aws-sdk-iam 1.73.0 → 1.75.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +13 -1
- data/VERSION +1 -1
- data/lib/aws-sdk-iam/client.rb +130 -28
- data/lib/aws-sdk-iam/endpoint_parameters.rb +3 -0
- data/lib/aws-sdk-iam/endpoint_provider.rb +137 -335
- data/lib/aws-sdk-iam/resource.rb +34 -4
- data/lib/aws-sdk-iam/types.rb +88 -1408
- data/lib/aws-sdk-iam/user.rb +17 -2
- data/lib/aws-sdk-iam.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ef84c0d91723ced85c4f386e729ccce65d8015eb3a211e43ecfd82e3f0e66704
|
4
|
+
data.tar.gz: 1bbdbb017d13ce2fcf7cf1a7ff11206be46086df7c6757474e15bdf082a97d0b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e5de3cb4467504346c82b05c019201baa34aa21eb77309ae1fc3a382c33536dfa22dbc450ef428004de1ca85429777076a8345a43784c8e93b34b9dec09d5698
|
7
|
+
data.tar.gz: 239df2e18c8248c0456b5ace08e77991507f75223c74169ed5cc4f42effd64c482c2ec7bcf9c64ae3484b8150c5789b9c393f6b94bdba4728112abb741bcbf4c
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,18 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
1.75.0 (2023-02-01)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Feature - Documentation updates for AWS Identity and Access Management (IAM).
|
8
|
+
|
9
|
+
1.74.0 (2023-01-18)
|
10
|
+
------------------
|
11
|
+
|
12
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
13
|
+
|
14
|
+
* Issue - Replace runtime endpoint resolution approach with generated ruby code.
|
15
|
+
|
4
16
|
1.73.0 (2022-10-26)
|
5
17
|
------------------
|
6
18
|
|
@@ -447,4 +459,4 @@ Unreleased Changes
|
|
447
459
|
1.0.0.rc1 (2016-12-05)
|
448
460
|
------------------
|
449
461
|
|
450
|
-
* Feature - Initial preview release of the `aws-sdk-iam` gem.
|
462
|
+
* Feature - Initial preview release of the `aws-sdk-iam` gem.
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.75.0
|
data/lib/aws-sdk-iam/client.rb
CHANGED
@@ -1298,10 +1298,10 @@ module Aws::IAM
|
|
1298
1298
|
# <note markdown="1"> Amazon Web Services secures communication with some OIDC identity
|
1299
1299
|
# providers (IdPs) through our library of trusted certificate
|
1300
1300
|
# authorities (CAs) instead of using a certificate thumbprint to verify
|
1301
|
-
# your IdP server certificate. These OIDC IdPs include Google,
|
1302
|
-
# that use an Amazon S3 bucket to host a JSON Web Key Set
|
1303
|
-
# endpoint. In these cases, your legacy thumbprint remains in
|
1304
|
-
# configuration, but is no longer used for validation.
|
1301
|
+
# your IdP server certificate. These OIDC IdPs include Google, Auth0,
|
1302
|
+
# and those that use an Amazon S3 bucket to host a JSON Web Key Set
|
1303
|
+
# (JWKS) endpoint. In these cases, your legacy thumbprint remains in
|
1304
|
+
# your configuration, but is no longer used for validation.
|
1305
1305
|
#
|
1306
1306
|
# </note>
|
1307
1307
|
#
|
@@ -1790,8 +1790,23 @@ module Aws::IAM
|
|
1790
1790
|
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html
|
1791
1791
|
#
|
1792
1792
|
# @option params [String] :permissions_boundary
|
1793
|
-
# The ARN of the policy that is used to set the permissions
|
1794
|
-
# the role.
|
1793
|
+
# The ARN of the managed policy that is used to set the permissions
|
1794
|
+
# boundary for the role.
|
1795
|
+
#
|
1796
|
+
# A permissions boundary policy defines the maximum permissions that
|
1797
|
+
# identity-based policies can grant to an entity, but does not grant
|
1798
|
+
# permissions. Permissions boundaries do not define the maximum
|
1799
|
+
# permissions that a resource-based policy can grant to an entity. To
|
1800
|
+
# learn more, see [Permissions boundaries for IAM entities][1] in the
|
1801
|
+
# *IAM User Guide*.
|
1802
|
+
#
|
1803
|
+
# For more information about policy types, see [Policy types ][2] in the
|
1804
|
+
# *IAM User Guide*.
|
1805
|
+
#
|
1806
|
+
#
|
1807
|
+
#
|
1808
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
|
1809
|
+
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types
|
1795
1810
|
#
|
1796
1811
|
# @option params [Array<Types::Tag>] :tags
|
1797
1812
|
# A list of tags that you want to attach to the new role. Each tag
|
@@ -2183,8 +2198,23 @@ module Aws::IAM
|
|
2183
2198
|
# create resources named both "MyResource" and "myresource".
|
2184
2199
|
#
|
2185
2200
|
# @option params [String] :permissions_boundary
|
2186
|
-
# The ARN of the policy that is used to set the permissions
|
2187
|
-
# the user.
|
2201
|
+
# The ARN of the managed policy that is used to set the permissions
|
2202
|
+
# boundary for the user.
|
2203
|
+
#
|
2204
|
+
# A permissions boundary policy defines the maximum permissions that
|
2205
|
+
# identity-based policies can grant to an entity, but does not grant
|
2206
|
+
# permissions. Permissions boundaries do not define the maximum
|
2207
|
+
# permissions that a resource-based policy can grant to an entity. To
|
2208
|
+
# learn more, see [Permissions boundaries for IAM entities][1] in the
|
2209
|
+
# *IAM User Guide*.
|
2210
|
+
#
|
2211
|
+
# For more information about policy types, see [Policy types ][2] in the
|
2212
|
+
# *IAM User Guide*.
|
2213
|
+
#
|
2214
|
+
#
|
2215
|
+
#
|
2216
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
|
2217
|
+
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types
|
2188
2218
|
#
|
2189
2219
|
# @option params [Array<Types::Tag>] :tags
|
2190
2220
|
# A list of tags that you want to attach to the new user. Each tag
|
@@ -2916,9 +2946,20 @@ module Aws::IAM
|
|
2916
2946
|
req.send_request(options)
|
2917
2947
|
end
|
2918
2948
|
|
2919
|
-
# Deletes the specified role.
|
2920
|
-
#
|
2921
|
-
#
|
2949
|
+
# Deletes the specified role. Unlike the Amazon Web Services Management
|
2950
|
+
# Console, when you delete a role programmatically, you must delete the
|
2951
|
+
# items attached to the role manually, or the deletion fails. For more
|
2952
|
+
# information, see [Deleting an IAM role][1]. Before attempting to
|
2953
|
+
# delete a role, remove the following attached items:
|
2954
|
+
#
|
2955
|
+
# * Inline policies (DeleteRolePolicy)
|
2956
|
+
#
|
2957
|
+
# * Attached managed policies (DetachRolePolicy)
|
2958
|
+
#
|
2959
|
+
# * Instance profile (RemoveRoleFromInstanceProfile)
|
2960
|
+
#
|
2961
|
+
# * Optional – Delete instance profile after detaching from role for
|
2962
|
+
# resource clean up (DeleteInstanceProfile)
|
2922
2963
|
#
|
2923
2964
|
# Make sure that you do not have any Amazon EC2 instances running with
|
2924
2965
|
# the role you are about to delete. Deleting a role or instance profile
|
@@ -2927,7 +2968,7 @@ module Aws::IAM
|
|
2927
2968
|
#
|
2928
2969
|
#
|
2929
2970
|
#
|
2930
|
-
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/
|
2971
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_manage_delete.html#roles-managingrole-deleting-cli
|
2931
2972
|
#
|
2932
2973
|
# @option params [required, String] :role_name
|
2933
2974
|
# The name of the role to delete.
|
@@ -9356,8 +9397,23 @@ module Aws::IAM
|
|
9356
9397
|
# to set the permissions boundary.
|
9357
9398
|
#
|
9358
9399
|
# @option params [required, String] :permissions_boundary
|
9359
|
-
# The ARN of the policy that is used to set the permissions
|
9360
|
-
# the role.
|
9400
|
+
# The ARN of the managed policy that is used to set the permissions
|
9401
|
+
# boundary for the role.
|
9402
|
+
#
|
9403
|
+
# A permissions boundary policy defines the maximum permissions that
|
9404
|
+
# identity-based policies can grant to an entity, but does not grant
|
9405
|
+
# permissions. Permissions boundaries do not define the maximum
|
9406
|
+
# permissions that a resource-based policy can grant to an entity. To
|
9407
|
+
# learn more, see [Permissions boundaries for IAM entities][1] in the
|
9408
|
+
# *IAM User Guide*.
|
9409
|
+
#
|
9410
|
+
# For more information about policy types, see [Policy types ][2] in the
|
9411
|
+
# *IAM User Guide*.
|
9412
|
+
#
|
9413
|
+
#
|
9414
|
+
#
|
9415
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
|
9416
|
+
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types
|
9361
9417
|
#
|
9362
9418
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
9363
9419
|
#
|
@@ -9509,8 +9565,23 @@ module Aws::IAM
|
|
9509
9565
|
# to set the permissions boundary.
|
9510
9566
|
#
|
9511
9567
|
# @option params [required, String] :permissions_boundary
|
9512
|
-
# The ARN of the policy that is used to set the permissions
|
9513
|
-
# the user.
|
9568
|
+
# The ARN of the managed policy that is used to set the permissions
|
9569
|
+
# boundary for the user.
|
9570
|
+
#
|
9571
|
+
# A permissions boundary policy defines the maximum permissions that
|
9572
|
+
# identity-based policies can grant to an entity, but does not grant
|
9573
|
+
# permissions. Permissions boundaries do not define the maximum
|
9574
|
+
# permissions that a resource-based policy can grant to an entity. To
|
9575
|
+
# learn more, see [Permissions boundaries for IAM entities][1] in the
|
9576
|
+
# *IAM User Guide*.
|
9577
|
+
#
|
9578
|
+
# For more information about policy types, see [Policy types ][2] in the
|
9579
|
+
# *IAM User Guide*.
|
9580
|
+
#
|
9581
|
+
#
|
9582
|
+
#
|
9583
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
|
9584
|
+
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types
|
9514
9585
|
#
|
9515
9586
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
9516
9587
|
#
|
@@ -10071,9 +10142,16 @@ module Aws::IAM
|
|
10071
10142
|
# If the output is long, you can use `MaxItems` and `Marker` parameters
|
10072
10143
|
# to paginate the results.
|
10073
10144
|
#
|
10074
|
-
#
|
10075
|
-
#
|
10076
|
-
#
|
10145
|
+
# <note markdown="1"> The IAM policy simulator evaluates statements in the identity-based
|
10146
|
+
# policy and the inputs that you provide during simulation. The policy
|
10147
|
+
# simulator results can differ from your live Amazon Web Services
|
10148
|
+
# environment. We recommend that you check your policies against your
|
10149
|
+
# live Amazon Web Services environment after testing using the policy
|
10150
|
+
# simulator to confirm that you have the desired results. For more
|
10151
|
+
# information about using the policy simulator, see [Testing IAM
|
10152
|
+
# policies with the IAM policy simulator ][1]in the *IAM User Guide*.
|
10153
|
+
#
|
10154
|
+
# </note>
|
10077
10155
|
#
|
10078
10156
|
#
|
10079
10157
|
#
|
@@ -10173,6 +10251,10 @@ module Aws::IAM
|
|
10173
10251
|
# For more information about ARNs, see [Amazon Resource Names (ARNs)][1]
|
10174
10252
|
# in the *Amazon Web Services General Reference*.
|
10175
10253
|
#
|
10254
|
+
# <note markdown="1"> Simulation of resource-based policies isn't supported for IAM roles.
|
10255
|
+
#
|
10256
|
+
# </note>
|
10257
|
+
#
|
10176
10258
|
#
|
10177
10259
|
#
|
10178
10260
|
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
@@ -10200,6 +10282,10 @@ module Aws::IAM
|
|
10200
10282
|
# * The special characters tab (`\u0009`), line feed (`\u000A`), and
|
10201
10283
|
# carriage return (`\u000D`)
|
10202
10284
|
#
|
10285
|
+
# <note markdown="1"> Simulation of resource-based policies isn't supported for IAM roles.
|
10286
|
+
#
|
10287
|
+
# </note>
|
10288
|
+
#
|
10203
10289
|
#
|
10204
10290
|
#
|
10205
10291
|
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
|
@@ -10382,7 +10468,8 @@ module Aws::IAM
|
|
10382
10468
|
# instead.
|
10383
10469
|
#
|
10384
10470
|
# You can also optionally include one resource-based policy to be
|
10385
|
-
# evaluated with each of the resources included in the simulation
|
10471
|
+
# evaluated with each of the resources included in the simulation for
|
10472
|
+
# IAM users only.
|
10386
10473
|
#
|
10387
10474
|
# The simulation does not perform the API operations; it only checks the
|
10388
10475
|
# authorization to determine if the simulated policies allow or deny the
|
@@ -10403,9 +10490,16 @@ module Aws::IAM
|
|
10403
10490
|
# If the output is long, you can use the `MaxItems` and `Marker`
|
10404
10491
|
# parameters to paginate the results.
|
10405
10492
|
#
|
10406
|
-
#
|
10407
|
-
#
|
10408
|
-
#
|
10493
|
+
# <note markdown="1"> The IAM policy simulator evaluates statements in the identity-based
|
10494
|
+
# policy and the inputs that you provide during simulation. The policy
|
10495
|
+
# simulator results can differ from your live Amazon Web Services
|
10496
|
+
# environment. We recommend that you check your policies against your
|
10497
|
+
# live Amazon Web Services environment after testing using the policy
|
10498
|
+
# simulator to confirm that you have the desired results. For more
|
10499
|
+
# information about using the policy simulator, see [Testing IAM
|
10500
|
+
# policies with the IAM policy simulator ][1]in the *IAM User Guide*.
|
10501
|
+
#
|
10502
|
+
# </note>
|
10409
10503
|
#
|
10410
10504
|
#
|
10411
10505
|
#
|
@@ -10511,6 +10605,10 @@ module Aws::IAM
|
|
10511
10605
|
# For more information about ARNs, see [Amazon Resource Names (ARNs)][1]
|
10512
10606
|
# in the *Amazon Web Services General Reference*.
|
10513
10607
|
#
|
10608
|
+
# <note markdown="1"> Simulation of resource-based policies isn't supported for IAM roles.
|
10609
|
+
#
|
10610
|
+
# </note>
|
10611
|
+
#
|
10514
10612
|
#
|
10515
10613
|
#
|
10516
10614
|
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
@@ -10538,6 +10636,10 @@ module Aws::IAM
|
|
10538
10636
|
# * The special characters tab (`\u0009`), line feed (`\u000A`), and
|
10539
10637
|
# carriage return (`\u000D`)
|
10540
10638
|
#
|
10639
|
+
# <note markdown="1"> Simulation of resource-based policies isn't supported for IAM roles.
|
10640
|
+
#
|
10641
|
+
# </note>
|
10642
|
+
#
|
10541
10643
|
#
|
10542
10644
|
#
|
10543
10645
|
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
|
@@ -12255,10 +12357,10 @@ module Aws::IAM
|
|
12255
12357
|
# <note markdown="1"> Amazon Web Services secures communication with some OIDC identity
|
12256
12358
|
# providers (IdPs) through our library of trusted certificate
|
12257
12359
|
# authorities (CAs) instead of using a certificate thumbprint to verify
|
12258
|
-
# your IdP server certificate. These OIDC IdPs include Google,
|
12259
|
-
# that use an Amazon S3 bucket to host a JSON Web Key Set
|
12260
|
-
# endpoint. In these cases, your legacy thumbprint remains in
|
12261
|
-
# configuration, but is no longer used for validation.
|
12360
|
+
# your IdP server certificate. These OIDC IdPs include Google, Auth0,
|
12361
|
+
# and those that use an Amazon S3 bucket to host a JSON Web Key Set
|
12362
|
+
# (JWKS) endpoint. In these cases, your legacy thumbprint remains in
|
12363
|
+
# your configuration, but is no longer used for validation.
|
12262
12364
|
#
|
12263
12365
|
# </note>
|
12264
12366
|
#
|
@@ -13233,7 +13335,7 @@ module Aws::IAM
|
|
13233
13335
|
params: params,
|
13234
13336
|
config: config)
|
13235
13337
|
context[:gem_name] = 'aws-sdk-iam'
|
13236
|
-
context[:gem_version] = '1.
|
13338
|
+
context[:gem_version] = '1.75.0'
|
13237
13339
|
Seahorse::Client::Request.new(handlers, context)
|
13238
13340
|
end
|
13239
13341
|
|
@@ -50,6 +50,9 @@ module Aws::IAM
|
|
50
50
|
|
51
51
|
def initialize(options = {})
|
52
52
|
self[:region] = options[:region]
|
53
|
+
if self[:region].nil?
|
54
|
+
raise ArgumentError, "Missing required EndpointParameter: :region"
|
55
|
+
end
|
53
56
|
self[:use_dual_stack] = options[:use_dual_stack]
|
54
57
|
self[:use_dual_stack] = false if self[:use_dual_stack].nil?
|
55
58
|
if self[:use_dual_stack].nil?
|