aws-sdk-iam 1.94.0 → 1.96.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-iam/client.rb +29 -21
- data/lib/aws-sdk-iam/client_api.rb +34 -28
- data/lib/aws-sdk-iam/errors.rb +16 -0
- data/lib/aws-sdk-iam/types.rb +41 -17
- data/lib/aws-sdk-iam.rb +1 -1
- data/sig/client.rbs +1 -1
- data/sig/errors.rbs +3 -0
- data/sig/types.rbs +5 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 32024a751eb6c81037a6c25684205e08cf683202cde4a1bfc4c317aa3dcca960
|
|
4
|
+
data.tar.gz: e941b2c5ed2f2bfc20c583ac521edab6894a50146683168184c6774d588d2cab
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 89d71bba4d7bcb07510e017fd947599b95b7607ad141cb3ef57804b414d2889d808ab054e86c06533e671034ff0ec537d9b35340b7c3d910b300292427af3547
|
|
7
|
+
data.tar.gz: a5260987542c4d1fcc70192b3fd4239b93119753c41b6b542469743e7b56591ed9846beef5b8cd49b9ca26e5d154d317307173953948ba9583fec56abaebea8c
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,16 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.96.0 (2024-04-16)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
|
8
|
+
|
|
9
|
+
1.95.0 (2024-04-11)
|
|
10
|
+
------------------
|
|
11
|
+
|
|
12
|
+
* Feature - For CreateOpenIDConnectProvider API, the ThumbprintList parameter is no longer required.
|
|
13
|
+
|
|
4
14
|
1.94.0 (2024-01-26)
|
|
5
15
|
------------------
|
|
6
16
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.96.0
|
data/lib/aws-sdk-iam/client.rb
CHANGED
|
@@ -1372,20 +1372,23 @@ module Aws::IAM
|
|
|
1372
1372
|
# `CreateOpenIDConnectProviderRequest` operation accepts client IDs up
|
|
1373
1373
|
# to 255 characters long.
|
|
1374
1374
|
#
|
|
1375
|
-
# @option params [
|
|
1375
|
+
# @option params [Array<String>] :thumbprint_list
|
|
1376
1376
|
# A list of server certificate thumbprints for the OpenID Connect (OIDC)
|
|
1377
1377
|
# identity provider's server certificates. Typically this list includes
|
|
1378
1378
|
# only one entry. However, IAM lets you have up to five thumbprints for
|
|
1379
1379
|
# an OIDC provider. This lets you maintain multiple thumbprints if the
|
|
1380
1380
|
# identity provider is rotating certificates.
|
|
1381
1381
|
#
|
|
1382
|
+
# This parameter is optional. If it is not included, IAM will retrieve
|
|
1383
|
+
# and use the top intermediate certificate authority (CA) thumbprint of
|
|
1384
|
+
# the OpenID Connect identity provider server certificate.
|
|
1385
|
+
#
|
|
1382
1386
|
# The server certificate thumbprint is the hex-encoded SHA-1 hash value
|
|
1383
1387
|
# of the X.509 certificate used by the domain where the OpenID Connect
|
|
1384
1388
|
# provider makes its keys available. It is always a 40-character string.
|
|
1385
1389
|
#
|
|
1386
|
-
#
|
|
1387
|
-
# provider
|
|
1388
|
-
# `server.example.com` and the provider stores its keys at
|
|
1390
|
+
# For example, assume that the OIDC provider is `server.example.com` and
|
|
1391
|
+
# the provider stores its keys at
|
|
1389
1392
|
# https://keys.server.example.com/openid-connect. In that case, the
|
|
1390
1393
|
# thumbprint string would be the hex-encoded SHA-1 hash value of the
|
|
1391
1394
|
# certificate used by `https://keys.server.example.com.`
|
|
@@ -1445,7 +1448,7 @@ module Aws::IAM
|
|
|
1445
1448
|
# resp = client.create_open_id_connect_provider({
|
|
1446
1449
|
# url: "OpenIDConnectProviderUrlType", # required
|
|
1447
1450
|
# client_id_list: ["clientIDType"],
|
|
1448
|
-
# thumbprint_list: ["thumbprintType"],
|
|
1451
|
+
# thumbprint_list: ["thumbprintType"],
|
|
1449
1452
|
# tags: [
|
|
1450
1453
|
# {
|
|
1451
1454
|
# key: "tagKeyType", # required
|
|
@@ -9878,7 +9881,7 @@ module Aws::IAM
|
|
|
9878
9881
|
req.send_request(options)
|
|
9879
9882
|
end
|
|
9880
9883
|
|
|
9881
|
-
# Removes the specified IAM role from the specified EC2 instance
|
|
9884
|
+
# Removes the specified IAM role from the specified Amazon EC2 instance
|
|
9882
9885
|
# profile.
|
|
9883
9886
|
#
|
|
9884
9887
|
# Make sure that you do not have any Amazon EC2 instances running with
|
|
@@ -10465,13 +10468,13 @@ module Aws::IAM
|
|
|
10465
10468
|
# following list shows each of the supported scenario values and the
|
|
10466
10469
|
# resources that you must define to run the simulation.
|
|
10467
10470
|
#
|
|
10468
|
-
# Each of the EC2 scenarios requires that you specify instance,
|
|
10469
|
-
# and security group resources. If your scenario includes an EBS
|
|
10470
|
-
# then you must specify that volume as a resource. If the
|
|
10471
|
-
# includes VPC, then you must supply the network interface
|
|
10472
|
-
# it includes an IP subnet, then you must specify the
|
|
10473
|
-
# For more information on the EC2 scenario
|
|
10474
|
-
# platforms][1] in the *Amazon EC2 User Guide*.
|
|
10471
|
+
# Each of the Amazon EC2 scenarios requires that you specify instance,
|
|
10472
|
+
# image, and security group resources. If your scenario includes an EBS
|
|
10473
|
+
# volume, then you must specify that volume as a resource. If the Amazon
|
|
10474
|
+
# EC2 scenario includes VPC, then you must supply the network interface
|
|
10475
|
+
# resource. If it includes an IP subnet, then you must specify the
|
|
10476
|
+
# subnet resource. For more information on the Amazon EC2 scenario
|
|
10477
|
+
# options, see [Supported platforms][1] in the *Amazon EC2 User Guide*.
|
|
10475
10478
|
#
|
|
10476
10479
|
# * **EC2-VPC-InstanceStore**
|
|
10477
10480
|
#
|
|
@@ -10830,13 +10833,13 @@ module Aws::IAM
|
|
|
10830
10833
|
# following list shows each of the supported scenario values and the
|
|
10831
10834
|
# resources that you must define to run the simulation.
|
|
10832
10835
|
#
|
|
10833
|
-
# Each of the EC2 scenarios requires that you specify instance,
|
|
10834
|
-
# and security group resources. If your scenario includes an EBS
|
|
10835
|
-
# then you must specify that volume as a resource. If the
|
|
10836
|
-
# includes VPC, then you must supply the network interface
|
|
10837
|
-
# it includes an IP subnet, then you must specify the
|
|
10838
|
-
# For more information on the EC2 scenario
|
|
10839
|
-
# platforms][1] in the *Amazon EC2 User Guide*.
|
|
10836
|
+
# Each of the Amazon EC2 scenarios requires that you specify instance,
|
|
10837
|
+
# image, and security group resources. If your scenario includes an EBS
|
|
10838
|
+
# volume, then you must specify that volume as a resource. If the Amazon
|
|
10839
|
+
# EC2 scenario includes VPC, then you must supply the network interface
|
|
10840
|
+
# resource. If it includes an IP subnet, then you must specify the
|
|
10841
|
+
# subnet resource. For more information on the Amazon EC2 scenario
|
|
10842
|
+
# options, see [Supported platforms][1] in the *Amazon EC2 User Guide*.
|
|
10840
10843
|
#
|
|
10841
10844
|
# * **EC2-VPC-InstanceStore**
|
|
10842
10845
|
#
|
|
@@ -12564,6 +12567,11 @@ module Aws::IAM
|
|
|
12564
12567
|
# when you use those operations to create a console URL. For more
|
|
12565
12568
|
# information, see [Using IAM roles][1] in the *IAM User Guide*.
|
|
12566
12569
|
#
|
|
12570
|
+
# <note markdown="1"> IAM role credentials provided by Amazon EC2 instances assigned to the
|
|
12571
|
+
# role are not subject to the specified maximum session duration.
|
|
12572
|
+
#
|
|
12573
|
+
# </note>
|
|
12574
|
+
#
|
|
12567
12575
|
#
|
|
12568
12576
|
#
|
|
12569
12577
|
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html
|
|
@@ -13467,7 +13475,7 @@ module Aws::IAM
|
|
|
13467
13475
|
params: params,
|
|
13468
13476
|
config: config)
|
|
13469
13477
|
context[:gem_name] = 'aws-sdk-iam'
|
|
13470
|
-
context[:gem_version] = '1.
|
|
13478
|
+
context[:gem_version] = '1.96.0'
|
|
13471
13479
|
Seahorse::Client::Request.new(handlers, context)
|
|
13472
13480
|
end
|
|
13473
13481
|
|
|
@@ -36,7 +36,7 @@ module Aws::IAM
|
|
|
36
36
|
CertificationValueType = Shapes::StringShape.new(name: 'CertificationValueType')
|
|
37
37
|
ChangePasswordRequest = Shapes::StructureShape.new(name: 'ChangePasswordRequest')
|
|
38
38
|
ColumnNumber = Shapes::IntegerShape.new(name: 'ColumnNumber')
|
|
39
|
-
ConcurrentModificationException = Shapes::StructureShape.new(name: 'ConcurrentModificationException')
|
|
39
|
+
ConcurrentModificationException = Shapes::StructureShape.new(name: 'ConcurrentModificationException', error: {"code"=>"ConcurrentModification", "httpStatusCode"=>409, "senderFault"=>true})
|
|
40
40
|
ConcurrentModificationMessage = Shapes::StringShape.new(name: 'ConcurrentModificationMessage')
|
|
41
41
|
ContextEntry = Shapes::StructureShape.new(name: 'ContextEntry')
|
|
42
42
|
ContextEntryListType = Shapes::ListShape.new(name: 'ContextEntryListType')
|
|
@@ -72,13 +72,13 @@ module Aws::IAM
|
|
|
72
72
|
CreateUserResponse = Shapes::StructureShape.new(name: 'CreateUserResponse')
|
|
73
73
|
CreateVirtualMFADeviceRequest = Shapes::StructureShape.new(name: 'CreateVirtualMFADeviceRequest')
|
|
74
74
|
CreateVirtualMFADeviceResponse = Shapes::StructureShape.new(name: 'CreateVirtualMFADeviceResponse')
|
|
75
|
-
CredentialReportExpiredException = Shapes::StructureShape.new(name: 'CredentialReportExpiredException')
|
|
76
|
-
CredentialReportNotPresentException = Shapes::StructureShape.new(name: 'CredentialReportNotPresentException')
|
|
77
|
-
CredentialReportNotReadyException = Shapes::StructureShape.new(name: 'CredentialReportNotReadyException')
|
|
75
|
+
CredentialReportExpiredException = Shapes::StructureShape.new(name: 'CredentialReportExpiredException', error: {"code"=>"ReportExpired", "httpStatusCode"=>410, "senderFault"=>true})
|
|
76
|
+
CredentialReportNotPresentException = Shapes::StructureShape.new(name: 'CredentialReportNotPresentException', error: {"code"=>"ReportNotPresent", "httpStatusCode"=>410, "senderFault"=>true})
|
|
77
|
+
CredentialReportNotReadyException = Shapes::StructureShape.new(name: 'CredentialReportNotReadyException', error: {"code"=>"ReportInProgress", "httpStatusCode"=>404, "senderFault"=>true})
|
|
78
78
|
DeactivateMFADeviceRequest = Shapes::StructureShape.new(name: 'DeactivateMFADeviceRequest')
|
|
79
79
|
DeleteAccessKeyRequest = Shapes::StructureShape.new(name: 'DeleteAccessKeyRequest')
|
|
80
80
|
DeleteAccountAliasRequest = Shapes::StructureShape.new(name: 'DeleteAccountAliasRequest')
|
|
81
|
-
DeleteConflictException = Shapes::StructureShape.new(name: 'DeleteConflictException')
|
|
81
|
+
DeleteConflictException = Shapes::StructureShape.new(name: 'DeleteConflictException', error: {"code"=>"DeleteConflict", "httpStatusCode"=>409, "senderFault"=>true})
|
|
82
82
|
DeleteGroupPolicyRequest = Shapes::StructureShape.new(name: 'DeleteGroupPolicyRequest')
|
|
83
83
|
DeleteGroupRequest = Shapes::StructureShape.new(name: 'DeleteGroupRequest')
|
|
84
84
|
DeleteInstanceProfileRequest = Shapes::StructureShape.new(name: 'DeleteInstanceProfileRequest')
|
|
@@ -106,13 +106,13 @@ module Aws::IAM
|
|
|
106
106
|
DetachGroupPolicyRequest = Shapes::StructureShape.new(name: 'DetachGroupPolicyRequest')
|
|
107
107
|
DetachRolePolicyRequest = Shapes::StructureShape.new(name: 'DetachRolePolicyRequest')
|
|
108
108
|
DetachUserPolicyRequest = Shapes::StructureShape.new(name: 'DetachUserPolicyRequest')
|
|
109
|
-
DuplicateCertificateException = Shapes::StructureShape.new(name: 'DuplicateCertificateException')
|
|
110
|
-
DuplicateSSHPublicKeyException = Shapes::StructureShape.new(name: 'DuplicateSSHPublicKeyException')
|
|
109
|
+
DuplicateCertificateException = Shapes::StructureShape.new(name: 'DuplicateCertificateException', error: {"code"=>"DuplicateCertificate", "httpStatusCode"=>409, "senderFault"=>true})
|
|
110
|
+
DuplicateSSHPublicKeyException = Shapes::StructureShape.new(name: 'DuplicateSSHPublicKeyException', error: {"code"=>"DuplicateSSHPublicKey", "httpStatusCode"=>400, "senderFault"=>true})
|
|
111
111
|
EnableMFADeviceRequest = Shapes::StructureShape.new(name: 'EnableMFADeviceRequest')
|
|
112
|
-
EntityAlreadyExistsException = Shapes::StructureShape.new(name: 'EntityAlreadyExistsException')
|
|
112
|
+
EntityAlreadyExistsException = Shapes::StructureShape.new(name: 'EntityAlreadyExistsException', error: {"code"=>"EntityAlreadyExists", "httpStatusCode"=>409, "senderFault"=>true})
|
|
113
113
|
EntityDetails = Shapes::StructureShape.new(name: 'EntityDetails')
|
|
114
114
|
EntityInfo = Shapes::StructureShape.new(name: 'EntityInfo')
|
|
115
|
-
EntityTemporarilyUnmodifiableException = Shapes::StructureShape.new(name: 'EntityTemporarilyUnmodifiableException')
|
|
115
|
+
EntityTemporarilyUnmodifiableException = Shapes::StructureShape.new(name: 'EntityTemporarilyUnmodifiableException', error: {"code"=>"EntityTemporarilyUnmodifiable", "httpStatusCode"=>409, "senderFault"=>true})
|
|
116
116
|
EntityType = Shapes::StringShape.new(name: 'EntityType')
|
|
117
117
|
ErrorDetails = Shapes::StructureShape.new(name: 'ErrorDetails')
|
|
118
118
|
EvalDecisionDetailsType = Shapes::MapShape.new(name: 'EvalDecisionDetailsType')
|
|
@@ -175,13 +175,13 @@ module Aws::IAM
|
|
|
175
175
|
Group = Shapes::StructureShape.new(name: 'Group')
|
|
176
176
|
GroupDetail = Shapes::StructureShape.new(name: 'GroupDetail')
|
|
177
177
|
InstanceProfile = Shapes::StructureShape.new(name: 'InstanceProfile')
|
|
178
|
-
InvalidAuthenticationCodeException = Shapes::StructureShape.new(name: 'InvalidAuthenticationCodeException')
|
|
179
|
-
InvalidCertificateException = Shapes::StructureShape.new(name: 'InvalidCertificateException')
|
|
180
|
-
InvalidInputException = Shapes::StructureShape.new(name: 'InvalidInputException')
|
|
181
|
-
InvalidPublicKeyException = Shapes::StructureShape.new(name: 'InvalidPublicKeyException')
|
|
182
|
-
InvalidUserTypeException = Shapes::StructureShape.new(name: 'InvalidUserTypeException')
|
|
183
|
-
KeyPairMismatchException = Shapes::StructureShape.new(name: 'KeyPairMismatchException')
|
|
184
|
-
LimitExceededException = Shapes::StructureShape.new(name: 'LimitExceededException')
|
|
178
|
+
InvalidAuthenticationCodeException = Shapes::StructureShape.new(name: 'InvalidAuthenticationCodeException', error: {"code"=>"InvalidAuthenticationCode", "httpStatusCode"=>403, "senderFault"=>true})
|
|
179
|
+
InvalidCertificateException = Shapes::StructureShape.new(name: 'InvalidCertificateException', error: {"code"=>"InvalidCertificate", "httpStatusCode"=>400, "senderFault"=>true})
|
|
180
|
+
InvalidInputException = Shapes::StructureShape.new(name: 'InvalidInputException', error: {"code"=>"InvalidInput", "httpStatusCode"=>400, "senderFault"=>true})
|
|
181
|
+
InvalidPublicKeyException = Shapes::StructureShape.new(name: 'InvalidPublicKeyException', error: {"code"=>"InvalidPublicKey", "httpStatusCode"=>400, "senderFault"=>true})
|
|
182
|
+
InvalidUserTypeException = Shapes::StructureShape.new(name: 'InvalidUserTypeException', error: {"code"=>"InvalidUserType", "httpStatusCode"=>400, "senderFault"=>true})
|
|
183
|
+
KeyPairMismatchException = Shapes::StructureShape.new(name: 'KeyPairMismatchException', error: {"code"=>"KeyPairMismatch", "httpStatusCode"=>400, "senderFault"=>true})
|
|
184
|
+
LimitExceededException = Shapes::StructureShape.new(name: 'LimitExceededException', error: {"code"=>"LimitExceeded", "httpStatusCode"=>409, "senderFault"=>true})
|
|
185
185
|
LineNumber = Shapes::IntegerShape.new(name: 'LineNumber')
|
|
186
186
|
ListAccessKeysRequest = Shapes::StructureShape.new(name: 'ListAccessKeysRequest')
|
|
187
187
|
ListAccessKeysResponse = Shapes::StructureShape.new(name: 'ListAccessKeysResponse')
|
|
@@ -254,28 +254,29 @@ module Aws::IAM
|
|
|
254
254
|
ListVirtualMFADevicesResponse = Shapes::StructureShape.new(name: 'ListVirtualMFADevicesResponse')
|
|
255
255
|
LoginProfile = Shapes::StructureShape.new(name: 'LoginProfile')
|
|
256
256
|
MFADevice = Shapes::StructureShape.new(name: 'MFADevice')
|
|
257
|
-
MalformedCertificateException = Shapes::StructureShape.new(name: 'MalformedCertificateException')
|
|
258
|
-
MalformedPolicyDocumentException = Shapes::StructureShape.new(name: 'MalformedPolicyDocumentException')
|
|
257
|
+
MalformedCertificateException = Shapes::StructureShape.new(name: 'MalformedCertificateException', error: {"code"=>"MalformedCertificate", "httpStatusCode"=>400, "senderFault"=>true})
|
|
258
|
+
MalformedPolicyDocumentException = Shapes::StructureShape.new(name: 'MalformedPolicyDocumentException', error: {"code"=>"MalformedPolicyDocument", "httpStatusCode"=>400, "senderFault"=>true})
|
|
259
259
|
ManagedPolicyDetail = Shapes::StructureShape.new(name: 'ManagedPolicyDetail')
|
|
260
260
|
ManagedPolicyDetailListType = Shapes::ListShape.new(name: 'ManagedPolicyDetailListType')
|
|
261
|
-
NoSuchEntityException = Shapes::StructureShape.new(name: 'NoSuchEntityException')
|
|
261
|
+
NoSuchEntityException = Shapes::StructureShape.new(name: 'NoSuchEntityException', error: {"code"=>"NoSuchEntity", "httpStatusCode"=>404, "senderFault"=>true})
|
|
262
262
|
OpenIDConnectProviderListEntry = Shapes::StructureShape.new(name: 'OpenIDConnectProviderListEntry')
|
|
263
263
|
OpenIDConnectProviderListType = Shapes::ListShape.new(name: 'OpenIDConnectProviderListType')
|
|
264
264
|
OpenIDConnectProviderUrlType = Shapes::StringShape.new(name: 'OpenIDConnectProviderUrlType')
|
|
265
|
+
OpenIdIdpCommunicationErrorException = Shapes::StructureShape.new(name: 'OpenIdIdpCommunicationErrorException', error: {"code"=>"OpenIdIdpCommunicationError", "httpStatusCode"=>400, "senderFault"=>true})
|
|
265
266
|
OrganizationsDecisionDetail = Shapes::StructureShape.new(name: 'OrganizationsDecisionDetail')
|
|
266
267
|
PasswordPolicy = Shapes::StructureShape.new(name: 'PasswordPolicy')
|
|
267
|
-
PasswordPolicyViolationException = Shapes::StructureShape.new(name: 'PasswordPolicyViolationException')
|
|
268
|
+
PasswordPolicyViolationException = Shapes::StructureShape.new(name: 'PasswordPolicyViolationException', error: {"code"=>"PasswordPolicyViolation", "httpStatusCode"=>400, "senderFault"=>true})
|
|
268
269
|
PermissionsBoundaryAttachmentType = Shapes::StringShape.new(name: 'PermissionsBoundaryAttachmentType')
|
|
269
270
|
PermissionsBoundaryDecisionDetail = Shapes::StructureShape.new(name: 'PermissionsBoundaryDecisionDetail')
|
|
270
271
|
Policy = Shapes::StructureShape.new(name: 'Policy')
|
|
271
272
|
PolicyDetail = Shapes::StructureShape.new(name: 'PolicyDetail')
|
|
272
273
|
PolicyEvaluationDecisionType = Shapes::StringShape.new(name: 'PolicyEvaluationDecisionType')
|
|
273
|
-
PolicyEvaluationException = Shapes::StructureShape.new(name: 'PolicyEvaluationException')
|
|
274
|
+
PolicyEvaluationException = Shapes::StructureShape.new(name: 'PolicyEvaluationException', error: {"code"=>"PolicyEvaluation", "httpStatusCode"=>500})
|
|
274
275
|
PolicyGrantingServiceAccess = Shapes::StructureShape.new(name: 'PolicyGrantingServiceAccess')
|
|
275
276
|
PolicyGroup = Shapes::StructureShape.new(name: 'PolicyGroup')
|
|
276
277
|
PolicyGroupListType = Shapes::ListShape.new(name: 'PolicyGroupListType')
|
|
277
278
|
PolicyIdentifierType = Shapes::StringShape.new(name: 'PolicyIdentifierType')
|
|
278
|
-
PolicyNotAttachableException = Shapes::StructureShape.new(name: 'PolicyNotAttachableException')
|
|
279
|
+
PolicyNotAttachableException = Shapes::StructureShape.new(name: 'PolicyNotAttachableException', error: {"code"=>"PolicyNotAttachable", "httpStatusCode"=>400, "senderFault"=>true})
|
|
279
280
|
PolicyRole = Shapes::StructureShape.new(name: 'PolicyRole')
|
|
280
281
|
PolicyRoleListType = Shapes::ListShape.new(name: 'PolicyRoleListType')
|
|
281
282
|
PolicySourceType = Shapes::StringShape.new(name: 'PolicySourceType')
|
|
@@ -296,7 +297,7 @@ module Aws::IAM
|
|
|
296
297
|
RemoveUserFromGroupRequest = Shapes::StructureShape.new(name: 'RemoveUserFromGroupRequest')
|
|
297
298
|
ReportContentType = Shapes::BlobShape.new(name: 'ReportContentType')
|
|
298
299
|
ReportFormatType = Shapes::StringShape.new(name: 'ReportFormatType')
|
|
299
|
-
ReportGenerationLimitExceededException = Shapes::StructureShape.new(name: 'ReportGenerationLimitExceededException')
|
|
300
|
+
ReportGenerationLimitExceededException = Shapes::StructureShape.new(name: 'ReportGenerationLimitExceededException', error: {"code"=>"ReportGenerationLimitExceeded", "httpStatusCode"=>409, "senderFault"=>true})
|
|
300
301
|
ReportStateDescriptionType = Shapes::StringShape.new(name: 'ReportStateDescriptionType')
|
|
301
302
|
ReportStateType = Shapes::StringShape.new(name: 'ReportStateType')
|
|
302
303
|
ResetServiceSpecificCredentialRequest = Shapes::StructureShape.new(name: 'ResetServiceSpecificCredentialRequest')
|
|
@@ -321,9 +322,9 @@ module Aws::IAM
|
|
|
321
322
|
SSHPublicKeyMetadata = Shapes::StructureShape.new(name: 'SSHPublicKeyMetadata')
|
|
322
323
|
ServerCertificate = Shapes::StructureShape.new(name: 'ServerCertificate')
|
|
323
324
|
ServerCertificateMetadata = Shapes::StructureShape.new(name: 'ServerCertificateMetadata')
|
|
324
|
-
ServiceFailureException = Shapes::StructureShape.new(name: 'ServiceFailureException')
|
|
325
|
+
ServiceFailureException = Shapes::StructureShape.new(name: 'ServiceFailureException', error: {"code"=>"ServiceFailure", "httpStatusCode"=>500})
|
|
325
326
|
ServiceLastAccessed = Shapes::StructureShape.new(name: 'ServiceLastAccessed')
|
|
326
|
-
ServiceNotSupportedException = Shapes::StructureShape.new(name: 'ServiceNotSupportedException')
|
|
327
|
+
ServiceNotSupportedException = Shapes::StructureShape.new(name: 'ServiceNotSupportedException', error: {"code"=>"NotSupportedService", "httpStatusCode"=>404, "senderFault"=>true})
|
|
327
328
|
ServiceSpecificCredential = Shapes::StructureShape.new(name: 'ServiceSpecificCredential')
|
|
328
329
|
ServiceSpecificCredentialMetadata = Shapes::StructureShape.new(name: 'ServiceSpecificCredentialMetadata')
|
|
329
330
|
ServiceSpecificCredentialsListType = Shapes::ListShape.new(name: 'ServiceSpecificCredentialsListType')
|
|
@@ -348,8 +349,8 @@ module Aws::IAM
|
|
|
348
349
|
TagUserRequest = Shapes::StructureShape.new(name: 'TagUserRequest')
|
|
349
350
|
TrackedActionLastAccessed = Shapes::StructureShape.new(name: 'TrackedActionLastAccessed')
|
|
350
351
|
TrackedActionsLastAccessed = Shapes::ListShape.new(name: 'TrackedActionsLastAccessed')
|
|
351
|
-
UnmodifiableEntityException = Shapes::StructureShape.new(name: 'UnmodifiableEntityException')
|
|
352
|
-
UnrecognizedPublicKeyEncodingException = Shapes::StructureShape.new(name: 'UnrecognizedPublicKeyEncodingException')
|
|
352
|
+
UnmodifiableEntityException = Shapes::StructureShape.new(name: 'UnmodifiableEntityException', error: {"code"=>"UnmodifiableEntity", "httpStatusCode"=>400, "senderFault"=>true})
|
|
353
|
+
UnrecognizedPublicKeyEncodingException = Shapes::StructureShape.new(name: 'UnrecognizedPublicKeyEncodingException', error: {"code"=>"UnrecognizedPublicKeyEncoding", "httpStatusCode"=>400, "senderFault"=>true})
|
|
353
354
|
UntagInstanceProfileRequest = Shapes::StructureShape.new(name: 'UntagInstanceProfileRequest')
|
|
354
355
|
UntagMFADeviceRequest = Shapes::StructureShape.new(name: 'UntagMFADeviceRequest')
|
|
355
356
|
UntagOpenIDConnectProviderRequest = Shapes::StructureShape.new(name: 'UntagOpenIDConnectProviderRequest')
|
|
@@ -444,6 +445,7 @@ module Aws::IAM
|
|
|
444
445
|
mfaDeviceListType = Shapes::ListShape.new(name: 'mfaDeviceListType')
|
|
445
446
|
minimumPasswordLengthType = Shapes::IntegerShape.new(name: 'minimumPasswordLengthType')
|
|
446
447
|
noSuchEntityMessage = Shapes::StringShape.new(name: 'noSuchEntityMessage')
|
|
448
|
+
openIdIdpCommunicationErrorExceptionMessage = Shapes::StringShape.new(name: 'openIdIdpCommunicationErrorExceptionMessage')
|
|
447
449
|
organizationsEntityPathType = Shapes::StringShape.new(name: 'organizationsEntityPathType')
|
|
448
450
|
organizationsPolicyIdType = Shapes::StringShape.new(name: 'organizationsPolicyIdType')
|
|
449
451
|
passwordPolicyViolationMessage = Shapes::StringShape.new(name: 'passwordPolicyViolationMessage')
|
|
@@ -628,7 +630,7 @@ module Aws::IAM
|
|
|
628
630
|
|
|
629
631
|
CreateOpenIDConnectProviderRequest.add_member(:url, Shapes::ShapeRef.new(shape: OpenIDConnectProviderUrlType, required: true, location_name: "Url"))
|
|
630
632
|
CreateOpenIDConnectProviderRequest.add_member(:client_id_list, Shapes::ShapeRef.new(shape: clientIDListType, location_name: "ClientIDList"))
|
|
631
|
-
CreateOpenIDConnectProviderRequest.add_member(:thumbprint_list, Shapes::ShapeRef.new(shape: thumbprintListType,
|
|
633
|
+
CreateOpenIDConnectProviderRequest.add_member(:thumbprint_list, Shapes::ShapeRef.new(shape: thumbprintListType, location_name: "ThumbprintList"))
|
|
632
634
|
CreateOpenIDConnectProviderRequest.add_member(:tags, Shapes::ShapeRef.new(shape: tagListType, location_name: "Tags"))
|
|
633
635
|
CreateOpenIDConnectProviderRequest.struct_class = Types::CreateOpenIDConnectProviderRequest
|
|
634
636
|
|
|
@@ -1523,6 +1525,9 @@ module Aws::IAM
|
|
|
1523
1525
|
|
|
1524
1526
|
OpenIDConnectProviderListType.member = Shapes::ShapeRef.new(shape: OpenIDConnectProviderListEntry)
|
|
1525
1527
|
|
|
1528
|
+
OpenIdIdpCommunicationErrorException.add_member(:message, Shapes::ShapeRef.new(shape: openIdIdpCommunicationErrorExceptionMessage, location_name: "message"))
|
|
1529
|
+
OpenIdIdpCommunicationErrorException.struct_class = Types::OpenIdIdpCommunicationErrorException
|
|
1530
|
+
|
|
1526
1531
|
OrganizationsDecisionDetail.add_member(:allowed_by_organizations, Shapes::ShapeRef.new(shape: booleanType, location_name: "AllowedByOrganizations"))
|
|
1527
1532
|
OrganizationsDecisionDetail.struct_class = Types::OrganizationsDecisionDetail
|
|
1528
1533
|
|
|
@@ -2290,6 +2295,7 @@ module Aws::IAM
|
|
|
2290
2295
|
o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
|
|
2291
2296
|
o.errors << Shapes::ShapeRef.new(shape: ConcurrentModificationException)
|
|
2292
2297
|
o.errors << Shapes::ShapeRef.new(shape: ServiceFailureException)
|
|
2298
|
+
o.errors << Shapes::ShapeRef.new(shape: OpenIdIdpCommunicationErrorException)
|
|
2293
2299
|
end)
|
|
2294
2300
|
|
|
2295
2301
|
api.add_operation(:create_policy, Seahorse::Model::Operation.new.tap do |o|
|
data/lib/aws-sdk-iam/errors.rb
CHANGED
|
@@ -46,6 +46,7 @@ module Aws::IAM
|
|
|
46
46
|
# * {MalformedCertificateException}
|
|
47
47
|
# * {MalformedPolicyDocumentException}
|
|
48
48
|
# * {NoSuchEntityException}
|
|
49
|
+
# * {OpenIdIdpCommunicationErrorException}
|
|
49
50
|
# * {PasswordPolicyViolationException}
|
|
50
51
|
# * {PolicyEvaluationException}
|
|
51
52
|
# * {PolicyNotAttachableException}
|
|
@@ -346,6 +347,21 @@ module Aws::IAM
|
|
|
346
347
|
end
|
|
347
348
|
end
|
|
348
349
|
|
|
350
|
+
class OpenIdIdpCommunicationErrorException < ServiceError
|
|
351
|
+
|
|
352
|
+
# @param [Seahorse::Client::RequestContext] context
|
|
353
|
+
# @param [String] message
|
|
354
|
+
# @param [Aws::IAM::Types::OpenIdIdpCommunicationErrorException] data
|
|
355
|
+
def initialize(context, message, data = Aws::EmptyStructure.new)
|
|
356
|
+
super(context, message, data)
|
|
357
|
+
end
|
|
358
|
+
|
|
359
|
+
# @return [String]
|
|
360
|
+
def message
|
|
361
|
+
@message || @data[:message]
|
|
362
|
+
end
|
|
363
|
+
end
|
|
364
|
+
|
|
349
365
|
class PasswordPolicyViolationException < ServiceError
|
|
350
366
|
|
|
351
367
|
# @param [Seahorse::Client::RequestContext] context
|
data/lib/aws-sdk-iam/types.rb
CHANGED
|
@@ -877,14 +877,17 @@ module Aws::IAM
|
|
|
877
877
|
# thumbprints for an OIDC provider. This lets you maintain multiple
|
|
878
878
|
# thumbprints if the identity provider is rotating certificates.
|
|
879
879
|
#
|
|
880
|
+
# This parameter is optional. If it is not included, IAM will retrieve
|
|
881
|
+
# and use the top intermediate certificate authority (CA) thumbprint
|
|
882
|
+
# of the OpenID Connect identity provider server certificate.
|
|
883
|
+
#
|
|
880
884
|
# The server certificate thumbprint is the hex-encoded SHA-1 hash
|
|
881
885
|
# value of the X.509 certificate used by the domain where the OpenID
|
|
882
886
|
# Connect provider makes its keys available. It is always a
|
|
883
887
|
# 40-character string.
|
|
884
888
|
#
|
|
885
|
-
#
|
|
886
|
-
#
|
|
887
|
-
# `server.example.com` and the provider stores its keys at
|
|
889
|
+
# For example, assume that the OIDC provider is `server.example.com`
|
|
890
|
+
# and the provider stores its keys at
|
|
888
891
|
# https://keys.server.example.com/openid-connect. In that case, the
|
|
889
892
|
# thumbprint string would be the hex-encoded SHA-1 hash value of the
|
|
890
893
|
# certificate used by `https://keys.server.example.com.`
|
|
@@ -7573,6 +7576,20 @@ module Aws::IAM
|
|
|
7573
7576
|
include Aws::Structure
|
|
7574
7577
|
end
|
|
7575
7578
|
|
|
7579
|
+
# The request failed because IAM cannot connect to the OpenID Connect
|
|
7580
|
+
# identity provider URL.
|
|
7581
|
+
#
|
|
7582
|
+
# @!attribute [rw] message
|
|
7583
|
+
# @return [String]
|
|
7584
|
+
#
|
|
7585
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/OpenIdIdpCommunicationErrorException AWS API Documentation
|
|
7586
|
+
#
|
|
7587
|
+
class OpenIdIdpCommunicationErrorException < Struct.new(
|
|
7588
|
+
:message)
|
|
7589
|
+
SENSITIVE = []
|
|
7590
|
+
include Aws::Structure
|
|
7591
|
+
end
|
|
7592
|
+
|
|
7576
7593
|
# Contains information about the effect that Organizations has on a
|
|
7577
7594
|
# policy simulation.
|
|
7578
7595
|
#
|
|
@@ -9723,13 +9740,14 @@ module Aws::IAM
|
|
|
9723
9740
|
# scenario values and the resources that you must define to run the
|
|
9724
9741
|
# simulation.
|
|
9725
9742
|
#
|
|
9726
|
-
# Each of the EC2 scenarios requires that you specify instance,
|
|
9727
|
-
# and security group resources. If your scenario includes an
|
|
9728
|
-
# volume, then you must specify that volume as a resource. If the
|
|
9729
|
-
# scenario includes VPC, then you must supply the network
|
|
9730
|
-
# resource. If it includes an IP subnet, then you must
|
|
9731
|
-
# subnet resource. For more information on the EC2
|
|
9732
|
-
# see [Supported platforms][1] in the *Amazon EC2
|
|
9743
|
+
# Each of the Amazon EC2 scenarios requires that you specify instance,
|
|
9744
|
+
# image, and security group resources. If your scenario includes an
|
|
9745
|
+
# EBS volume, then you must specify that volume as a resource. If the
|
|
9746
|
+
# Amazon EC2 scenario includes VPC, then you must supply the network
|
|
9747
|
+
# interface resource. If it includes an IP subnet, then you must
|
|
9748
|
+
# specify the subnet resource. For more information on the Amazon EC2
|
|
9749
|
+
# scenario options, see [Supported platforms][1] in the *Amazon EC2
|
|
9750
|
+
# User Guide*.
|
|
9733
9751
|
#
|
|
9734
9752
|
# * **EC2-VPC-InstanceStore**
|
|
9735
9753
|
#
|
|
@@ -10030,13 +10048,14 @@ module Aws::IAM
|
|
|
10030
10048
|
# scenario values and the resources that you must define to run the
|
|
10031
10049
|
# simulation.
|
|
10032
10050
|
#
|
|
10033
|
-
# Each of the EC2 scenarios requires that you specify instance,
|
|
10034
|
-
# and security group resources. If your scenario includes an
|
|
10035
|
-
# volume, then you must specify that volume as a resource. If the
|
|
10036
|
-
# scenario includes VPC, then you must supply the network
|
|
10037
|
-
# resource. If it includes an IP subnet, then you must
|
|
10038
|
-
# subnet resource. For more information on the EC2
|
|
10039
|
-
# see [Supported platforms][1] in the *Amazon EC2
|
|
10051
|
+
# Each of the Amazon EC2 scenarios requires that you specify instance,
|
|
10052
|
+
# image, and security group resources. If your scenario includes an
|
|
10053
|
+
# EBS volume, then you must specify that volume as a resource. If the
|
|
10054
|
+
# Amazon EC2 scenario includes VPC, then you must supply the network
|
|
10055
|
+
# interface resource. If it includes an IP subnet, then you must
|
|
10056
|
+
# specify the subnet resource. For more information on the Amazon EC2
|
|
10057
|
+
# scenario options, see [Supported platforms][1] in the *Amazon EC2
|
|
10058
|
+
# User Guide*.
|
|
10040
10059
|
#
|
|
10041
10060
|
# * **EC2-VPC-InstanceStore**
|
|
10042
10061
|
#
|
|
@@ -11104,6 +11123,11 @@ module Aws::IAM
|
|
|
11104
11123
|
# URL. For more information, see [Using IAM roles][1] in the *IAM User
|
|
11105
11124
|
# Guide*.
|
|
11106
11125
|
#
|
|
11126
|
+
# <note markdown="1"> IAM role credentials provided by Amazon EC2 instances assigned to
|
|
11127
|
+
# the role are not subject to the specified maximum session duration.
|
|
11128
|
+
#
|
|
11129
|
+
# </note>
|
|
11130
|
+
#
|
|
11107
11131
|
#
|
|
11108
11132
|
#
|
|
11109
11133
|
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html
|
data/lib/aws-sdk-iam.rb
CHANGED
data/sig/client.rbs
CHANGED
data/sig/errors.rbs
CHANGED
|
@@ -68,6 +68,9 @@ module Aws
|
|
|
68
68
|
class NoSuchEntityException < ::Aws::Errors::ServiceError
|
|
69
69
|
def message: () -> ::String
|
|
70
70
|
end
|
|
71
|
+
class OpenIdIdpCommunicationErrorException < ::Aws::Errors::ServiceError
|
|
72
|
+
def message: () -> ::String
|
|
73
|
+
end
|
|
71
74
|
class PasswordPolicyViolationException < ::Aws::Errors::ServiceError
|
|
72
75
|
def message: () -> ::String
|
|
73
76
|
end
|
data/sig/types.rbs
CHANGED
|
@@ -1440,6 +1440,11 @@ module Aws::IAM
|
|
|
1440
1440
|
SENSITIVE: []
|
|
1441
1441
|
end
|
|
1442
1442
|
|
|
1443
|
+
class OpenIdIdpCommunicationErrorException
|
|
1444
|
+
attr_accessor message: ::String
|
|
1445
|
+
SENSITIVE: []
|
|
1446
|
+
end
|
|
1447
|
+
|
|
1443
1448
|
class OrganizationsDecisionDetail
|
|
1444
1449
|
attr_accessor allowed_by_organizations: bool
|
|
1445
1450
|
SENSITIVE: []
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-iam
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.96.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-04-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|