-
#
|
7328
|
-
#
|
7329
|
-
#
|
7330
|
-
# `IsTruncated` after every call to ensure that you
|
7331
|
-
# your results.
|
7348
|
+
# your results were truncated, you can make a subsequent pagination
|
7349
|
+
# request using the `Marker` request parameter to retrieve more items.
|
7350
|
+
# Note that IAM might return fewer than the `MaxItems` number of
|
7351
|
+
# results even when there are more results available. We recommend
|
7352
|
+
# that you check `IsTruncated` after every call to ensure that you
|
7353
|
+
# receive all your results.
|
7332
7354
|
# @return [Boolean]
|
7333
7355
|
#
|
7334
7356
|
# @!attribute [rw] marker
|
@@ -7357,7 +7379,7 @@ module Aws::IAM
|
|
7357
7379
|
#
|
7358
7380
|
# @!attribute [rw] saml_provider_list
|
7359
7381
|
# The list of SAML provider resource objects defined in IAM for this
|
7360
|
-
#
|
7382
|
+
# Amazon Web Services account.
|
7361
7383
|
# @return [Array<Types::SAMLProviderListEntry>]
|
7362
7384
|
#
|
7363
7385
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProvidersResponse AWS API Documentation
|
@@ -7380,7 +7402,7 @@ module Aws::IAM
|
|
7380
7402
|
# @!attribute [rw] user_name
|
7381
7403
|
# The name of the IAM user to list SSH public keys for. If none is
|
7382
7404
|
# specified, the `UserName` field is determined implicitly based on
|
7383
|
-
# the
|
7405
|
+
# the Amazon Web Services access key used to sign the request.
|
7384
7406
|
#
|
7385
7407
|
# This parameter allows (through its [regex pattern][1]) a string of
|
7386
7408
|
# characters consisting of upper and lowercase alphanumeric characters
|
@@ -7466,10 +7488,10 @@ module Aws::IAM
|
|
7466
7488
|
# @!attribute [rw] server_certificate_name
|
7467
7489
|
# The name of the IAM server certificate whose tags you want to see.
|
7468
7490
|
#
|
7469
|
-
# This parameter
|
7470
|
-
# characters
|
7471
|
-
#
|
7472
|
-
# characters:
|
7491
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
7492
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
7493
|
+
# with no spaces. You can also include any of the following
|
7494
|
+
# characters: \_+=,.@-
|
7473
7495
|
#
|
7474
7496
|
#
|
7475
7497
|
#
|
@@ -7484,16 +7506,16 @@ module Aws::IAM
|
|
7484
7506
|
# @return [String]
|
7485
7507
|
#
|
7486
7508
|
# @!attribute [rw] max_items
|
7487
|
-
#
|
7488
|
-
#
|
7489
|
-
#
|
7490
|
-
#
|
7491
|
-
#
|
7492
|
-
# If you do not include this parameter,
|
7493
|
-
# IAM might return fewer results, even when
|
7494
|
-
# available. In that case, the `IsTruncated` response
|
7495
|
-
# `true`, and `Marker` contains a value to include in
|
7496
|
-
# call that tells the service where to continue from.
|
7509
|
+
# Use this only when paginating results to indicate the maximum number
|
7510
|
+
# of items you want in the response. If additional items exist beyond
|
7511
|
+
# the maximum you specify, the `IsTruncated` response element is
|
7512
|
+
# `true`.
|
7513
|
+
#
|
7514
|
+
# If you do not include this parameter, the number of items defaults
|
7515
|
+
# to 100. Note that IAM might return fewer results, even when there
|
7516
|
+
# are more results available. In that case, the `IsTruncated` response
|
7517
|
+
# element returns `true`, and `Marker` contains a value to include in
|
7518
|
+
# the subsequent call that tells the service where to continue from.
|
7497
7519
|
# @return [Integer]
|
7498
7520
|
#
|
7499
7521
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificateTagsRequest AWS API Documentation
|
@@ -7515,12 +7537,12 @@ module Aws::IAM
|
|
7515
7537
|
#
|
7516
7538
|
# @!attribute [rw] is_truncated
|
7517
7539
|
# A flag that indicates whether there are more items to return. If
|
7518
|
-
# your results were truncated, you can
|
7519
|
-
#
|
7520
|
-
#
|
7521
|
-
#
|
7522
|
-
# `IsTruncated` after every call to ensure that you
|
7523
|
-
# your results.
|
7540
|
+
# your results were truncated, you can make a subsequent pagination
|
7541
|
+
# request using the `Marker` request parameter to retrieve more items.
|
7542
|
+
# Note that IAM might return fewer than the `MaxItems` number of
|
7543
|
+
# results even when there are more results available. We recommend
|
7544
|
+
# that you check `IsTruncated` after every call to ensure that you
|
7545
|
+
# receive all your results.
|
7524
7546
|
# @return [Boolean]
|
7525
7547
|
#
|
7526
7548
|
# @!attribute [rw] marker
|
@@ -7654,9 +7676,9 @@ module Aws::IAM
|
|
7654
7676
|
# @return [String]
|
7655
7677
|
#
|
7656
7678
|
# @!attribute [rw] service_name
|
7657
|
-
# Filters the returned results to only those for the specified
|
7658
|
-
# service. If not specified, then
|
7659
|
-
# credentials for all services.
|
7679
|
+
# Filters the returned results to only those for the specified Amazon
|
7680
|
+
# Web Services service. If not specified, then Amazon Web Services
|
7681
|
+
# returns service-specific credentials for all services.
|
7660
7682
|
# @return [String]
|
7661
7683
|
#
|
7662
7684
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServiceSpecificCredentialsRequest AWS API Documentation
|
@@ -7862,10 +7884,10 @@ module Aws::IAM
|
|
7862
7884
|
# @!attribute [rw] user_name
|
7863
7885
|
# The name of the IAM user whose tags you want to see.
|
7864
7886
|
#
|
7865
|
-
# This parameter
|
7866
|
-
# characters
|
7867
|
-
#
|
7868
|
-
# characters:
|
7887
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
7888
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
7889
|
+
# with no spaces. You can also include any of the following
|
7890
|
+
# characters: \_+=,.@-
|
7869
7891
|
#
|
7870
7892
|
#
|
7871
7893
|
#
|
@@ -7880,16 +7902,16 @@ module Aws::IAM
|
|
7880
7902
|
# @return [String]
|
7881
7903
|
#
|
7882
7904
|
# @!attribute [rw] max_items
|
7883
|
-
#
|
7884
|
-
#
|
7885
|
-
#
|
7886
|
-
#
|
7887
|
-
#
|
7888
|
-
# If you do not include this parameter,
|
7889
|
-
# IAM might return fewer results, even when
|
7890
|
-
# available. In that case, the `IsTruncated` response
|
7891
|
-
# `true`, and `Marker` contains a value to include in
|
7892
|
-
# call that tells the service where to continue from.
|
7905
|
+
# Use this only when paginating results to indicate the maximum number
|
7906
|
+
# of items you want in the response. If additional items exist beyond
|
7907
|
+
# the maximum you specify, the `IsTruncated` response element is
|
7908
|
+
# `true`.
|
7909
|
+
#
|
7910
|
+
# If you do not include this parameter, the number of items defaults
|
7911
|
+
# to 100. Note that IAM might return fewer results, even when there
|
7912
|
+
# are more results available. In that case, the `IsTruncated` response
|
7913
|
+
# element returns `true`, and `Marker` contains a value to include in
|
7914
|
+
# the subsequent call that tells the service where to continue from.
|
7893
7915
|
# @return [Integer]
|
7894
7916
|
#
|
7895
7917
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserTagsRequest AWS API Documentation
|
@@ -7911,12 +7933,12 @@ module Aws::IAM
|
|
7911
7933
|
#
|
7912
7934
|
# @!attribute [rw] is_truncated
|
7913
7935
|
# A flag that indicates whether there are more items to return. If
|
7914
|
-
# your results were truncated, you can
|
7915
|
-
#
|
7916
|
-
#
|
7917
|
-
#
|
7918
|
-
# `IsTruncated` after every call to ensure that you
|
7919
|
-
# your results.
|
7936
|
+
# your results were truncated, you can make a subsequent pagination
|
7937
|
+
# request using the `Marker` request parameter to retrieve more items.
|
7938
|
+
# Note that IAM might return fewer than the `MaxItems` number of
|
7939
|
+
# results even when there are more results available. We recommend
|
7940
|
+
# that you check `IsTruncated` after every call to ensure that you
|
7941
|
+
# receive all your results.
|
7920
7942
|
# @return [Boolean]
|
7921
7943
|
#
|
7922
7944
|
# @!attribute [rw] marker
|
@@ -8110,7 +8132,7 @@ module Aws::IAM
|
|
8110
8132
|
# and GetLoginProfile operations.
|
8111
8133
|
#
|
8112
8134
|
# @!attribute [rw] user_name
|
8113
|
-
# The name of the user, which can be used for signing in to the
|
8135
|
+
# The name of the user, which can be used for signing in to the
|
8114
8136
|
# Management Console.
|
8115
8137
|
# @return [String]
|
8116
8138
|
#
|
@@ -8219,11 +8241,11 @@ module Aws::IAM
|
|
8219
8241
|
# @return [String]
|
8220
8242
|
#
|
8221
8243
|
# @!attribute [rw] arn
|
8222
|
-
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
8223
|
-
# resources.
|
8244
|
+
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
8245
|
+
# Amazon Web Services resources.
|
8224
8246
|
#
|
8225
8247
|
# For more information about ARNs, go to [Amazon Resource Names
|
8226
|
-
# (ARNs)][1] in the *
|
8248
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
8227
8249
|
#
|
8228
8250
|
#
|
8229
8251
|
#
|
@@ -8343,11 +8365,11 @@ module Aws::IAM
|
|
8343
8365
|
# provider.
|
8344
8366
|
#
|
8345
8367
|
# @!attribute [rw] arn
|
8346
|
-
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
8347
|
-
# resources.
|
8368
|
+
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
8369
|
+
# Amazon Web Services resources.
|
8348
8370
|
#
|
8349
8371
|
# For more information about ARNs, go to [Amazon Resource Names
|
8350
|
-
# (ARNs)][1] in the *
|
8372
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
8351
8373
|
#
|
8352
8374
|
#
|
8353
8375
|
#
|
@@ -8518,11 +8540,11 @@ module Aws::IAM
|
|
8518
8540
|
# @return [String]
|
8519
8541
|
#
|
8520
8542
|
# @!attribute [rw] arn
|
8521
|
-
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
8522
|
-
# resources.
|
8543
|
+
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
8544
|
+
# Amazon Web Services resources.
|
8523
8545
|
#
|
8524
8546
|
# For more information about ARNs, go to [Amazon Resource Names
|
8525
|
-
# (ARNs)][1] in the *
|
8547
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
8526
8548
|
#
|
8527
8549
|
#
|
8528
8550
|
#
|
@@ -8684,11 +8706,11 @@ module Aws::IAM
|
|
8684
8706
|
# @return [String]
|
8685
8707
|
#
|
8686
8708
|
# @!attribute [rw] policy_arn
|
8687
|
-
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
8688
|
-
# resources.
|
8709
|
+
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
8710
|
+
# Amazon Web Services resources.
|
8689
8711
|
#
|
8690
8712
|
# For more information about ARNs, go to [Amazon Resource Names
|
8691
|
-
# (ARNs)][1] in the *
|
8713
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
8692
8714
|
#
|
8693
8715
|
#
|
8694
8716
|
#
|
@@ -8769,8 +8791,8 @@ module Aws::IAM
|
|
8769
8791
|
include Aws::Structure
|
8770
8792
|
end
|
8771
8793
|
|
8772
|
-
# The request failed because
|
8773
|
-
# attached to the service-linked role for that service.
|
8794
|
+
# The request failed because Amazon Web Services service role policies
|
8795
|
+
# can only be attached to the service-linked role for that service.
|
8774
8796
|
#
|
8775
8797
|
# @!attribute [rw] message
|
8776
8798
|
# @return [String]
|
@@ -8981,10 +9003,10 @@ module Aws::IAM
|
|
8981
9003
|
# @!attribute [rw] policy_document
|
8982
9004
|
# The policy document.
|
8983
9005
|
#
|
8984
|
-
# You must provide policies in JSON format in IAM. However, for
|
9006
|
+
# You must provide policies in JSON format in IAM. However, for
|
8985
9007
|
# CloudFormation templates formatted in YAML, you can provide the
|
8986
|
-
# policy in JSON or YAML format.
|
8987
|
-
#
|
9008
|
+
# policy in JSON or YAML format. CloudFormation always converts a YAML
|
9009
|
+
# policy to JSON format before submitting it to = IAM.
|
8988
9010
|
#
|
8989
9011
|
# The [regex pattern][1] used to validate this parameter is a string
|
8990
9012
|
# of characters consisting of the following:
|
@@ -9078,10 +9100,10 @@ module Aws::IAM
|
|
9078
9100
|
# @!attribute [rw] policy_document
|
9079
9101
|
# The policy document.
|
9080
9102
|
#
|
9081
|
-
# You must provide policies in JSON format in IAM. However, for
|
9103
|
+
# You must provide policies in JSON format in IAM. However, for
|
9082
9104
|
# CloudFormation templates formatted in YAML, you can provide the
|
9083
|
-
# policy in JSON or YAML format.
|
9084
|
-
#
|
9105
|
+
# policy in JSON or YAML format. CloudFormation always converts a YAML
|
9106
|
+
# policy to JSON format before submitting it to IAM.
|
9085
9107
|
#
|
9086
9108
|
# The [regex pattern][1] used to validate this parameter is a string
|
9087
9109
|
# of characters consisting of the following:
|
@@ -9175,10 +9197,10 @@ module Aws::IAM
|
|
9175
9197
|
# @!attribute [rw] policy_document
|
9176
9198
|
# The policy document.
|
9177
9199
|
#
|
9178
|
-
# You must provide policies in JSON format in IAM. However, for
|
9200
|
+
# You must provide policies in JSON format in IAM. However, for
|
9179
9201
|
# CloudFormation templates formatted in YAML, you can provide the
|
9180
|
-
# policy in JSON or YAML format.
|
9181
|
-
#
|
9202
|
+
# policy in JSON or YAML format. CloudFormation always converts a YAML
|
9203
|
+
# policy to JSON format before submitting it to IAM.
|
9182
9204
|
#
|
9183
9205
|
# The [regex pattern][1] used to validate this parameter is a string
|
9184
9206
|
# of characters consisting of the following:
|
@@ -9221,7 +9243,7 @@ module Aws::IAM
|
|
9221
9243
|
# by using the ListOpenIDConnectProviders operation.
|
9222
9244
|
#
|
9223
9245
|
# For more information about ARNs, see [Amazon Resource Names
|
9224
|
-
# (ARNs)][1] in the *
|
9246
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
9225
9247
|
#
|
9226
9248
|
#
|
9227
9249
|
#
|
@@ -9579,8 +9601,8 @@ module Aws::IAM
|
|
9579
9601
|
#
|
9580
9602
|
# @!attribute [rw] max_session_duration
|
9581
9603
|
# The maximum session duration (in seconds) for the specified role.
|
9582
|
-
# Anyone who uses the
|
9583
|
-
#
|
9604
|
+
# Anyone who uses the CLI, or API to assume the role can specify the
|
9605
|
+
# duration using the optional `DurationSeconds` API parameter or
|
9584
9606
|
# `duration-seconds` CLI parameter.
|
9585
9607
|
# @return [Integer]
|
9586
9608
|
#
|
@@ -9668,11 +9690,11 @@ module Aws::IAM
|
|
9668
9690
|
# @return [String]
|
9669
9691
|
#
|
9670
9692
|
# @!attribute [rw] arn
|
9671
|
-
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
9672
|
-
# resources.
|
9693
|
+
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
9694
|
+
# Amazon Web Services resources.
|
9673
9695
|
#
|
9674
9696
|
# For more information about ARNs, go to [Amazon Resource Names
|
9675
|
-
# (ARNs)][1] in the *
|
9697
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
9676
9698
|
#
|
9677
9699
|
#
|
9678
9700
|
#
|
@@ -9791,7 +9813,7 @@ module Aws::IAM
|
|
9791
9813
|
# @return [Time]
|
9792
9814
|
#
|
9793
9815
|
# @!attribute [rw] region
|
9794
|
-
# The name of the
|
9816
|
+
# The name of the Region in which the role was last used.
|
9795
9817
|
# @return [String]
|
9796
9818
|
#
|
9797
9819
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RoleLastUsed AWS API Documentation
|
@@ -9873,8 +9895,8 @@ module Aws::IAM
|
|
9873
9895
|
#
|
9874
9896
|
# @!attribute [rw] status
|
9875
9897
|
# The status of the SSH public key. `Active` means that the key can be
|
9876
|
-
# used for authentication with an
|
9877
|
-
#
|
9898
|
+
# used for authentication with an CodeCommit repository. `Inactive`
|
9899
|
+
# means that the key cannot be used.
|
9878
9900
|
# @return [String]
|
9879
9901
|
#
|
9880
9902
|
# @!attribute [rw] upload_date
|
@@ -9915,8 +9937,8 @@ module Aws::IAM
|
|
9915
9937
|
#
|
9916
9938
|
# @!attribute [rw] status
|
9917
9939
|
# The status of the SSH public key. `Active` means that the key can be
|
9918
|
-
# used for authentication with an
|
9919
|
-
#
|
9940
|
+
# used for authentication with an CodeCommit repository. `Inactive`
|
9941
|
+
# means that the key cannot be used.
|
9920
9942
|
# @return [String]
|
9921
9943
|
#
|
9922
9944
|
# @!attribute [rw] upload_date
|
@@ -10064,7 +10086,7 @@ module Aws::IAM
|
|
10064
10086
|
# @!attribute [rw] last_authenticated
|
10065
10087
|
# The date and time, in [ISO 8601 date-time format][1], when an
|
10066
10088
|
# authenticated entity most recently attempted to access the service.
|
10067
|
-
#
|
10089
|
+
# Amazon Web Services does not report unauthenticated requests.
|
10068
10090
|
#
|
10069
10091
|
# This field is null if no IAM entities attempted to access the
|
10070
10092
|
# service within the [reporting period][2].
|
@@ -10079,12 +10101,13 @@ module Aws::IAM
|
|
10079
10101
|
# The namespace of the service in which access was attempted.
|
10080
10102
|
#
|
10081
10103
|
# To learn the service namespace of a service, see [Actions,
|
10082
|
-
# resources, and condition keys for
|
10083
|
-
# Authorization Reference*. Choose the name of the
|
10084
|
-
# details for that service. In the first paragraph,
|
10085
|
-
# prefix. For example, `(service prefix: a4b)`. For
|
10086
|
-
# about service namespaces, see [
|
10087
|
-
# the *
|
10104
|
+
# resources, and condition keys for Amazon Web Services services][1]
|
10105
|
+
# in the *Service Authorization Reference*. Choose the name of the
|
10106
|
+
# service to view details for that service. In the first paragraph,
|
10107
|
+
# find the service prefix. For example, `(service prefix: a4b)`. For
|
10108
|
+
# more information about service namespaces, see [Amazon Web Services
|
10109
|
+
# Service Namespaces][2] in the *Amazon Web Services General
|
10110
|
+
# Reference*.
|
10088
10111
|
#
|
10089
10112
|
#
|
10090
10113
|
#
|
@@ -10094,8 +10117,8 @@ module Aws::IAM
|
|
10094
10117
|
#
|
10095
10118
|
# @!attribute [rw] last_authenticated_entity
|
10096
10119
|
# The ARN of the authenticated entity (user or role) that last
|
10097
|
-
# attempted to access the service.
|
10098
|
-
# requests.
|
10120
|
+
# attempted to access the service. Amazon Web Services does not report
|
10121
|
+
# unauthenticated requests.
|
10099
10122
|
#
|
10100
10123
|
# This field is null if no IAM entities attempted to access the
|
10101
10124
|
# service within the [reporting period][1].
|
@@ -10107,8 +10130,8 @@ module Aws::IAM
|
|
10107
10130
|
#
|
10108
10131
|
# @!attribute [rw] last_authenticated_region
|
10109
10132
|
# The Region from which the authenticated entity (user or role) last
|
10110
|
-
# attempted to access the service.
|
10111
|
-
# requests.
|
10133
|
+
# attempted to access the service. Amazon Web Services does not report
|
10134
|
+
# unauthenticated requests.
|
10112
10135
|
#
|
10113
10136
|
# This field is null if no IAM entities attempted to access the
|
10114
10137
|
# service within the [reporting period][1].
|
@@ -10191,8 +10214,9 @@ module Aws::IAM
|
|
10191
10214
|
# @!attribute [rw] service_user_name
|
10192
10215
|
# The generated user name for the service-specific credential. This
|
10193
10216
|
# value is generated by combining the IAM user's name combined with
|
10194
|
-
# the ID number of the
|
10195
|
-
# example. This value cannot be configured
|
10217
|
+
# the ID number of the Amazon Web Services account, as in
|
10218
|
+
# `jane-at-123456789012`, for example. This value cannot be configured
|
10219
|
+
# by the user.
|
10196
10220
|
# @return [String]
|
10197
10221
|
#
|
10198
10222
|
# @!attribute [rw] service_password
|
@@ -10287,7 +10311,7 @@ module Aws::IAM
|
|
10287
10311
|
# version you want to set.
|
10288
10312
|
#
|
10289
10313
|
# For more information about ARNs, see [Amazon Resource Names
|
10290
|
-
# (ARNs)][1] in the *
|
10314
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
10291
10315
|
#
|
10292
10316
|
#
|
10293
10317
|
#
|
@@ -10323,14 +10347,14 @@ module Aws::IAM
|
|
10323
10347
|
#
|
10324
10348
|
# @!attribute [rw] global_endpoint_token_version
|
10325
10349
|
# The version of the global endpoint token. Version 1 tokens are valid
|
10326
|
-
# only in
|
10327
|
-
#
|
10328
|
-
#
|
10329
|
-
#
|
10330
|
-
#
|
10350
|
+
# only in Regions that are available by default. These tokens do not
|
10351
|
+
# work in manually enabled Regions, such as Asia Pacific (Hong Kong).
|
10352
|
+
# Version 2 tokens are valid in all Regions. However, version 2 tokens
|
10353
|
+
# are longer and might affect systems where you temporarily store
|
10354
|
+
# tokens.
|
10331
10355
|
#
|
10332
|
-
# For information, see [Activating and deactivating STS in an
|
10333
|
-
#
|
10356
|
+
# For information, see [Activating and deactivating STS in an
|
10357
|
+
# Region][1] in the *IAM User Guide*.
|
10334
10358
|
#
|
10335
10359
|
#
|
10336
10360
|
#
|
@@ -10417,7 +10441,12 @@ module Aws::IAM
|
|
10417
10441
|
# operations. In other words, do not use policies designed to restrict
|
10418
10442
|
# what a user can do while using the temporary credentials.
|
10419
10443
|
#
|
10420
|
-
# The
|
10444
|
+
# The maximum length of the policy document that you can pass in this
|
10445
|
+
# operation, including whitespace, is listed below. To view the
|
10446
|
+
# maximum character counts of a managed policy with no whitespaces,
|
10447
|
+
# see [IAM and STS character quotas][3].
|
10448
|
+
#
|
10449
|
+
# The [regex pattern][4] used to validate this parameter is a string
|
10421
10450
|
# of characters consisting of the following:
|
10422
10451
|
#
|
10423
10452
|
# * Any printable ASCII character ranging from the space character
|
@@ -10433,7 +10462,8 @@ module Aws::IAM
|
|
10433
10462
|
#
|
10434
10463
|
# [1]: https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetFederationToken.html
|
10435
10464
|
# [2]: https://docs.aws.amazon.com/IAM/latest/APIReference/API_AssumeRole.html
|
10436
|
-
# [3]:
|
10465
|
+
# [3]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
|
10466
|
+
# [4]: http://wikipedia.org/wiki/regex
|
10437
10467
|
# @return [Array<String>]
|
10438
10468
|
#
|
10439
10469
|
# @!attribute [rw] permissions_boundary_policy_input_list
|
@@ -10446,7 +10476,12 @@ module Aws::IAM
|
|
10446
10476
|
# contains the complete, valid JSON text of a permissions boundary
|
10447
10477
|
# policy.
|
10448
10478
|
#
|
10449
|
-
# The
|
10479
|
+
# The maximum length of the policy document that you can pass in this
|
10480
|
+
# operation, including whitespace, is listed below. To view the
|
10481
|
+
# maximum character counts of a managed policy with no whitespaces,
|
10482
|
+
# see [IAM and STS character quotas][2].
|
10483
|
+
#
|
10484
|
+
# The [regex pattern][3] used to validate this parameter is a string
|
10450
10485
|
# of characters consisting of the following:
|
10451
10486
|
#
|
10452
10487
|
# * Any printable ASCII character ranging from the space character
|
@@ -10461,7 +10496,8 @@ module Aws::IAM
|
|
10461
10496
|
#
|
10462
10497
|
#
|
10463
10498
|
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
|
10464
|
-
# [2]:
|
10499
|
+
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
|
10500
|
+
# [3]: http://wikipedia.org/wiki/regex
|
10465
10501
|
# @return [Array<String>]
|
10466
10502
|
#
|
10467
10503
|
# @!attribute [rw] action_names
|
@@ -10472,13 +10508,13 @@ module Aws::IAM
|
|
10472
10508
|
# @return [Array<String>]
|
10473
10509
|
#
|
10474
10510
|
# @!attribute [rw] resource_arns
|
10475
|
-
# A list of ARNs of
|
10476
|
-
# this parameter is not provided, then the value
|
10477
|
-
# resources). Each API in the `ActionNames`
|
10478
|
-
# each resource in this list. The
|
10479
|
-
# result (allowed or denied) of each
|
10480
|
-
#
|
10481
|
-
# account.
|
10511
|
+
# A list of ARNs of Amazon Web Services resources to include in the
|
10512
|
+
# simulation. If this parameter is not provided, then the value
|
10513
|
+
# defaults to `*` (all resources). Each API in the `ActionNames`
|
10514
|
+
# parameter is evaluated for each resource in this list. The
|
10515
|
+
# simulation determines the access result (allowed or denied) of each
|
10516
|
+
# combination and reports it in the response. You can simulate
|
10517
|
+
# resources that don't exist in your account.
|
10482
10518
|
#
|
10483
10519
|
# The simulation does not automatically retrieve policies for the
|
10484
10520
|
# specified resources. If you want to include a resource policy in the
|
@@ -10490,7 +10526,7 @@ module Aws::IAM
|
|
10490
10526
|
# invalid input error.
|
10491
10527
|
#
|
10492
10528
|
# For more information about ARNs, see [Amazon Resource Names
|
10493
|
-
# (ARNs)][1] in the *
|
10529
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
10494
10530
|
#
|
10495
10531
|
#
|
10496
10532
|
#
|
@@ -10503,7 +10539,12 @@ module Aws::IAM
|
|
10503
10539
|
# policy attached. You can include only one resource-based policy in a
|
10504
10540
|
# simulation.
|
10505
10541
|
#
|
10506
|
-
# The
|
10542
|
+
# The maximum length of the policy document that you can pass in this
|
10543
|
+
# operation, including whitespace, is listed below. To view the
|
10544
|
+
# maximum character counts of a managed policy with no whitespaces,
|
10545
|
+
# see [IAM and STS character quotas][1].
|
10546
|
+
#
|
10547
|
+
# The [regex pattern][2] used to validate this parameter is a string
|
10507
10548
|
# of characters consisting of the following:
|
10508
10549
|
#
|
10509
10550
|
# * Any printable ASCII character ranging from the space character
|
@@ -10517,17 +10558,18 @@ module Aws::IAM
|
|
10517
10558
|
#
|
10518
10559
|
#
|
10519
10560
|
#
|
10520
|
-
# [1]:
|
10561
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
|
10562
|
+
# [2]: http://wikipedia.org/wiki/regex
|
10521
10563
|
# @return [String]
|
10522
10564
|
#
|
10523
10565
|
# @!attribute [rw] resource_owner
|
10524
|
-
# An ARN representing the
|
10525
|
-
#
|
10526
|
-
#
|
10527
|
-
#
|
10528
|
-
#
|
10529
|
-
#
|
10530
|
-
#
|
10566
|
+
# An ARN representing the account ID that specifies the owner of any
|
10567
|
+
# simulated resource that does not identify its owner in the resource
|
10568
|
+
# ARN. Examples of resource ARNs include an S3 bucket or object. If
|
10569
|
+
# `ResourceOwner` is specified, it is also used as the account owner
|
10570
|
+
# of any `ResourcePolicy` included in the simulation. If the
|
10571
|
+
# `ResourceOwner` parameter is not specified, then the owner of the
|
10572
|
+
# resources and the resource policy defaults to the account of the
|
10531
10573
|
# identity provided in `CallerArn`. This parameter is required only if
|
10532
10574
|
# you specify a resource-based policy and account that owns the
|
10533
10575
|
# resource is different from the account that owns the simulated
|
@@ -10706,12 +10748,18 @@ module Aws::IAM
|
|
10706
10748
|
# also includes all policies that are attached to any groups the user
|
10707
10749
|
# belongs to.
|
10708
10750
|
#
|
10751
|
+
# The maximum length of the policy document that you can pass in this
|
10752
|
+
# operation, including whitespace, is listed below. To view the
|
10753
|
+
# maximum character counts of a managed policy with no whitespaces,
|
10754
|
+
# see [IAM and STS character quotas][1].
|
10755
|
+
#
|
10709
10756
|
# For more information about ARNs, see [Amazon Resource Names
|
10710
|
-
# (ARNs)][
|
10757
|
+
# (ARNs)][2] in the *Amazon Web Services General Reference*.
|
10711
10758
|
#
|
10712
10759
|
#
|
10713
10760
|
#
|
10714
|
-
# [1]: https://docs.aws.amazon.com/
|
10761
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
|
10762
|
+
# [2]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
10715
10763
|
# @return [String]
|
10716
10764
|
#
|
10717
10765
|
# @!attribute [rw] policy_input_list
|
@@ -10750,7 +10798,12 @@ module Aws::IAM
|
|
10750
10798
|
# as a string containing the complete, valid JSON text of a
|
10751
10799
|
# permissions boundary policy.
|
10752
10800
|
#
|
10753
|
-
# The
|
10801
|
+
# The maximum length of the policy document that you can pass in this
|
10802
|
+
# operation, including whitespace, is listed below. To view the
|
10803
|
+
# maximum character counts of a managed policy with no whitespaces,
|
10804
|
+
# see [IAM and STS character quotas][2].
|
10805
|
+
#
|
10806
|
+
# The [regex pattern][3] used to validate this parameter is a string
|
10754
10807
|
# of characters consisting of the following:
|
10755
10808
|
#
|
10756
10809
|
# * Any printable ASCII character ranging from the space character
|
@@ -10765,7 +10818,8 @@ module Aws::IAM
|
|
10765
10818
|
#
|
10766
10819
|
#
|
10767
10820
|
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
|
10768
|
-
# [2]:
|
10821
|
+
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
|
10822
|
+
# [3]: http://wikipedia.org/wiki/regex
|
10769
10823
|
# @return [Array<String>]
|
10770
10824
|
#
|
10771
10825
|
# @!attribute [rw] action_names
|
@@ -10775,13 +10829,13 @@ module Aws::IAM
|
|
10775
10829
|
# @return [Array<String>]
|
10776
10830
|
#
|
10777
10831
|
# @!attribute [rw] resource_arns
|
10778
|
-
# A list of ARNs of
|
10779
|
-
# this parameter is not provided, then the value
|
10780
|
-
# resources). Each API in the `ActionNames`
|
10781
|
-
# each resource in this list. The
|
10782
|
-
# result (allowed or denied) of each
|
10783
|
-
#
|
10784
|
-
# account.
|
10832
|
+
# A list of ARNs of Amazon Web Services resources to include in the
|
10833
|
+
# simulation. If this parameter is not provided, then the value
|
10834
|
+
# defaults to `*` (all resources). Each API in the `ActionNames`
|
10835
|
+
# parameter is evaluated for each resource in this list. The
|
10836
|
+
# simulation determines the access result (allowed or denied) of each
|
10837
|
+
# combination and reports it in the response. You can simulate
|
10838
|
+
# resources that don't exist in your account.
|
10785
10839
|
#
|
10786
10840
|
# The simulation does not automatically retrieve policies for the
|
10787
10841
|
# specified resources. If you want to include a resource policy in the
|
@@ -10789,7 +10843,7 @@ module Aws::IAM
|
|
10789
10843
|
# `ResourcePolicy` parameter.
|
10790
10844
|
#
|
10791
10845
|
# For more information about ARNs, see [Amazon Resource Names
|
10792
|
-
# (ARNs)][1] in the *
|
10846
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
10793
10847
|
#
|
10794
10848
|
#
|
10795
10849
|
#
|
@@ -10802,7 +10856,12 @@ module Aws::IAM
|
|
10802
10856
|
# policy attached. You can include only one resource-based policy in a
|
10803
10857
|
# simulation.
|
10804
10858
|
#
|
10805
|
-
# The
|
10859
|
+
# The maximum length of the policy document that you can pass in this
|
10860
|
+
# operation, including whitespace, is listed below. To view the
|
10861
|
+
# maximum character counts of a managed policy with no whitespaces,
|
10862
|
+
# see [IAM and STS character quotas][1].
|
10863
|
+
#
|
10864
|
+
# The [regex pattern][2] used to validate this parameter is a string
|
10806
10865
|
# of characters consisting of the following:
|
10807
10866
|
#
|
10808
10867
|
# * Any printable ASCII character ranging from the space character
|
@@ -10816,11 +10875,12 @@ module Aws::IAM
|
|
10816
10875
|
#
|
10817
10876
|
#
|
10818
10877
|
#
|
10819
|
-
# [1]:
|
10878
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
|
10879
|
+
# [2]: http://wikipedia.org/wiki/regex
|
10820
10880
|
# @return [String]
|
10821
10881
|
#
|
10822
10882
|
# @!attribute [rw] resource_owner
|
10823
|
-
# An
|
10883
|
+
# An account ID that specifies the owner of any simulated resource
|
10824
10884
|
# that does not identify its owner in the resource ARN. Examples of
|
10825
10885
|
# resource ARNs include an S3 bucket or object. If `ResourceOwner` is
|
10826
10886
|
# specified, it is also used as the account owner of any
|
@@ -10853,7 +10913,7 @@ module Aws::IAM
|
|
10853
10913
|
# to use in evaluating the policy.
|
10854
10914
|
#
|
10855
10915
|
# For more information about ARNs, see [Amazon Resource Names
|
10856
|
-
# (ARNs)][1] in the *
|
10916
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
10857
10917
|
#
|
10858
10918
|
#
|
10859
10919
|
#
|
@@ -11017,9 +11077,10 @@ module Aws::IAM
|
|
11017
11077
|
# different cost centers in your company. Typically, many resources
|
11018
11078
|
# have tags with the same key name but with different values.
|
11019
11079
|
#
|
11020
|
-
# <note markdown="1">
|
11021
|
-
# need to store an array, you can store comma-separated
|
11022
|
-
# string. However, you must interpret the value in your
|
11080
|
+
# <note markdown="1"> Amazon Web Services always interprets the tag `Value` as a single
|
11081
|
+
# string. If you need to store an array, you can store comma-separated
|
11082
|
+
# values in the string. However, you must interpret the value in your
|
11083
|
+
# code.
|
11023
11084
|
#
|
11024
11085
|
# </note>
|
11025
11086
|
# @return [String]
|
@@ -11049,10 +11110,10 @@ module Aws::IAM
|
|
11049
11110
|
# @!attribute [rw] instance_profile_name
|
11050
11111
|
# The name of the IAM instance profile to which you want to add tags.
|
11051
11112
|
#
|
11052
|
-
# This parameter
|
11053
|
-
# characters
|
11054
|
-
#
|
11055
|
-
# characters:
|
11113
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
11114
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
11115
|
+
# with no spaces. You can also include any of the following
|
11116
|
+
# characters: \_+=,.@-
|
11056
11117
|
#
|
11057
11118
|
#
|
11058
11119
|
#
|
@@ -11091,10 +11152,10 @@ module Aws::IAM
|
|
11091
11152
|
# want to add tags. For virtual MFA devices, the serial number is the
|
11092
11153
|
# same as the ARN.
|
11093
11154
|
#
|
11094
|
-
# This parameter
|
11095
|
-
# characters
|
11096
|
-
#
|
11097
|
-
# characters:
|
11155
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
11156
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
11157
|
+
# with no spaces. You can also include any of the following
|
11158
|
+
# characters: \_+=,.@-
|
11098
11159
|
#
|
11099
11160
|
#
|
11100
11161
|
#
|
@@ -11132,10 +11193,10 @@ module Aws::IAM
|
|
11132
11193
|
# The ARN of the OIDC identity provider in IAM to which you want to
|
11133
11194
|
# add tags.
|
11134
11195
|
#
|
11135
|
-
# This parameter
|
11136
|
-
# characters
|
11137
|
-
#
|
11138
|
-
# characters:
|
11196
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
11197
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
11198
|
+
# with no spaces. You can also include any of the following
|
11199
|
+
# characters: \_+=,.@-
|
11139
11200
|
#
|
11140
11201
|
#
|
11141
11202
|
#
|
@@ -11174,10 +11235,10 @@ module Aws::IAM
|
|
11174
11235
|
# The ARN of the IAM customer managed policy to which you want to add
|
11175
11236
|
# tags.
|
11176
11237
|
#
|
11177
|
-
# This parameter
|
11178
|
-
# characters
|
11179
|
-
#
|
11180
|
-
# characters:
|
11238
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
11239
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
11240
|
+
# with no spaces. You can also include any of the following
|
11241
|
+
# characters: \_+=,.@-
|
11181
11242
|
#
|
11182
11243
|
#
|
11183
11244
|
#
|
@@ -11255,10 +11316,10 @@ module Aws::IAM
|
|
11255
11316
|
# The ARN of the SAML identity provider in IAM to which you want to
|
11256
11317
|
# add tags.
|
11257
11318
|
#
|
11258
|
-
# This parameter
|
11259
|
-
# characters
|
11260
|
-
#
|
11261
|
-
# characters:
|
11319
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
11320
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
11321
|
+
# with no spaces. You can also include any of the following
|
11322
|
+
# characters: \_+=,.@-
|
11262
11323
|
#
|
11263
11324
|
#
|
11264
11325
|
#
|
@@ -11297,10 +11358,10 @@ module Aws::IAM
|
|
11297
11358
|
# The name of the IAM server certificate to which you want to add
|
11298
11359
|
# tags.
|
11299
11360
|
#
|
11300
|
-
# This parameter
|
11301
|
-
# characters
|
11302
|
-
#
|
11303
|
-
# characters:
|
11361
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
11362
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
11363
|
+
# with no spaces. You can also include any of the following
|
11364
|
+
# characters: \_+=,.@-
|
11304
11365
|
#
|
11305
11366
|
#
|
11306
11367
|
#
|
@@ -11338,10 +11399,10 @@ module Aws::IAM
|
|
11338
11399
|
# @!attribute [rw] user_name
|
11339
11400
|
# The name of the IAM user to which you want to add tags.
|
11340
11401
|
#
|
11341
|
-
# This parameter
|
11342
|
-
# characters
|
11343
|
-
#
|
11344
|
-
# characters:
|
11402
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
11403
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
11404
|
+
# with no spaces. You can also include any of the following
|
11405
|
+
# characters: \_+=,.@-
|
11345
11406
|
#
|
11346
11407
|
#
|
11347
11408
|
#
|
@@ -11374,11 +11435,11 @@ module Aws::IAM
|
|
11374
11435
|
# @return [String]
|
11375
11436
|
#
|
11376
11437
|
# @!attribute [rw] last_accessed_entity
|
11377
|
-
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
11378
|
-
# resources.
|
11438
|
+
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
11439
|
+
# Amazon Web Services resources.
|
11379
11440
|
#
|
11380
11441
|
# For more information about ARNs, go to [Amazon Resource Names
|
11381
|
-
# (ARNs)][1] in the *
|
11442
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
11382
11443
|
#
|
11383
11444
|
#
|
11384
11445
|
#
|
@@ -11388,7 +11449,8 @@ module Aws::IAM
|
|
11388
11449
|
# @!attribute [rw] last_accessed_time
|
11389
11450
|
# The date and time, in [ISO 8601 date-time format][1], when an
|
11390
11451
|
# authenticated entity most recently attempted to access the tracked
|
11391
|
-
# service.
|
11452
|
+
# service. Amazon Web Services does not report unauthenticated
|
11453
|
+
# requests.
|
11392
11454
|
#
|
11393
11455
|
# This field is null if no IAM entities attempted to access the
|
11394
11456
|
# service within the [reporting period][2].
|
@@ -11401,8 +11463,8 @@ module Aws::IAM
|
|
11401
11463
|
#
|
11402
11464
|
# @!attribute [rw] last_accessed_region
|
11403
11465
|
# The Region from which the authenticated entity (user or role) last
|
11404
|
-
# attempted to access the tracked action.
|
11405
|
-
# unauthenticated requests.
|
11466
|
+
# attempted to access the tracked action. Amazon Web Services does not
|
11467
|
+
# report unauthenticated requests.
|
11406
11468
|
#
|
11407
11469
|
# This field is null if no IAM entities attempted to access the
|
11408
11470
|
# service within the [reporting period][1].
|
@@ -11465,10 +11527,10 @@ module Aws::IAM
|
|
11465
11527
|
# The name of the IAM instance profile from which you want to remove
|
11466
11528
|
# tags.
|
11467
11529
|
#
|
11468
|
-
# This parameter
|
11469
|
-
# characters
|
11470
|
-
#
|
11471
|
-
# characters:
|
11530
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
11531
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
11532
|
+
# with no spaces. You can also include any of the following
|
11533
|
+
# characters: \_+=,.@-
|
11472
11534
|
#
|
11473
11535
|
#
|
11474
11536
|
#
|
@@ -11502,10 +11564,10 @@ module Aws::IAM
|
|
11502
11564
|
# want to remove tags. For virtual MFA devices, the serial number is
|
11503
11565
|
# the same as the ARN.
|
11504
11566
|
#
|
11505
|
-
# This parameter
|
11506
|
-
# characters
|
11507
|
-
#
|
11508
|
-
# characters:
|
11567
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
11568
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
11569
|
+
# with no spaces. You can also include any of the following
|
11570
|
+
# characters: \_+=,.@-
|
11509
11571
|
#
|
11510
11572
|
#
|
11511
11573
|
#
|
@@ -11538,10 +11600,10 @@ module Aws::IAM
|
|
11538
11600
|
# The ARN of the OIDC provider in IAM from which you want to remove
|
11539
11601
|
# tags.
|
11540
11602
|
#
|
11541
|
-
# This parameter
|
11542
|
-
# characters
|
11543
|
-
#
|
11544
|
-
# characters:
|
11603
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
11604
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
11605
|
+
# with no spaces. You can also include any of the following
|
11606
|
+
# characters: \_+=,.@-
|
11545
11607
|
#
|
11546
11608
|
#
|
11547
11609
|
#
|
@@ -11574,10 +11636,10 @@ module Aws::IAM
|
|
11574
11636
|
# The ARN of the IAM customer managed policy from which you want to
|
11575
11637
|
# remove tags.
|
11576
11638
|
#
|
11577
|
-
# This parameter
|
11578
|
-
# characters
|
11579
|
-
#
|
11580
|
-
# characters:
|
11639
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
11640
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
11641
|
+
# with no spaces. You can also include any of the following
|
11642
|
+
# characters: \_+=,.@-
|
11581
11643
|
#
|
11582
11644
|
#
|
11583
11645
|
#
|
@@ -11645,10 +11707,10 @@ module Aws::IAM
|
|
11645
11707
|
# The ARN of the SAML identity provider in IAM from which you want to
|
11646
11708
|
# remove tags.
|
11647
11709
|
#
|
11648
|
-
# This parameter
|
11649
|
-
# characters
|
11650
|
-
#
|
11651
|
-
# characters:
|
11710
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
11711
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
11712
|
+
# with no spaces. You can also include any of the following
|
11713
|
+
# characters: \_+=,.@-
|
11652
11714
|
#
|
11653
11715
|
#
|
11654
11716
|
#
|
@@ -11681,10 +11743,10 @@ module Aws::IAM
|
|
11681
11743
|
# The name of the IAM server certificate from which you want to remove
|
11682
11744
|
# tags.
|
11683
11745
|
#
|
11684
|
-
# This parameter
|
11685
|
-
# characters
|
11686
|
-
#
|
11687
|
-
# characters:
|
11746
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
11747
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
11748
|
+
# with no spaces. You can also include any of the following
|
11749
|
+
# characters: \_+=,.@-
|
11688
11750
|
#
|
11689
11751
|
#
|
11690
11752
|
#
|
@@ -11716,10 +11778,10 @@ module Aws::IAM
|
|
11716
11778
|
# @!attribute [rw] user_name
|
11717
11779
|
# The name of the IAM user from which you want to remove tags.
|
11718
11780
|
#
|
11719
|
-
# This parameter
|
11720
|
-
# characters
|
11721
|
-
#
|
11722
|
-
# characters:
|
11781
|
+
# This parameter allows (through its [regex pattern][1]) a string of
|
11782
|
+
# characters consisting of upper and lowercase alphanumeric characters
|
11783
|
+
# with no spaces. You can also include any of the following
|
11784
|
+
# characters: \_+=,.@-
|
11723
11785
|
#
|
11724
11786
|
#
|
11725
11787
|
#
|
@@ -11776,8 +11838,8 @@ module Aws::IAM
|
|
11776
11838
|
#
|
11777
11839
|
# @!attribute [rw] status
|
11778
11840
|
# The status you want to assign to the secret access key. `Active`
|
11779
|
-
# means that the key can be used for programmatic calls to
|
11780
|
-
# `Inactive` means that the key cannot be used.
|
11841
|
+
# means that the key can be used for programmatic calls to Amazon Web
|
11842
|
+
# Services, while `Inactive` means that the key cannot be used.
|
11781
11843
|
# @return [String]
|
11782
11844
|
#
|
11783
11845
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccessKeyRequest AWS API Documentation
|
@@ -11851,10 +11913,9 @@ module Aws::IAM
|
|
11851
11913
|
# @return [Boolean]
|
11852
11914
|
#
|
11853
11915
|
# @!attribute [rw] allow_users_to_change_password
|
11854
|
-
# Allows all IAM users in your account to use the
|
11855
|
-
#
|
11856
|
-
#
|
11857
|
-
# Guide*.
|
11916
|
+
# Allows all IAM users in your account to use the Management Console
|
11917
|
+
# to change their own passwords. For more information, see [Letting
|
11918
|
+
# IAM users change their own passwords][1] in the *IAM User Guide*.
|
11858
11919
|
#
|
11859
11920
|
# If you do not specify a value for this parameter, then the operation
|
11860
11921
|
# uses the default value of `false`. The result is that IAM users in
|
@@ -11934,10 +11995,10 @@ module Aws::IAM
|
|
11934
11995
|
# @!attribute [rw] policy_document
|
11935
11996
|
# The policy that grants an entity permission to assume the role.
|
11936
11997
|
#
|
11937
|
-
# You must provide policies in JSON format in IAM. However, for
|
11998
|
+
# You must provide policies in JSON format in IAM. However, for
|
11938
11999
|
# CloudFormation templates formatted in YAML, you can provide the
|
11939
|
-
# policy in JSON or YAML format.
|
11940
|
-
#
|
12000
|
+
# policy in JSON or YAML format. CloudFormation always converts a YAML
|
12001
|
+
# policy to JSON format before submitting it to IAM.
|
11941
12002
|
#
|
11942
12003
|
# The [regex pattern][1] used to validate this parameter is a string
|
11943
12004
|
# of characters consisting of the following:
|
@@ -12062,8 +12123,8 @@ module Aws::IAM
|
|
12062
12123
|
# carriage return (`\u000D`)
|
12063
12124
|
#
|
12064
12125
|
# However, the format can be further restricted by the account
|
12065
|
-
# administrator by setting a password policy on the
|
12066
|
-
#
|
12126
|
+
# administrator by setting a password policy on the account. For more
|
12127
|
+
# information, see UpdateAccountPasswordPolicy.
|
12067
12128
|
#
|
12068
12129
|
#
|
12069
12130
|
#
|
@@ -12100,7 +12161,7 @@ module Aws::IAM
|
|
12100
12161
|
# operation.
|
12101
12162
|
#
|
12102
12163
|
# For more information about ARNs, see [Amazon Resource Names
|
12103
|
-
# (ARNs)][1] in the *
|
12164
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
12104
12165
|
#
|
12105
12166
|
#
|
12106
12167
|
#
|
@@ -12182,7 +12243,7 @@ module Aws::IAM
|
|
12182
12243
|
# the default maximum of one hour is applied. This setting can have a
|
12183
12244
|
# value from 1 hour to 12 hours.
|
12184
12245
|
#
|
12185
|
-
# Anyone who assumes the role from the
|
12246
|
+
# Anyone who assumes the role from the CLI or API can use the
|
12186
12247
|
# `DurationSeconds` API parameter or the `duration-seconds` CLI
|
12187
12248
|
# parameter to request a longer session. The `MaxSessionDuration`
|
12188
12249
|
# setting determines the maximum duration that can be requested using
|
@@ -12234,7 +12295,7 @@ module Aws::IAM
|
|
12234
12295
|
# The Amazon Resource Name (ARN) of the SAML provider to update.
|
12235
12296
|
#
|
12236
12297
|
# For more information about ARNs, see [Amazon Resource Names
|
12237
|
-
# (ARNs)][1] in the *
|
12298
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
12238
12299
|
#
|
12239
12300
|
#
|
12240
12301
|
#
|
@@ -12301,8 +12362,8 @@ module Aws::IAM
|
|
12301
12362
|
#
|
12302
12363
|
# @!attribute [rw] status
|
12303
12364
|
# The status to assign to the SSH public key. `Active` means that the
|
12304
|
-
# key can be used for authentication with an
|
12305
|
-
#
|
12365
|
+
# key can be used for authentication with an CodeCommit repository.
|
12366
|
+
# `Inactive` means that the key cannot be used.
|
12306
12367
|
# @return [String]
|
12307
12368
|
#
|
12308
12369
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSSHPublicKeyRequest AWS API Documentation
|
@@ -12464,8 +12525,8 @@ module Aws::IAM
|
|
12464
12525
|
#
|
12465
12526
|
# @!attribute [rw] status
|
12466
12527
|
# The status you want to assign to the certificate. `Active` means
|
12467
|
-
# that the certificate can be used for programmatic calls to
|
12468
|
-
# `Inactive` means that the certificate cannot be used.
|
12528
|
+
# that the certificate can be used for programmatic calls to Amazon
|
12529
|
+
# Web Services `Inactive` means that the certificate cannot be used.
|
12469
12530
|
# @return [String]
|
12470
12531
|
#
|
12471
12532
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSigningCertificateRequest AWS API Documentation
|
@@ -12902,13 +12963,13 @@ module Aws::IAM
|
|
12902
12963
|
#
|
12903
12964
|
# @!attribute [rw] password_last_used
|
12904
12965
|
# The date and time, in [ISO 8601 date-time format][1], when the
|
12905
|
-
# user's password was last used to sign in to an
|
12906
|
-
# list of
|
12907
|
-
# the [Credential reports][2] topic in
|
12908
|
-
# password is used more than once in a
|
12909
|
-
# first use is returned in this field. If
|
12910
|
-
# value), then it indicates that they never
|
12911
|
-
# This can be because:
|
12966
|
+
# user's password was last used to sign in to an Amazon Web Services
|
12967
|
+
# website. For a list of Amazon Web Services websites that capture a
|
12968
|
+
# user's last sign-in time, see the [Credential reports][2] topic in
|
12969
|
+
# the *IAM User Guide*. If a password is used more than once in a
|
12970
|
+
# five-minute span, only the first use is returned in this field. If
|
12971
|
+
# the field is null (no value), then it indicates that they never
|
12972
|
+
# signed in with a password. This can be because:
|
12912
12973
|
#
|
12913
12974
|
# * The user never had a password.
|
12914
12975
|
#
|
@@ -12992,11 +13053,11 @@ module Aws::IAM
|
|
12992
13053
|
# @return [String]
|
12993
13054
|
#
|
12994
13055
|
# @!attribute [rw] arn
|
12995
|
-
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
12996
|
-
# resources.
|
13056
|
+
# The Amazon Resource Name (ARN). ARNs are unique identifiers for
|
13057
|
+
# Amazon Web Services resources.
|
12997
13058
|
#
|
12998
13059
|
# For more information about ARNs, go to [Amazon Resource Names
|
12999
|
-
# (ARNs)][1] in the *
|
13060
|
+
# (ARNs)][1] in the *Amazon Web Services General Reference*.
|
13000
13061
|
#
|
13001
13062
|
#
|
13002
13063
|
#
|