aws-sdk-iam 1.65.0 → 1.68.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '09284d42773fe540033c9eec5bc336c733452ceed9038c8f12448be2714f88b6'
-  data.tar.gz: f10879414d3cb98eefb9fd0f59eb5c0ed86d41089e1e9c9432f4613e691fdf37
+  metadata.gz: 3cfe17357565eb402c90e99e7edf6c23c33f13142210108cb1f6473da339d6d4
+  data.tar.gz: c04dd3b12e59e27c59275800d65a3b73f6d78bbedd2bf43b79d689a4b7ac6993
 SHA512:
-  metadata.gz: f3cc76626fdd724c0b12eabce3ae5b5de5c1776212c05afcf1867838e1da8cf8f280597374192393cc8eae7c67e054ad6decac76822958aabcd4fe20d0e458d5
-  data.tar.gz: 476503e31f633f881b9e2dc39d48246eaa787071f2d0fbc7409395deb21d334d7b80c32e861b9f2059b416c17973f1211d4e565237f9ceb1b3a5fba49826e173
+  metadata.gz: 52c95b4065b16306f28694fd2b59fcf83a21717e3266898d0a2590aee6e0bdc1cc9ace1b30287a6b7e4498f6eeba8f158ccc19557fa64f54a01e5ba62eb5305e
+  data.tar.gz: 9de995bba510264e11fd5d3afa26e5211171f16f2564785e439f4c858cddaeea00a41860e92be7dfb425c49aa5159dc11edecd49234b75c2d27a7fc37b6a49e2

data/CHANGELOG.md

@@ -1,6 +1,21 @@
 Unreleased Changes
 ------------------
 
+1.68.0 (2022-02-24)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.67.0 (2022-02-17)
+------------------
+
+* Feature - Documentation updates for AWS Identity and Access Management (IAM).
+
+1.66.0 (2022-02-03)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
 1.65.0 (2021-12-21)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.65.0
+1.68.0

data/lib/aws-sdk-iam/account_password_policy.rb

@@ -61,6 +61,10 @@ module Aws::IAM
     end
 
     # Specifies whether IAM users are allowed to change their own password.
+    # Gives IAM users permissions to `iam:ChangePassword` for only their
+    # user and to the `iam:GetAccountPasswordPolicy` action. This option
+    # does not attach a permissions policy to each user, rather the
+    # permissions are applied at the account-level for all users by IAM.
     # @return [Boolean]
     def allow_users_to_change_password
       data[:allow_users_to_change_password]
@@ -88,7 +92,11 @@ module Aws::IAM
     end
 
     # Specifies whether IAM users are prevented from setting a new password
-    # after their password has expired.
+    # via the Amazon Web Services Management Console after their password
+    # has expired. The IAM user cannot access the console until an
+    # administrator resets the password. IAM users with `iam:ChangePassword`
+    # permission and active access keys can reset their own expired console
+    # password using the CLI or API.
     # @return [Boolean]
     def hard_expiry
       data[:hard_expiry]
@@ -290,8 +298,8 @@ module Aws::IAM
     # @option options [Boolean] :allow_users_to_change_password
     #   Allows all IAM users in your account to use the Amazon Web Services
     #   Management Console to change their own passwords. For more
-    #   information, see [Letting IAM users change their own passwords][1] in
-    #   the *IAM User Guide*.
+    #   information, see [Permitting IAM users to change their own
+    #   passwords][1] in the *IAM User Guide*.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users in the
@@ -300,7 +308,7 @@ module Aws::IAM
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_enable-user-change.html
     # @option options [Integer] :max_password_age
     #   The number of days that an IAM user password is valid.
     #
@@ -315,14 +323,26 @@ module Aws::IAM
     #   uses the default value of `0`. The result is that IAM users are not
     #   prevented from reusing previous passwords.
     # @option options [Boolean] :hard_expiry
-    #   Prevents IAM users from setting a new password after their password
-    #   has expired. The IAM user cannot be accessed until an administrator
-    #   resets the password.
+    #   Prevents IAM users who are accessing the account via the Amazon Web
+    #   Services Management Console from setting a new console password after
+    #   their password has expired. The IAM user cannot access the console
+    #   until an administrator resets the password.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users can
     #   change their passwords after they expire and continue to sign in as
     #   the user.
+    #
+    #   <note markdown="1"> In the Amazon Web Services Management Console, the custom password
+    #   policy option **Allow users to change their own password** gives IAM
+    #   users permissions to `iam:ChangePassword` for only their user and to
+    #   the `iam:GetAccountPasswordPolicy` action. This option does not attach
+    #   a permissions policy to each user, rather the permissions are applied
+    #   at the account-level for all users by IAM. IAM users with
+    #   `iam:ChangePassword` permission and active access keys can reset their
+    #   own expired console password using the CLI or API.
+    #
+    #    </note>
     # @return [EmptyStructure]
     def update(options = {})
       resp = @client.update_account_password_policy(options)

data/lib/aws-sdk-iam/client.rb

@@ -27,7 +27,9 @@ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
 require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
 require 'aws-sdk-core/plugins/transfer_encoding.rb'
 require 'aws-sdk-core/plugins/http_checksum.rb'
+require 'aws-sdk-core/plugins/checksum_algorithm.rb'
 require 'aws-sdk-core/plugins/defaults_mode.rb'
+require 'aws-sdk-core/plugins/recursion_detection.rb'
 require 'aws-sdk-core/plugins/signature_v4.rb'
 require 'aws-sdk-core/plugins/protocols/query.rb'
 
@@ -74,7 +76,9 @@ module Aws::IAM
     add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
     add_plugin(Aws::Plugins::TransferEncoding)
     add_plugin(Aws::Plugins::HttpChecksum)
+    add_plugin(Aws::Plugins::ChecksumAlgorithm)
     add_plugin(Aws::Plugins::DefaultsMode)
+    add_plugin(Aws::Plugins::RecursionDetection)
     add_plugin(Aws::Plugins::SignatureV4)
     add_plugin(Aws::Plugins::Protocols::Query)
 
@@ -3989,9 +3993,9 @@ module Aws::IAM
     # Generates a report that includes details about when an IAM resource
     # (user, group, role, or policy) was last used in an attempt to access
     # Amazon Web Services services. Recent activity usually appears within
-    # four hours. IAM reports activity for the last 365 days, or less if
-    # your Region began supporting this feature within the last year. For
-    # more information, see [Regions where data is tracked][1].
+    # four hours. IAM reports activity for at least the last 400 days, or
+    # less if your Region began supporting this feature within the last
+    # year. For more information, see [Regions where data is tracked][1].
     #
     # The service last accessed data includes all attempts to access an
     # Amazon Web Services API, not just the successful ones. This includes
@@ -9105,8 +9109,8 @@ module Aws::IAM
     # <note markdown="1"> IAM resource-listing operations return a subset of the available
     # attributes for the resource. For example, this operation does not
     # return tags, even though they are an attribute of the returned object.
-    # To view all of the information for a virtual MFA device, see
-    # ListVirtualMFADevices.
+    # To view tag information for a virtual MFA device, see
+    # ListMFADeviceTags.
     #
     #  </note>
     #
@@ -11842,15 +11846,13 @@ module Aws::IAM
     # Updates the password policy settings for the Amazon Web Services
     # account.
     #
-    # <note markdown="1"> * This operation does not support partial updates. No parameters are
-    #   required, but if you do not specify a parameter, that parameter's
-    #   value reverts to its default value. See the **Request Parameters**
-    #   section for each parameter's default value. Also note that some
-    #   parameters do not allow the default parameter to be explicitly set.
-    #   Instead, to invoke the default value, do not include that parameter
-    #   when you invoke the operation.
-    #
-    # ^
+    # <note markdown="1"> This operation does not support partial updates. No parameters are
+    # required, but if you do not specify a parameter, that parameter's
+    # value reverts to its default value. See the **Request Parameters**
+    # section for each parameter's default value. Also note that some
+    # parameters do not allow the default parameter to be explicitly set.
+    # Instead, to invoke the default value, do not include that parameter
+    # when you invoke the operation.
     #
     #  </note>
     #
@@ -11904,8 +11906,8 @@ module Aws::IAM
     # @option params [Boolean] :allow_users_to_change_password
     #   Allows all IAM users in your account to use the Amazon Web Services
     #   Management Console to change their own passwords. For more
-    #   information, see [Letting IAM users change their own passwords][1] in
-    #   the *IAM User Guide*.
+    #   information, see [Permitting IAM users to change their own
+    #   passwords][1] in the *IAM User Guide*.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users in the
@@ -11914,7 +11916,7 @@ module Aws::IAM
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_enable-user-change.html
     #
     # @option params [Integer] :max_password_age
     #   The number of days that an IAM user password is valid.
@@ -11932,15 +11934,27 @@ module Aws::IAM
     #   prevented from reusing previous passwords.
     #
     # @option params [Boolean] :hard_expiry
-    #   Prevents IAM users from setting a new password after their password
-    #   has expired. The IAM user cannot be accessed until an administrator
-    #   resets the password.
+    #   Prevents IAM users who are accessing the account via the Amazon Web
+    #   Services Management Console from setting a new console password after
+    #   their password has expired. The IAM user cannot access the console
+    #   until an administrator resets the password.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users can
     #   change their passwords after they expire and continue to sign in as
     #   the user.
     #
+    #   <note markdown="1"> In the Amazon Web Services Management Console, the custom password
+    #   policy option **Allow users to change their own password** gives IAM
+    #   users permissions to `iam:ChangePassword` for only their user and to
+    #   the `iam:GetAccountPasswordPolicy` action. This option does not attach
+    #   a permissions policy to each user, rather the permissions are applied
+    #   at the account-level for all users by IAM. IAM users with
+    #   `iam:ChangePassword` permission and active access keys can reset their
+    #   own expired console password using the CLI or API.
+    #
+    #    </note>
+    #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
     #
@@ -13211,7 +13225,7 @@ module Aws::IAM
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-iam'
-      context[:gem_version] = '1.65.0'
+      context[:gem_version] = '1.68.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-iam/resource.rb

@@ -142,8 +142,8 @@ module Aws::IAM
     # @option options [Boolean] :allow_users_to_change_password
     #   Allows all IAM users in your account to use the Amazon Web Services
     #   Management Console to change their own passwords. For more
-    #   information, see [Letting IAM users change their own passwords][1] in
-    #   the *IAM User Guide*.
+    #   information, see [Permitting IAM users to change their own
+    #   passwords][1] in the *IAM User Guide*.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users in the
@@ -152,7 +152,7 @@ module Aws::IAM
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_enable-user-change.html
     # @option options [Integer] :max_password_age
     #   The number of days that an IAM user password is valid.
     #
@@ -167,14 +167,26 @@ module Aws::IAM
     #   uses the default value of `0`. The result is that IAM users are not
     #   prevented from reusing previous passwords.
     # @option options [Boolean] :hard_expiry
-    #   Prevents IAM users from setting a new password after their password
-    #   has expired. The IAM user cannot be accessed until an administrator
-    #   resets the password.
+    #   Prevents IAM users who are accessing the account via the Amazon Web
+    #   Services Management Console from setting a new console password after
+    #   their password has expired. The IAM user cannot access the console
+    #   until an administrator resets the password.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users can
     #   change their passwords after they expire and continue to sign in as
     #   the user.
+    #
+    #   <note markdown="1"> In the Amazon Web Services Management Console, the custom password
+    #   policy option **Allow users to change their own password** gives IAM
+    #   users permissions to `iam:ChangePassword` for only their user and to
+    #   the `iam:GetAccountPasswordPolicy` action. This option does not attach
+    #   a permissions policy to each user, rather the permissions are applied
+    #   at the account-level for all users by IAM. IAM users with
+    #   `iam:ChangePassword` permission and active access keys can reset their
+    #   own expired console password using the CLI or API.
+    #
+    #    </note>
     # @return [AccountPasswordPolicy]
     def create_account_password_policy(options = {})
       @client.update_account_password_policy(options)

data/lib/aws-sdk-iam/types.rb

@@ -8440,7 +8440,11 @@ module Aws::IAM
     #
     # @!attribute [rw] allow_users_to_change_password
     #   Specifies whether IAM users are allowed to change their own
-    #   password.
+    #   password. Gives IAM users permissions to `iam:ChangePassword` for
+    #   only their user and to the `iam:GetAccountPasswordPolicy` action.
+    #   This option does not attach a permissions policy to each user,
+    #   rather the permissions are applied at the account-level for all
+    #   users by IAM.
     #   @return [Boolean]
     #
     # @!attribute [rw] expire_passwords
@@ -8460,7 +8464,11 @@ module Aws::IAM
     #
     # @!attribute [rw] hard_expiry
     #   Specifies whether IAM users are prevented from setting a new
-    #   password after their password has expired.
+    #   password via the Amazon Web Services Management Console after their
+    #   password has expired. The IAM user cannot access the console until
+    #   an administrator resets the password. IAM users with
+    #   `iam:ChangePassword` permission and active access keys can reset
+    #   their own expired console password using the CLI or API.
     #   @return [Boolean]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PasswordPolicy AWS API Documentation
@@ -11922,8 +11930,8 @@ module Aws::IAM
     # @!attribute [rw] allow_users_to_change_password
     #   Allows all IAM users in your account to use the Amazon Web Services
     #   Management Console to change their own passwords. For more
-    #   information, see [Letting IAM users change their own passwords][1]
-    #   in the *IAM User Guide*.
+    #   information, see [Permitting IAM users to change their own
+    #   passwords][1] in the *IAM User Guide*.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users in
@@ -11932,7 +11940,7 @@ module Aws::IAM
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_enable-user-change.html
     #   @return [Boolean]
     #
     # @!attribute [rw] max_password_age
@@ -11953,14 +11961,26 @@ module Aws::IAM
     #   @return [Integer]
     #
     # @!attribute [rw] hard_expiry
-    #   Prevents IAM users from setting a new password after their password
-    #   has expired. The IAM user cannot be accessed until an administrator
-    #   resets the password.
+    #   Prevents IAM users who are accessing the account via the Amazon Web
+    #   Services Management Console from setting a new console password
+    #   after their password has expired. The IAM user cannot access the
+    #   console until an administrator resets the password.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users can
     #   change their passwords after they expire and continue to sign in as
     #   the user.
+    #
+    #   <note markdown="1"> In the Amazon Web Services Management Console, the custom password
+    #   policy option **Allow users to change their own password** gives IAM
+    #   users permissions to `iam:ChangePassword` for only their user and to
+    #   the `iam:GetAccountPasswordPolicy` action. This option does not
+    #   attach a permissions policy to each user, rather the permissions are
+    #   applied at the account-level for all users by IAM. IAM users with
+    #   `iam:ChangePassword` permission and active access keys can reset
+    #   their own expired console password using the CLI or API.
+    #
+    #    </note>
     #   @return [Boolean]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccountPasswordPolicyRequest AWS API Documentation

data/lib/aws-sdk-iam.rb

@@ -70,6 +70,6 @@ require_relative 'aws-sdk-iam/customizations'
 # @!group service
 module Aws::IAM
 
-  GEM_VERSION = '1.65.0'
+  GEM_VERSION = '1.68.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-iam
 version: !ruby/object:Gem::Version
-  version: 1.65.0
+  version: 1.68.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-12-21 00:00:00.000000000 Z
+date: 2022-02-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.125.0
+        version: 3.127.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.125.0
+        version: 3.127.0
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
   requirement: !ruby/object:Gem::Requirement