aws-sdk-iam 1.66.0 → 1.67.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2612e05dea27b8becae894164e08bef05d8aadaf09f1d07477f14ec3350a18c2
-  data.tar.gz: 3feed3252673d35ed7fa98122b5f9dd0b496670f70dd8e341a1b33338f9357c7
+  metadata.gz: 5da2823800d51a971676fb664df4b1d6a8b479fc3c536672ece25d5b164bb33a
+  data.tar.gz: cde6895069144bfc4e8362394ba81ed75fca17d53ec95c0b1ce49f3d59d088bb
 SHA512:
-  metadata.gz: 97cddd299d8152d6f96f0089e9229fe47fbea0edd37d0763357da3ca1fa1195370fb6d2b1e763b81faec24bcd3637f4ff6f28c4e2c4c3c2eb7a6639a95ce829c
-  data.tar.gz: 4eff81d99e794c63d12913a6dcd8505e032fd8e6fbfb0ed59908275aa873e0c6428fb1ec1244bd32a6d4b6b1876d7216c062b511abf147fe6d3438382d392d5c
+  metadata.gz: 8e2f98e4778bcc9e10aab3397dd7fc1debf6fd556fb077bffabe18893df78c8dc6065c00a9c1a3e2e85f0552880308822c91a02cdd8c4599542333f0bdbb6ef7
+  data.tar.gz: 0f082c39147da1095b31ec506b63722fcee70fef5b40d1daed6b75bb9469733b74e0b8e0075888a7d57f537f711a50f2acfb045d2de61b61c2b6fd7251994acf

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.67.0 (2022-02-17)
+------------------
+
+* Feature - Documentation updates for AWS Identity and Access Management (IAM).
+
 1.66.0 (2022-02-03)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.66.0
+1.67.0

data/lib/aws-sdk-iam/account_password_policy.rb

@@ -61,6 +61,10 @@ module Aws::IAM
     end
 
     # Specifies whether IAM users are allowed to change their own password.
+    # Gives IAM users permissions to `iam:ChangePassword` for only their
+    # user and to the `iam:GetAccountPasswordPolicy` action. This option
+    # does not attach a permissions policy to each user, rather the
+    # permissions are applied at the account-level for all users by IAM.
     # @return [Boolean]
     def allow_users_to_change_password
       data[:allow_users_to_change_password]
@@ -88,7 +92,11 @@ module Aws::IAM
     end
 
     # Specifies whether IAM users are prevented from setting a new password
-    # after their password has expired.
+    # via the Amazon Web Services Management Console after their password
+    # has expired. The IAM user cannot access the console until an
+    # administrator resets the password. IAM users with `iam:ChangePassword`
+    # permission and active access keys can reset their own expired console
+    # password using the CLI or API.
     # @return [Boolean]
     def hard_expiry
       data[:hard_expiry]
@@ -290,8 +298,8 @@ module Aws::IAM
     # @option options [Boolean] :allow_users_to_change_password
     #   Allows all IAM users in your account to use the Amazon Web Services
     #   Management Console to change their own passwords. For more
-    #   information, see [Letting IAM users change their own passwords][1] in
-    #   the *IAM User Guide*.
+    #   information, see [Permitting IAM users to change their own
+    #   passwords][1] in the *IAM User Guide*.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users in the
@@ -300,7 +308,7 @@ module Aws::IAM
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_enable-user-change.html
     # @option options [Integer] :max_password_age
     #   The number of days that an IAM user password is valid.
     #
@@ -315,14 +323,26 @@ module Aws::IAM
     #   uses the default value of `0`. The result is that IAM users are not
     #   prevented from reusing previous passwords.
     # @option options [Boolean] :hard_expiry
-    #   Prevents IAM users from setting a new password after their password
-    #   has expired. The IAM user cannot be accessed until an administrator
-    #   resets the password.
+    #   Prevents IAM users who are accessing the account via the Amazon Web
+    #   Services Management Console from setting a new console password after
+    #   their password has expired. The IAM user cannot access the console
+    #   until an administrator resets the password.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users can
     #   change their passwords after they expire and continue to sign in as
     #   the user.
+    #
+    #   <note markdown="1"> In the Amazon Web Services Management Console, the custom password
+    #   policy option **Allow users to change their own password** gives IAM
+    #   users permissions to `iam:ChangePassword` for only their user and to
+    #   the `iam:GetAccountPasswordPolicy` action. This option does not attach
+    #   a permissions policy to each user, rather the permissions are applied
+    #   at the account-level for all users by IAM. IAM users with
+    #   `iam:ChangePassword` permission and active access keys can reset their
+    #   own expired console password using the CLI or API.
+    #
+    #    </note>
     # @return [EmptyStructure]
     def update(options = {})
       resp = @client.update_account_password_policy(options)

data/lib/aws-sdk-iam/client.rb

@@ -3991,9 +3991,9 @@ module Aws::IAM
     # Generates a report that includes details about when an IAM resource
     # (user, group, role, or policy) was last used in an attempt to access
     # Amazon Web Services services. Recent activity usually appears within
-    # four hours. IAM reports activity for the last 365 days, or less if
-    # your Region began supporting this feature within the last year. For
-    # more information, see [Regions where data is tracked][1].
+    # four hours. IAM reports activity for at least the last 400 days, or
+    # less if your Region began supporting this feature within the last
+    # year. For more information, see [Regions where data is tracked][1].
     #
     # The service last accessed data includes all attempts to access an
     # Amazon Web Services API, not just the successful ones. This includes
@@ -9107,8 +9107,8 @@ module Aws::IAM
     # <note markdown="1"> IAM resource-listing operations return a subset of the available
     # attributes for the resource. For example, this operation does not
     # return tags, even though they are an attribute of the returned object.
-    # To view all of the information for a virtual MFA device, see
-    # ListVirtualMFADevices.
+    # To view tag information for a virtual MFA device, see
+    # ListMFADeviceTags.
     #
     #  </note>
     #
@@ -11844,15 +11844,13 @@ module Aws::IAM
     # Updates the password policy settings for the Amazon Web Services
     # account.
     #
-    # <note markdown="1"> * This operation does not support partial updates. No parameters are
-    #   required, but if you do not specify a parameter, that parameter's
-    #   value reverts to its default value. See the **Request Parameters**
-    #   section for each parameter's default value. Also note that some
-    #   parameters do not allow the default parameter to be explicitly set.
-    #   Instead, to invoke the default value, do not include that parameter
-    #   when you invoke the operation.
-    #
-    # ^
+    # <note markdown="1"> This operation does not support partial updates. No parameters are
+    # required, but if you do not specify a parameter, that parameter's
+    # value reverts to its default value. See the **Request Parameters**
+    # section for each parameter's default value. Also note that some
+    # parameters do not allow the default parameter to be explicitly set.
+    # Instead, to invoke the default value, do not include that parameter
+    # when you invoke the operation.
     #
     #  </note>
     #
@@ -11906,8 +11904,8 @@ module Aws::IAM
     # @option params [Boolean] :allow_users_to_change_password
     #   Allows all IAM users in your account to use the Amazon Web Services
     #   Management Console to change their own passwords. For more
-    #   information, see [Letting IAM users change their own passwords][1] in
-    #   the *IAM User Guide*.
+    #   information, see [Permitting IAM users to change their own
+    #   passwords][1] in the *IAM User Guide*.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users in the
@@ -11916,7 +11914,7 @@ module Aws::IAM
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_enable-user-change.html
     #
     # @option params [Integer] :max_password_age
     #   The number of days that an IAM user password is valid.
@@ -11934,15 +11932,27 @@ module Aws::IAM
     #   prevented from reusing previous passwords.
     #
     # @option params [Boolean] :hard_expiry
-    #   Prevents IAM users from setting a new password after their password
-    #   has expired. The IAM user cannot be accessed until an administrator
-    #   resets the password.
+    #   Prevents IAM users who are accessing the account via the Amazon Web
+    #   Services Management Console from setting a new console password after
+    #   their password has expired. The IAM user cannot access the console
+    #   until an administrator resets the password.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users can
     #   change their passwords after they expire and continue to sign in as
     #   the user.
     #
+    #   <note markdown="1"> In the Amazon Web Services Management Console, the custom password
+    #   policy option **Allow users to change their own password** gives IAM
+    #   users permissions to `iam:ChangePassword` for only their user and to
+    #   the `iam:GetAccountPasswordPolicy` action. This option does not attach
+    #   a permissions policy to each user, rather the permissions are applied
+    #   at the account-level for all users by IAM. IAM users with
+    #   `iam:ChangePassword` permission and active access keys can reset their
+    #   own expired console password using the CLI or API.
+    #
+    #    </note>
+    #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
     #
@@ -13213,7 +13223,7 @@ module Aws::IAM
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-iam'
-      context[:gem_version] = '1.66.0'
+      context[:gem_version] = '1.67.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-iam/resource.rb

@@ -142,8 +142,8 @@ module Aws::IAM
     # @option options [Boolean] :allow_users_to_change_password
     #   Allows all IAM users in your account to use the Amazon Web Services
     #   Management Console to change their own passwords. For more
-    #   information, see [Letting IAM users change their own passwords][1] in
-    #   the *IAM User Guide*.
+    #   information, see [Permitting IAM users to change their own
+    #   passwords][1] in the *IAM User Guide*.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users in the
@@ -152,7 +152,7 @@ module Aws::IAM
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_enable-user-change.html
     # @option options [Integer] :max_password_age
     #   The number of days that an IAM user password is valid.
     #
@@ -167,14 +167,26 @@ module Aws::IAM
     #   uses the default value of `0`. The result is that IAM users are not
     #   prevented from reusing previous passwords.
     # @option options [Boolean] :hard_expiry
-    #   Prevents IAM users from setting a new password after their password
-    #   has expired. The IAM user cannot be accessed until an administrator
-    #   resets the password.
+    #   Prevents IAM users who are accessing the account via the Amazon Web
+    #   Services Management Console from setting a new console password after
+    #   their password has expired. The IAM user cannot access the console
+    #   until an administrator resets the password.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users can
     #   change their passwords after they expire and continue to sign in as
     #   the user.
+    #
+    #   <note markdown="1"> In the Amazon Web Services Management Console, the custom password
+    #   policy option **Allow users to change their own password** gives IAM
+    #   users permissions to `iam:ChangePassword` for only their user and to
+    #   the `iam:GetAccountPasswordPolicy` action. This option does not attach
+    #   a permissions policy to each user, rather the permissions are applied
+    #   at the account-level for all users by IAM. IAM users with
+    #   `iam:ChangePassword` permission and active access keys can reset their
+    #   own expired console password using the CLI or API.
+    #
+    #    </note>
     # @return [AccountPasswordPolicy]
     def create_account_password_policy(options = {})
       @client.update_account_password_policy(options)

data/lib/aws-sdk-iam/types.rb

@@ -8440,7 +8440,11 @@ module Aws::IAM
     #
     # @!attribute [rw] allow_users_to_change_password
     #   Specifies whether IAM users are allowed to change their own
-    #   password.
+    #   password. Gives IAM users permissions to `iam:ChangePassword` for
+    #   only their user and to the `iam:GetAccountPasswordPolicy` action.
+    #   This option does not attach a permissions policy to each user,
+    #   rather the permissions are applied at the account-level for all
+    #   users by IAM.
     #   @return [Boolean]
     #
     # @!attribute [rw] expire_passwords
@@ -8460,7 +8464,11 @@ module Aws::IAM
     #
     # @!attribute [rw] hard_expiry
     #   Specifies whether IAM users are prevented from setting a new
-    #   password after their password has expired.
+    #   password via the Amazon Web Services Management Console after their
+    #   password has expired. The IAM user cannot access the console until
+    #   an administrator resets the password. IAM users with
+    #   `iam:ChangePassword` permission and active access keys can reset
+    #   their own expired console password using the CLI or API.
     #   @return [Boolean]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PasswordPolicy AWS API Documentation
@@ -11922,8 +11930,8 @@ module Aws::IAM
     # @!attribute [rw] allow_users_to_change_password
     #   Allows all IAM users in your account to use the Amazon Web Services
     #   Management Console to change their own passwords. For more
-    #   information, see [Letting IAM users change their own passwords][1]
-    #   in the *IAM User Guide*.
+    #   information, see [Permitting IAM users to change their own
+    #   passwords][1] in the *IAM User Guide*.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users in
@@ -11932,7 +11940,7 @@ module Aws::IAM
     #
     #
     #
-    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_enable-user-change.html
     #   @return [Boolean]
     #
     # @!attribute [rw] max_password_age
@@ -11953,14 +11961,26 @@ module Aws::IAM
     #   @return [Integer]
     #
     # @!attribute [rw] hard_expiry
-    #   Prevents IAM users from setting a new password after their password
-    #   has expired. The IAM user cannot be accessed until an administrator
-    #   resets the password.
+    #   Prevents IAM users who are accessing the account via the Amazon Web
+    #   Services Management Console from setting a new console password
+    #   after their password has expired. The IAM user cannot access the
+    #   console until an administrator resets the password.
     #
     #   If you do not specify a value for this parameter, then the operation
     #   uses the default value of `false`. The result is that IAM users can
     #   change their passwords after they expire and continue to sign in as
     #   the user.
+    #
+    #   <note markdown="1"> In the Amazon Web Services Management Console, the custom password
+    #   policy option **Allow users to change their own password** gives IAM
+    #   users permissions to `iam:ChangePassword` for only their user and to
+    #   the `iam:GetAccountPasswordPolicy` action. This option does not
+    #   attach a permissions policy to each user, rather the permissions are
+    #   applied at the account-level for all users by IAM. IAM users with
+    #   `iam:ChangePassword` permission and active access keys can reset
+    #   their own expired console password using the CLI or API.
+    #
+    #    </note>
     #   @return [Boolean]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccountPasswordPolicyRequest AWS API Documentation

data/lib/aws-sdk-iam.rb

@@ -70,6 +70,6 @@ require_relative 'aws-sdk-iam/customizations'
 # @!group service
 module Aws::IAM
 
-  GEM_VERSION = '1.66.0'
+  GEM_VERSION = '1.67.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-iam
 version: !ruby/object:Gem::Version
-  version: 1.66.0
+  version: 1.67.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-02-03 00:00:00.000000000 Z
+date: 2022-02-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core