aws-sdk-iam 1.5.0 → 1.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws-sdk-iam.rb +1 -1
- data/lib/aws-sdk-iam/account_password_policy.rb +1 -1
- data/lib/aws-sdk-iam/client.rb +235 -14
- data/lib/aws-sdk-iam/client_api.rb +81 -0
- data/lib/aws-sdk-iam/current_user.rb +14 -0
- data/lib/aws-sdk-iam/policy.rb +47 -0
- data/lib/aws-sdk-iam/resource.rb +20 -1
- data/lib/aws-sdk-iam/role.rb +14 -0
- data/lib/aws-sdk-iam/types.rb +290 -18
- data/lib/aws-sdk-iam/user.rb +18 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: cc0636365ed9720bb55841bdabe7079105981216
|
4
|
+
data.tar.gz: f75122d9c7c20d98ed4ffef0b298306cae8ccf3c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 077ed12034396909e988a067361df5444005ad2aa82613eb49b8ff9d2c0e02f01a5773040f20cc6352065701f9fecd41a72d4ff911168f19fcc9f965785d8fdc
|
7
|
+
data.tar.gz: 0b4d64eed6abd187a39fe25ccad1ea6f74662bc7673b811cdad679e5adc4aacfd796a8eae51e021edce04a95f19795fd975508c0e98a80131b5d034fe35984dd
|
data/lib/aws-sdk-iam.rb
CHANGED
@@ -251,7 +251,7 @@ module Aws::IAM
|
|
251
251
|
# Specifies whether IAM user passwords must contain at least one of the
|
252
252
|
# following non-alphanumeric characters:
|
253
253
|
#
|
254
|
-
# ! @ # $ % ^ &
|
254
|
+
# ! @ # $ % ^ & * ( ) \_ + - = \[ \] \\\{ \\} \| '
|
255
255
|
#
|
256
256
|
# If you do not specify a value for this parameter, then the operation
|
257
257
|
# uses the default value of `false`. The result is that passwords do not
|
data/lib/aws-sdk-iam/client.rb
CHANGED
@@ -899,6 +899,8 @@ module Aws::IAM
|
|
899
899
|
# resp.instance_profile.roles[0].assume_role_policy_document #=> String
|
900
900
|
# resp.instance_profile.roles[0].description #=> String
|
901
901
|
# resp.instance_profile.roles[0].max_session_duration #=> Integer
|
902
|
+
# resp.instance_profile.roles[0].permissions_boundary.permissions_boundary_type #=> String, one of "PermissionsBoundaryPolicy"
|
903
|
+
# resp.instance_profile.roles[0].permissions_boundary.permissions_boundary_arn #=> String
|
902
904
|
#
|
903
905
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateInstanceProfile AWS API Documentation
|
904
906
|
#
|
@@ -1227,6 +1229,7 @@ module Aws::IAM
|
|
1227
1229
|
# resp.policy.path #=> String
|
1228
1230
|
# resp.policy.default_version_id #=> String
|
1229
1231
|
# resp.policy.attachment_count #=> Integer
|
1232
|
+
# resp.policy.permissions_boundary_usage_count #=> Integer
|
1230
1233
|
# resp.policy.is_attachable #=> Boolean
|
1231
1234
|
# resp.policy.description #=> String
|
1232
1235
|
# resp.policy.create_date #=> Time
|
@@ -1420,6 +1423,10 @@ module Aws::IAM
|
|
1420
1423
|
#
|
1421
1424
|
# [1]: http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html
|
1422
1425
|
#
|
1426
|
+
# @option params [String] :permissions_boundary
|
1427
|
+
# The ARN of the policy that is used to set the permissions boundary for
|
1428
|
+
# the role.
|
1429
|
+
#
|
1423
1430
|
# @return [Types::CreateRoleResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1424
1431
|
#
|
1425
1432
|
# * {Types::CreateRoleResponse#role #role} => Types::Role
|
@@ -1456,6 +1463,7 @@ module Aws::IAM
|
|
1456
1463
|
# assume_role_policy_document: "policyDocumentType", # required
|
1457
1464
|
# description: "roleDescriptionType",
|
1458
1465
|
# max_session_duration: 1,
|
1466
|
+
# permissions_boundary: "arnType",
|
1459
1467
|
# })
|
1460
1468
|
#
|
1461
1469
|
# @example Response structure
|
@@ -1468,6 +1476,8 @@ module Aws::IAM
|
|
1468
1476
|
# resp.role.assume_role_policy_document #=> String
|
1469
1477
|
# resp.role.description #=> String
|
1470
1478
|
# resp.role.max_session_duration #=> Integer
|
1479
|
+
# resp.role.permissions_boundary.permissions_boundary_type #=> String, one of "PermissionsBoundaryPolicy"
|
1480
|
+
# resp.role.permissions_boundary.permissions_boundary_arn #=> String
|
1471
1481
|
#
|
1472
1482
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateRole AWS API Documentation
|
1473
1483
|
#
|
@@ -1613,6 +1623,8 @@ module Aws::IAM
|
|
1613
1623
|
# resp.role.assume_role_policy_document #=> String
|
1614
1624
|
# resp.role.description #=> String
|
1615
1625
|
# resp.role.max_session_duration #=> Integer
|
1626
|
+
# resp.role.permissions_boundary.permissions_boundary_type #=> String, one of "PermissionsBoundaryPolicy"
|
1627
|
+
# resp.role.permissions_boundary.permissions_boundary_arn #=> String
|
1616
1628
|
#
|
1617
1629
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceLinkedRole AWS API Documentation
|
1618
1630
|
#
|
@@ -1735,6 +1747,10 @@ module Aws::IAM
|
|
1735
1747
|
#
|
1736
1748
|
# [1]: http://wikipedia.org/wiki/regex
|
1737
1749
|
#
|
1750
|
+
# @option params [String] :permissions_boundary
|
1751
|
+
# The ARN of the policy that is used to set the permissions boundary for
|
1752
|
+
# the user.
|
1753
|
+
#
|
1738
1754
|
# @return [Types::CreateUserResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1739
1755
|
#
|
1740
1756
|
# * {Types::CreateUserResponse#user #user} => Types::User
|
@@ -1764,6 +1780,7 @@ module Aws::IAM
|
|
1764
1780
|
# resp = client.create_user({
|
1765
1781
|
# path: "pathType",
|
1766
1782
|
# user_name: "userNameType", # required
|
1783
|
+
# permissions_boundary: "arnType",
|
1767
1784
|
# })
|
1768
1785
|
#
|
1769
1786
|
# @example Response structure
|
@@ -1774,6 +1791,8 @@ module Aws::IAM
|
|
1774
1791
|
# resp.user.arn #=> String
|
1775
1792
|
# resp.user.create_date #=> Time
|
1776
1793
|
# resp.user.password_last_used #=> Time
|
1794
|
+
# resp.user.permissions_boundary.permissions_boundary_type #=> String, one of "PermissionsBoundaryPolicy"
|
1795
|
+
# resp.user.permissions_boundary.permissions_boundary_arn #=> String
|
1777
1796
|
#
|
1778
1797
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateUser AWS API Documentation
|
1779
1798
|
#
|
@@ -1858,6 +1877,8 @@ module Aws::IAM
|
|
1858
1877
|
# resp.virtual_mfa_device.user.arn #=> String
|
1859
1878
|
# resp.virtual_mfa_device.user.create_date #=> Time
|
1860
1879
|
# resp.virtual_mfa_device.user.password_last_used #=> Time
|
1880
|
+
# resp.virtual_mfa_device.user.permissions_boundary.permissions_boundary_type #=> String, one of "PermissionsBoundaryPolicy"
|
1881
|
+
# resp.virtual_mfa_device.user.permissions_boundary.permissions_boundary_arn #=> String
|
1861
1882
|
# resp.virtual_mfa_device.enable_date #=> Time
|
1862
1883
|
#
|
1863
1884
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateVirtualMFADevice AWS API Documentation
|
@@ -2447,6 +2468,33 @@ module Aws::IAM
|
|
2447
2468
|
req.send_request(options)
|
2448
2469
|
end
|
2449
2470
|
|
2471
|
+
# Deletes the permissions boundary for the specified IAM role.
|
2472
|
+
#
|
2473
|
+
# Deleting the permissions boundary for a role might increase its
|
2474
|
+
# permissions by allowing anyone who assumes the role to perform all the
|
2475
|
+
# actions granted in its permissions policies.
|
2476
|
+
#
|
2477
|
+
# @option params [required, String] :role_name
|
2478
|
+
# The name (friendly name, not ARN) of the IAM role from which you want
|
2479
|
+
# to remove the permissions boundary.
|
2480
|
+
#
|
2481
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
2482
|
+
#
|
2483
|
+
# @example Request syntax with placeholder values
|
2484
|
+
#
|
2485
|
+
# resp = client.delete_role_permissions_boundary({
|
2486
|
+
# role_name: "roleNameType", # required
|
2487
|
+
# })
|
2488
|
+
#
|
2489
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePermissionsBoundary AWS API Documentation
|
2490
|
+
#
|
2491
|
+
# @overload delete_role_permissions_boundary(params = {})
|
2492
|
+
# @param [Hash] params ({})
|
2493
|
+
def delete_role_permissions_boundary(params = {}, options = {})
|
2494
|
+
req = build_request(:delete_role_permissions_boundary, params)
|
2495
|
+
req.send_request(options)
|
2496
|
+
end
|
2497
|
+
|
2450
2498
|
# Deletes the specified inline policy that is embedded in the specified
|
2451
2499
|
# IAM role.
|
2452
2500
|
#
|
@@ -2850,6 +2898,33 @@ module Aws::IAM
|
|
2850
2898
|
req.send_request(options)
|
2851
2899
|
end
|
2852
2900
|
|
2901
|
+
# Deletes the permissions boundary for the specified IAM user.
|
2902
|
+
#
|
2903
|
+
# Deleting the permissions boundary for a user might increase its
|
2904
|
+
# permissions by allowing the user to perform all the actions granted in
|
2905
|
+
# its permissions policies.
|
2906
|
+
#
|
2907
|
+
# @option params [required, String] :user_name
|
2908
|
+
# The name (friendly name, not ARN) of the IAM user from which you want
|
2909
|
+
# to remove the permissions boundary.
|
2910
|
+
#
|
2911
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
2912
|
+
#
|
2913
|
+
# @example Request syntax with placeholder values
|
2914
|
+
#
|
2915
|
+
# resp = client.delete_user_permissions_boundary({
|
2916
|
+
# user_name: "userNameType", # required
|
2917
|
+
# })
|
2918
|
+
#
|
2919
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPermissionsBoundary AWS API Documentation
|
2920
|
+
#
|
2921
|
+
# @overload delete_user_permissions_boundary(params = {})
|
2922
|
+
# @param [Hash] params ({})
|
2923
|
+
def delete_user_permissions_boundary(params = {}, options = {})
|
2924
|
+
req = build_request(:delete_user_permissions_boundary, params)
|
2925
|
+
req.send_request(options)
|
2926
|
+
end
|
2927
|
+
|
2853
2928
|
# Deletes the specified inline policy that is embedded in the specified
|
2854
2929
|
# IAM user.
|
2855
2930
|
#
|
@@ -3350,6 +3425,8 @@ module Aws::IAM
|
|
3350
3425
|
# resp.user_detail_list[0].attached_managed_policies #=> Array
|
3351
3426
|
# resp.user_detail_list[0].attached_managed_policies[0].policy_name #=> String
|
3352
3427
|
# resp.user_detail_list[0].attached_managed_policies[0].policy_arn #=> String
|
3428
|
+
# resp.user_detail_list[0].permissions_boundary.permissions_boundary_type #=> String, one of "PermissionsBoundaryPolicy"
|
3429
|
+
# resp.user_detail_list[0].permissions_boundary.permissions_boundary_arn #=> String
|
3353
3430
|
# resp.group_detail_list #=> Array
|
3354
3431
|
# resp.group_detail_list[0].path #=> String
|
3355
3432
|
# resp.group_detail_list[0].group_name #=> String
|
@@ -3384,12 +3461,16 @@ module Aws::IAM
|
|
3384
3461
|
# resp.role_detail_list[0].instance_profile_list[0].roles[0].assume_role_policy_document #=> String
|
3385
3462
|
# resp.role_detail_list[0].instance_profile_list[0].roles[0].description #=> String
|
3386
3463
|
# resp.role_detail_list[0].instance_profile_list[0].roles[0].max_session_duration #=> Integer
|
3464
|
+
# resp.role_detail_list[0].instance_profile_list[0].roles[0].permissions_boundary.permissions_boundary_type #=> String, one of "PermissionsBoundaryPolicy"
|
3465
|
+
# resp.role_detail_list[0].instance_profile_list[0].roles[0].permissions_boundary.permissions_boundary_arn #=> String
|
3387
3466
|
# resp.role_detail_list[0].role_policy_list #=> Array
|
3388
3467
|
# resp.role_detail_list[0].role_policy_list[0].policy_name #=> String
|
3389
3468
|
# resp.role_detail_list[0].role_policy_list[0].policy_document #=> String
|
3390
3469
|
# resp.role_detail_list[0].attached_managed_policies #=> Array
|
3391
3470
|
# resp.role_detail_list[0].attached_managed_policies[0].policy_name #=> String
|
3392
3471
|
# resp.role_detail_list[0].attached_managed_policies[0].policy_arn #=> String
|
3472
|
+
# resp.role_detail_list[0].permissions_boundary.permissions_boundary_type #=> String, one of "PermissionsBoundaryPolicy"
|
3473
|
+
# resp.role_detail_list[0].permissions_boundary.permissions_boundary_arn #=> String
|
3393
3474
|
# resp.policies #=> Array
|
3394
3475
|
# resp.policies[0].policy_name #=> String
|
3395
3476
|
# resp.policies[0].policy_id #=> String
|
@@ -3397,6 +3478,7 @@ module Aws::IAM
|
|
3397
3478
|
# resp.policies[0].path #=> String
|
3398
3479
|
# resp.policies[0].default_version_id #=> String
|
3399
3480
|
# resp.policies[0].attachment_count #=> Integer
|
3481
|
+
# resp.policies[0].permissions_boundary_usage_count #=> Integer
|
3400
3482
|
# resp.policies[0].is_attachable #=> Boolean
|
3401
3483
|
# resp.policies[0].description #=> String
|
3402
3484
|
# resp.policies[0].create_date #=> Time
|
@@ -3776,6 +3858,8 @@ module Aws::IAM
|
|
3776
3858
|
# resp.users[0].arn #=> String
|
3777
3859
|
# resp.users[0].create_date #=> Time
|
3778
3860
|
# resp.users[0].password_last_used #=> Time
|
3861
|
+
# resp.users[0].permissions_boundary.permissions_boundary_type #=> String, one of "PermissionsBoundaryPolicy"
|
3862
|
+
# resp.users[0].permissions_boundary.permissions_boundary_arn #=> String
|
3779
3863
|
# resp.is_truncated #=> Boolean
|
3780
3864
|
# resp.marker #=> String
|
3781
3865
|
#
|
@@ -3941,6 +4025,8 @@ module Aws::IAM
|
|
3941
4025
|
# resp.instance_profile.roles[0].assume_role_policy_document #=> String
|
3942
4026
|
# resp.instance_profile.roles[0].description #=> String
|
3943
4027
|
# resp.instance_profile.roles[0].max_session_duration #=> Integer
|
4028
|
+
# resp.instance_profile.roles[0].permissions_boundary.permissions_boundary_type #=> String, one of "PermissionsBoundaryPolicy"
|
4029
|
+
# resp.instance_profile.roles[0].permissions_boundary.permissions_boundary_arn #=> String
|
3944
4030
|
#
|
3945
4031
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetInstanceProfile AWS API Documentation
|
3946
4032
|
#
|
@@ -4104,6 +4190,7 @@ module Aws::IAM
|
|
4104
4190
|
# resp.policy.path #=> String
|
4105
4191
|
# resp.policy.default_version_id #=> String
|
4106
4192
|
# resp.policy.attachment_count #=> Integer
|
4193
|
+
# resp.policy.permissions_boundary_usage_count #=> Integer
|
4107
4194
|
# resp.policy.is_attachable #=> Boolean
|
4108
4195
|
# resp.policy.description #=> String
|
4109
4196
|
# resp.policy.create_date #=> Time
|
@@ -4268,6 +4355,8 @@ module Aws::IAM
|
|
4268
4355
|
# resp.role.assume_role_policy_document #=> String
|
4269
4356
|
# resp.role.description #=> String
|
4270
4357
|
# resp.role.max_session_duration #=> Integer
|
4358
|
+
# resp.role.permissions_boundary.permissions_boundary_type #=> String, one of "PermissionsBoundaryPolicy"
|
4359
|
+
# resp.role.permissions_boundary.permissions_boundary_arn #=> String
|
4271
4360
|
#
|
4272
4361
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRole AWS API Documentation
|
4273
4362
|
#
|
@@ -4632,6 +4721,8 @@ module Aws::IAM
|
|
4632
4721
|
# resp.user.arn #=> String
|
4633
4722
|
# resp.user.create_date #=> Time
|
4634
4723
|
# resp.user.password_last_used #=> Time
|
4724
|
+
# resp.user.permissions_boundary.permissions_boundary_type #=> String, one of "PermissionsBoundaryPolicy"
|
4725
|
+
# resp.user.permissions_boundary.permissions_boundary_arn #=> String
|
4635
4726
|
#
|
4636
4727
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUser AWS API Documentation
|
4637
4728
|
#
|
@@ -5234,6 +5325,17 @@ module Aws::IAM
|
|
5234
5325
|
#
|
5235
5326
|
# [1]: http://wikipedia.org/wiki/regex
|
5236
5327
|
#
|
5328
|
+
# @option params [String] :policy_usage_filter
|
5329
|
+
# The policy usage method to use for filtering the results.
|
5330
|
+
#
|
5331
|
+
# To list only permissions policies,
|
5332
|
+
# set `PolicyUsageFilter` to `PermissionsPolicy`. To list only the
|
5333
|
+
# policies used to set permissions boundaries, set the value
|
5334
|
+
# to `PermissionsBoundary`.
|
5335
|
+
#
|
5336
|
+
# This parameter is optional. If it is not included, all policies are
|
5337
|
+
# returned.
|
5338
|
+
#
|
5237
5339
|
# @option params [String] :marker
|
5238
5340
|
# Use this parameter only when paginating results and only after you
|
5239
5341
|
# receive a response indicating that the results are truncated. Set it
|
@@ -5266,6 +5368,7 @@ module Aws::IAM
|
|
5266
5368
|
# policy_arn: "arnType", # required
|
5267
5369
|
# entity_filter: "User", # accepts User, Role, Group, LocalManagedPolicy, AWSManagedPolicy
|
5268
5370
|
# path_prefix: "pathType",
|
5371
|
+
# policy_usage_filter: "PermissionsPolicy", # accepts PermissionsPolicy, PermissionsBoundary
|
5269
5372
|
# marker: "markerType",
|
5270
5373
|
# max_items: 1,
|
5271
5374
|
# })
|
@@ -5671,6 +5774,8 @@ module Aws::IAM
|
|
5671
5774
|
# resp.instance_profiles[0].roles[0].assume_role_policy_document #=> String
|
5672
5775
|
# resp.instance_profiles[0].roles[0].description #=> String
|
5673
5776
|
# resp.instance_profiles[0].roles[0].max_session_duration #=> Integer
|
5777
|
+
# resp.instance_profiles[0].roles[0].permissions_boundary.permissions_boundary_type #=> String, one of "PermissionsBoundaryPolicy"
|
5778
|
+
# resp.instance_profiles[0].roles[0].permissions_boundary.permissions_boundary_arn #=> String
|
5674
5779
|
# resp.is_truncated #=> Boolean
|
5675
5780
|
# resp.marker #=> String
|
5676
5781
|
#
|
@@ -5756,6 +5861,8 @@ module Aws::IAM
|
|
5756
5861
|
# resp.instance_profiles[0].roles[0].assume_role_policy_document #=> String
|
5757
5862
|
# resp.instance_profiles[0].roles[0].description #=> String
|
5758
5863
|
# resp.instance_profiles[0].roles[0].max_session_duration #=> Integer
|
5864
|
+
# resp.instance_profiles[0].roles[0].permissions_boundary.permissions_boundary_type #=> String, one of "PermissionsBoundaryPolicy"
|
5865
|
+
# resp.instance_profiles[0].roles[0].permissions_boundary.permissions_boundary_arn #=> String
|
5759
5866
|
# resp.is_truncated #=> Boolean
|
5760
5867
|
# resp.marker #=> String
|
5761
5868
|
#
|
@@ -5912,6 +6019,17 @@ module Aws::IAM
|
|
5912
6019
|
#
|
5913
6020
|
# [1]: http://wikipedia.org/wiki/regex
|
5914
6021
|
#
|
6022
|
+
# @option params [String] :policy_usage_filter
|
6023
|
+
# The policy usage method to use for filtering the results.
|
6024
|
+
#
|
6025
|
+
# To list only permissions policies,
|
6026
|
+
# set `PolicyUsageFilter` to `PermissionsPolicy`. To list only the
|
6027
|
+
# policies used to set permissions boundaries, set the value
|
6028
|
+
# to `PermissionsBoundary`.
|
6029
|
+
#
|
6030
|
+
# This parameter is optional. If it is not included, all policies are
|
6031
|
+
# returned.
|
6032
|
+
#
|
5915
6033
|
# @option params [String] :marker
|
5916
6034
|
# Use this parameter only when paginating results and only after you
|
5917
6035
|
# receive a response indicating that the results are truncated. Set it
|
@@ -5942,6 +6060,7 @@ module Aws::IAM
|
|
5942
6060
|
# scope: "All", # accepts All, AWS, Local
|
5943
6061
|
# only_attached: false,
|
5944
6062
|
# path_prefix: "policyPathType",
|
6063
|
+
# policy_usage_filter: "PermissionsPolicy", # accepts PermissionsPolicy, PermissionsBoundary
|
5945
6064
|
# marker: "markerType",
|
5946
6065
|
# max_items: 1,
|
5947
6066
|
# })
|
@@ -5955,6 +6074,7 @@ module Aws::IAM
|
|
5955
6074
|
# resp.policies[0].path #=> String
|
5956
6075
|
# resp.policies[0].default_version_id #=> String
|
5957
6076
|
# resp.policies[0].attachment_count #=> Integer
|
6077
|
+
# resp.policies[0].permissions_boundary_usage_count #=> Integer
|
5958
6078
|
# resp.policies[0].is_attachable #=> Boolean
|
5959
6079
|
# resp.policies[0].description #=> String
|
5960
6080
|
# resp.policies[0].create_date #=> Time
|
@@ -6191,6 +6311,8 @@ module Aws::IAM
|
|
6191
6311
|
# resp.roles[0].assume_role_policy_document #=> String
|
6192
6312
|
# resp.roles[0].description #=> String
|
6193
6313
|
# resp.roles[0].max_session_duration #=> Integer
|
6314
|
+
# resp.roles[0].permissions_boundary.permissions_boundary_type #=> String, one of "PermissionsBoundaryPolicy"
|
6315
|
+
# resp.roles[0].permissions_boundary.permissions_boundary_arn #=> String
|
6194
6316
|
# resp.is_truncated #=> Boolean
|
6195
6317
|
# resp.marker #=> String
|
6196
6318
|
#
|
@@ -6734,6 +6856,8 @@ module Aws::IAM
|
|
6734
6856
|
# resp.users[0].arn #=> String
|
6735
6857
|
# resp.users[0].create_date #=> Time
|
6736
6858
|
# resp.users[0].password_last_used #=> Time
|
6859
|
+
# resp.users[0].permissions_boundary.permissions_boundary_type #=> String, one of "PermissionsBoundaryPolicy"
|
6860
|
+
# resp.users[0].permissions_boundary.permissions_boundary_arn #=> String
|
6737
6861
|
# resp.is_truncated #=> Boolean
|
6738
6862
|
# resp.marker #=> String
|
6739
6863
|
#
|
@@ -6823,6 +6947,8 @@ module Aws::IAM
|
|
6823
6947
|
# resp.virtual_mfa_devices[0].user.arn #=> String
|
6824
6948
|
# resp.virtual_mfa_devices[0].user.create_date #=> Time
|
6825
6949
|
# resp.virtual_mfa_devices[0].user.password_last_used #=> Time
|
6950
|
+
# resp.virtual_mfa_devices[0].user.permissions_boundary.permissions_boundary_type #=> String, one of "PermissionsBoundaryPolicy"
|
6951
|
+
# resp.virtual_mfa_devices[0].user.permissions_boundary.permissions_boundary_arn #=> String
|
6826
6952
|
# resp.virtual_mfa_devices[0].enable_date #=> Time
|
6827
6953
|
# resp.is_truncated #=> Boolean
|
6828
6954
|
# resp.marker #=> String
|
@@ -6934,6 +7060,50 @@ module Aws::IAM
|
|
6934
7060
|
req.send_request(options)
|
6935
7061
|
end
|
6936
7062
|
|
7063
|
+
# Adds or updates the policy that is specified as the IAM role's
|
7064
|
+
# permissions boundary. You can use an AWS managed policy or a customer
|
7065
|
+
# managed policy to set the boundary for a role. Use the boundary to
|
7066
|
+
# control the maximum permissions that the role can have. Setting a
|
7067
|
+
# permissions boundary is an advanced feature that can affect the
|
7068
|
+
# permissions for the role.
|
7069
|
+
#
|
7070
|
+
# You cannot set the boundary for a service-linked role.
|
7071
|
+
#
|
7072
|
+
# Policies used as permissions boundaries do not provide permissions.
|
7073
|
+
# You must also attach a permissions policy to the role. To learn how
|
7074
|
+
# the effective permissions for a role are evaluated, see [IAM JSON
|
7075
|
+
# Policy Evaluation Logic][1] in the IAM User Guide.
|
7076
|
+
#
|
7077
|
+
#
|
7078
|
+
#
|
7079
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html
|
7080
|
+
#
|
7081
|
+
# @option params [required, String] :role_name
|
7082
|
+
# The name (friendly name, not ARN) of the IAM role for which you want
|
7083
|
+
# to set the permissions boundary.
|
7084
|
+
#
|
7085
|
+
# @option params [required, String] :permissions_boundary
|
7086
|
+
# The ARN of the policy that is used to set the permissions boundary for
|
7087
|
+
# the role.
|
7088
|
+
#
|
7089
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
7090
|
+
#
|
7091
|
+
# @example Request syntax with placeholder values
|
7092
|
+
#
|
7093
|
+
# resp = client.put_role_permissions_boundary({
|
7094
|
+
# role_name: "roleNameType", # required
|
7095
|
+
# permissions_boundary: "arnType", # required
|
7096
|
+
# })
|
7097
|
+
#
|
7098
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePermissionsBoundary AWS API Documentation
|
7099
|
+
#
|
7100
|
+
# @overload put_role_permissions_boundary(params = {})
|
7101
|
+
# @param [Hash] params ({})
|
7102
|
+
def put_role_permissions_boundary(params = {}, options = {})
|
7103
|
+
req = build_request(:put_role_permissions_boundary, params)
|
7104
|
+
req.send_request(options)
|
7105
|
+
end
|
7106
|
+
|
6937
7107
|
# Adds or updates an inline policy document that is embedded in the
|
6938
7108
|
# specified IAM role.
|
6939
7109
|
#
|
@@ -7040,6 +7210,48 @@ module Aws::IAM
|
|
7040
7210
|
req.send_request(options)
|
7041
7211
|
end
|
7042
7212
|
|
7213
|
+
# Adds or updates the policy that is specified as the IAM user's
|
7214
|
+
# permissions boundary. You can use an AWS managed policy or a customer
|
7215
|
+
# managed policy to set the boundary for a user. Use the boundary to
|
7216
|
+
# control the maximum permissions that the user can have. Setting a
|
7217
|
+
# permissions boundary is an advanced feature that can affect the
|
7218
|
+
# permissions for the user.
|
7219
|
+
#
|
7220
|
+
# Policies that are used as permissions boundaries do not provide
|
7221
|
+
# permissions. You must also attach a permissions policy to the user. To
|
7222
|
+
# learn how the effective permissions for a user are evaluated, see [IAM
|
7223
|
+
# JSON Policy Evaluation Logic][1] in the IAM User Guide.
|
7224
|
+
#
|
7225
|
+
#
|
7226
|
+
#
|
7227
|
+
# [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html
|
7228
|
+
#
|
7229
|
+
# @option params [required, String] :user_name
|
7230
|
+
# The name (friendly name, not ARN) of the IAM user for which you want
|
7231
|
+
# to set the permissions boundary.
|
7232
|
+
#
|
7233
|
+
# @option params [required, String] :permissions_boundary
|
7234
|
+
# The ARN of the policy that is used to set the permissions boundary for
|
7235
|
+
# the user.
|
7236
|
+
#
|
7237
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
7238
|
+
#
|
7239
|
+
# @example Request syntax with placeholder values
|
7240
|
+
#
|
7241
|
+
# resp = client.put_user_permissions_boundary({
|
7242
|
+
# user_name: "userNameType", # required
|
7243
|
+
# permissions_boundary: "arnType", # required
|
7244
|
+
# })
|
7245
|
+
#
|
7246
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPermissionsBoundary AWS API Documentation
|
7247
|
+
#
|
7248
|
+
# @overload put_user_permissions_boundary(params = {})
|
7249
|
+
# @param [Hash] params ({})
|
7250
|
+
def put_user_permissions_boundary(params = {}, options = {})
|
7251
|
+
req = build_request(:put_user_permissions_boundary, params)
|
7252
|
+
req.send_request(options)
|
7253
|
+
end
|
7254
|
+
|
7043
7255
|
# Adds or updates an inline policy document that is embedded in the
|
7044
7256
|
# specified IAM user.
|
7045
7257
|
#
|
@@ -7583,16 +7795,21 @@ module Aws::IAM
|
|
7583
7795
|
# [1]: http://wikipedia.org/wiki/regex
|
7584
7796
|
#
|
7585
7797
|
# @option params [String] :resource_owner
|
7586
|
-
# An AWS account ID that specifies the owner of any
|
7587
|
-
# that does not identify its owner in the resource
|
7588
|
-
# bucket or object. If `ResourceOwner` is specified,
|
7589
|
-
# the account owner of any `ResourcePolicy` included
|
7590
|
-
# If the `ResourceOwner` parameter is not specified,
|
7591
|
-
# the resources and the resource policy defaults to
|
7592
|
-
# identity provided in `CallerArn`. This parameter is
|
7593
|
-
# you specify a resource-based policy and account that
|
7594
|
-
# is different from the account that owns the
|
7595
|
-
# `CallerArn`.
|
7798
|
+
# An ARN representing the AWS account ID that specifies the owner of any
|
7799
|
+
# simulated resource that does not identify its owner in the resource
|
7800
|
+
# ARN, such as an S3 bucket or object. If `ResourceOwner` is specified,
|
7801
|
+
# it is also used as the account owner of any `ResourcePolicy` included
|
7802
|
+
# in the simulation. If the `ResourceOwner` parameter is not specified,
|
7803
|
+
# then the owner of the resources and the resource policy defaults to
|
7804
|
+
# the account of the identity provided in `CallerArn`. This parameter is
|
7805
|
+
# required only if you specify a resource-based policy and account that
|
7806
|
+
# owns the resource is different from the account that owns the
|
7807
|
+
# simulated calling user `CallerArn`.
|
7808
|
+
#
|
7809
|
+
# The ARN for an account uses the following syntax:
|
7810
|
+
# `arn:aws:iam::AWS-account-ID:root`. For example, to represent the
|
7811
|
+
# account with the 112233445566 ID, use the following ARN:
|
7812
|
+
# `arn:aws:iam::112233445566-ID:root`.
|
7596
7813
|
#
|
7597
7814
|
# @option params [String] :caller_arn
|
7598
7815
|
# The ARN of the IAM user that you want to use as the simulated caller
|
@@ -8144,7 +8361,7 @@ module Aws::IAM
|
|
8144
8361
|
# Specifies whether IAM user passwords must contain at least one of the
|
8145
8362
|
# following non-alphanumeric characters:
|
8146
8363
|
#
|
8147
|
-
# ! @ # $ % ^ &
|
8364
|
+
# ! @ # $ % ^ & * ( ) \_ + - = \[ \] \\\{ \\} \| '
|
8148
8365
|
#
|
8149
8366
|
# If you do not specify a value for this parameter, then the operation
|
8150
8367
|
# uses the default value of `false`. The result is that passwords do not
|
@@ -8623,6 +8840,8 @@ module Aws::IAM
|
|
8623
8840
|
# resp.role.assume_role_policy_document #=> String
|
8624
8841
|
# resp.role.description #=> String
|
8625
8842
|
# resp.role.max_session_duration #=> Integer
|
8843
|
+
# resp.role.permissions_boundary.permissions_boundary_type #=> String, one of "PermissionsBoundaryPolicy"
|
8844
|
+
# resp.role.permissions_boundary.permissions_boundary_arn #=> String
|
8626
8845
|
#
|
8627
8846
|
# @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRoleDescription AWS API Documentation
|
8628
8847
|
#
|
@@ -8840,7 +9059,7 @@ module Aws::IAM
|
|
8840
9059
|
# Sets the status of a service-specific credential to `Active` or
|
8841
9060
|
# `Inactive`. Service-specific credentials that are inactive cannot be
|
8842
9061
|
# used for authentication to the service. This operation can be used to
|
8843
|
-
# disable a user
|
9062
|
+
# disable a user's service-specific credential as part of a credential
|
8844
9063
|
# rotation work flow.
|
8845
9064
|
#
|
8846
9065
|
# @option params [String] :user_name
|
@@ -9076,7 +9295,9 @@ module Aws::IAM
|
|
9076
9295
|
#
|
9077
9296
|
# @option params [required, String] :ssh_public_key_body
|
9078
9297
|
# The SSH public key. The public key must be encoded in ssh-rsa format
|
9079
|
-
# or PEM format.
|
9298
|
+
# or PEM format. The miminum bit-length of the public key is 2048 bits.
|
9299
|
+
# For example, you can generate a 2048-bit key, and the resulting PEM
|
9300
|
+
# file is 1679 bytes long.
|
9080
9301
|
#
|
9081
9302
|
# The [regex pattern][1] used to validate this parameter is a string of
|
9082
9303
|
# characters consisting of the following:
|
@@ -9431,7 +9652,7 @@ module Aws::IAM
|
|
9431
9652
|
params: params,
|
9432
9653
|
config: config)
|
9433
9654
|
context[:gem_name] = 'aws-sdk-iam'
|
9434
|
-
context[:gem_version] = '1.
|
9655
|
+
context[:gem_version] = '1.6.0'
|
9435
9656
|
Seahorse::Client::Request.new(handlers, context)
|
9436
9657
|
end
|
9437
9658
|
|