aws-sdk-ram 1.41.0 → 1.43.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +13 -1
- data/VERSION +1 -1
- data/lib/aws-sdk-ram/client.rb +1020 -87
- data/lib/aws-sdk-ram/client_api.rb +338 -2
- data/lib/aws-sdk-ram/endpoint_parameters.rb +0 -3
- data/lib/aws-sdk-ram/endpoint_provider.rb +41 -110
- data/lib/aws-sdk-ram/endpoints.rb +126 -0
- data/lib/aws-sdk-ram/errors.rb +96 -0
- data/lib/aws-sdk-ram/plugins/endpoints.rb +18 -0
- data/lib/aws-sdk-ram/types.rb +1428 -173
- data/lib/aws-sdk-ram.rb +1 -1
- metadata +2 -2
data/lib/aws-sdk-ram/client.rb
CHANGED
@@ -374,7 +374,7 @@ module Aws::RAM
|
|
374
374
|
# relevant Amazon Web Services Management Consoles and tools.
|
375
375
|
#
|
376
376
|
# @option params [required, String] :resource_share_invitation_arn
|
377
|
-
# The [Amazon
|
377
|
+
# The [Amazon Resource Name (ARN)][1] of the invitation that you want to
|
378
378
|
# accept.
|
379
379
|
#
|
380
380
|
#
|
@@ -392,6 +392,10 @@ module Aws::RAM
|
|
392
392
|
# If you don't provide this value, then Amazon Web Services generates a
|
393
393
|
# random one for you.
|
394
394
|
#
|
395
|
+
# If you retry the operation with the same `ClientToken`, but with
|
396
|
+
# different parameters, the retry fails with an
|
397
|
+
# `IdempotentParameterMismatch` error.
|
398
|
+
#
|
395
399
|
#
|
396
400
|
#
|
397
401
|
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
@@ -446,7 +450,7 @@ module Aws::RAM
|
|
446
450
|
# resource share.
|
447
451
|
#
|
448
452
|
# @option params [required, String] :resource_share_arn
|
449
|
-
# Specifies the [Amazon
|
453
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the resource share
|
450
454
|
# that you want to add principals or resources to.
|
451
455
|
#
|
452
456
|
#
|
@@ -474,7 +478,7 @@ module Aws::RAM
|
|
474
478
|
#
|
475
479
|
# * An Amazon Web Services account ID, for example: `123456789012`
|
476
480
|
#
|
477
|
-
# * An [Amazon
|
481
|
+
# * An [Amazon Resource Name (ARN)][1] of an organization in
|
478
482
|
# Organizations, for example:
|
479
483
|
# `organizations::123456789012:organization/o-exampleorgid`
|
480
484
|
#
|
@@ -508,6 +512,10 @@ module Aws::RAM
|
|
508
512
|
# If you don't provide this value, then Amazon Web Services generates a
|
509
513
|
# random one for you.
|
510
514
|
#
|
515
|
+
# If you retry the operation with the same `ClientToken`, but with
|
516
|
+
# different parameters, the retry fails with an
|
517
|
+
# `IdempotentParameterMismatch` error.
|
518
|
+
#
|
511
519
|
#
|
512
520
|
#
|
513
521
|
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
@@ -556,7 +564,7 @@ module Aws::RAM
|
|
556
564
|
# type currently in the resource share.
|
557
565
|
#
|
558
566
|
# @option params [required, String] :resource_share_arn
|
559
|
-
# Specifies the [Amazon
|
567
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the resource share to
|
560
568
|
# which you want to add or replace permissions.
|
561
569
|
#
|
562
570
|
#
|
@@ -564,7 +572,7 @@ module Aws::RAM
|
|
564
572
|
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
565
573
|
#
|
566
574
|
# @option params [required, String] :permission_arn
|
567
|
-
# Specifies the [Amazon
|
575
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the RAM permission to
|
568
576
|
# associate with the resource share. To find the ARN for a permission,
|
569
577
|
# use either the ListPermissions operation or go to the [Permissions
|
570
578
|
# library][2] page in the RAM console and then choose the name of the
|
@@ -576,10 +584,11 @@ module Aws::RAM
|
|
576
584
|
# [2]: https://console.aws.amazon.com/ram/home#Permissions:
|
577
585
|
#
|
578
586
|
# @option params [Boolean] :replace
|
579
|
-
# Specifies whether the specified permission should replace
|
580
|
-
#
|
581
|
-
#
|
582
|
-
#
|
587
|
+
# Specifies whether the specified permission should replace the existing
|
588
|
+
# permission associated with the resource share. Use `true` to replace
|
589
|
+
# the current permissions. Use `false` to add the permission to a
|
590
|
+
# resource share that currently doesn't have a permission. The default
|
591
|
+
# value is `false`.
|
583
592
|
#
|
584
593
|
# <note markdown="1"> A resource share can have only one permission per resource type. If a
|
585
594
|
# resource share already has a permission for the specified resource
|
@@ -599,16 +608,27 @@ module Aws::RAM
|
|
599
608
|
# If you don't provide this value, then Amazon Web Services generates a
|
600
609
|
# random one for you.
|
601
610
|
#
|
611
|
+
# If you retry the operation with the same `ClientToken`, but with
|
612
|
+
# different parameters, the retry fails with an
|
613
|
+
# `IdempotentParameterMismatch` error.
|
614
|
+
#
|
602
615
|
#
|
603
616
|
#
|
604
617
|
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
605
618
|
#
|
606
619
|
# @option params [Integer] :permission_version
|
607
620
|
# Specifies the version of the RAM permission to associate with the
|
608
|
-
# resource share.
|
609
|
-
#
|
610
|
-
#
|
611
|
-
#
|
621
|
+
# resource share. You can specify *only* the version that is currently
|
622
|
+
# set as the default version for the permission. If you also set the
|
623
|
+
# `replace` pararameter to `true`, then this operation updates an
|
624
|
+
# outdated version of the permission to the current default version.
|
625
|
+
#
|
626
|
+
# <note markdown="1"> You don't need to specify this parameter because the default behavior
|
627
|
+
# is to use the version that is currently set as the default version for
|
628
|
+
# the permission. This parameter is supported for backwards
|
629
|
+
# compatibility.
|
630
|
+
#
|
631
|
+
# </note>
|
612
632
|
#
|
613
633
|
# @return [Types::AssociateResourceSharePermissionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
614
634
|
#
|
@@ -639,6 +659,234 @@ module Aws::RAM
|
|
639
659
|
req.send_request(options)
|
640
660
|
end
|
641
661
|
|
662
|
+
# Creates a customer managed permission for a specified resource type
|
663
|
+
# that you can attach to resource shares. It is created in the Amazon
|
664
|
+
# Web Services Region in which you call the operation.
|
665
|
+
#
|
666
|
+
# @option params [required, String] :name
|
667
|
+
# Specifies the name of the customer managed permission. The name must
|
668
|
+
# be unique within the Amazon Web Services Region.
|
669
|
+
#
|
670
|
+
# @option params [required, String] :resource_type
|
671
|
+
# Specifies the name of the resource type that this customer managed
|
672
|
+
# permission applies to.
|
673
|
+
#
|
674
|
+
# The format is ` <service-code>:<resource-type> ` and is not case
|
675
|
+
# sensitive. For example, to specify an Amazon EC2 Subnet, you can use
|
676
|
+
# the string `ec2:subnet`. To see the list of valid values for this
|
677
|
+
# parameter, query the ListResourceTypes operation.
|
678
|
+
#
|
679
|
+
# @option params [required, String] :policy_template
|
680
|
+
# A string in JSON format string that contains the following elements of
|
681
|
+
# a resource-based policy:
|
682
|
+
#
|
683
|
+
# * **Effect**: must be set to `ALLOW`.
|
684
|
+
#
|
685
|
+
# * **Action**: specifies the actions that are allowed by this customer
|
686
|
+
# managed permission. The list must contain only actions that are
|
687
|
+
# supported by the specified resource type. For a list of all actions
|
688
|
+
# supported by each resource type, see [Actions, resources, and
|
689
|
+
# condition keys for Amazon Web Services services][1] in the *Identity
|
690
|
+
# and Access Management User Guide*.
|
691
|
+
#
|
692
|
+
# * **Condition**: (optional) specifies conditional parameters that must
|
693
|
+
# evaluate to true when a user attempts an action for that action to
|
694
|
+
# be allowed. For more information about the Condition element, see
|
695
|
+
# [IAM policies: Condition element][2] in the *Identity and Access
|
696
|
+
# Management User Guide*.
|
697
|
+
#
|
698
|
+
# This template can't include either the `Resource` or `Principal`
|
699
|
+
# elements. Those are both filled in by RAM when it instantiates the
|
700
|
+
# resource-based policy on each resource shared using this managed
|
701
|
+
# permission. The `Resource` comes from the ARN of the specific resource
|
702
|
+
# that you are sharing. The `Principal` comes from the list of
|
703
|
+
# identities added to the resource share.
|
704
|
+
#
|
705
|
+
#
|
706
|
+
#
|
707
|
+
# [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html
|
708
|
+
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html
|
709
|
+
#
|
710
|
+
# @option params [String] :client_token
|
711
|
+
# Specifies a unique, case-sensitive identifier that you provide to
|
712
|
+
# ensure the idempotency of the request. This lets you safely retry the
|
713
|
+
# request without accidentally performing the same operation a second
|
714
|
+
# time. Passing the same value to a later call to an operation requires
|
715
|
+
# that you also pass the same value for all other parameters. We
|
716
|
+
# recommend that you use a [UUID type of value.][1].
|
717
|
+
#
|
718
|
+
# If you don't provide this value, then Amazon Web Services generates a
|
719
|
+
# random one for you.
|
720
|
+
#
|
721
|
+
# If you retry the operation with the same `ClientToken`, but with
|
722
|
+
# different parameters, the retry fails with an
|
723
|
+
# `IdempotentParameterMismatch` error.
|
724
|
+
#
|
725
|
+
#
|
726
|
+
#
|
727
|
+
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
728
|
+
#
|
729
|
+
# @option params [Array<Types::Tag>] :tags
|
730
|
+
# Specifies a list of one or more tag key and value pairs to attach to
|
731
|
+
# the permission.
|
732
|
+
#
|
733
|
+
# @return [Types::CreatePermissionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
734
|
+
#
|
735
|
+
# * {Types::CreatePermissionResponse#permission #permission} => Types::ResourceSharePermissionSummary
|
736
|
+
# * {Types::CreatePermissionResponse#client_token #client_token} => String
|
737
|
+
#
|
738
|
+
# @example Request syntax with placeholder values
|
739
|
+
#
|
740
|
+
# resp = client.create_permission({
|
741
|
+
# name: "PermissionName", # required
|
742
|
+
# resource_type: "String", # required
|
743
|
+
# policy_template: "Policy", # required
|
744
|
+
# client_token: "String",
|
745
|
+
# tags: [
|
746
|
+
# {
|
747
|
+
# key: "TagKey",
|
748
|
+
# value: "TagValue",
|
749
|
+
# },
|
750
|
+
# ],
|
751
|
+
# })
|
752
|
+
#
|
753
|
+
# @example Response structure
|
754
|
+
#
|
755
|
+
# resp.permission.arn #=> String
|
756
|
+
# resp.permission.version #=> String
|
757
|
+
# resp.permission.default_version #=> Boolean
|
758
|
+
# resp.permission.name #=> String
|
759
|
+
# resp.permission.resource_type #=> String
|
760
|
+
# resp.permission.status #=> String
|
761
|
+
# resp.permission.creation_time #=> Time
|
762
|
+
# resp.permission.last_updated_time #=> Time
|
763
|
+
# resp.permission.is_resource_type_default #=> Boolean
|
764
|
+
# resp.permission.permission_type #=> String, one of "CUSTOMER_MANAGED", "AWS_MANAGED"
|
765
|
+
# resp.permission.feature_set #=> String, one of "CREATED_FROM_POLICY", "PROMOTING_TO_STANDARD", "STANDARD"
|
766
|
+
# resp.permission.tags #=> Array
|
767
|
+
# resp.permission.tags[0].key #=> String
|
768
|
+
# resp.permission.tags[0].value #=> String
|
769
|
+
# resp.client_token #=> String
|
770
|
+
#
|
771
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/CreatePermission AWS API Documentation
|
772
|
+
#
|
773
|
+
# @overload create_permission(params = {})
|
774
|
+
# @param [Hash] params ({})
|
775
|
+
def create_permission(params = {}, options = {})
|
776
|
+
req = build_request(:create_permission, params)
|
777
|
+
req.send_request(options)
|
778
|
+
end
|
779
|
+
|
780
|
+
# Creates a new version of the specified customer managed permission.
|
781
|
+
# The new version is automatically set as the default version of the
|
782
|
+
# customer managed permission. New resource shares automatically use the
|
783
|
+
# default permission. Existing resource shares continue to use their
|
784
|
+
# original permission versions, but you can use
|
785
|
+
# ReplacePermissionAssociations to update them.
|
786
|
+
#
|
787
|
+
# If the specified customer managed permission already has the maximum
|
788
|
+
# of 5 versions, then you must delete one of the existing versions
|
789
|
+
# before you can create a new one.
|
790
|
+
#
|
791
|
+
# @option params [required, String] :permission_arn
|
792
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the customer managed
|
793
|
+
# permission you're creating a new version for.
|
794
|
+
#
|
795
|
+
#
|
796
|
+
#
|
797
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
798
|
+
#
|
799
|
+
# @option params [required, String] :policy_template
|
800
|
+
# A string in JSON format string that contains the following elements of
|
801
|
+
# a resource-based policy:
|
802
|
+
#
|
803
|
+
# * **Effect**: must be set to `ALLOW`.
|
804
|
+
#
|
805
|
+
# * **Action**: specifies the actions that are allowed by this customer
|
806
|
+
# managed permission. The list must contain only actions that are
|
807
|
+
# supported by the specified resource type. For a list of all actions
|
808
|
+
# supported by each resource type, see [Actions, resources, and
|
809
|
+
# condition keys for Amazon Web Services services][1] in the *Identity
|
810
|
+
# and Access Management User Guide*.
|
811
|
+
#
|
812
|
+
# * **Condition**: (optional) specifies conditional parameters that must
|
813
|
+
# evaluate to true when a user attempts an action for that action to
|
814
|
+
# be allowed. For more information about the Condition element, see
|
815
|
+
# [IAM policies: Condition element][2] in the *Identity and Access
|
816
|
+
# Management User Guide*.
|
817
|
+
#
|
818
|
+
# This template can't include either the `Resource` or `Principal`
|
819
|
+
# elements. Those are both filled in by RAM when it instantiates the
|
820
|
+
# resource-based policy on each resource shared using this managed
|
821
|
+
# permission. The `Resource` comes from the ARN of the specific resource
|
822
|
+
# that you are sharing. The `Principal` comes from the list of
|
823
|
+
# identities added to the resource share.
|
824
|
+
#
|
825
|
+
#
|
826
|
+
#
|
827
|
+
# [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html
|
828
|
+
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html
|
829
|
+
#
|
830
|
+
# @option params [String] :client_token
|
831
|
+
# Specifies a unique, case-sensitive identifier that you provide to
|
832
|
+
# ensure the idempotency of the request. This lets you safely retry the
|
833
|
+
# request without accidentally performing the same operation a second
|
834
|
+
# time. Passing the same value to a later call to an operation requires
|
835
|
+
# that you also pass the same value for all other parameters. We
|
836
|
+
# recommend that you use a [UUID type of value.][1].
|
837
|
+
#
|
838
|
+
# If you don't provide this value, then Amazon Web Services generates a
|
839
|
+
# random one for you.
|
840
|
+
#
|
841
|
+
# If you retry the operation with the same `ClientToken`, but with
|
842
|
+
# different parameters, the retry fails with an
|
843
|
+
# `IdempotentParameterMismatch` error.
|
844
|
+
#
|
845
|
+
#
|
846
|
+
#
|
847
|
+
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
848
|
+
#
|
849
|
+
# @return [Types::CreatePermissionVersionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
850
|
+
#
|
851
|
+
# * {Types::CreatePermissionVersionResponse#permission #permission} => Types::ResourceSharePermissionDetail
|
852
|
+
# * {Types::CreatePermissionVersionResponse#client_token #client_token} => String
|
853
|
+
#
|
854
|
+
# @example Request syntax with placeholder values
|
855
|
+
#
|
856
|
+
# resp = client.create_permission_version({
|
857
|
+
# permission_arn: "String", # required
|
858
|
+
# policy_template: "Policy", # required
|
859
|
+
# client_token: "String",
|
860
|
+
# })
|
861
|
+
#
|
862
|
+
# @example Response structure
|
863
|
+
#
|
864
|
+
# resp.permission.arn #=> String
|
865
|
+
# resp.permission.version #=> String
|
866
|
+
# resp.permission.default_version #=> Boolean
|
867
|
+
# resp.permission.name #=> String
|
868
|
+
# resp.permission.resource_type #=> String
|
869
|
+
# resp.permission.permission #=> String
|
870
|
+
# resp.permission.creation_time #=> Time
|
871
|
+
# resp.permission.last_updated_time #=> Time
|
872
|
+
# resp.permission.is_resource_type_default #=> Boolean
|
873
|
+
# resp.permission.permission_type #=> String, one of "CUSTOMER_MANAGED", "AWS_MANAGED"
|
874
|
+
# resp.permission.feature_set #=> String, one of "CREATED_FROM_POLICY", "PROMOTING_TO_STANDARD", "STANDARD"
|
875
|
+
# resp.permission.status #=> String, one of "ATTACHABLE", "UNATTACHABLE", "DELETING", "DELETED"
|
876
|
+
# resp.permission.tags #=> Array
|
877
|
+
# resp.permission.tags[0].key #=> String
|
878
|
+
# resp.permission.tags[0].value #=> String
|
879
|
+
# resp.client_token #=> String
|
880
|
+
#
|
881
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/CreatePermissionVersion AWS API Documentation
|
882
|
+
#
|
883
|
+
# @overload create_permission_version(params = {})
|
884
|
+
# @param [Hash] params ({})
|
885
|
+
def create_permission_version(params = {}, options = {})
|
886
|
+
req = build_request(:create_permission_version, params)
|
887
|
+
req.send_request(options)
|
888
|
+
end
|
889
|
+
|
642
890
|
# Creates a resource share. You can provide a list of the [Amazon
|
643
891
|
# Resource Names (ARNs)][1] for the resources that you want to share, a
|
644
892
|
# list of principals you want to share the resources with, and the
|
@@ -670,7 +918,7 @@ module Aws::RAM
|
|
670
918
|
#
|
671
919
|
# * An Amazon Web Services account ID, for example: `123456789012`
|
672
920
|
#
|
673
|
-
# * An [Amazon
|
921
|
+
# * An [Amazon Resource Name (ARN)][1] of an organization in
|
674
922
|
# Organizations, for example:
|
675
923
|
# `organizations::123456789012:organization/o-exampleorgid`
|
676
924
|
#
|
@@ -717,6 +965,10 @@ module Aws::RAM
|
|
717
965
|
# If you don't provide this value, then Amazon Web Services generates a
|
718
966
|
# random one for you.
|
719
967
|
#
|
968
|
+
# If you retry the operation with the same `ClientToken`, but with
|
969
|
+
# different parameters, the retry fails with an
|
970
|
+
# `IdempotentParameterMismatch` error.
|
971
|
+
#
|
720
972
|
#
|
721
973
|
#
|
722
974
|
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
@@ -779,13 +1031,155 @@ module Aws::RAM
|
|
779
1031
|
req.send_request(options)
|
780
1032
|
end
|
781
1033
|
|
782
|
-
# Deletes the specified
|
783
|
-
#
|
784
|
-
#
|
785
|
-
#
|
1034
|
+
# Deletes the specified customer managed permission in the Amazon Web
|
1035
|
+
# Services Region in which you call this operation. You can delete a
|
1036
|
+
# customer managed permission only if it isn't attached to any resource
|
1037
|
+
# share. The operation deletes all versions associated with the customer
|
1038
|
+
# managed permission.
|
1039
|
+
#
|
1040
|
+
# @option params [required, String] :permission_arn
|
1041
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the customer managed
|
1042
|
+
# permission that you want to delete.
|
1043
|
+
#
|
1044
|
+
#
|
1045
|
+
#
|
1046
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
1047
|
+
#
|
1048
|
+
# @option params [String] :client_token
|
1049
|
+
# Specifies a unique, case-sensitive identifier that you provide to
|
1050
|
+
# ensure the idempotency of the request. This lets you safely retry the
|
1051
|
+
# request without accidentally performing the same operation a second
|
1052
|
+
# time. Passing the same value to a later call to an operation requires
|
1053
|
+
# that you also pass the same value for all other parameters. We
|
1054
|
+
# recommend that you use a [UUID type of value.][1].
|
1055
|
+
#
|
1056
|
+
# If you don't provide this value, then Amazon Web Services generates a
|
1057
|
+
# random one for you.
|
1058
|
+
#
|
1059
|
+
# If you retry the operation with the same `ClientToken`, but with
|
1060
|
+
# different parameters, the retry fails with an
|
1061
|
+
# `IdempotentParameterMismatch` error.
|
1062
|
+
#
|
1063
|
+
#
|
1064
|
+
#
|
1065
|
+
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
1066
|
+
#
|
1067
|
+
# @return [Types::DeletePermissionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1068
|
+
#
|
1069
|
+
# * {Types::DeletePermissionResponse#return_value #return_value} => Boolean
|
1070
|
+
# * {Types::DeletePermissionResponse#client_token #client_token} => String
|
1071
|
+
# * {Types::DeletePermissionResponse#permission_status #permission_status} => String
|
1072
|
+
#
|
1073
|
+
# @example Request syntax with placeholder values
|
1074
|
+
#
|
1075
|
+
# resp = client.delete_permission({
|
1076
|
+
# permission_arn: "String", # required
|
1077
|
+
# client_token: "String",
|
1078
|
+
# })
|
1079
|
+
#
|
1080
|
+
# @example Response structure
|
1081
|
+
#
|
1082
|
+
# resp.return_value #=> Boolean
|
1083
|
+
# resp.client_token #=> String
|
1084
|
+
# resp.permission_status #=> String, one of "ATTACHABLE", "UNATTACHABLE", "DELETING", "DELETED"
|
1085
|
+
#
|
1086
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/DeletePermission AWS API Documentation
|
1087
|
+
#
|
1088
|
+
# @overload delete_permission(params = {})
|
1089
|
+
# @param [Hash] params ({})
|
1090
|
+
def delete_permission(params = {}, options = {})
|
1091
|
+
req = build_request(:delete_permission, params)
|
1092
|
+
req.send_request(options)
|
1093
|
+
end
|
1094
|
+
|
1095
|
+
# Deletes one version of a customer managed permission. The version you
|
1096
|
+
# specify must not be attached to any resource share and must not be the
|
1097
|
+
# default version for the permission.
|
1098
|
+
#
|
1099
|
+
# If a customer managed permission has the maximum of 5 versions, then
|
1100
|
+
# you must delete at least one version before you can create another.
|
1101
|
+
#
|
1102
|
+
# @option params [required, String] :permission_arn
|
1103
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the permission with
|
1104
|
+
# the version you want to delete.
|
1105
|
+
#
|
1106
|
+
#
|
1107
|
+
#
|
1108
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
1109
|
+
#
|
1110
|
+
# @option params [required, Integer] :permission_version
|
1111
|
+
# Specifies the version number to delete.
|
1112
|
+
#
|
1113
|
+
# You can't delete the default version for a customer managed
|
1114
|
+
# permission.
|
1115
|
+
#
|
1116
|
+
# You can't delete a version if it's the only version of the
|
1117
|
+
# permission. You must either first create another version, or delete
|
1118
|
+
# the permission completely.
|
1119
|
+
#
|
1120
|
+
# You can't delete a version if it is attached to any resource shares.
|
1121
|
+
# If the version is the default, you must first use
|
1122
|
+
# SetDefaultPermissionVersion to set a different version as the default
|
1123
|
+
# for the customer managed permission, and then use
|
1124
|
+
# AssociateResourceSharePermission to update your resource shares to use
|
1125
|
+
# the new default version.
|
1126
|
+
#
|
1127
|
+
# @option params [String] :client_token
|
1128
|
+
# Specifies a unique, case-sensitive identifier that you provide to
|
1129
|
+
# ensure the idempotency of the request. This lets you safely retry the
|
1130
|
+
# request without accidentally performing the same operation a second
|
1131
|
+
# time. Passing the same value to a later call to an operation requires
|
1132
|
+
# that you also pass the same value for all other parameters. We
|
1133
|
+
# recommend that you use a [UUID type of value.][1].
|
1134
|
+
#
|
1135
|
+
# If you don't provide this value, then Amazon Web Services generates a
|
1136
|
+
# random one for you.
|
1137
|
+
#
|
1138
|
+
# If you retry the operation with the same `ClientToken`, but with
|
1139
|
+
# different parameters, the retry fails with an
|
1140
|
+
# `IdempotentParameterMismatch` error.
|
1141
|
+
#
|
1142
|
+
#
|
1143
|
+
#
|
1144
|
+
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
1145
|
+
#
|
1146
|
+
# @return [Types::DeletePermissionVersionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1147
|
+
#
|
1148
|
+
# * {Types::DeletePermissionVersionResponse#return_value #return_value} => Boolean
|
1149
|
+
# * {Types::DeletePermissionVersionResponse#client_token #client_token} => String
|
1150
|
+
# * {Types::DeletePermissionVersionResponse#permission_status #permission_status} => String
|
1151
|
+
#
|
1152
|
+
# @example Request syntax with placeholder values
|
1153
|
+
#
|
1154
|
+
# resp = client.delete_permission_version({
|
1155
|
+
# permission_arn: "String", # required
|
1156
|
+
# permission_version: 1, # required
|
1157
|
+
# client_token: "String",
|
1158
|
+
# })
|
1159
|
+
#
|
1160
|
+
# @example Response structure
|
1161
|
+
#
|
1162
|
+
# resp.return_value #=> Boolean
|
1163
|
+
# resp.client_token #=> String
|
1164
|
+
# resp.permission_status #=> String, one of "ATTACHABLE", "UNATTACHABLE", "DELETING", "DELETED"
|
1165
|
+
#
|
1166
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/DeletePermissionVersion AWS API Documentation
|
1167
|
+
#
|
1168
|
+
# @overload delete_permission_version(params = {})
|
1169
|
+
# @param [Hash] params ({})
|
1170
|
+
def delete_permission_version(params = {}, options = {})
|
1171
|
+
req = build_request(:delete_permission_version, params)
|
1172
|
+
req.send_request(options)
|
1173
|
+
end
|
1174
|
+
|
1175
|
+
# Deletes the specified resource share.
|
1176
|
+
#
|
1177
|
+
# This doesn't delete any of the resources that were associated with
|
1178
|
+
# the resource share; it only stops the sharing of those resources
|
1179
|
+
# through this resource share.
|
786
1180
|
#
|
787
1181
|
# @option params [required, String] :resource_share_arn
|
788
|
-
# Specifies the [Amazon
|
1182
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the resource share to
|
789
1183
|
# delete.
|
790
1184
|
#
|
791
1185
|
#
|
@@ -803,6 +1197,10 @@ module Aws::RAM
|
|
803
1197
|
# If you don't provide this value, then Amazon Web Services generates a
|
804
1198
|
# random one for you.
|
805
1199
|
#
|
1200
|
+
# If you retry the operation with the same `ClientToken`, but with
|
1201
|
+
# different parameters, the retry fails with an
|
1202
|
+
# `IdempotentParameterMismatch` error.
|
1203
|
+
#
|
806
1204
|
#
|
807
1205
|
#
|
808
1206
|
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
@@ -833,12 +1231,12 @@ module Aws::RAM
|
|
833
1231
|
req.send_request(options)
|
834
1232
|
end
|
835
1233
|
|
836
|
-
#
|
837
|
-
# resource share.
|
1234
|
+
# Removes the specified principals or resources from participating in
|
1235
|
+
# the specified resource share.
|
838
1236
|
#
|
839
1237
|
# @option params [required, String] :resource_share_arn
|
840
|
-
# Specifies [Amazon
|
841
|
-
# you want to remove resources from.
|
1238
|
+
# Specifies [Amazon Resource Name (ARN)][1] of the resource share that
|
1239
|
+
# you want to remove resources or principals from.
|
842
1240
|
#
|
843
1241
|
#
|
844
1242
|
#
|
@@ -848,7 +1246,7 @@ module Aws::RAM
|
|
848
1246
|
# Specifies a list of [Amazon Resource Names (ARNs)][1] for one or more
|
849
1247
|
# resources that you want to remove from the resource share. After the
|
850
1248
|
# operation runs, these resources are no longer shared with principals
|
851
|
-
#
|
1249
|
+
# associated with the resource share.
|
852
1250
|
#
|
853
1251
|
#
|
854
1252
|
#
|
@@ -862,7 +1260,7 @@ module Aws::RAM
|
|
862
1260
|
#
|
863
1261
|
# * An Amazon Web Services account ID, for example: `123456789012`
|
864
1262
|
#
|
865
|
-
# * An [Amazon
|
1263
|
+
# * An [Amazon Resource Name (ARN)][1] of an organization in
|
866
1264
|
# Organizations, for example:
|
867
1265
|
# `organizations::123456789012:organization/o-exampleorgid`
|
868
1266
|
#
|
@@ -896,6 +1294,10 @@ module Aws::RAM
|
|
896
1294
|
# If you don't provide this value, then Amazon Web Services generates a
|
897
1295
|
# random one for you.
|
898
1296
|
#
|
1297
|
+
# If you retry the operation with the same `ClientToken`, but with
|
1298
|
+
# different parameters, the retry fails with an
|
1299
|
+
# `IdempotentParameterMismatch` error.
|
1300
|
+
#
|
899
1301
|
#
|
900
1302
|
#
|
901
1303
|
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
@@ -937,23 +1339,23 @@ module Aws::RAM
|
|
937
1339
|
req.send_request(options)
|
938
1340
|
end
|
939
1341
|
|
940
|
-
#
|
941
|
-
#
|
942
|
-
#
|
1342
|
+
# Removes a managed permission from a resource share. Permission changes
|
1343
|
+
# take effect immediately. You can remove a managed permission from a
|
1344
|
+
# resource share only if there are currently no resources of the
|
943
1345
|
# relevant resource type currently attached to the resource share.
|
944
1346
|
#
|
945
1347
|
# @option params [required, String] :resource_share_arn
|
946
|
-
# The [Amazon
|
947
|
-
#
|
1348
|
+
# The [Amazon Resource Name (ARN)][1] of the resource share that you
|
1349
|
+
# want to remove the managed permission from.
|
948
1350
|
#
|
949
1351
|
#
|
950
1352
|
#
|
951
1353
|
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
952
1354
|
#
|
953
1355
|
# @option params [required, String] :permission_arn
|
954
|
-
# The [Amazon
|
955
|
-
# from the resource share. Changes to permissions take
|
956
|
-
# immediately.
|
1356
|
+
# The [Amazon Resource Name (ARN)][1] of the managed permission to
|
1357
|
+
# disassociate from the resource share. Changes to permissions take
|
1358
|
+
# effect immediately.
|
957
1359
|
#
|
958
1360
|
#
|
959
1361
|
#
|
@@ -970,6 +1372,10 @@ module Aws::RAM
|
|
970
1372
|
# If you don't provide this value, then Amazon Web Services generates a
|
971
1373
|
# random one for you.
|
972
1374
|
#
|
1375
|
+
# If you retry the operation with the same `ClientToken`, but with
|
1376
|
+
# different parameters, the retry fails with an
|
1377
|
+
# `IdempotentParameterMismatch` error.
|
1378
|
+
#
|
973
1379
|
#
|
974
1380
|
#
|
975
1381
|
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
@@ -1002,15 +1408,18 @@ module Aws::RAM
|
|
1002
1408
|
end
|
1003
1409
|
|
1004
1410
|
# Enables resource sharing within your organization in Organizations.
|
1005
|
-
#
|
1006
|
-
#
|
1007
|
-
#
|
1411
|
+
# This operation creates a service-linked role called
|
1412
|
+
# `AWSServiceRoleForResourceAccessManager` that has the IAM managed
|
1413
|
+
# policy named AWSResourceAccessManagerServiceRolePolicy attached. This
|
1414
|
+
# role permits RAM to retrieve information about the organization and
|
1415
|
+
# its structure. This lets you share resources with all of the accounts
|
1416
|
+
# in the calling account's organization by specifying the organization
|
1008
1417
|
# ID, or all of the accounts in an organizational unit (OU) by
|
1009
|
-
# specifying the OU
|
1418
|
+
# specifying the OU ID. Until you enable sharing within the
|
1010
1419
|
# organization, you can specify only individual Amazon Web Services
|
1011
|
-
# accounts, or for supported resource types, IAM
|
1420
|
+
# accounts, or for supported resource types, IAM roles and users.
|
1012
1421
|
#
|
1013
|
-
# You must call this operation from an IAM
|
1422
|
+
# You must call this operation from an IAM role or user in the
|
1014
1423
|
# organization's management account.
|
1015
1424
|
#
|
1016
1425
|
# @return [Types::EnableSharingWithAwsOrganizationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
@@ -1030,10 +1439,10 @@ module Aws::RAM
|
|
1030
1439
|
req.send_request(options)
|
1031
1440
|
end
|
1032
1441
|
|
1033
|
-
#
|
1442
|
+
# Retrieves the contents of a managed permission in JSON format.
|
1034
1443
|
#
|
1035
1444
|
# @option params [required, String] :permission_arn
|
1036
|
-
# Specifies the [Amazon
|
1445
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the permission whose
|
1037
1446
|
# contents you want to retrieve. To find the ARN for a permission, use
|
1038
1447
|
# either the ListPermissions operation or go to the [Permissions
|
1039
1448
|
# library][2] page in the RAM console and then choose the name of the
|
@@ -1045,9 +1454,11 @@ module Aws::RAM
|
|
1045
1454
|
# [2]: https://console.aws.amazon.com/ram/home#Permissions:
|
1046
1455
|
#
|
1047
1456
|
# @option params [Integer] :permission_version
|
1048
|
-
# Specifies
|
1049
|
-
#
|
1050
|
-
#
|
1457
|
+
# Specifies the version number of the RAM permission to retrieve. If you
|
1458
|
+
# don't specify this parameter, the operation retrieves the default
|
1459
|
+
# version.
|
1460
|
+
#
|
1461
|
+
# To see the list of available versions, use ListPermissionVersions.
|
1051
1462
|
#
|
1052
1463
|
# @return [Types::GetPermissionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1053
1464
|
#
|
@@ -1071,6 +1482,12 @@ module Aws::RAM
|
|
1071
1482
|
# resp.permission.creation_time #=> Time
|
1072
1483
|
# resp.permission.last_updated_time #=> Time
|
1073
1484
|
# resp.permission.is_resource_type_default #=> Boolean
|
1485
|
+
# resp.permission.permission_type #=> String, one of "CUSTOMER_MANAGED", "AWS_MANAGED"
|
1486
|
+
# resp.permission.feature_set #=> String, one of "CREATED_FROM_POLICY", "PROMOTING_TO_STANDARD", "STANDARD"
|
1487
|
+
# resp.permission.status #=> String, one of "ATTACHABLE", "UNATTACHABLE", "DELETING", "DELETED"
|
1488
|
+
# resp.permission.tags #=> Array
|
1489
|
+
# resp.permission.tags[0].key #=> String
|
1490
|
+
# resp.permission.tags[0].value #=> String
|
1074
1491
|
#
|
1075
1492
|
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/GetPermission AWS API Documentation
|
1076
1493
|
#
|
@@ -1145,18 +1562,17 @@ module Aws::RAM
|
|
1145
1562
|
req.send_request(options)
|
1146
1563
|
end
|
1147
1564
|
|
1148
|
-
# Retrieves the
|
1149
|
-
# that you own.
|
1565
|
+
# Retrieves the lists of resources and principals that associated for
|
1566
|
+
# resource shares that you own.
|
1150
1567
|
#
|
1151
1568
|
# @option params [required, String] :association_type
|
1152
1569
|
# Specifies whether you want to retrieve the associations that involve a
|
1153
1570
|
# specified resource or principal.
|
1154
1571
|
#
|
1155
|
-
# * `PRINCIPAL` – list the principals
|
1156
|
-
#
|
1572
|
+
# * `PRINCIPAL` – list the principals whose associations you want to
|
1573
|
+
# see.
|
1157
1574
|
#
|
1158
|
-
# * `RESOURCE` – list the resources
|
1159
|
-
# specified resource share.
|
1575
|
+
# * `RESOURCE` – list the resources whose associations you want to see.
|
1160
1576
|
#
|
1161
1577
|
# @option params [Array<String>] :resource_share_arns
|
1162
1578
|
# Specifies a list of [Amazon Resource Names (ARNs)][1] of the resource
|
@@ -1167,7 +1583,7 @@ module Aws::RAM
|
|
1167
1583
|
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
1168
1584
|
#
|
1169
1585
|
# @option params [String] :resource_arn
|
1170
|
-
# Specifies the [Amazon
|
1586
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of a resource whose
|
1171
1587
|
# resource shares you want to retrieve.
|
1172
1588
|
#
|
1173
1589
|
# You cannot specify this parameter if the association type is
|
@@ -1180,7 +1596,7 @@ module Aws::RAM
|
|
1180
1596
|
# @option params [String] :principal
|
1181
1597
|
# Specifies the ID of the principal whose resource shares you want to
|
1182
1598
|
# retrieve. This can be an Amazon Web Services account ID, an
|
1183
|
-
# organization ID, an organizational unit ID, or the [Amazon
|
1599
|
+
# organization ID, an organizational unit ID, or the [Amazon Resource
|
1184
1600
|
# Name (ARN)][1] of an individual IAM user or role.
|
1185
1601
|
#
|
1186
1602
|
# You cannot specify this parameter if the association type is
|
@@ -1191,7 +1607,7 @@ module Aws::RAM
|
|
1191
1607
|
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
1192
1608
|
#
|
1193
1609
|
# @option params [String] :association_status
|
1194
|
-
# Specifies that you want to retrieve only associations
|
1610
|
+
# Specifies that you want to retrieve only associations that have this
|
1195
1611
|
# status.
|
1196
1612
|
#
|
1197
1613
|
# @option params [String] :next_token
|
@@ -1396,13 +1812,17 @@ module Aws::RAM
|
|
1396
1812
|
#
|
1397
1813
|
# @option params [String] :permission_arn
|
1398
1814
|
# Specifies that you want to retrieve details of only those resource
|
1399
|
-
# shares that use the
|
1815
|
+
# shares that use the managed permission with this [Amazon Resource Name
|
1400
1816
|
# (ARN)][1].
|
1401
1817
|
#
|
1402
1818
|
#
|
1403
1819
|
#
|
1404
1820
|
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
1405
1821
|
#
|
1822
|
+
# @option params [Integer] :permission_version
|
1823
|
+
# Specifies that you want to retrieve details for only those resource
|
1824
|
+
# shares that use the specified version of the managed permission.
|
1825
|
+
#
|
1406
1826
|
# @return [Types::GetResourceSharesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1407
1827
|
#
|
1408
1828
|
# * {Types::GetResourceSharesResponse#resource_shares #resource_shares} => Array<Types::ResourceShare>
|
@@ -1426,6 +1846,7 @@ module Aws::RAM
|
|
1426
1846
|
# next_token: "String",
|
1427
1847
|
# max_results: 1,
|
1428
1848
|
# permission_arn: "String",
|
1849
|
+
# permission_version: 1,
|
1429
1850
|
# })
|
1430
1851
|
#
|
1431
1852
|
# @example Response structure
|
@@ -1460,7 +1881,7 @@ module Aws::RAM
|
|
1460
1881
|
# hasn't expired.
|
1461
1882
|
#
|
1462
1883
|
# @option params [required, String] :resource_share_invitation_arn
|
1463
|
-
# Specifies the [Amazon
|
1884
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the invitation. You
|
1464
1885
|
# can use GetResourceShareInvitations to find the ARN of the invitation.
|
1465
1886
|
#
|
1466
1887
|
#
|
@@ -1540,10 +1961,111 @@ module Aws::RAM
|
|
1540
1961
|
req.send_request(options)
|
1541
1962
|
end
|
1542
1963
|
|
1964
|
+
# Lists information about the managed permission and its associations to
|
1965
|
+
# any resource shares that use this managed permission. This lets you
|
1966
|
+
# see which resource shares use which versions of the specified managed
|
1967
|
+
# permission.
|
1968
|
+
#
|
1969
|
+
# @option params [String] :permission_arn
|
1970
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the managed
|
1971
|
+
# permission.
|
1972
|
+
#
|
1973
|
+
#
|
1974
|
+
#
|
1975
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
1976
|
+
#
|
1977
|
+
# @option params [Integer] :permission_version
|
1978
|
+
# Specifies that you want to list only those associations with resource
|
1979
|
+
# shares that use this version of the managed permission. If you don't
|
1980
|
+
# provide a value for this parameter, then the operation returns
|
1981
|
+
# information about associations with resource shares that use any
|
1982
|
+
# version of the managed permission.
|
1983
|
+
#
|
1984
|
+
# @option params [String] :association_status
|
1985
|
+
# Specifies that you want to list only those associations with resource
|
1986
|
+
# shares that match this status.
|
1987
|
+
#
|
1988
|
+
# @option params [String] :resource_type
|
1989
|
+
# Specifies that you want to list only those associations with resource
|
1990
|
+
# shares that include at least one resource of this resource type.
|
1991
|
+
#
|
1992
|
+
# @option params [String] :feature_set
|
1993
|
+
# Specifies that you want to list only those associations with resource
|
1994
|
+
# shares that have a `featureSet` with this value.
|
1995
|
+
#
|
1996
|
+
# @option params [Boolean] :default_version
|
1997
|
+
# When `true`, specifies that you want to list only those associations
|
1998
|
+
# with resource shares that use the default version of the specified
|
1999
|
+
# managed permission.
|
2000
|
+
#
|
2001
|
+
# When `false` (the default value), lists associations with resource
|
2002
|
+
# shares that use any version of the specified managed permission.
|
2003
|
+
#
|
2004
|
+
# @option params [String] :next_token
|
2005
|
+
# Specifies that you want to receive the next page of results. Valid
|
2006
|
+
# only if you received a `NextToken` response in the previous request.
|
2007
|
+
# If you did, it indicates that more output is available. Set this
|
2008
|
+
# parameter to the value provided by the previous call's `NextToken`
|
2009
|
+
# response to request the next page of results.
|
2010
|
+
#
|
2011
|
+
# @option params [Integer] :max_results
|
2012
|
+
# Specifies the total number of results that you want included on each
|
2013
|
+
# page of the response. If you do not include this parameter, it
|
2014
|
+
# defaults to a value that is specific to the operation. If additional
|
2015
|
+
# items exist beyond the number you specify, the `NextToken` response
|
2016
|
+
# element is returned with a value (not null). Include the specified
|
2017
|
+
# value as the `NextToken` request parameter in the next call to the
|
2018
|
+
# operation to get the next part of the results. Note that the service
|
2019
|
+
# might return fewer results than the maximum even when there are more
|
2020
|
+
# results available. You should check `NextToken` after every operation
|
2021
|
+
# to ensure that you receive all of the results.
|
2022
|
+
#
|
2023
|
+
# @return [Types::ListPermissionAssociationsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2024
|
+
#
|
2025
|
+
# * {Types::ListPermissionAssociationsResponse#permissions #permissions} => Array<Types::AssociatedPermission>
|
2026
|
+
# * {Types::ListPermissionAssociationsResponse#next_token #next_token} => String
|
2027
|
+
#
|
2028
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
2029
|
+
#
|
2030
|
+
# @example Request syntax with placeholder values
|
2031
|
+
#
|
2032
|
+
# resp = client.list_permission_associations({
|
2033
|
+
# permission_arn: "String",
|
2034
|
+
# permission_version: 1,
|
2035
|
+
# association_status: "ASSOCIATING", # accepts ASSOCIATING, ASSOCIATED, FAILED, DISASSOCIATING, DISASSOCIATED
|
2036
|
+
# resource_type: "String",
|
2037
|
+
# feature_set: "CREATED_FROM_POLICY", # accepts CREATED_FROM_POLICY, PROMOTING_TO_STANDARD, STANDARD
|
2038
|
+
# default_version: false,
|
2039
|
+
# next_token: "String",
|
2040
|
+
# max_results: 1,
|
2041
|
+
# })
|
2042
|
+
#
|
2043
|
+
# @example Response structure
|
2044
|
+
#
|
2045
|
+
# resp.permissions #=> Array
|
2046
|
+
# resp.permissions[0].arn #=> String
|
2047
|
+
# resp.permissions[0].permission_version #=> String
|
2048
|
+
# resp.permissions[0].default_version #=> Boolean
|
2049
|
+
# resp.permissions[0].resource_type #=> String
|
2050
|
+
# resp.permissions[0].status #=> String
|
2051
|
+
# resp.permissions[0].feature_set #=> String, one of "CREATED_FROM_POLICY", "PROMOTING_TO_STANDARD", "STANDARD"
|
2052
|
+
# resp.permissions[0].last_updated_time #=> Time
|
2053
|
+
# resp.permissions[0].resource_share_arn #=> String
|
2054
|
+
# resp.next_token #=> String
|
2055
|
+
#
|
2056
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ListPermissionAssociations AWS API Documentation
|
2057
|
+
#
|
2058
|
+
# @overload list_permission_associations(params = {})
|
2059
|
+
# @param [Hash] params ({})
|
2060
|
+
def list_permission_associations(params = {}, options = {})
|
2061
|
+
req = build_request(:list_permission_associations, params)
|
2062
|
+
req.send_request(options)
|
2063
|
+
end
|
2064
|
+
|
1543
2065
|
# Lists the available versions of the specified RAM permission.
|
1544
2066
|
#
|
1545
2067
|
# @option params [required, String] :permission_arn
|
1546
|
-
# Specifies the [Amazon
|
2068
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the RAM permission
|
1547
2069
|
# whose versions you want to list. You can use the `permissionVersion`
|
1548
2070
|
# parameter on the AssociateResourceSharePermission operation to specify
|
1549
2071
|
# a non-default version to attach.
|
@@ -1598,6 +2120,11 @@ module Aws::RAM
|
|
1598
2120
|
# resp.permissions[0].creation_time #=> Time
|
1599
2121
|
# resp.permissions[0].last_updated_time #=> Time
|
1600
2122
|
# resp.permissions[0].is_resource_type_default #=> Boolean
|
2123
|
+
# resp.permissions[0].permission_type #=> String, one of "CUSTOMER_MANAGED", "AWS_MANAGED"
|
2124
|
+
# resp.permissions[0].feature_set #=> String, one of "CREATED_FROM_POLICY", "PROMOTING_TO_STANDARD", "STANDARD"
|
2125
|
+
# resp.permissions[0].tags #=> Array
|
2126
|
+
# resp.permissions[0].tags[0].key #=> String
|
2127
|
+
# resp.permissions[0].tags[0].value #=> String
|
1601
2128
|
# resp.next_token #=> String
|
1602
2129
|
#
|
1603
2130
|
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ListPermissionVersions AWS API Documentation
|
@@ -1613,9 +2140,11 @@ module Aws::RAM
|
|
1613
2140
|
# supported resource types.
|
1614
2141
|
#
|
1615
2142
|
# @option params [String] :resource_type
|
1616
|
-
# Specifies that you want to list permissions
|
1617
|
-
# resource type.
|
1618
|
-
#
|
2143
|
+
# Specifies that you want to list only those permissions that apply to
|
2144
|
+
# the specified resource type. This parameter is not case sensitive.
|
2145
|
+
#
|
2146
|
+
# For example, to list only permissions that apply to Amazon EC2
|
2147
|
+
# subnets, specify `ec2:subnet`. You can use the ListResourceTypes
|
1619
2148
|
# operation to get the specific string required.
|
1620
2149
|
#
|
1621
2150
|
# @option params [String] :next_token
|
@@ -1637,6 +2166,18 @@ module Aws::RAM
|
|
1637
2166
|
# results available. You should check `NextToken` after every operation
|
1638
2167
|
# to ensure that you receive all of the results.
|
1639
2168
|
#
|
2169
|
+
# @option params [String] :permission_type
|
2170
|
+
# Specifies that you want to list only permissions of this type:
|
2171
|
+
#
|
2172
|
+
# * `AWS` – returns only Amazon Web Services managed permissions.
|
2173
|
+
#
|
2174
|
+
# * `LOCAL` – returns only customer managed permissions
|
2175
|
+
#
|
2176
|
+
# * `ALL` – returns both Amazon Web Services managed permissions and
|
2177
|
+
# customer managed permissions.
|
2178
|
+
#
|
2179
|
+
# If you don't specify this parameter, the default is `All`.
|
2180
|
+
#
|
1640
2181
|
# @return [Types::ListPermissionsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1641
2182
|
#
|
1642
2183
|
# * {Types::ListPermissionsResponse#permissions #permissions} => Array<Types::ResourceSharePermissionSummary>
|
@@ -1650,6 +2191,7 @@ module Aws::RAM
|
|
1650
2191
|
# resource_type: "String",
|
1651
2192
|
# next_token: "String",
|
1652
2193
|
# max_results: 1,
|
2194
|
+
# permission_type: "ALL", # accepts ALL, AWS_MANAGED, CUSTOMER_MANAGED
|
1653
2195
|
# })
|
1654
2196
|
#
|
1655
2197
|
# @example Response structure
|
@@ -1664,6 +2206,11 @@ module Aws::RAM
|
|
1664
2206
|
# resp.permissions[0].creation_time #=> Time
|
1665
2207
|
# resp.permissions[0].last_updated_time #=> Time
|
1666
2208
|
# resp.permissions[0].is_resource_type_default #=> Boolean
|
2209
|
+
# resp.permissions[0].permission_type #=> String, one of "CUSTOMER_MANAGED", "AWS_MANAGED"
|
2210
|
+
# resp.permissions[0].feature_set #=> String, one of "CREATED_FROM_POLICY", "PROMOTING_TO_STANDARD", "STANDARD"
|
2211
|
+
# resp.permissions[0].tags #=> Array
|
2212
|
+
# resp.permissions[0].tags[0].key #=> String
|
2213
|
+
# resp.permissions[0].tags[0].value #=> String
|
1667
2214
|
# resp.next_token #=> String
|
1668
2215
|
#
|
1669
2216
|
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ListPermissions AWS API Documentation
|
@@ -1690,7 +2237,7 @@ module Aws::RAM
|
|
1690
2237
|
#
|
1691
2238
|
# @option params [String] :resource_arn
|
1692
2239
|
# Specifies that you want to list principal information for the resource
|
1693
|
-
# share with the specified [Amazon
|
2240
|
+
# share with the specified [Amazon Resource Name (ARN)][1].
|
1694
2241
|
#
|
1695
2242
|
#
|
1696
2243
|
#
|
@@ -1704,7 +2251,7 @@ module Aws::RAM
|
|
1704
2251
|
#
|
1705
2252
|
# * An Amazon Web Services account ID, for example: `123456789012`
|
1706
2253
|
#
|
1707
|
-
# * An [Amazon
|
2254
|
+
# * An [Amazon Resource Name (ARN)][1] of an organization in
|
1708
2255
|
# Organizations, for example:
|
1709
2256
|
# `organizations::123456789012:organization/o-exampleorgid`
|
1710
2257
|
#
|
@@ -1800,11 +2347,81 @@ module Aws::RAM
|
|
1800
2347
|
req.send_request(options)
|
1801
2348
|
end
|
1802
2349
|
|
2350
|
+
# Retrieves the current status of the asynchronous tasks performed by
|
2351
|
+
# RAM when you perform the ReplacePermissionAssociationsWork operation.
|
2352
|
+
#
|
2353
|
+
# @option params [Array<String>] :work_ids
|
2354
|
+
# A list of IDs. These values come from the `id`field of the
|
2355
|
+
# `replacePermissionAssociationsWork`structure returned by the
|
2356
|
+
# ReplacePermissionAssociations operation.
|
2357
|
+
#
|
2358
|
+
# @option params [String] :status
|
2359
|
+
# Specifies that you want to see only the details about requests with a
|
2360
|
+
# status that matches this value.
|
2361
|
+
#
|
2362
|
+
# @option params [String] :next_token
|
2363
|
+
# Specifies that you want to receive the next page of results. Valid
|
2364
|
+
# only if you received a `NextToken` response in the previous request.
|
2365
|
+
# If you did, it indicates that more output is available. Set this
|
2366
|
+
# parameter to the value provided by the previous call's `NextToken`
|
2367
|
+
# response to request the next page of results.
|
2368
|
+
#
|
2369
|
+
# @option params [Integer] :max_results
|
2370
|
+
# Specifies the total number of results that you want included on each
|
2371
|
+
# page of the response. If you do not include this parameter, it
|
2372
|
+
# defaults to a value that is specific to the operation. If additional
|
2373
|
+
# items exist beyond the number you specify, the `NextToken` response
|
2374
|
+
# element is returned with a value (not null). Include the specified
|
2375
|
+
# value as the `NextToken` request parameter in the next call to the
|
2376
|
+
# operation to get the next part of the results. Note that the service
|
2377
|
+
# might return fewer results than the maximum even when there are more
|
2378
|
+
# results available. You should check `NextToken` after every operation
|
2379
|
+
# to ensure that you receive all of the results.
|
2380
|
+
#
|
2381
|
+
# @return [Types::ListReplacePermissionAssociationsWorkResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2382
|
+
#
|
2383
|
+
# * {Types::ListReplacePermissionAssociationsWorkResponse#replace_permission_associations_works #replace_permission_associations_works} => Array<Types::ReplacePermissionAssociationsWork>
|
2384
|
+
# * {Types::ListReplacePermissionAssociationsWorkResponse#next_token #next_token} => String
|
2385
|
+
#
|
2386
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
2387
|
+
#
|
2388
|
+
# @example Request syntax with placeholder values
|
2389
|
+
#
|
2390
|
+
# resp = client.list_replace_permission_associations_work({
|
2391
|
+
# work_ids: ["String"],
|
2392
|
+
# status: "IN_PROGRESS", # accepts IN_PROGRESS, COMPLETED, FAILED
|
2393
|
+
# next_token: "String",
|
2394
|
+
# max_results: 1,
|
2395
|
+
# })
|
2396
|
+
#
|
2397
|
+
# @example Response structure
|
2398
|
+
#
|
2399
|
+
# resp.replace_permission_associations_works #=> Array
|
2400
|
+
# resp.replace_permission_associations_works[0].id #=> String
|
2401
|
+
# resp.replace_permission_associations_works[0].from_permission_arn #=> String
|
2402
|
+
# resp.replace_permission_associations_works[0].from_permission_version #=> String
|
2403
|
+
# resp.replace_permission_associations_works[0].to_permission_arn #=> String
|
2404
|
+
# resp.replace_permission_associations_works[0].to_permission_version #=> String
|
2405
|
+
# resp.replace_permission_associations_works[0].status #=> String, one of "IN_PROGRESS", "COMPLETED", "FAILED"
|
2406
|
+
# resp.replace_permission_associations_works[0].status_message #=> String
|
2407
|
+
# resp.replace_permission_associations_works[0].creation_time #=> Time
|
2408
|
+
# resp.replace_permission_associations_works[0].last_updated_time #=> Time
|
2409
|
+
# resp.next_token #=> String
|
2410
|
+
#
|
2411
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ListReplacePermissionAssociationsWork AWS API Documentation
|
2412
|
+
#
|
2413
|
+
# @overload list_replace_permission_associations_work(params = {})
|
2414
|
+
# @param [Hash] params ({})
|
2415
|
+
def list_replace_permission_associations_work(params = {}, options = {})
|
2416
|
+
req = build_request(:list_replace_permission_associations_work, params)
|
2417
|
+
req.send_request(options)
|
2418
|
+
end
|
2419
|
+
|
1803
2420
|
# Lists the RAM permissions that are associated with a resource share.
|
1804
2421
|
#
|
1805
2422
|
# @option params [required, String] :resource_share_arn
|
1806
|
-
# Specifies the [Amazon
|
1807
|
-
# which you want to retrieve the associated permissions.
|
2423
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the resource share
|
2424
|
+
# for which you want to retrieve the associated permissions.
|
1808
2425
|
#
|
1809
2426
|
#
|
1810
2427
|
#
|
@@ -1856,6 +2473,11 @@ module Aws::RAM
|
|
1856
2473
|
# resp.permissions[0].creation_time #=> Time
|
1857
2474
|
# resp.permissions[0].last_updated_time #=> Time
|
1858
2475
|
# resp.permissions[0].is_resource_type_default #=> Boolean
|
2476
|
+
# resp.permissions[0].permission_type #=> String, one of "CUSTOMER_MANAGED", "AWS_MANAGED"
|
2477
|
+
# resp.permissions[0].feature_set #=> String, one of "CREATED_FROM_POLICY", "PROMOTING_TO_STANDARD", "STANDARD"
|
2478
|
+
# resp.permissions[0].tags #=> Array
|
2479
|
+
# resp.permissions[0].tags[0].key #=> String
|
2480
|
+
# resp.permissions[0].tags[0].value #=> String
|
1859
2481
|
# resp.next_token #=> String
|
1860
2482
|
#
|
1861
2483
|
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ListResourceSharePermissions AWS API Documentation
|
@@ -2051,18 +2673,135 @@ module Aws::RAM
|
|
2051
2673
|
req.send_request(options)
|
2052
2674
|
end
|
2053
2675
|
|
2054
|
-
# When you attach a resource-based
|
2055
|
-
# automatically creates a resource share
|
2056
|
-
#
|
2057
|
-
#
|
2676
|
+
# When you attach a resource-based policy to a resource, RAM
|
2677
|
+
# automatically creates a resource share of
|
2678
|
+
# `featureSet`=`CREATED_FROM_POLICY` with a managed permission that has
|
2679
|
+
# the same IAM permissions as the original resource-based policy.
|
2680
|
+
# However, this type of managed permission is visible to only the
|
2681
|
+
# resource share owner, and the associated resource share can't be
|
2682
|
+
# modified by using RAM.
|
2683
|
+
#
|
2684
|
+
# This operation creates a separate, fully manageable customer managed
|
2685
|
+
# permission that has the same IAM permissions as the original
|
2686
|
+
# resource-based policy. You can associate this customer managed
|
2687
|
+
# permission to any resource shares.
|
2688
|
+
#
|
2689
|
+
# Before you use PromoteResourceShareCreatedFromPolicy, you should first
|
2690
|
+
# run this operation to ensure that you have an appropriate customer
|
2691
|
+
# managed permission that can be associated with the promoted resource
|
2692
|
+
# share.
|
2693
|
+
#
|
2694
|
+
# <note markdown="1"> * The original `CREATED_FROM_POLICY` policy isn't deleted, and
|
2695
|
+
# resource shares using that original policy aren't automatically
|
2696
|
+
# updated.
|
2697
|
+
#
|
2698
|
+
# * You can't modify a `CREATED_FROM_POLICY` resource share so you
|
2699
|
+
# can't associate the new customer managed permission by using
|
2700
|
+
# `ReplacePermsissionAssociations`. However, if you use
|
2701
|
+
# PromoteResourceShareCreatedFromPolicy, that operation automatically
|
2702
|
+
# associates the fully manageable customer managed permission to the
|
2703
|
+
# newly promoted `STANDARD` resource share.
|
2704
|
+
#
|
2705
|
+
# * After you promote a resource share, if the original
|
2706
|
+
# `CREATED_FROM_POLICY` managed permission has no other associations
|
2707
|
+
# to A resource share, then RAM automatically deletes it.
|
2708
|
+
#
|
2709
|
+
# </note>
|
2710
|
+
#
|
2711
|
+
# @option params [required, String] :permission_arn
|
2712
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the
|
2713
|
+
# `CREATED_FROM_POLICY` permission that you want to promote. You can get
|
2714
|
+
# this [Amazon Resource Name (ARN)][1] by calling the
|
2715
|
+
# ListResourceSharePermissions operation.
|
2716
|
+
#
|
2717
|
+
#
|
2718
|
+
#
|
2719
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
2720
|
+
#
|
2721
|
+
# @option params [required, String] :name
|
2722
|
+
# Specifies a name for the promoted customer managed permission.
|
2723
|
+
#
|
2724
|
+
# @option params [String] :client_token
|
2725
|
+
# Specifies a unique, case-sensitive identifier that you provide to
|
2726
|
+
# ensure the idempotency of the request. This lets you safely retry the
|
2727
|
+
# request without accidentally performing the same operation a second
|
2728
|
+
# time. Passing the same value to a later call to an operation requires
|
2729
|
+
# that you also pass the same value for all other parameters. We
|
2730
|
+
# recommend that you use a [UUID type of value.][1].
|
2731
|
+
#
|
2732
|
+
# If you don't provide this value, then Amazon Web Services generates a
|
2733
|
+
# random one for you.
|
2734
|
+
#
|
2735
|
+
# If you retry the operation with the same `ClientToken`, but with
|
2736
|
+
# different parameters, the retry fails with an
|
2737
|
+
# `IdempotentParameterMismatch` error.
|
2738
|
+
#
|
2739
|
+
#
|
2740
|
+
#
|
2741
|
+
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
2742
|
+
#
|
2743
|
+
# @return [Types::PromotePermissionCreatedFromPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2744
|
+
#
|
2745
|
+
# * {Types::PromotePermissionCreatedFromPolicyResponse#permission #permission} => Types::ResourceSharePermissionSummary
|
2746
|
+
# * {Types::PromotePermissionCreatedFromPolicyResponse#client_token #client_token} => String
|
2747
|
+
#
|
2748
|
+
# @example Request syntax with placeholder values
|
2749
|
+
#
|
2750
|
+
# resp = client.promote_permission_created_from_policy({
|
2751
|
+
# permission_arn: "String", # required
|
2752
|
+
# name: "String", # required
|
2753
|
+
# client_token: "String",
|
2754
|
+
# })
|
2755
|
+
#
|
2756
|
+
# @example Response structure
|
2058
2757
|
#
|
2059
|
-
#
|
2060
|
-
#
|
2061
|
-
#
|
2062
|
-
#
|
2758
|
+
# resp.permission.arn #=> String
|
2759
|
+
# resp.permission.version #=> String
|
2760
|
+
# resp.permission.default_version #=> Boolean
|
2761
|
+
# resp.permission.name #=> String
|
2762
|
+
# resp.permission.resource_type #=> String
|
2763
|
+
# resp.permission.status #=> String
|
2764
|
+
# resp.permission.creation_time #=> Time
|
2765
|
+
# resp.permission.last_updated_time #=> Time
|
2766
|
+
# resp.permission.is_resource_type_default #=> Boolean
|
2767
|
+
# resp.permission.permission_type #=> String, one of "CUSTOMER_MANAGED", "AWS_MANAGED"
|
2768
|
+
# resp.permission.feature_set #=> String, one of "CREATED_FROM_POLICY", "PROMOTING_TO_STANDARD", "STANDARD"
|
2769
|
+
# resp.permission.tags #=> Array
|
2770
|
+
# resp.permission.tags[0].key #=> String
|
2771
|
+
# resp.permission.tags[0].value #=> String
|
2772
|
+
# resp.client_token #=> String
|
2773
|
+
#
|
2774
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/PromotePermissionCreatedFromPolicy AWS API Documentation
|
2775
|
+
#
|
2776
|
+
# @overload promote_permission_created_from_policy(params = {})
|
2777
|
+
# @param [Hash] params ({})
|
2778
|
+
def promote_permission_created_from_policy(params = {}, options = {})
|
2779
|
+
req = build_request(:promote_permission_created_from_policy, params)
|
2780
|
+
req.send_request(options)
|
2781
|
+
end
|
2782
|
+
|
2783
|
+
# When you attach a resource-based policy to a resource, RAM
|
2784
|
+
# automatically creates a resource share of
|
2785
|
+
# `featureSet`=`CREATED_FROM_POLICY` with a managed permission that has
|
2786
|
+
# the same IAM permissions as the original resource-based policy.
|
2787
|
+
# However, this type of managed permission is visible to only the
|
2788
|
+
# resource share owner, and the associated resource share can't be
|
2789
|
+
# modified by using RAM.
|
2790
|
+
#
|
2791
|
+
# This operation promotes the resource share to a `STANDARD` resource
|
2792
|
+
# share that is fully manageable in RAM. When you promote a resource
|
2793
|
+
# share, you can then manage the resource share in RAM and it becomes
|
2794
|
+
# visible to all of the principals you shared it with.
|
2795
|
+
#
|
2796
|
+
# Before you perform this operation, you should first run
|
2797
|
+
# PromotePermissionCreatedFromPolicyto ensure that you have an
|
2798
|
+
# appropriate customer managed permission that can be associated with
|
2799
|
+
# this resource share after its is promoted. If this operation can't
|
2800
|
+
# find a managed permission that exactly matches the existing
|
2801
|
+
# `CREATED_FROM_POLICY` permission, then this operation fails.
|
2063
2802
|
#
|
2064
2803
|
# @option params [required, String] :resource_share_arn
|
2065
|
-
# Specifies the [Amazon
|
2804
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the resource share to
|
2066
2805
|
# promote.
|
2067
2806
|
#
|
2068
2807
|
#
|
@@ -2096,7 +2835,7 @@ module Aws::RAM
|
|
2096
2835
|
# Services account.
|
2097
2836
|
#
|
2098
2837
|
# @option params [required, String] :resource_share_invitation_arn
|
2099
|
-
# Specifies the [Amazon
|
2838
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the invitation that
|
2100
2839
|
# you want to reject.
|
2101
2840
|
#
|
2102
2841
|
#
|
@@ -2114,6 +2853,10 @@ module Aws::RAM
|
|
2114
2853
|
# If you don't provide this value, then Amazon Web Services generates a
|
2115
2854
|
# random one for you.
|
2116
2855
|
#
|
2856
|
+
# If you retry the operation with the same `ClientToken`, but with
|
2857
|
+
# different parameters, the retry fails with an
|
2858
|
+
# `IdempotentParameterMismatch` error.
|
2859
|
+
#
|
2117
2860
|
#
|
2118
2861
|
#
|
2119
2862
|
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
@@ -2161,13 +2904,178 @@ module Aws::RAM
|
|
2161
2904
|
req.send_request(options)
|
2162
2905
|
end
|
2163
2906
|
|
2164
|
-
#
|
2165
|
-
#
|
2166
|
-
#
|
2907
|
+
# Updates all resource shares that use a managed permission to a
|
2908
|
+
# different managed permission. This operation always applies the
|
2909
|
+
# default version of the target managed permission. You can optionally
|
2910
|
+
# specify that the update applies to only resource shares that currently
|
2911
|
+
# use a specified version. This enables you to update to the latest
|
2912
|
+
# version, without changing the which managed permission is used.
|
2167
2913
|
#
|
2168
|
-
#
|
2169
|
-
#
|
2170
|
-
#
|
2914
|
+
# You can use this operation to update all of your resource shares to
|
2915
|
+
# use the current default version of the permission by specifying the
|
2916
|
+
# same value for the `fromPermissionArn` and `toPermissionArn`
|
2917
|
+
# parameters.
|
2918
|
+
#
|
2919
|
+
# You can use the optional `fromPermissionVersion` parameter to update
|
2920
|
+
# only those resources that use a specified version of the managed
|
2921
|
+
# permission to the new managed permission.
|
2922
|
+
#
|
2923
|
+
# To successfully perform this operation, you must have permission to
|
2924
|
+
# update the resource-based policy on all affected resource types.
|
2925
|
+
#
|
2926
|
+
# @option params [required, String] :from_permission_arn
|
2927
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the managed
|
2928
|
+
# permission that you want to replace.
|
2929
|
+
#
|
2930
|
+
#
|
2931
|
+
#
|
2932
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
2933
|
+
#
|
2934
|
+
# @option params [Integer] :from_permission_version
|
2935
|
+
# Specifies that you want to updated the permissions for only those
|
2936
|
+
# resource shares that use the specified version of the managed
|
2937
|
+
# permission.
|
2938
|
+
#
|
2939
|
+
# @option params [required, String] :to_permission_arn
|
2940
|
+
# Specifies the ARN of the managed permission that you want to associate
|
2941
|
+
# with resource shares in place of the one specified by
|
2942
|
+
# `fromPerssionArn` and `fromPermissionVersion`.
|
2943
|
+
#
|
2944
|
+
# The operation always associates the version that is currently the
|
2945
|
+
# default for the specified managed permission.
|
2946
|
+
#
|
2947
|
+
# @option params [String] :client_token
|
2948
|
+
# Specifies a unique, case-sensitive identifier that you provide to
|
2949
|
+
# ensure the idempotency of the request. This lets you safely retry the
|
2950
|
+
# request without accidentally performing the same operation a second
|
2951
|
+
# time. Passing the same value to a later call to an operation requires
|
2952
|
+
# that you also pass the same value for all other parameters. We
|
2953
|
+
# recommend that you use a [UUID type of value.][1].
|
2954
|
+
#
|
2955
|
+
# If you don't provide this value, then Amazon Web Services generates a
|
2956
|
+
# random one for you.
|
2957
|
+
#
|
2958
|
+
# If you retry the operation with the same `ClientToken`, but with
|
2959
|
+
# different parameters, the retry fails with an
|
2960
|
+
# `IdempotentParameterMismatch` error.
|
2961
|
+
#
|
2962
|
+
#
|
2963
|
+
#
|
2964
|
+
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
2965
|
+
#
|
2966
|
+
# @return [Types::ReplacePermissionAssociationsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2967
|
+
#
|
2968
|
+
# * {Types::ReplacePermissionAssociationsResponse#replace_permission_associations_work #replace_permission_associations_work} => Types::ReplacePermissionAssociationsWork
|
2969
|
+
# * {Types::ReplacePermissionAssociationsResponse#client_token #client_token} => String
|
2970
|
+
#
|
2971
|
+
# @example Request syntax with placeholder values
|
2972
|
+
#
|
2973
|
+
# resp = client.replace_permission_associations({
|
2974
|
+
# from_permission_arn: "String", # required
|
2975
|
+
# from_permission_version: 1,
|
2976
|
+
# to_permission_arn: "String", # required
|
2977
|
+
# client_token: "String",
|
2978
|
+
# })
|
2979
|
+
#
|
2980
|
+
# @example Response structure
|
2981
|
+
#
|
2982
|
+
# resp.replace_permission_associations_work.id #=> String
|
2983
|
+
# resp.replace_permission_associations_work.from_permission_arn #=> String
|
2984
|
+
# resp.replace_permission_associations_work.from_permission_version #=> String
|
2985
|
+
# resp.replace_permission_associations_work.to_permission_arn #=> String
|
2986
|
+
# resp.replace_permission_associations_work.to_permission_version #=> String
|
2987
|
+
# resp.replace_permission_associations_work.status #=> String, one of "IN_PROGRESS", "COMPLETED", "FAILED"
|
2988
|
+
# resp.replace_permission_associations_work.status_message #=> String
|
2989
|
+
# resp.replace_permission_associations_work.creation_time #=> Time
|
2990
|
+
# resp.replace_permission_associations_work.last_updated_time #=> Time
|
2991
|
+
# resp.client_token #=> String
|
2992
|
+
#
|
2993
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ReplacePermissionAssociations AWS API Documentation
|
2994
|
+
#
|
2995
|
+
# @overload replace_permission_associations(params = {})
|
2996
|
+
# @param [Hash] params ({})
|
2997
|
+
def replace_permission_associations(params = {}, options = {})
|
2998
|
+
req = build_request(:replace_permission_associations, params)
|
2999
|
+
req.send_request(options)
|
3000
|
+
end
|
3001
|
+
|
3002
|
+
# Designates the specified version number as the default version for the
|
3003
|
+
# specified customer managed permission. New resource shares
|
3004
|
+
# automatically use this new default permission. Existing resource
|
3005
|
+
# shares continue to use their original permission version, but you can
|
3006
|
+
# use ReplacePermissionAssociations to update them.
|
3007
|
+
#
|
3008
|
+
# @option params [required, String] :permission_arn
|
3009
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the customer managed
|
3010
|
+
# permission whose default version you want to change.
|
3011
|
+
#
|
3012
|
+
#
|
3013
|
+
#
|
3014
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
3015
|
+
#
|
3016
|
+
# @option params [required, Integer] :permission_version
|
3017
|
+
# Specifies the version number that you want to designate as the default
|
3018
|
+
# for customer managed permission. To see a list of all available
|
3019
|
+
# version numbers, use ListPermissionVersions.
|
3020
|
+
#
|
3021
|
+
# @option params [String] :client_token
|
3022
|
+
# Specifies a unique, case-sensitive identifier that you provide to
|
3023
|
+
# ensure the idempotency of the request. This lets you safely retry the
|
3024
|
+
# request without accidentally performing the same operation a second
|
3025
|
+
# time. Passing the same value to a later call to an operation requires
|
3026
|
+
# that you also pass the same value for all other parameters. We
|
3027
|
+
# recommend that you use a [UUID type of value.][1].
|
3028
|
+
#
|
3029
|
+
# If you don't provide this value, then Amazon Web Services generates a
|
3030
|
+
# random one for you.
|
3031
|
+
#
|
3032
|
+
# If you retry the operation with the same `ClientToken`, but with
|
3033
|
+
# different parameters, the retry fails with an
|
3034
|
+
# `IdempotentParameterMismatch` error.
|
3035
|
+
#
|
3036
|
+
#
|
3037
|
+
#
|
3038
|
+
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
3039
|
+
#
|
3040
|
+
# @return [Types::SetDefaultPermissionVersionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
3041
|
+
#
|
3042
|
+
# * {Types::SetDefaultPermissionVersionResponse#return_value #return_value} => Boolean
|
3043
|
+
# * {Types::SetDefaultPermissionVersionResponse#client_token #client_token} => String
|
3044
|
+
#
|
3045
|
+
# @example Request syntax with placeholder values
|
3046
|
+
#
|
3047
|
+
# resp = client.set_default_permission_version({
|
3048
|
+
# permission_arn: "String", # required
|
3049
|
+
# permission_version: 1, # required
|
3050
|
+
# client_token: "String",
|
3051
|
+
# })
|
3052
|
+
#
|
3053
|
+
# @example Response structure
|
3054
|
+
#
|
3055
|
+
# resp.return_value #=> Boolean
|
3056
|
+
# resp.client_token #=> String
|
3057
|
+
#
|
3058
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/SetDefaultPermissionVersion AWS API Documentation
|
3059
|
+
#
|
3060
|
+
# @overload set_default_permission_version(params = {})
|
3061
|
+
# @param [Hash] params ({})
|
3062
|
+
def set_default_permission_version(params = {}, options = {})
|
3063
|
+
req = build_request(:set_default_permission_version, params)
|
3064
|
+
req.send_request(options)
|
3065
|
+
end
|
3066
|
+
|
3067
|
+
# Adds the specified tag keys and values to a resource share or managed
|
3068
|
+
# permission. If you choose a resource share, the tags are attached to
|
3069
|
+
# only the resource share, not to the resources that are in the resource
|
3070
|
+
# share.
|
3071
|
+
#
|
3072
|
+
# The tags on a managed permission are the same for all versions of the
|
3073
|
+
# managed permission.
|
3074
|
+
#
|
3075
|
+
# @option params [String] :resource_share_arn
|
3076
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the resource share
|
3077
|
+
# that you want to add tags to. You must specify *either*
|
3078
|
+
# `resourceShareArn`, or `resourceArn`, but not both.
|
2171
3079
|
#
|
2172
3080
|
#
|
2173
3081
|
#
|
@@ -2178,18 +3086,28 @@ module Aws::RAM
|
|
2178
3086
|
# present and not be an empty string. The tag value must be present but
|
2179
3087
|
# can be an empty string.
|
2180
3088
|
#
|
3089
|
+
# @option params [String] :resource_arn
|
3090
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the managed
|
3091
|
+
# permission that you want to add tags to. You must specify *either*
|
3092
|
+
# `resourceArn`, or `resourceShareArn`, but not both.
|
3093
|
+
#
|
3094
|
+
#
|
3095
|
+
#
|
3096
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
3097
|
+
#
|
2181
3098
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
2182
3099
|
#
|
2183
3100
|
# @example Request syntax with placeholder values
|
2184
3101
|
#
|
2185
3102
|
# resp = client.tag_resource({
|
2186
|
-
# resource_share_arn: "String",
|
3103
|
+
# resource_share_arn: "String",
|
2187
3104
|
# tags: [ # required
|
2188
3105
|
# {
|
2189
3106
|
# key: "TagKey",
|
2190
3107
|
# value: "TagValue",
|
2191
3108
|
# },
|
2192
3109
|
# ],
|
3110
|
+
# resource_arn: "String",
|
2193
3111
|
# })
|
2194
3112
|
#
|
2195
3113
|
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/TagResource AWS API Documentation
|
@@ -2202,12 +3120,13 @@ module Aws::RAM
|
|
2202
3120
|
end
|
2203
3121
|
|
2204
3122
|
# Removes the specified tag key and value pairs from the specified
|
2205
|
-
# resource share.
|
3123
|
+
# resource share or managed permission.
|
2206
3124
|
#
|
2207
|
-
# @option params [
|
2208
|
-
# Specifies the [Amazon
|
3125
|
+
# @option params [String] :resource_share_arn
|
3126
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the resource share
|
2209
3127
|
# that you want to remove tags from. The tags are removed from the
|
2210
|
-
# resource share, not the resources in the resource share.
|
3128
|
+
# resource share, not the resources in the resource share. You must
|
3129
|
+
# specify either `resourceShareArn`, or `resourceArn`, but not both.
|
2211
3130
|
#
|
2212
3131
|
#
|
2213
3132
|
#
|
@@ -2216,13 +3135,23 @@ module Aws::RAM
|
|
2216
3135
|
# @option params [required, Array<String>] :tag_keys
|
2217
3136
|
# Specifies a list of one or more tag keys that you want to remove.
|
2218
3137
|
#
|
3138
|
+
# @option params [String] :resource_arn
|
3139
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the managed
|
3140
|
+
# permission that you want to remove tags from. You must specify either
|
3141
|
+
# `resourceArn`, or `resourceShareArn`, but not both.
|
3142
|
+
#
|
3143
|
+
#
|
3144
|
+
#
|
3145
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
3146
|
+
#
|
2219
3147
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
2220
3148
|
#
|
2221
3149
|
# @example Request syntax with placeholder values
|
2222
3150
|
#
|
2223
3151
|
# resp = client.untag_resource({
|
2224
|
-
# resource_share_arn: "String",
|
3152
|
+
# resource_share_arn: "String",
|
2225
3153
|
# tag_keys: ["TagKey"], # required
|
3154
|
+
# resource_arn: "String",
|
2226
3155
|
# })
|
2227
3156
|
#
|
2228
3157
|
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/UntagResource AWS API Documentation
|
@@ -2237,7 +3166,7 @@ module Aws::RAM
|
|
2237
3166
|
# Modifies some of the properties of the specified resource share.
|
2238
3167
|
#
|
2239
3168
|
# @option params [required, String] :resource_share_arn
|
2240
|
-
# Specifies the [Amazon
|
3169
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the resource share
|
2241
3170
|
# that you want to modify.
|
2242
3171
|
#
|
2243
3172
|
#
|
@@ -2263,6 +3192,10 @@ module Aws::RAM
|
|
2263
3192
|
# If you don't provide this value, then Amazon Web Services generates a
|
2264
3193
|
# random one for you.
|
2265
3194
|
#
|
3195
|
+
# If you retry the operation with the same `ClientToken`, but with
|
3196
|
+
# different parameters, the retry fails with an
|
3197
|
+
# `IdempotentParameterMismatch` error.
|
3198
|
+
#
|
2266
3199
|
#
|
2267
3200
|
#
|
2268
3201
|
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
@@ -2319,7 +3252,7 @@ module Aws::RAM
|
|
2319
3252
|
params: params,
|
2320
3253
|
config: config)
|
2321
3254
|
context[:gem_name] = 'aws-sdk-ram'
|
2322
|
-
context[:gem_version] = '1.
|
3255
|
+
context[:gem_version] = '1.43.0'
|
2323
3256
|
Seahorse::Client::Request.new(handlers, context)
|
2324
3257
|
end
|
2325
3258
|
|