RubyGems - aws-sdk-iam - Versions diffs - 1.60.0 → 1.64.0 - Mend

aws-sdk-iam 1.60.0 → 1.64.0

Files changed (11) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +20 -0
data/VERSION +1 -1
data/lib/aws-sdk-iam/account_password_policy.rb +4 -3
data/lib/aws-sdk-iam/client.rb +215 -173
data/lib/aws-sdk-iam/login_profile.rb +5 -4
data/lib/aws-sdk-iam/resource.rb +15 -9
data/lib/aws-sdk-iam/types.rb +74 -65
data/lib/aws-sdk-iam/user.rb +3 -2
data/lib/aws-sdk-iam.rb +1 -1
metadata +4 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5121819d748185a8c479668754e9c822cc93330c5b523271d5c16f6d108acb53
-  data.tar.gz: 1d04a921fd706bc555cc590b9648c48fad89290eed9a9ee204d0ccd1b85452e7
+  metadata.gz: 7da1e8d9c50d6ac9e95f20cebbd3e16191de2e245a51fdabba95f2b2ab0a7025
+  data.tar.gz: '086f4652ca747bad0131b20051f4ea8bf17233402a5f43b8f9e4201ec973335c'
 SHA512:
-  metadata.gz: 6e535e006859d78fb0a4a4d9096fd36ff2e1a134a2fa97fde116c711b502314db10f00ec8a75246adf40315b8a05d62f212d55d25ef8aa9e9c34f92eabc69b5b
-  data.tar.gz: 999e98dbc352afc9912aaf7204fa72d4a281e0b277c4c43a7f9a6a526527d951f453d58cb5c361328264d7d0c0aa5b96744b425fc8512d481dfcb18b068476a4
+  metadata.gz: 1db87773bdc6caca4cdaecf272f6aa84bb621ea9a16f09f588ef099f7d478fafaaff4587c003ba206b31287e53d0db0853618c45e90a2c34b269cb14a8c5ef94
+  data.tar.gz: dba55cad7304b0edf5d3f7db7a02a0f1667473aec506bb2ee0b7a1cae5b521cce24a2fba1ffa7ab43ffafba0794b9aac4220348456619f92de1a622a76c8eaac

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,26 @@
 Unreleased Changes
 ------------------
+1.64.0 (2021-11-30)
+------------------
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+1.63.0 (2021-11-04)
+------------------
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+1.62.0 (2021-10-18)
+------------------
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+1.61.0 (2021-09-22)
+------------------
+* Feature - Added changes to OIDC API about not using port numbers in the URL.
 1.60.0 (2021-09-01)
 ------------------

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 1.60.0
1	+ 1.64.0

data/lib/aws-sdk-iam/account_password_policy.rb CHANGED Viewed

@@ -288,9 +288,10 @@ module Aws::IAM
     #   uses the default value of `false`. The result is that passwords do not
     #   require at least one lowercase character.
     # @option options [Boolean] :allow_users_to_change_password
-    #   Allows all IAM users in your account to use the Management Console to
-    #   change their own passwords. For more information, see [Letting IAM
-    #   users change their own passwords][1] in the *IAM User Guide*.
+    #   Allows all IAM users in your account to use the Amazon Web Services
+    #   Management Console to change their own passwords. For more
+    #   information, see [Letting IAM users change their own passwords][1] in
+    #   the *IAM User Guide*.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users in the

data/lib/aws-sdk-iam/client.rb CHANGED Viewed

@@ -119,7 +119,9 @@ module Aws::IAM
     #     * EC2/ECS IMDS instance profile - When used by default, the timeouts
     #       are very aggressive. Construct and pass an instance of
     #       `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
-    #       enable retries and extended timeouts.
+    #       enable retries and extended timeouts. Instance profile credential
+    #       fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED']
+    #       to true.
     #
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
@@ -275,6 +277,15 @@ module Aws::IAM
     #     ** Please note ** When response stubbing is enabled, no HTTP
     #     requests are made, and retries are disabled.
     #
+    #   @option options [Boolean] :use_dualstack_endpoint
+    #     When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
+    #     will be used if available.
+    #
+    #   @option options [Boolean] :use_fips_endpoint
+    #     When set to `true`, fips compatible endpoints will be used if available.
+    #     When a `fips` region is used, the region is normalized and this config
+    #     is set to `true`.
+    #
     #   @option options [Boolean] :validate_params (true)
     #     When `true`, request parameters are validated before
     #     sending the request.
@@ -714,9 +725,9 @@ module Aws::IAM
     # Changes the password of the IAM user who is calling this operation.
     # This operation can be performed using the CLI, the Amazon Web Services
-    # API, or the **My Security Credentials** page in the Management
-    # Console. The account root user password is not affected by this
-    # operation.
+    # API, or the **My Security Credentials** page in the Amazon Web
+    # Services Management Console. The Amazon Web Services account root user
+    # password is not affected by this operation.
     #
     # Use UpdateLoginProfile to use the CLI, the Amazon Web Services API, or
     # the **Users** page in the IAM console to change the password for any
@@ -731,8 +742,8 @@ module Aws::IAM
     #   The IAM user's current password.
     #
     # @option params [required, String] :new_password
-    #   The new password. The new password must conform to the account's
-    #   password policy, if one exists.
+    #   The new password. The new password must conform to the Amazon Web
+    #   Services account's password policy, if one exists.
     #
     #   The [regex pattern][1] that is used to validate this parameter is a
     #   string of characters. That string can include almost any printable
@@ -740,8 +751,9 @@ module Aws::IAM
     #   character range (`\u00FF`). You can also include the tab (`\u0009`),
     #   line feed (`\u000A`), and carriage return (`\u000D`) characters. Any
     #   of these characters are valid in a password. However, many tools, such
-    #   as the Management Console, might restrict the ability to type certain
-    #   characters because they have special meaning within that tool.
+    #   as the Amazon Web Services Management Console, might restrict the
+    #   ability to type certain characters because they have special meaning
+    #   within that tool.
     #
     #
     #
@@ -781,18 +793,19 @@ module Aws::IAM
     #
     # If you do not specify a user name, IAM determines the user name
     # implicitly based on the Amazon Web Services access key ID signing the
-    # request. This operation works for access keys under the account.
-    # Consequently, you can use this operation to manage account root user
-    # credentials. This is true even if the account has no associated users.
+    # request. This operation works for access keys under the Amazon Web
+    # Services account. Consequently, you can use this operation to manage
+    # Amazon Web Services account root user credentials. This is true even
+    # if the Amazon Web Services account has no associated users.
     #
     # For information about quotas on the number of keys you can create, see
     # [IAM and STS quotas][1] in the *IAM User Guide*.
     #
-    # To ensure the security of your account, the secret access key is
-    # accessible only during key and user creation. You must save the key
-    # (for example, in a text file) if you want to be able to access it
-    # again. If a secret key is lost, you can delete the access keys for the
-    # associated user and then create new keys.
+    # To ensure the security of your Amazon Web Services account, the secret
+    # access key is accessible only during key and user creation. You must
+    # save the key (for example, in a text file) if you want to be able to
+    # access it again. If a secret key is lost, you can delete the access
+    # keys for the associated user and then create new keys.
     #
     #
     #
@@ -857,9 +870,9 @@ module Aws::IAM
       req.send_request(options)
     end
-    # Creates an alias for your account. For information about using an
-    # account alias, see [Using an alias for your account ID][1] in the *IAM
-    # User Guide*.
+    # Creates an alias for your Amazon Web Services account. For information
+    # about using an Amazon Web Services account alias, see [Using an alias
+    # for your Amazon Web Services account ID][1] in the *IAM User Guide*.
     #
     #
     #
@@ -1125,13 +1138,14 @@ module Aws::IAM
     end
     # Creates a password for the specified IAM user. A password allows an
-    # IAM user to access Amazon Web Services services through the Management
-    # Console.
+    # IAM user to access Amazon Web Services services through the Amazon Web
+    # Services Management Console.
     #
     # You can use the CLI, the Amazon Web Services API, or the **Users**
     # page in the IAM console to create a password for any IAM user. Use
     # ChangePassword to update your own existing password in the **My
-    # Security Credentials** page in the Management Console.
+    # Security Credentials** page in the Amazon Web Services Management
+    # Console.
     #
     # For more information about managing passwords, see [Managing
     # passwords][1] in the *IAM User Guide*.
@@ -1162,8 +1176,9 @@ module Aws::IAM
     #   character range (`\u00FF`). You can also include the tab (`\u0009`),
     #   line feed (`\u000A`), and carriage return (`\u000D`) characters. Any
     #   of these characters are valid in a password. However, many tools, such
-    #   as the Management Console, might restrict the ability to type certain
-    #   characters because they have special meaning within that tool.
+    #   as the Amazon Web Services Management Console, might restrict the
+    #   ability to type certain characters because they have special meaning
+    #   within that tool.
     #
     #
     #
@@ -1247,8 +1262,8 @@ module Aws::IAM
     # * A list of thumbprints of one or more server certificates that the
     #   IdP uses
     #
-    # You get all of this information from the OIDC IdP that you want to use
-    # to access Amazon Web Services.
+    # You get all of this information from the OIDC IdP you want to use to
+    # access Amazon Web Services.
     #
     # <note markdown="1"> Amazon Web Services secures communication with some OIDC identity
     # providers (IdPs) through our library of trusted certificate
@@ -1277,16 +1292,18 @@ module Aws::IAM
     #   Connect ID tokens. Per the OIDC standard, path components are allowed
     #   but query parameters are not. Typically the URL consists of only a
     #   hostname, like `https://server.example.org` or `https://example.com`.
+    #   The URL should not contain a port number.
     #
     #   You cannot register the same provider multiple times in a single
-    #   account. If you try to submit a URL that has already been used for an
-    #   OpenID Connect provider in the account, you will get an error.
+    #   Amazon Web Services account. If you try to submit a URL that has
+    #   already been used for an OpenID Connect provider in the Amazon Web
+    #   Services account, you will get an error.
     #
     # @option params [Array<String>] :client_id_list
-    #   A list of client IDs (also known as audiences). When a mobile or web
-    #   app registers with an OpenID Connect provider, they establish a value
-    #   that identifies the application. (This is the value that's sent as
-    #   the `client_id` parameter on OAuth requests.)
+    #   Provides a list of client IDs, also known as audiences. When a mobile
+    #   or web app registers with an OpenID Connect provider, they establish a
+    #   value that identifies the application. This is the value that's sent
+    #   as the `client_id` parameter on OAuth requests.
     #
     #   You can register multiple client IDs with the same provider. For
     #   example, you might have multiple applications that use the same OIDC
@@ -1313,11 +1330,11 @@ module Aws::IAM
     #   `server.example.com` and the provider stores its keys at
     #   https://keys.server.example.com/openid-connect. In that case, the
     #   thumbprint string would be the hex-encoded SHA-1 hash value of the
-    #   certificate used by https://keys.server.example.com.
+    #   certificate used by `https://keys.server.example.com.`
     #
-    #   For more information about obtaining the OIDC provider's thumbprint,
-    #   see [Obtaining the thumbprint for an OpenID Connect provider][1] in
-    #   the *IAM User Guide*.
+    #   For more information about obtaining the OIDC provider thumbprint, see
+    #   [Obtaining the thumbprint for an OpenID Connect provider][1] in the
+    #   *IAM User Guide*.
     #
     #
     #
@@ -1395,7 +1412,7 @@ module Aws::IAM
       req.send_request(options)
     end
-    # Creates a new managed policy for your account.
+    # Creates a new managed policy for your Amazon Web Services account.
     #
     # This operation creates a policy version with a version identifier of
     # `v1` and sets v1 as the policy's default version. For more
@@ -1437,6 +1454,10 @@ module Aws::IAM
     #   character (`\u007F`), including most punctuation characters, digits,
     #   and upper and lowercased letters.
     #
+    #   <note markdown="1"> You cannot use an asterisk (*) in the path name.
+    #
+    #    </note>
+    #
     #
     #
     #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
@@ -1650,10 +1671,10 @@ module Aws::IAM
       req.send_request(options)
     end
-    # Creates a new role for your account. For more information about roles,
-    # see [IAM roles][1]. For information about quotas for role names and
-    # the number of roles you can create, see [IAM and STS quotas][2] in the
-    # *IAM User Guide*.
+    # Creates a new role for your Amazon Web Services account. For more
+    # information about roles, see [IAM roles][1]. For information about
+    # quotas for role names and the number of roles you can create, see [IAM
+    # and STS quotas][2] in the *IAM User Guide*.
     #
     #
     #
@@ -1836,8 +1857,8 @@ module Aws::IAM
     # used as a principal in an IAM role's trust policy. Such a policy can
     # enable federated users who sign in using the SAML IdP to assume the
     # role. You can create an IAM role that supports Web-based single
-    # sign-on (SSO) to the Management Console or one that supports API
-    # access to Amazon Web Services.
+    # sign-on (SSO) to the Amazon Web Services Management Console or one
+    # that supports API access to Amazon Web Services.
     #
     # When you create the SAML provider resource, you upload a SAML metadata
     # document that you get from your IdP. That document includes the
@@ -1851,8 +1872,8 @@ module Aws::IAM
     #  </note>
     #
     # For more information, see [Enabling SAML 2.0 federated users to access
-    # the Management Console][2] and [About SAML 2.0-based federation][3] in
-    # the *IAM User Guide*.
+    # the Amazon Web Services Management Console][2] and [About SAML
+    # 2.0-based federation][3] in the *IAM User Guide*.
     #
     #
     #
@@ -2096,7 +2117,7 @@ module Aws::IAM
       req.send_request(options)
     end
-    # Creates a new IAM user for your account.
+    # Creates a new IAM user for your Amazon Web Services account.
     #
     # For information about quotas for the number of IAM users you can
     # create, see [IAM and STS quotas][1] in the *IAM User Guide*.
@@ -2211,10 +2232,11 @@ module Aws::IAM
       req.send_request(options)
     end
-    # Creates a new virtual MFA device for the account. After creating the
-    # virtual MFA, use EnableMFADevice to attach the MFA device to an IAM
-    # user. For more information about creating and working with virtual MFA
-    # devices, see [Using a virtual MFA device][1] in the *IAM User Guide*.
+    # Creates a new virtual MFA device for the Amazon Web Services account.
+    # After creating the virtual MFA, use EnableMFADevice to attach the MFA
+    # device to an IAM user. For more information about creating and working
+    # with virtual MFA devices, see [Using a virtual MFA device][1] in the
+    # *IAM User Guide*.
     #
     # For information about the maximum number of MFA devices you can
     # create, see [IAM and STS quotas][2] in the *IAM User Guide*.
@@ -2384,9 +2406,10 @@ module Aws::IAM
     #
     # If you do not specify a user name, IAM determines the user name
     # implicitly based on the Amazon Web Services access key ID signing the
-    # request. This operation works for access keys under the account.
-    # Consequently, you can use this operation to manage account root user
-    # credentials even if the account has no associated users.
+    # request. This operation works for access keys under the Amazon Web
+    # Services account. Consequently, you can use this operation to manage
+    # Amazon Web Services account root user credentials even if the Amazon
+    # Web Services account has no associated users.
     #
     # @option params [String] :user_name
     #   The name of the user whose access key pair you want to delete.
@@ -2440,9 +2463,10 @@ module Aws::IAM
       req.send_request(options)
     end
-    # Deletes the specified account alias. For information about using an
-    # Amazon Web Services account alias, see [Using an alias for your
-    # account ID][1] in the *IAM User Guide*.
+    # Deletes the specified Amazon Web Services account alias. For
+    # information about using an Amazon Web Services account alias, see
+    # [Using an alias for your Amazon Web Services account ID][1] in the
+    # *IAM User Guide*.
     #
     #
     #
@@ -2486,7 +2510,8 @@ module Aws::IAM
       req.send_request(options)
     end
-    # Deletes the password policy for the account. There are no parameters.
+    # Deletes the password policy for the Amazon Web Services account. There
+    # are no parameters.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -2659,12 +2684,13 @@ module Aws::IAM
     # Deletes the password for the specified IAM user, which terminates the
     # user's ability to access Amazon Web Services services through the
-    # Management Console.
+    # Amazon Web Services Management Console.
     #
     # You can use the CLI, the Amazon Web Services API, or the **Users**
     # page in the IAM console to delete a password for any IAM user. You can
     # use ChangePassword to update, but not delete, your own password in the
-    # **My Security Credentials** page in the Management Console.
+    # **My Security Credentials** page in the Amazon Web Services Management
+    # Console.
     #
     # Deleting a user's password does not prevent a user from accessing
     # Amazon Web Services through the command line interface or the API. To
@@ -3243,9 +3269,10 @@ module Aws::IAM
     #
     # If you do not specify a user name, IAM determines the user name
     # implicitly based on the Amazon Web Services access key ID signing the
-    # request. This operation works for access keys under the account.
-    # Consequently, you can use this operation to manage account root user
-    # credentials even if the account has no associated IAM users.
+    # request. This operation works for access keys under the Amazon Web
+    # Services account. Consequently, you can use this operation to manage
+    # Amazon Web Services account root user credentials even if the Amazon
+    # Web Services account has no associated IAM users.
     #
     # @option params [String] :user_name
     #   The name of the user the signing certificate belongs to.
@@ -3298,11 +3325,11 @@ module Aws::IAM
       req.send_request(options)
     end
-    # Deletes the specified IAM user. Unlike the Management Console, when
-    # you delete a user programmatically, you must delete the items attached
-    # to the user manually, or the deletion fails. For more information, see
-    # [Deleting an IAM user][1]. Before attempting to delete a user, remove
-    # the following items:
+    # Deletes the specified IAM user. Unlike the Amazon Web Services
+    # Management Console, when you delete a user programmatically, you must
+    # delete the items attached to the user manually, or the deletion fails.
+    # For more information, see [Deleting an IAM user][1]. Before attempting
+    # to delete a user, remove the following items:
     #
     # * Password (DeleteLoginProfile)
     #
@@ -3738,9 +3765,9 @@ module Aws::IAM
       req.send_request(options)
     end
-    # Generates a credential report for the account. For more information
-    # about the credential report, see [Getting credential reports][1] in
-    # the *IAM User Guide*.
+    # Generates a credential report for the Amazon Web Services account. For
+    # more information about the credential report, see [Getting credential
+    # reports][1] in the *IAM User Guide*.
     #
     #
     #
@@ -3796,14 +3823,14 @@ module Aws::IAM
     #
     # The data includes all attempts to access Amazon Web Services, not just
     # the successful ones. This includes all attempts that were made using
-    # the Management Console, the Amazon Web Services API through any of the
-    # SDKs, or any of the command line tools. An unexpected entry in the
-    # service last accessed data does not mean that an account has been
-    # compromised, because the request might have been denied. Refer to your
-    # CloudTrail logs as the authoritative source for information about all
-    # API calls and whether they were successful or denied access. For more
-    # information, see [Logging IAM events with CloudTrail][2] in the *IAM
-    # User Guide*.
+    # the Amazon Web Services Management Console, the Amazon Web Services
+    # API through any of the SDKs, or any of the command line tools. An
+    # unexpected entry in the service last accessed data does not mean that
+    # an account has been compromised, because the request might have been
+    # denied. Refer to your CloudTrail logs as the authoritative source for
+    # information about all API calls and whether they were successful or
+    # denied access. For more information, see [Logging IAM events with
+    # CloudTrail][2] in the *IAM User Guide*.
     #
     # This operation returns a `JobId`. Use this parameter in the `
     # GetOrganizationsAccessReport ` operation to check the status of the
@@ -3959,14 +3986,15 @@ module Aws::IAM
     #
     # The service last accessed data includes all attempts to access an
     # Amazon Web Services API, not just the successful ones. This includes
-    # all attempts that were made using the Management Console, the Amazon
-    # Web Services API through any of the SDKs, or any of the command line
-    # tools. An unexpected entry in the service last accessed data does not
-    # mean that your account has been compromised, because the request might
-    # have been denied. Refer to your CloudTrail logs as the authoritative
-    # source for information about all API calls and whether they were
-    # successful or denied access. For more information, see [Logging IAM
-    # events with CloudTrail][2] in the *IAM User Guide*.
+    # all attempts that were made using the Amazon Web Services Management
+    # Console, the Amazon Web Services API through any of the SDKs, or any
+    # of the command line tools. An unexpected entry in the service last
+    # accessed data does not mean that your account has been compromised,
+    # because the request might have been denied. Refer to your CloudTrail
+    # logs as the authoritative source for information about all API calls
+    # and whether they were successful or denied access. For more
+    # information, see [Logging IAM events with CloudTrail][2] in the *IAM
+    # User Guide*.
     #
     # The `GenerateServiceLastAccessedDetails` operation returns a `JobId`.
     # Use this parameter in the following operations to retrieve the
@@ -4284,10 +4312,11 @@ module Aws::IAM
       req.send_request(options)
     end
-    # Retrieves the password policy for the account. This tells you the
-    # complexity requirements and mandatory rotation periods for the IAM
-    # user passwords in your account. For more information about using a
-    # password policy, see [Managing an IAM password policy][1].
+    # Retrieves the password policy for the Amazon Web Services account.
+    # This tells you the complexity requirements and mandatory rotation
+    # periods for the IAM user passwords in your account. For more
+    # information about using a password policy, see [Managing an IAM
+    # password policy][1].
     #
     #
     #
@@ -4554,9 +4583,9 @@ module Aws::IAM
       req.send_request(options)
     end
-    # Retrieves a credential report for the account. For more information
-    # about the credential report, see [Getting credential reports][1] in
-    # the *IAM User Guide*.
+    # Retrieves a credential report for the Amazon Web Services account. For
+    # more information about the credential report, see [Getting credential
+    # reports][1] in the *IAM User Guide*.
     #
     #
     #
@@ -4842,18 +4871,20 @@ module Aws::IAM
     end
     # Retrieves the user name for the specified IAM user. A login profile is
-    # created when you create a password for the user to access the
-    # Management Console. If the user does not exist or does not have a
-    # password, the operation returns a 404 (`NoSuchEntity`) error.
+    # created when you create a password for the user to access the Amazon
+    # Web Services Management Console. If the user does not exist or does
+    # not have a password, the operation returns a 404 (`NoSuchEntity`)
+    # error.
     #
     # If you create an IAM user with access to the console, the `CreateDate`
     # reflects the date you created the initial password for the user.
     #
     # If you create an IAM user with programmatic access, and then later add
-    # a password for the user to access the Management Console, the
-    # `CreateDate` reflects the initial password creation date. A user with
-    # programmatic access does not have a login profile unless you create a
-    # password for the user to access the Management Console.
+    # a password for the user to access the Amazon Web Services Management
+    # Console, the `CreateDate` reflects the initial password creation date.
+    # A user with programmatic access does not have a login profile unless
+    # you create a password for the user to access the Amazon Web Services
+    # Management Console.
     #
     # @option params [required, String] :user_name
     #   The name of the user whose login profile you want to retrieve.
@@ -6131,12 +6162,13 @@ module Aws::IAM
     #
     # If the `UserName` field is not specified, the user name is determined
     # implicitly based on the Amazon Web Services access key ID used to sign
-    # the request. This operation works for access keys under the account.
-    # Consequently, you can use this operation to manage account root user
-    # credentials even if the account has no associated users.
+    # the request. This operation works for access keys under the Amazon Web
+    # Services account. Consequently, you can use this operation to manage
+    # Amazon Web Services account root user credentials even if the Amazon
+    # Web Services account has no associated users.
     #
-    # <note markdown="1"> To ensure the security of your account, the secret access key is
-    # accessible only during key and user creation.
+    # <note markdown="1"> To ensure the security of your Amazon Web Services account, the secret
+    # access key is accessible only during key and user creation.
     #
     #  </note>
     #
@@ -6231,9 +6263,10 @@ module Aws::IAM
       req.send_request(options)
     end
-    # Lists the account alias associated with the account (Note: you can
-    # have only one). For information about using an account alias, see
-    # [Using an alias for your account ID][1] in the *IAM User Guide*.
+    # Lists the account alias associated with the Amazon Web Services
+    # account (Note: you can have only one). For information about using an
+    # Amazon Web Services account alias, see [Using an alias for your Amazon
+    # Web Services account ID][1] in the *IAM User Guide*.
     #
     #
     #
@@ -7510,7 +7543,7 @@ module Aws::IAM
     end
     # Lists information about the IAM OpenID Connect (OIDC) provider
-    # resource objects defined in the account.
+    # resource objects defined in the Amazon Web Services account.
     #
     # <note markdown="1"> IAM resource-listing operations return a subset of the available
     # attributes for the resource. For example, this operation does not
@@ -7538,9 +7571,9 @@ module Aws::IAM
       req.send_request(options)
     end
-    # Lists all the managed policies that are available in your account,
-    # including your own customer-defined managed policies and all Amazon
-    # Web Services managed policies.
+    # Lists all the managed policies that are available in your Amazon Web
+    # Services account, including your own customer-defined managed policies
+    # and all Amazon Web Services managed policies.
     #
     # You can filter the list of policies that is returned using the
     # optional `OnlyAttached`, `Scope`, and `PathPrefix` parameters. For
@@ -7570,8 +7603,8 @@ module Aws::IAM
     #   The scope to use for filtering the results.
     #
     #   To list only Amazon Web Services managed policies, set `Scope` to
-    #   `AWS`. To list only the customer managed policies in your account, set
-    #   `Scope` to `Local`.
+    #   `AWS`. To list only the customer managed policies in your Amazon Web
+    #   Services account, set `Scope` to `Local`.
     #
     #   This parameter is optional. If it is not included, or if it is set to
     #   `All`, all policies are returned.
@@ -8671,9 +8704,9 @@ module Aws::IAM
     # If the `UserName` field is not specified, the user name is determined
     # implicitly based on the Amazon Web Services access key ID used to sign
     # the request for this operation. This operation works for access keys
-    # under the account. Consequently, you can use this operation to manage
-    # account root user credentials even if the account has no associated
-    # users.
+    # under the Amazon Web Services account. Consequently, you can use this
+    # operation to manage Amazon Web Services account root user credentials
+    # even if the Amazon Web Services account has no associated users.
     #
     # @option params [String] :user_name
     #   The name of the IAM user whose signing certificates you want to
@@ -8935,8 +8968,9 @@ module Aws::IAM
     end
     # Lists the IAM users that have the specified path prefix. If no path
-    # prefix is specified, the operation returns all users in the account.
-    # If there are none, the operation returns an empty list.
+    # prefix is specified, the operation returns all users in the Amazon Web
+    # Services account. If there are none, the operation returns an empty
+    # list.
     #
     # <note markdown="1"> IAM resource-listing operations return a subset of the available
     # attributes for the resource. For example, this operation does not
@@ -9054,10 +9088,10 @@ module Aws::IAM
       req.send_request(options)
     end
-    # Lists the virtual MFA devices defined in the account by assignment
-    # status. If you do not specify an assignment status, the operation
-    # returns a list of all virtual MFA devices. Assignment status can be
-    # `Assigned`, `Unassigned`, or `Any`.
+    # Lists the virtual MFA devices defined in the Amazon Web Services
+    # account by assignment status. If you do not specify an assignment
+    # status, the operation returns a list of all virtual MFA devices.
+    # Assignment status can be `Assigned`, `Unassigned`, or `Any`.
     #
     # <note markdown="1"> IAM resource-listing operations return a subset of the available
     # attributes for the resource. For example, this operation does not
@@ -9908,7 +9942,7 @@ module Aws::IAM
     end
     # Sets the specified version of the global endpoint token as the token
-    # version used for the account.
+    # version used for the Amazon Web Services account.
     #
     # By default, Security Token Service (STS) is available as a global
     # service, and all STS requests go to a single endpoint at
@@ -9921,12 +9955,13 @@ module Aws::IAM
     # If you make an STS call to the global endpoint, the resulting session
     # tokens might be valid in some Regions but not others. It depends on
     # the version that is set in this operation. Version 1 tokens are valid
-    # only in Regions that are available by default. These tokens do not
-    # work in manually enabled Regions, such as Asia Pacific (Hong Kong).
-    # Version 2 tokens are valid in all Regions. However, version 2 tokens
-    # are longer and might affect systems where you temporarily store
-    # tokens. For information, see [Activating and deactivating STS in an
-    # Region][2] in the *IAM User Guide*.
+    # only in Amazon Web Services Regions that are available by default.
+    # These tokens do not work in manually enabled Regions, such as Asia
+    # Pacific (Hong Kong). Version 2 tokens are valid in all Regions.
+    # However, version 2 tokens are longer and might affect systems where
+    # you temporarily store tokens. For information, see [Activating and
+    # deactivating STS in an Amazon Web Services Region][2] in the *IAM User
+    # Guide*.
     #
     # To view the current session token version, see the
     # `GlobalEndpointTokenVersion` entry in the response of the
@@ -9939,14 +9974,14 @@ module Aws::IAM
     #
     # @option params [required, String] :global_endpoint_token_version
     #   The version of the global endpoint token. Version 1 tokens are valid
-    #   only in Regions that are available by default. These tokens do not
-    #   work in manually enabled Regions, such as Asia Pacific (Hong Kong).
-    #   Version 2 tokens are valid in all Regions. However, version 2 tokens
-    #   are longer and might affect systems where you temporarily store
-    #   tokens.
+    #   only in Amazon Web Services Regions that are available by default.
+    #   These tokens do not work in manually enabled Regions, such as Asia
+    #   Pacific (Hong Kong). Version 2 tokens are valid in all Regions.
+    #   However, version 2 tokens are longer and might affect systems where
+    #   you temporarily store tokens.
     #
-    #   For information, see [Activating and deactivating STS in an Region][1]
-    #   in the *IAM User Guide*.
+    #   For information, see [Activating and deactivating STS in an Amazon Web
+    #   Services Region][1] in the *IAM User Guide*.
     #
     #
     #
@@ -10136,12 +10171,12 @@ module Aws::IAM
     #   [2]: http://wikipedia.org/wiki/regex
     #
     # @option params [String] :resource_owner
-    #   An ARN representing the account ID that specifies the owner of any
-    #   simulated resource that does not identify its owner in the resource
-    #   ARN. Examples of resource ARNs include an S3 bucket or object. If
-    #   `ResourceOwner` is specified, it is also used as the account owner of
-    #   any `ResourcePolicy` included in the simulation. If the
-    #   `ResourceOwner` parameter is not specified, then the owner of the
+    #   An ARN representing the Amazon Web Services account ID that specifies
+    #   the owner of any simulated resource that does not identify its owner
+    #   in the resource ARN. Examples of resource ARNs include an S3 bucket or
+    #   object. If `ResourceOwner` is specified, it is also used as the
+    #   account owner of any `ResourcePolicy` included in the simulation. If
+    #   the `ResourceOwner` parameter is not specified, then the owner of the
     #   resources and the resource policy defaults to the account of the
     #   identity provided in `CallerArn`. This parameter is required only if
     #   you specify a resource-based policy and account that owns the resource
@@ -10482,16 +10517,17 @@ module Aws::IAM
     #   [2]: http://wikipedia.org/wiki/regex
     #
     # @option params [String] :resource_owner
-    #   An account ID that specifies the owner of any simulated resource that
-    #   does not identify its owner in the resource ARN. Examples of resource
-    #   ARNs include an S3 bucket or object. If `ResourceOwner` is specified,
-    #   it is also used as the account owner of any `ResourcePolicy` included
-    #   in the simulation. If the `ResourceOwner` parameter is not specified,
-    #   then the owner of the resources and the resource policy defaults to
-    #   the account of the identity provided in `CallerArn`. This parameter is
-    #   required only if you specify a resource-based policy and account that
-    #   owns the resource is different from the account that owns the
-    #   simulated calling user `CallerArn`.
+    #   An Amazon Web Services account ID that specifies the owner of any
+    #   simulated resource that does not identify its owner in the resource
+    #   ARN. Examples of resource ARNs include an S3 bucket or object. If
+    #   `ResourceOwner` is specified, it is also used as the account owner of
+    #   any `ResourcePolicy` included in the simulation. If the
+    #   `ResourceOwner` parameter is not specified, then the owner of the
+    #   resources and the resource policy defaults to the account of the
+    #   identity provided in `CallerArn`. This parameter is required only if
+    #   you specify a resource-based policy and account that owns the resource
+    #   is different from the account that owns the simulated calling user
+    #   `CallerArn`.
     #
     # @option params [String] :caller_arn
     #   The ARN of the IAM user that you want to specify as the simulated
@@ -11723,9 +11759,10 @@ module Aws::IAM
     #
     # If the `UserName` is not specified, the user name is determined
     # implicitly based on the Amazon Web Services access key ID used to sign
-    # the request. This operation works for access keys under the account.
-    # Consequently, you can use this operation to manage account root user
-    # credentials even if the account has no associated users.
+    # the request. This operation works for access keys under the Amazon Web
+    # Services account. Consequently, you can use this operation to manage
+    # Amazon Web Services account root user credentials even if the Amazon
+    # Web Services account has no associated users.
     #
     # For information about rotating keys, see [Managing keys and
     # certificates][1] in the *IAM User Guide*.
@@ -11793,7 +11830,8 @@ module Aws::IAM
       req.send_request(options)
     end
-    # Updates the password policy settings for the account.
+    # Updates the password policy settings for the Amazon Web Services
+    # account.
     #
     # <note markdown="1"> * This operation does not support partial updates. No parameters are
     #   required, but if you do not specify a parameter, that parameter's
@@ -11855,9 +11893,10 @@ module Aws::IAM
     #   require at least one lowercase character.
     #
     # @option params [Boolean] :allow_users_to_change_password
-    #   Allows all IAM users in your account to use the Management Console to
-    #   change their own passwords. For more information, see [Letting IAM
-    #   users change their own passwords][1] in the *IAM User Guide*.
+    #   Allows all IAM users in your account to use the Amazon Web Services
+    #   Management Console to change their own passwords. For more
+    #   information, see [Letting IAM users change their own passwords][1] in
+    #   the *IAM User Guide*.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users in the
@@ -12092,7 +12131,7 @@ module Aws::IAM
     # the Amazon Web Services API, or the **Users** page in the IAM console
     # to change the password for any IAM user. Use ChangePassword to change
     # your own password in the **My Security Credentials** page in the
-    # Management Console.
+    # Amazon Web Services Management Console.
     #
     # For more information about modifying passwords, see [Managing
     # passwords][1] in the *IAM User Guide*.
@@ -12129,8 +12168,8 @@ module Aws::IAM
     #     carriage return (`\u000D`)
     #
     #   However, the format can be further restricted by the account
-    #   administrator by setting a password policy on the account. For more
-    #   information, see UpdateAccountPasswordPolicy.
+    #   administrator by setting a password policy on the Amazon Web Services
+    #   account. For more information, see UpdateAccountPasswordPolicy.
     #
     #
     #
@@ -12597,9 +12636,10 @@ module Aws::IAM
     #
     # If the `UserName` field is not specified, the user name is determined
     # implicitly based on the Amazon Web Services access key ID used to sign
-    # the request. This operation works for access keys under the account.
-    # Consequently, you can use this operation to manage account root user
-    # credentials even if the account has no associated users.
+    # the request. This operation works for access keys under the Amazon Web
+    # Services account. Consequently, you can use this operation to manage
+    # Amazon Web Services account root user credentials even if the Amazon
+    # Web Services account has no associated users.
     #
     # @option params [String] :user_name
     #   The name of the IAM user the signing certificate belongs to.
@@ -12820,9 +12860,10 @@ module Aws::IAM
       req.send_request(options)
     end
-    # Uploads a server certificate entity for the account. The server
-    # certificate entity includes a public key certificate, a private key,
-    # and an optional certificate chain, which should all be PEM-encoded.
+    # Uploads a server certificate entity for the Amazon Web Services
+    # account. The server certificate entity includes a public key
+    # certificate, a private key, and an optional certificate chain, which
+    # should all be PEM-encoded.
     #
     # We recommend that you use [Certificate Manager][1] to provision,
     # manage, and deploy your server certificates. With ACM you can request
@@ -13047,9 +13088,10 @@ module Aws::IAM
     #
     # If the `UserName` is not specified, the IAM user name is determined
     # implicitly based on the Amazon Web Services access key ID used to sign
-    # the request. This operation works for access keys under the account.
-    # Consequently, you can use this operation to manage account root user
-    # credentials even if the account has no associated users.
+    # the request. This operation works for access keys under the Amazon Web
+    # Services account. Consequently, you can use this operation to manage
+    # Amazon Web Services account root user credentials even if the Amazon
+    # Web Services account has no associated users.
     #
     # <note markdown="1"> Because the body of an X.509 certificate can be large, you should use
     # POST rather than GET when calling `UploadSigningCertificate`. For
@@ -13160,7 +13202,7 @@ module Aws::IAM
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-iam'
-      context[:gem_version] = '1.60.0'
+      context[:gem_version] = '1.64.0'
       Seahorse::Client::Request.new(handlers, context)
     end

data/lib/aws-sdk-iam/login_profile.rb CHANGED Viewed

@@ -197,8 +197,9 @@ module Aws::IAM
     #   character range (`\u00FF`). You can also include the tab (`\u0009`),
     #   line feed (`\u000A`), and carriage return (`\u000D`) characters. Any
     #   of these characters are valid in a password. However, many tools, such
-    #   as the Management Console, might restrict the ability to type certain
-    #   characters because they have special meaning within that tool.
+    #   as the Amazon Web Services Management Console, might restrict the
+    #   ability to type certain characters because they have special meaning
+    #   within that tool.
     #
     #
     #
@@ -251,8 +252,8 @@ module Aws::IAM
     #     carriage return (`\u000D`)
     #
     #   However, the format can be further restricted by the account
-    #   administrator by setting a password policy on the account. For more
-    #   information, see UpdateAccountPasswordPolicy.
+    #   administrator by setting a password policy on the Amazon Web Services
+    #   account. For more information, see UpdateAccountPasswordPolicy.
     #
     #
     #

data/lib/aws-sdk-iam/resource.rb CHANGED Viewed

@@ -45,8 +45,8 @@ module Aws::IAM
     # @option options [required, String] :old_password
     #   The IAM user's current password.
     # @option options [required, String] :new_password
-    #   The new password. The new password must conform to the account's
-    #   password policy, if one exists.
+    #   The new password. The new password must conform to the Amazon Web
+    #   Services account's password policy, if one exists.
     #
     #   The [regex pattern][1] that is used to validate this parameter is a
     #   string of characters. That string can include almost any printable
@@ -54,8 +54,9 @@ module Aws::IAM
     #   character range (`\u00FF`). You can also include the tab (`\u0009`),
     #   line feed (`\u000A`), and carriage return (`\u000D`) characters. Any
     #   of these characters are valid in a password. However, many tools, such
-    #   as the Management Console, might restrict the ability to type certain
-    #   characters because they have special meaning within that tool.
+    #   as the Amazon Web Services Management Console, might restrict the
+    #   ability to type certain characters because they have special meaning
+    #   within that tool.
     #
     #
     #
@@ -139,9 +140,10 @@ module Aws::IAM
     #   uses the default value of `false`. The result is that passwords do not
     #   require at least one lowercase character.
     # @option options [Boolean] :allow_users_to_change_password
-    #   Allows all IAM users in your account to use the Management Console to
-    #   change their own passwords. For more information, see [Letting IAM
-    #   users change their own passwords][1] in the *IAM User Guide*.
+    #   Allows all IAM users in your account to use the Amazon Web Services
+    #   Management Console to change their own passwords. For more
+    #   information, see [Letting IAM users change their own passwords][1] in
+    #   the *IAM User Guide*.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users in the
@@ -325,6 +327,10 @@ module Aws::IAM
     #   character (`\u007F`), including most punctuation characters, digits,
     #   and upper and lowercased letters.
     #
+    #   <note markdown="1"> You cannot use an asterisk (*) in the path name.
+    #
+    #    </note>
+    #
     #
     #
     #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
@@ -1015,8 +1021,8 @@ module Aws::IAM
     #   The scope to use for filtering the results.
     #
     #   To list only Amazon Web Services managed policies, set `Scope` to
-    #   `AWS`. To list only the customer managed policies in your account, set
-    #   `Scope` to `Local`.
+    #   `AWS`. To list only the customer managed policies in your Amazon Web
+    #   Services account, set `Scope` to `Local`.
     #
     #   This parameter is optional. If it is not included, or if it is set to
     #   `All`, all policies are returned.

data/lib/aws-sdk-iam/types.rb CHANGED Viewed

@@ -186,8 +186,9 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] region
-    #   The Region where this access key was most recently used. The value
-    #   for this field is "N/A" in the following situations:
+    #   The Amazon Web Services Region where this access key was most
+    #   recently used. The value for this field is "N/A" in the following
+    #   situations:
     #
     #   * The user does not have an access key.
     #
@@ -196,8 +197,8 @@ module Aws::IAM
     #
     #   * There is no sign-in data associated with the user.
     #
-    #   For more information about Regions, see [Regions and endpoints][1]
-    #   in the Amazon Web Services General Reference.
+    #   For more information about Amazon Web Services Regions, see [Regions
+    #   and endpoints][1] in the Amazon Web Services General Reference.
     #
     #
     #
@@ -574,8 +575,8 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] new_password
-    #   The new password. The new password must conform to the account's
-    #   password policy, if one exists.
+    #   The new password. The new password must conform to the Amazon Web
+    #   Services account's password policy, if one exists.
     #
     #   The [regex pattern][1] that is used to validate this parameter is a
     #   string of characters. That string can include almost any printable
@@ -583,9 +584,9 @@ module Aws::IAM
     #   ASCII character range (`\u00FF`). You can also include the tab
     #   (`\u0009`), line feed (`\u000A`), and carriage return (`\u000D`)
     #   characters. Any of these characters are valid in a password.
-    #   However, many tools, such as the Management Console, might restrict
-    #   the ability to type certain characters because they have special
-    #   meaning within that tool.
+    #   However, many tools, such as the Amazon Web Services Management
+    #   Console, might restrict the ability to type certain characters
+    #   because they have special meaning within that tool.
     #
     #
     #
@@ -911,9 +912,9 @@ module Aws::IAM
     #   ASCII character range (`\u00FF`). You can also include the tab
     #   (`\u0009`), line feed (`\u000A`), and carriage return (`\u000D`)
     #   characters. Any of these characters are valid in a password.
-    #   However, many tools, such as the Management Console, might restrict
-    #   the ability to type certain characters because they have special
-    #   meaning within that tool.
+    #   However, many tools, such as the Amazon Web Services Management
+    #   Console, might restrict the ability to type certain characters
+    #   because they have special meaning within that tool.
     #
     #
     #
@@ -970,18 +971,19 @@ module Aws::IAM
     #   Connect ID tokens. Per the OIDC standard, path components are
     #   allowed but query parameters are not. Typically the URL consists of
     #   only a hostname, like `https://server.example.org` or
-    #   `https://example.com`.
+    #   `https://example.com`. The URL should not contain a port number.
     #
     #   You cannot register the same provider multiple times in a single
-    #   account. If you try to submit a URL that has already been used for
-    #   an OpenID Connect provider in the account, you will get an error.
+    #   Amazon Web Services account. If you try to submit a URL that has
+    #   already been used for an OpenID Connect provider in the Amazon Web
+    #   Services account, you will get an error.
     #   @return [String]
     #
     # @!attribute [rw] client_id_list
-    #   A list of client IDs (also known as audiences). When a mobile or web
-    #   app registers with an OpenID Connect provider, they establish a
-    #   value that identifies the application. (This is the value that's
-    #   sent as the `client_id` parameter on OAuth requests.)
+    #   Provides a list of client IDs, also known as audiences. When a
+    #   mobile or web app registers with an OpenID Connect provider, they
+    #   establish a value that identifies the application. This is the value
+    #   that's sent as the `client_id` parameter on OAuth requests.
     #
     #   You can register multiple client IDs with the same provider. For
     #   example, you might have multiple applications that use the same OIDC
@@ -1010,11 +1012,11 @@ module Aws::IAM
     #   `server.example.com` and the provider stores its keys at
     #   https://keys.server.example.com/openid-connect. In that case, the
     #   thumbprint string would be the hex-encoded SHA-1 hash value of the
-    #   certificate used by https://keys.server.example.com.
+    #   certificate used by `https://keys.server.example.com.`
     #
-    #   For more information about obtaining the OIDC provider's
-    #   thumbprint, see [Obtaining the thumbprint for an OpenID Connect
-    #   provider][1] in the *IAM User Guide*.
+    #   For more information about obtaining the OIDC provider thumbprint,
+    #   see [Obtaining the thumbprint for an OpenID Connect provider][1] in
+    #   the *IAM User Guide*.
     #
     #
     #
@@ -1119,6 +1121,10 @@ module Aws::IAM
     #   DEL character (`\u007F`), including most punctuation characters,
     #   digits, and upper and lowercased letters.
     #
+    #   <note markdown="1"> You cannot use an asterisk (*) in the path name.
+    #
+    #    </note>
+    #
     #
     #
     #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
@@ -3911,7 +3917,7 @@ module Aws::IAM
     #
     # @!attribute [rw] create_date
     #   The date and time when the IAM OIDC provider resource object was
-    #   created in the account.
+    #   created in the Amazon Web Services account.
     #   @return [Time]
     #
     # @!attribute [rw] tags
@@ -6594,8 +6600,8 @@ module Aws::IAM
     # request.
     #
     # @!attribute [rw] open_id_connect_provider_list
-    #   The list of IAM OIDC provider resource objects defined in the
-    #   account.
+    #   The list of IAM OIDC provider resource objects defined in the Amazon
+    #   Web Services account.
     #   @return [Array<Types::OpenIDConnectProviderListEntry>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProvidersResponse AWS API Documentation
@@ -6739,8 +6745,8 @@ module Aws::IAM
     #   The scope to use for filtering the results.
     #
     #   To list only Amazon Web Services managed policies, set `Scope` to
-    #   `AWS`. To list only the customer managed policies in your account,
-    #   set `Scope` to `Local`.
+    #   `AWS`. To list only the customer managed policies in your Amazon Web
+    #   Services account, set `Scope` to `Local`.
     #
     #   This parameter is optional. If it is not included, or if it is set
     #   to `All`, all policies are returned.
@@ -8132,8 +8138,8 @@ module Aws::IAM
     # and GetLoginProfile operations.
     #
     # @!attribute [rw] user_name
-    #   The name of the user, which can be used for signing in to the
-    #   Management Console.
+    #   The name of the user, which can be used for signing in to the Amazon
+    #   Web Services Management Console.
     #   @return [String]
     #
     # @!attribute [rw] create_date
@@ -9813,7 +9819,8 @@ module Aws::IAM
     #   @return [Time]
     #
     # @!attribute [rw] region
-    #   The name of the Region in which the role was last used.
+    #   The name of the Amazon Web Services Region in which the role was
+    #   last used.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RoleLastUsed AWS API Documentation
@@ -10347,14 +10354,14 @@ module Aws::IAM
     #
     # @!attribute [rw] global_endpoint_token_version
     #   The version of the global endpoint token. Version 1 tokens are valid
-    #   only in Regions that are available by default. These tokens do not
-    #   work in manually enabled Regions, such as Asia Pacific (Hong Kong).
-    #   Version 2 tokens are valid in all Regions. However, version 2 tokens
-    #   are longer and might affect systems where you temporarily store
-    #   tokens.
+    #   only in Amazon Web Services Regions that are available by default.
+    #   These tokens do not work in manually enabled Regions, such as Asia
+    #   Pacific (Hong Kong). Version 2 tokens are valid in all Regions.
+    #   However, version 2 tokens are longer and might affect systems where
+    #   you temporarily store tokens.
     #
-    #   For information, see [Activating and deactivating STS in an
-    #   Region][1] in the *IAM User Guide*.
+    #   For information, see [Activating and deactivating STS in an Amazon
+    #   Web Services Region][1] in the *IAM User Guide*.
     #
     #
     #
@@ -10563,17 +10570,17 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] resource_owner
-    #   An ARN representing the account ID that specifies the owner of any
-    #   simulated resource that does not identify its owner in the resource
-    #   ARN. Examples of resource ARNs include an S3 bucket or object. If
-    #   `ResourceOwner` is specified, it is also used as the account owner
-    #   of any `ResourcePolicy` included in the simulation. If the
-    #   `ResourceOwner` parameter is not specified, then the owner of the
-    #   resources and the resource policy defaults to the account of the
-    #   identity provided in `CallerArn`. This parameter is required only if
-    #   you specify a resource-based policy and account that owns the
-    #   resource is different from the account that owns the simulated
-    #   calling user `CallerArn`.
+    #   An ARN representing the Amazon Web Services account ID that
+    #   specifies the owner of any simulated resource that does not identify
+    #   its owner in the resource ARN. Examples of resource ARNs include an
+    #   S3 bucket or object. If `ResourceOwner` is specified, it is also
+    #   used as the account owner of any `ResourcePolicy` included in the
+    #   simulation. If the `ResourceOwner` parameter is not specified, then
+    #   the owner of the resources and the resource policy defaults to the
+    #   account of the identity provided in `CallerArn`. This parameter is
+    #   required only if you specify a resource-based policy and account
+    #   that owns the resource is different from the account that owns the
+    #   simulated calling user `CallerArn`.
     #
     #   The ARN for an account uses the following syntax:
     #   `arn:aws:iam::AWS-account-ID:root`. For example, to represent the
@@ -10880,17 +10887,17 @@ module Aws::IAM
     #   @return [String]
     #
     # @!attribute [rw] resource_owner
-    #   An account ID that specifies the owner of any simulated resource
-    #   that does not identify its owner in the resource ARN. Examples of
-    #   resource ARNs include an S3 bucket or object. If `ResourceOwner` is
-    #   specified, it is also used as the account owner of any
-    #   `ResourcePolicy` included in the simulation. If the `ResourceOwner`
-    #   parameter is not specified, then the owner of the resources and the
-    #   resource policy defaults to the account of the identity provided in
-    #   `CallerArn`. This parameter is required only if you specify a
-    #   resource-based policy and account that owns the resource is
-    #   different from the account that owns the simulated calling user
-    #   `CallerArn`.
+    #   An Amazon Web Services account ID that specifies the owner of any
+    #   simulated resource that does not identify its owner in the resource
+    #   ARN. Examples of resource ARNs include an S3 bucket or object. If
+    #   `ResourceOwner` is specified, it is also used as the account owner
+    #   of any `ResourcePolicy` included in the simulation. If the
+    #   `ResourceOwner` parameter is not specified, then the owner of the
+    #   resources and the resource policy defaults to the account of the
+    #   identity provided in `CallerArn`. This parameter is required only if
+    #   you specify a resource-based policy and account that owns the
+    #   resource is different from the account that owns the simulated
+    #   calling user `CallerArn`.
     #   @return [String]
     #
     # @!attribute [rw] caller_arn
@@ -11913,9 +11920,10 @@ module Aws::IAM
     #   @return [Boolean]
     #
     # @!attribute [rw] allow_users_to_change_password
-    #   Allows all IAM users in your account to use the Management Console
-    #   to change their own passwords. For more information, see [Letting
-    #   IAM users change their own passwords][1] in the *IAM User Guide*.
+    #   Allows all IAM users in your account to use the Amazon Web Services
+    #   Management Console to change their own passwords. For more
+    #   information, see [Letting IAM users change their own passwords][1]
+    #   in the *IAM User Guide*.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users in
@@ -12123,8 +12131,9 @@ module Aws::IAM
     #     carriage return (`\u000D`)
     #
     #   However, the format can be further restricted by the account
-    #   administrator by setting a password policy on the account. For more
-    #   information, see UpdateAccountPasswordPolicy.
+    #   administrator by setting a password policy on the Amazon Web
+    #   Services account. For more information, see
+    #   UpdateAccountPasswordPolicy.
     #
     #
     #

data/lib/aws-sdk-iam/user.rb CHANGED Viewed

@@ -439,8 +439,9 @@ module Aws::IAM
     #   character range (`\u00FF`). You can also include the tab (`\u0009`),
     #   line feed (`\u000A`), and carriage return (`\u000D`) characters. Any
     #   of these characters are valid in a password. However, many tools, such
-    #   as the Management Console, might restrict the ability to type certain
-    #   characters because they have special meaning within that tool.
+    #   as the Amazon Web Services Management Console, might restrict the
+    #   ability to type certain characters because they have special meaning
+    #   within that tool.
     #
     #
     #

data/lib/aws-sdk-iam.rb CHANGED Viewed

@@ -70,6 +70,6 @@ require_relative 'aws-sdk-iam/customizations'
 # @!group service
 module Aws::IAM
-  GEM_VERSION = '1.60.0'
+  GEM_VERSION = '1.64.0'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-iam
 version: !ruby/object:Gem::Version
-  version: 1.60.0
+  version: 1.64.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-09-01 00:00:00.000000000 Z
+date: 2021-11-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.120.0
+        version: 3.122.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.120.0
+        version: 3.122.0
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
   requirement: !ruby/object:Gem::Requirement