aws-sdk-iam 1.63.0 → 1.67.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9fa3433396c62a683d3f1027e960f1b063f5451fae8eeee3df5079098251ae3e
-  data.tar.gz: ef7ad364a3f2cacd4d18627ddbc3e55d238a9ed2d58a7c1720a0d679582867ab
+  metadata.gz: 5da2823800d51a971676fb664df4b1d6a8b479fc3c536672ece25d5b164bb33a
+  data.tar.gz: cde6895069144bfc4e8362394ba81ed75fca17d53ec95c0b1ce49f3d59d088bb
 SHA512:
-  metadata.gz: 4abb7e8a0978c1c4282d503e9159c95a56e8f11cf5cd20d7938f5c438e7a69dd5f02f3ed883a3687cbeeb775e1f631e061e7fce3c748a17dd1bcab36e0e77855
-  data.tar.gz: e7644e8888056627f6f1dc4c30767c768a95144861eb8b509e96ba12ec0d1e464a9e5bbedbb4bd236ce96d7745c8b1a10305396d6ac6fab61206a4bf613eaaed
+  metadata.gz: 8e2f98e4778bcc9e10aab3397dd7fc1debf6fd556fb077bffabe18893df78c8dc6065c00a9c1a3e2e85f0552880308822c91a02cdd8c4599542333f0bdbb6ef7
+  data.tar.gz: 0f082c39147da1095b31ec506b63722fcee70fef5b40d1daed6b75bb9469733b74e0b8e0075888a7d57f537f711a50f2acfb045d2de61b61c2b6fd7251994acf

data/CHANGELOG.md

@@ -1,6 +1,26 @@
 Unreleased Changes
 ------------------
 
+1.67.0 (2022-02-17)
+------------------
+
+* Feature - Documentation updates for AWS Identity and Access Management (IAM).
+
+1.66.0 (2022-02-03)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.65.0 (2021-12-21)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.64.0 (2021-11-30)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
 1.63.0 (2021-11-04)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.63.0
+1.67.0

data/lib/aws-sdk-iam/account_password_policy.rb

@@ -61,6 +61,10 @@ module Aws::IAM
     end
 
     # Specifies whether IAM users are allowed to change their own password.
+    # Gives IAM users permissions to `iam:ChangePassword` for only their
+    # user and to the `iam:GetAccountPasswordPolicy` action. This option
+    # does not attach a permissions policy to each user, rather the
+    # permissions are applied at the account-level for all users by IAM.
     # @return [Boolean]
     def allow_users_to_change_password
       data[:allow_users_to_change_password]
@@ -88,7 +92,11 @@ module Aws::IAM
     end
 
     # Specifies whether IAM users are prevented from setting a new password
-    # after their password has expired.
+    # via the Amazon Web Services Management Console after their password
+    # has expired. The IAM user cannot access the console until an
+    # administrator resets the password. IAM users with `iam:ChangePassword`
+    # permission and active access keys can reset their own expired console
+    # password using the CLI or API.
     # @return [Boolean]
     def hard_expiry
       data[:hard_expiry]
@@ -290,8 +298,8 @@ module Aws::IAM
     # @option options [Boolean] :allow_users_to_change_password
     #   Allows all IAM users in your account to use the Amazon Web Services
     #   Management Console to change their own passwords. For more
-    #   information, see [Letting IAM users change their own passwords][1] in
-    #   the *IAM User Guide*.
+    #   information, see [Permitting IAM users to change their own
+    #   passwords][1] in the *IAM User Guide*.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users in the
@@ -300,7 +308,7 @@ module Aws::IAM
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_enable-user-change.html
     # @option options [Integer] :max_password_age
     #   The number of days that an IAM user password is valid.
     #
@@ -315,14 +323,26 @@ module Aws::IAM
     #   uses the default value of `0`. The result is that IAM users are not
     #   prevented from reusing previous passwords.
     # @option options [Boolean] :hard_expiry
-    #   Prevents IAM users from setting a new password after their password
-    #   has expired. The IAM user cannot be accessed until an administrator
-    #   resets the password.
+    #   Prevents IAM users who are accessing the account via the Amazon Web
+    #   Services Management Console from setting a new console password after
+    #   their password has expired. The IAM user cannot access the console
+    #   until an administrator resets the password.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users can
     #   change their passwords after they expire and continue to sign in as
     #   the user.
+    #
+    #   <note markdown="1"> In the Amazon Web Services Management Console, the custom password
+    #   policy option **Allow users to change their own password** gives IAM
+    #   users permissions to `iam:ChangePassword` for only their user and to
+    #   the `iam:GetAccountPasswordPolicy` action. This option does not attach
+    #   a permissions policy to each user, rather the permissions are applied
+    #   at the account-level for all users by IAM. IAM users with
+    #   `iam:ChangePassword` permission and active access keys can reset their
+    #   own expired console password using the CLI or API.
+    #
+    #    </note>
     # @return [EmptyStructure]
     def update(options = {})
       resp = @client.update_account_password_policy(options)

data/lib/aws-sdk-iam/client.rb

@@ -27,6 +27,8 @@ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
 require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
 require 'aws-sdk-core/plugins/transfer_encoding.rb'
 require 'aws-sdk-core/plugins/http_checksum.rb'
+require 'aws-sdk-core/plugins/defaults_mode.rb'
+require 'aws-sdk-core/plugins/recursion_detection.rb'
 require 'aws-sdk-core/plugins/signature_v4.rb'
 require 'aws-sdk-core/plugins/protocols/query.rb'
 
@@ -73,6 +75,8 @@ module Aws::IAM
     add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
     add_plugin(Aws::Plugins::TransferEncoding)
     add_plugin(Aws::Plugins::HttpChecksum)
+    add_plugin(Aws::Plugins::DefaultsMode)
+    add_plugin(Aws::Plugins::RecursionDetection)
     add_plugin(Aws::Plugins::SignatureV4)
     add_plugin(Aws::Plugins::Protocols::Query)
 
@@ -119,7 +123,9 @@ module Aws::IAM
     #     * EC2/ECS IMDS instance profile - When used by default, the timeouts
     #       are very aggressive. Construct and pass an instance of
     #       `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
-    #       enable retries and extended timeouts.
+    #       enable retries and extended timeouts. Instance profile credential
+    #       fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED']
+    #       to true.
     #
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
@@ -173,6 +179,10 @@ module Aws::IAM
     #     Used only in `standard` and adaptive retry modes. Specifies whether to apply
     #     a clock skew correction and retry requests with skewed client clocks.
     #
+    #   @option options [String] :defaults_mode ("legacy")
+    #     See {Aws::DefaultsModeConfiguration} for a list of the
+    #     accepted modes and the configuration defaults that are included.
+    #
     #   @option options [Boolean] :disable_host_prefix_injection (false)
     #     Set to true to disable SDK automatically adding host prefix
     #     to default service endpoint when available.
@@ -295,7 +305,7 @@ module Aws::IAM
     #     seconds to wait when opening a HTTP session before raising a
     #     `Timeout::Error`.
     #
-    #   @option options [Integer] :http_read_timeout (60) The default
+    #   @option options [Float] :http_read_timeout (60) The default
     #     number of seconds to wait for response data.  This value can
     #     safely be set per-request on the session.
     #
@@ -311,6 +321,9 @@ module Aws::IAM
     #     disables this behaviour.  This value can safely be set per
     #     request on the session.
     #
+    #   @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
+    #     in seconds.
+    #
     #   @option options [Boolean] :http_wire_trace (false) When `true`,
     #     HTTP debug output will be sent to the `:logger`.
     #
@@ -3978,9 +3991,9 @@ module Aws::IAM
     # Generates a report that includes details about when an IAM resource
     # (user, group, role, or policy) was last used in an attempt to access
     # Amazon Web Services services. Recent activity usually appears within
-    # four hours. IAM reports activity for the last 365 days, or less if
-    # your Region began supporting this feature within the last year. For
-    # more information, see [Regions where data is tracked][1].
+    # four hours. IAM reports activity for at least the last 400 days, or
+    # less if your Region began supporting this feature within the last
+    # year. For more information, see [Regions where data is tracked][1].
     #
     # The service last accessed data includes all attempts to access an
     # Amazon Web Services API, not just the successful ones. This includes
@@ -9094,8 +9107,8 @@ module Aws::IAM
     # <note markdown="1"> IAM resource-listing operations return a subset of the available
     # attributes for the resource. For example, this operation does not
     # return tags, even though they are an attribute of the returned object.
-    # To view all of the information for a virtual MFA device, see
-    # ListVirtualMFADevices.
+    # To view tag information for a virtual MFA device, see
+    # ListMFADeviceTags.
     #
     #  </note>
     #
@@ -11831,15 +11844,13 @@ module Aws::IAM
     # Updates the password policy settings for the Amazon Web Services
     # account.
     #
-    # <note markdown="1"> * This operation does not support partial updates. No parameters are
-    #   required, but if you do not specify a parameter, that parameter's
-    #   value reverts to its default value. See the **Request Parameters**
-    #   section for each parameter's default value. Also note that some
-    #   parameters do not allow the default parameter to be explicitly set.
-    #   Instead, to invoke the default value, do not include that parameter
-    #   when you invoke the operation.
-    #
-    # ^
+    # <note markdown="1"> This operation does not support partial updates. No parameters are
+    # required, but if you do not specify a parameter, that parameter's
+    # value reverts to its default value. See the **Request Parameters**
+    # section for each parameter's default value. Also note that some
+    # parameters do not allow the default parameter to be explicitly set.
+    # Instead, to invoke the default value, do not include that parameter
+    # when you invoke the operation.
     #
     #  </note>
     #
@@ -11893,8 +11904,8 @@ module Aws::IAM
     # @option params [Boolean] :allow_users_to_change_password
     #   Allows all IAM users in your account to use the Amazon Web Services
     #   Management Console to change their own passwords. For more
-    #   information, see [Letting IAM users change their own passwords][1] in
-    #   the *IAM User Guide*.
+    #   information, see [Permitting IAM users to change their own
+    #   passwords][1] in the *IAM User Guide*.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users in the
@@ -11903,7 +11914,7 @@ module Aws::IAM
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_enable-user-change.html
     #
     # @option params [Integer] :max_password_age
     #   The number of days that an IAM user password is valid.
@@ -11921,15 +11932,27 @@ module Aws::IAM
     #   prevented from reusing previous passwords.
     #
     # @option params [Boolean] :hard_expiry
-    #   Prevents IAM users from setting a new password after their password
-    #   has expired. The IAM user cannot be accessed until an administrator
-    #   resets the password.
+    #   Prevents IAM users who are accessing the account via the Amazon Web
+    #   Services Management Console from setting a new console password after
+    #   their password has expired. The IAM user cannot access the console
+    #   until an administrator resets the password.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users can
     #   change their passwords after they expire and continue to sign in as
     #   the user.
     #
+    #   <note markdown="1"> In the Amazon Web Services Management Console, the custom password
+    #   policy option **Allow users to change their own password** gives IAM
+    #   users permissions to `iam:ChangePassword` for only their user and to
+    #   the `iam:GetAccountPasswordPolicy` action. This option does not attach
+    #   a permissions policy to each user, rather the permissions are applied
+    #   at the account-level for all users by IAM. IAM users with
+    #   `iam:ChangePassword` permission and active access keys can reset their
+    #   own expired console password using the CLI or API.
+    #
+    #    </note>
+    #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
     #
@@ -13200,7 +13223,7 @@ module Aws::IAM
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-iam'
-      context[:gem_version] = '1.63.0'
+      context[:gem_version] = '1.67.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-iam/resource.rb

@@ -142,8 +142,8 @@ module Aws::IAM
     # @option options [Boolean] :allow_users_to_change_password
     #   Allows all IAM users in your account to use the Amazon Web Services
     #   Management Console to change their own passwords. For more
-    #   information, see [Letting IAM users change their own passwords][1] in
-    #   the *IAM User Guide*.
+    #   information, see [Permitting IAM users to change their own
+    #   passwords][1] in the *IAM User Guide*.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users in the
@@ -152,7 +152,7 @@ module Aws::IAM
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_enable-user-change.html
     # @option options [Integer] :max_password_age
     #   The number of days that an IAM user password is valid.
     #
@@ -167,14 +167,26 @@ module Aws::IAM
     #   uses the default value of `0`. The result is that IAM users are not
     #   prevented from reusing previous passwords.
     # @option options [Boolean] :hard_expiry
-    #   Prevents IAM users from setting a new password after their password
-    #   has expired. The IAM user cannot be accessed until an administrator
-    #   resets the password.
+    #   Prevents IAM users who are accessing the account via the Amazon Web
+    #   Services Management Console from setting a new console password after
+    #   their password has expired. The IAM user cannot access the console
+    #   until an administrator resets the password.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users can
     #   change their passwords after they expire and continue to sign in as
     #   the user.
+    #
+    #   <note markdown="1"> In the Amazon Web Services Management Console, the custom password
+    #   policy option **Allow users to change their own password** gives IAM
+    #   users permissions to `iam:ChangePassword` for only their user and to
+    #   the `iam:GetAccountPasswordPolicy` action. This option does not attach
+    #   a permissions policy to each user, rather the permissions are applied
+    #   at the account-level for all users by IAM. IAM users with
+    #   `iam:ChangePassword` permission and active access keys can reset their
+    #   own expired console password using the CLI or API.
+    #
+    #    </note>
     # @return [AccountPasswordPolicy]
     def create_account_password_policy(options = {})
       @client.update_account_password_policy(options)

data/lib/aws-sdk-iam/types.rb

@@ -8440,7 +8440,11 @@ module Aws::IAM
     #
     # @!attribute [rw] allow_users_to_change_password
     #   Specifies whether IAM users are allowed to change their own
-    #   password.
+    #   password. Gives IAM users permissions to `iam:ChangePassword` for
+    #   only their user and to the `iam:GetAccountPasswordPolicy` action.
+    #   This option does not attach a permissions policy to each user,
+    #   rather the permissions are applied at the account-level for all
+    #   users by IAM.
     #   @return [Boolean]
     #
     # @!attribute [rw] expire_passwords
@@ -8460,7 +8464,11 @@ module Aws::IAM
     #
     # @!attribute [rw] hard_expiry
     #   Specifies whether IAM users are prevented from setting a new
-    #   password after their password has expired.
+    #   password via the Amazon Web Services Management Console after their
+    #   password has expired. The IAM user cannot access the console until
+    #   an administrator resets the password. IAM users with
+    #   `iam:ChangePassword` permission and active access keys can reset
+    #   their own expired console password using the CLI or API.
     #   @return [Boolean]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PasswordPolicy AWS API Documentation
@@ -11922,8 +11930,8 @@ module Aws::IAM
     # @!attribute [rw] allow_users_to_change_password
     #   Allows all IAM users in your account to use the Amazon Web Services
     #   Management Console to change their own passwords. For more
-    #   information, see [Letting IAM users change their own passwords][1]
-    #   in the *IAM User Guide*.
+    #   information, see [Permitting IAM users to change their own
+    #   passwords][1] in the *IAM User Guide*.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users in
@@ -11932,7 +11940,7 @@ module Aws::IAM
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_enable-user-change.html
     #   @return [Boolean]
     #
     # @!attribute [rw] max_password_age
@@ -11953,14 +11961,26 @@ module Aws::IAM
     #   @return [Integer]
     #
     # @!attribute [rw] hard_expiry
-    #   Prevents IAM users from setting a new password after their password
-    #   has expired. The IAM user cannot be accessed until an administrator
-    #   resets the password.
+    #   Prevents IAM users who are accessing the account via the Amazon Web
+    #   Services Management Console from setting a new console password
+    #   after their password has expired. The IAM user cannot access the
+    #   console until an administrator resets the password.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users can
     #   change their passwords after they expire and continue to sign in as
     #   the user.
+    #
+    #   <note markdown="1"> In the Amazon Web Services Management Console, the custom password
+    #   policy option **Allow users to change their own password** gives IAM
+    #   users permissions to `iam:ChangePassword` for only their user and to
+    #   the `iam:GetAccountPasswordPolicy` action. This option does not
+    #   attach a permissions policy to each user, rather the permissions are
+    #   applied at the account-level for all users by IAM. IAM users with
+    #   `iam:ChangePassword` permission and active access keys can reset
+    #   their own expired console password using the CLI or API.
+    #
+    #    </note>
     #   @return [Boolean]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccountPasswordPolicyRequest AWS API Documentation

data/lib/aws-sdk-iam.rb

@@ -70,6 +70,6 @@ require_relative 'aws-sdk-iam/customizations'
 # @!group service
 module Aws::IAM
 
-  GEM_VERSION = '1.63.0'
+  GEM_VERSION = '1.67.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-iam
 version: !ruby/object:Gem::Version
-  version: 1.63.0
+  version: 1.67.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-11-04 00:00:00.000000000 Z
+date: 2022-02-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.122.0
+        version: 3.126.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.122.0
+        version: 3.126.0
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
   requirement: !ruby/object:Gem::Requirement