| Amazon.IdentityManagement.Model.Internal |
| Имя | Описание |
|---|---|
| AccessKey | The AccessKey data type contains information about an AWS access key. This data type is used as a response element in the actions CreateAccessKey and ListAccessKeys. |
| AccessKeyMetadata | Contains information about an AWS access key, without its secret key. This data type is used as a response element in the ListAccessKeys action. |
| AddClientIDToOpenIDConnectProviderRequest | Container for the parameters to the AddClientIDToOpenIDConnectProvider operation. Adds a new client ID (also known as audience) to the list of client IDs already registered for the specified IAM OpenID Connect (OIDC) provider resource. This action is idempotent; it does not fail or return an error if you add an existing client ID to the provider. |
| AddRoleToInstanceProfileRequest | Container for the parameters to the AddRoleToInstanceProfile operation. Adds the specified IAM role to the specified instance profile. The caller of this API must be granted the For more information about roles, go to Working with Roles. For more information about instance profiles, go to About Instance Profiles. |
| AddUserToGroupRequest | Container for the parameters to the AddUserToGroup operation. Adds the specified user to the specified group. |
| AttachGroupPolicyRequest | Container for the parameters to the AttachGroupPolicy operation. Attaches the specified managed policy to the specified IAM group. You use this API to attach a managed policy to a group. To embed an inline policy in a group, use PutGroupPolicy. For more information about policies, see Managed Policies and Inline Policies in the IAM User Guide. |
| AttachRolePolicyRequest | Container for the parameters to the AttachRolePolicy operation. Attaches the specified managed policy to the specified IAM role. When you attach a managed policy to a role, the managed policy becomes part of the role's permission (access) policy. You cannot use a managed policy as the role's trust policy. The role's trust policy is created at the same time as the role, using CreateRole. You can update a role's trust policy using UpdateAssumeRolePolicy. Use this API to attach a managed policy to a role. To embed an inline policy in a role, use PutRolePolicy. For more information about policies, see Managed Policies and Inline Policies in the IAM User Guide. |
| AttachUserPolicyRequest | Container for the parameters to the AttachUserPolicy operation. Attaches the specified managed policy to the specified user. You use this API to attach a managed policy to a user. To embed an inline policy in a user, use PutUserPolicy. For more information about policies, see Managed Policies and Inline Policies in the IAM User Guide. |
| ChangePasswordRequest | Container for the parameters to the ChangePassword operation. Changes the password of the IAM user who is calling this action. The root account password is not affected by this action. To change the password for a different user, see UpdateLoginProfile. For more information about modifying passwords, see Managing Passwords in the IAM User Guide. |
| ContextEntry | Contains information about a condition context key. It includes the name of the key and specifies the value (or values, if the context key supports multiple values) to use in the simulation. This information is used when evaluating the Condition elements of the input policies. This data type is used as an input parameter to |
| CreateAccessKeyRequest | Container for the parameters to the CreateAccessKey operation. Creates a new AWS secret access key and corresponding AWS access key ID for the specified user. The default status for new keys is If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing the request. Because this action works for access keys under the AWS account, you can use this API to manage root credentials even if the AWS account has no associated users. For information about limits on the number of keys you can create, see Limitations on IAM Entities in Using AWS Identity and Access Management . IMPORTANT:To ensure the security of your AWS account, the secret access key is accessible only during key and user creation. You must save the key (for example, in a text file) if you want to be able to access it again. If a secret key is lost, you can delete the access keys for the associated user and then create new keys. |
| CreateAccessKeyResponse | Returns information about the CreateAccessKeyResult response and response metadata. |
| CreateAccessKeyResult | Contains the result of a successful invocation of the CreateAccessKey action. |
| CreateAccountAliasRequest | Container for the parameters to the CreateAccountAlias operation. This action creates an alias for your AWS account. For information about using an AWS account alias, see Using an Alias for Your AWS Account ID in Using AWS Identity and Access Management . |
| CreateGroupRequest | Container for the parameters to the CreateGroup operation. Creates a new group. For information about the number of groups you can create, see Limitations on IAM Entities in Using AWS Identity and Access Management . |
| CreateGroupResponse | Contains the response to a successful CreateGroup request. |
| CreateGroupResult | Contains the result of a successful invocation of the CreateGroup action. |
| CreateInstanceProfileRequest | Container for the parameters to the CreateInstanceProfile operation. Creates a new instance profile. For information about instance profiles, go to About Instance Profiles. For information about the number of instance profiles you can create, see Limitations on IAM Entities in the IAM User Guide. |
| CreateInstanceProfileResponse | Returns information about the CreateInstanceProfileResult response and response metadata. |
| CreateInstanceProfileResult | Contains the result of a successful invocation of the CreateInstanceProfile action. |
| CreateLoginProfileRequest | Container for the parameters to the CreateLoginProfile operation. Creates a login profile for the specified User, giving the User the ability to access AWS services such as the AWS Management Console. For more information about login profiles, see Managing Login Profiles and MFA Devices in Using AWS Identity and Access Management. NOTE:In the full release you will be able to use IAM to access your services through the AWS Management Console. Although this feature is not currently available, you can create login profiles for your Users now. Then, when this feature is implemented, your Users can use IAM to access your services through the AWS Management Console. |
| CreateLoginProfileResponse | Returns information about the CreateLoginProfile response and response metadata. |
| CreateLoginProfileResult | Contains the result of a successful invocation of the CreateLoginProfile action. |
| CreateOpenIDConnectProviderRequest | Container for the parameters to the CreateOpenIDConnectProvider operation. Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC). The OIDC provider that you create with this operation can be used as a principal in a role's trust policy to establish a trust relationship between AWS and the OIDC provider. When you create the IAM OIDC provider, you specify the URL of the OIDC identity provider (IdP) to trust, a list of client IDs (also known as audiences) that identify the application or applications that are allowed to authenticate using the OIDC provider, and a list of thumbprints of the server certificate(s) that the IdP uses. You get all of this information from the OIDC IdP that you want to use for access to AWS. Because trust for the OIDC provider is ultimately derived from the IAM provider that this action creates, it is a best practice to limit access to the CreateOpenIDConnectProvider action to highly-privileged users. |
| CreateOpenIDConnectProviderResponse | Contains the response to a successful CreateOpenIDConnectProvider request. |
| CreatePolicyRequest | Container for the parameters to the CreatePolicy operation. Creates a new managed policy for your AWS account. This operation creates a policy version with a version identifier of For more information about managed policies in general, see Managed Policies and Inline Policies in the IAM User Guide. |
| CreatePolicyResponse | Contains the response to a successful CreatePolicy request. |
| CreatePolicyVersionRequest | Container for the parameters to the CreatePolicyVersion operation. Creates a new version of the specified managed policy. To update a managed policy, you create a new policy version. A managed policy can have up to five versions. If the policy has five versions, you must delete an existing version using DeletePolicyVersion before you create a new version. Optionally, you can set the new version as the policy's default version. The default version is the version that is in effect for the IAM users, groups, and roles to which the policy is attached. For more information about managed policy versions, see Versioning for Managed Policies in the IAM User Guide. |
| CreatePolicyVersionResponse | Contains the response to a successful CreatePolicyVersion request. |
| CreateRoleRequest | Container for the parameters to the CreateRole operation. Creates a new role for your AWS account. For information about limitations on the number of roles you can create, see Limitations on IAM Entities in Using AWS Identity and Access Management . |
| CreateRoleResponse | Returns information about the CreateRoleResult response and response metadata. |
| CreateRoleResult | Contains the result of a successful invocation of the CreateRoleResponse action. |
| CreateSAMLProviderRequest | Container for the parameters to the CreateSAMLProvider operation. Creates an IAM entity to describe an identity provider (IdP) that supports SAML 2.0. The SAML provider that you create with this operation can be used as a principal in a role's trust policy to establish a trust relationship between AWS and a SAML identity provider. You can create an IAM role that supports Web-based single sign-on (SSO) to the AWS Management Console or one that supports API access to AWS. When you create the SAML provider, you upload an a SAML metadata document that you get from your IdP and that includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP. NOTE:This operation requires Signature Version 4. For more information, see Giving Console Access Using SAML and Creating Temporary Security Credentials for SAML Federation in the Using Temporary Credentials guide. |
| CreateSAMLProviderResponse | Contains the response to a successful CreateSAMLProvider request. |
| CreateSAMLProviderResult | Contains the result of a successful invocation of the CreateSAMLProvider action. |
| CreateServiceSpecificCredentialRequest | Container for the parameters to the CreateServiceSpecificCredential operation. Generates a set of credentials consisting of a user name and password that can be used to access the service specified in the request. These credentials are generated by IAM, and can be used only for the specified service. You can have a maximum of two sets of service-specific credentials for each supported service per user. The only supported service at this time is AWS CodeCommit. You can reset the password to a new service-generated value by calling ResetServiceSpecificCredential. For more information about service-specific credentials, see Using IAM with AWS CodeCommit: Git Credentials, SSH Keys, and AWS Access Keys in the IAM User Guide. |
| CreateServiceSpecificCredentialResponse | This is the response object from the CreateServiceSpecificCredential operation. |
| CreateUserRequest | Container for the parameters to the CreateUser operation. Creates a new user for your AWS account. For information about limitations on the number of users you can create, see Limitations on IAM Entities in Using AWS Identity and Access Management . |
| CreateUserResponse | Returns information about the CreateUserResult response and response metadata. |
| CreateUserResult | Contains the result of a successful invocation of the CreateUser action. |
| CreateVirtualMFADeviceRequest | Container for the parameters to the CreateVirtualMFADevice operation. Creates a new virtual MFA device for the AWS account. After creating the virtual MFA, use EnableMFADevice to attach the MFA device to an IAM user. For more information about creating and working with virtual MFA devices, go to Using a Virtual MFA Device in the IAM User Guide. For information about limits on the number of MFA devices you can create, see Limitations on Entities in the IAM User Guide. The seed information contained in the QR code and the Base32 string should be treated like any other secret access information, such as your AWS access keys or your passwords. After you provision your virtual device, you should ensure that the information is destroyed following secure procedures. |
| CreateVirtualMFADeviceResponse | Contains the response to a successful CreateVirtualMFADevice request. |
| CreateVirtualMFADeviceResult | Contains the result of a successful invocation of the CreateVirtualMFADevice action. |
| CredentialReportExpiredException | |
| CredentialReportNotPresentException | |
| CredentialReportNotReadyException | |
| DeactivateMFADeviceRequest | Container for the parameters to the DeactivateMFADevice operation. Deactivates the specified MFA device and removes it from association with the user name for which it was originally enabled. For more information about creating and working with virtual MFA devices, go to Using a Virtual MFA Device in the IAM User Guide. |
| DeleteAccessKeyRequest | Container for the parameters to the DeleteAccessKey operation. Deletes the access key associated with the specified User. If you do not specify a User name, IAM determines the User name implicitly based on the AWS Access Key ID signing the request. Because this action works for access keys under the AWS Account, you can use this API to manage root credentials even if the AWS Account has no associated Users. |
| DeleteAccountAliasRequest | Container for the parameters to the DeleteAccountAlias operation. Deletes the specified AWS account alias. For information about using an AWS account alias, see Using an Alias for Your AWS Account ID in the IAM User Guide. |
| DeleteConflictException | |
| DeleteGroupPolicyRequest | Container for the parameters to the DeleteGroupPolicy operation. Deletes the specified policy that is associated with the specified group. |
| DeleteGroupRequest | Container for the parameters to the DeleteGroup operation. Deletes the specified group. The group must not contain any Users or have any attached policies. |
| DeleteInstanceProfileRequest | Container for the parameters to the DeleteInstanceProfile operation. Deletes the specified instance profile. The instance profile must not have an associated role. Make sure you do not have any Amazon EC2 instances running with the instance profile you are about to delete. Deleting a role or instance profile that is associated with a running instance will break any applications running on the instance. For more information about instance profiles, go to About Instance Profiles. |
| DeleteLoginProfileRequest | Container for the parameters to the DeleteLoginProfile operation. Deletes the password for the specified IAM user, which terminates the user's ability to access AWS services through the AWS Management Console. Deleting a user's password does not prevent a user from accessing AWS through the command line interface or the API. To prevent all user access you must also either make any access keys inactive or delete them. For more information about making keys inactive or deleting them, see UpdateAccessKey and DeleteAccessKey. |
| DeleteOpenIDConnectProviderRequest | Container for the parameters to the DeleteOpenIDConnectProvider operation. Deletes an OpenID Connect identity provider (IdP) resource object in IAM. Deleting an IAM OIDC provider resource does not update any roles that reference the provider as a principal in their trust policies. Any attempt to assume a role that references a deleted provider fails. This action is idempotent; it does not fail or return an error if you call the action for a provider that does not exist. |
| DeletePolicyRequest | Container for the parameters to the DeletePolicy operation. Deletes the specified managed policy. Before you can delete a managed policy, you must first detach the policy from all users, groups, and roles that it is attached to, and you must delete all of the policy's versions. The following steps describe the process for deleting a managed policy:
For information about managed policies, see Managed Policies and Inline Policies in the IAM User Guide. |
| DeletePolicyVersionRequest | Container for the parameters to the DeletePolicyVersion operation. Deletes the specified version from the specified managed policy. You cannot delete the default version from a policy using this API. To delete the default version from a policy, use DeletePolicy. To find out which version of a policy is marked as the default version, use ListPolicyVersions. For information about versions for managed policies, see Versioning for Managed Policies in the IAM User Guide. |
| DeleteRolePolicyRequest | Container for the parameters to the DeleteRolePolicy operation. Deletes the specified policy associated with the specified role. |
| DeleteRoleRequest | Container for the parameters to the DeleteRole operation. Deletes the specified role. The role must not have any policies attached. For more information about roles, go to Working with Roles . IMPORTANT:Make sure you do not have any Amazon EC2 instances running with the role you are about to delete. Deleting a role or instance profile that is associated with a running instance will break any applications running on the instance. |
| DeleteSAMLProviderRequest | Container for the parameters to the DeleteSAMLProvider operation. Deletes a SAML provider. Deleting the provider does not update any roles that reference the SAML provider as a principal in their trust policies. Any attempt to assume a role that references a SAML provider that has been deleted will fail. NOTE:This operation requires Signature Version 4. |
| DeleteSSHPublicKeyRequest | Container for the parameters to the DeleteSSHPublicKey operation. Deletes the specified SSH public key. The SSH public key deleted by this action is used only for authenticating the associated IAM user to an AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS CodeCommit for SSH Connections in the AWS CodeCommit User Guide. |
| DeleteServerCertificateRequest | Container for the parameters to the DeleteServerCertificate operation. Deletes the specified server certificate. For more information about working with server certificates, including a list of AWS services that can use the server certificates that you manage with IAM, go to Working with Server Certificates in the IAM User Guide. If you are using a server certificate with Elastic Load Balancing, deleting the certificate could have implications for your application. If Elastic Load Balancing doesn't detect the deletion of bound certificates, it may continue to use the certificates. This could cause Elastic Load Balancing to stop accepting traffic. We recommend that you remove the reference to the certificate from Elastic Load Balancing before using this command to delete the certificate. For more information, go to DeleteLoadBalancerListeners in the Elastic Load Balancing API Reference. |
| DeleteServiceSpecificCredentialRequest | Container for the parameters to the DeleteServiceSpecificCredential operation. Deletes the specified service-specific credential. |
| DeleteSigningCertificateRequest | Container for the parameters to the DeleteSigningCertificate operation. Deletes the specified signing certificate associated with the specified user. If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing the request. Because this action works for access keys under the AWS account, you can use this API to manage root credentials even if the AWS account has no associated users. |
| DeleteUserPolicyRequest | Container for the parameters to the DeleteUserPolicy operation. Deletes the specified policy associated with the specified User. |
| DeleteUserRequest | Container for the parameters to the DeleteUser operation. Deletes the specified user. The user must not belong to any groups, have any keys or signing certificates, or have any attached policies. |
| DeleteVirtualMFADeviceRequest | Container for the parameters to the DeleteVirtualMFADevice operation. Deletes a virtual MFA device. NOTE:You must deactivate a user's virtual MFA device before you can delete it. For information about deactivating MFA devices, see DeactivateMFADevice. |
| DetachGroupPolicyRequest | Container for the parameters to the DetachGroupPolicy operation. Removes the specified managed policy from the specified IAM group. A group can also have inline policies embedded with it. To delete an inline policy, use the DeleteGroupPolicy API. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide. |
| DetachRolePolicyRequest | Container for the parameters to the DetachRolePolicy operation. Removes the specified managed policy from the specified role. A role can also have inline policies embedded with it. To delete an inline policy, use the DeleteRolePolicy API. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide. |
| DetachUserPolicyRequest | Container for the parameters to the DetachUserPolicy operation. Removes the specified managed policy from the specified user. A user can also have inline policies embedded with it. To delete an inline policy, use the DeleteUserPolicy API. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide. |
| DuplicateCertificateException | |
| DuplicateSSHPublicKeyException | |
| EnableMFADeviceRequest | Container for the parameters to the EnableMFADevice operation. Enables the specified MFA device and associates it with the specified IAM user. When enabled, the MFA device is required for every subsequent login by the IAM user associated with the device. |
| EntityAlreadyExistsException | |
| EntityTemporarilyUnmodifiableException | |
| EvaluationResult | Contains the results of a simulation. This data type is used by the return parameter of |
| GetAccessKeyLastUsedRequest | Container for the parameters to the GetAccessKeyLastUsed operation. Retrieves information about when the specified access key was last used. The information includes the date and time of last use, along with the AWS service and region that were specified in the last request made with that key. |
| GetAccountAuthorizationDetailsRequest | Container for the parameters to the GetAccountAuthorizationDetails operation. Retrieves information about all IAM users, groups, roles, and policies in your AWS account, including their relationships to one another. Use this API to obtain a snapshot of the configuration of IAM permissions (users, groups, roles, and policies) in your account. You can optionally filter the results using the |
| GetAccountPasswordPolicyResponse | Returns information about the GetAccountPasswordPolicyResult response and response metadata. |
| GetAccountPasswordPolicyResult | Get Account Password Policy Result |
| GetAccountSummaryResponse | Contains the response to a successful GetAccountSummary request. |
| GetAccountSummaryResult | Get Account Summary Result |
| GetContextKeysForCustomPolicyRequest | Container for the parameters to the GetContextKeysForCustomPolicy operation. Gets a list of all of the context keys referenced in the input policies. The policies are supplied as a list of one or more strings. To get the context keys from policies associated with an IAM user, group, or role, use GetContextKeysForPrincipalPolicy. Context keys are variables maintained by AWS and its services that provide details about the context of an API query request, and can be evaluated by testing against a value specified in an IAM policy. Use GetContextKeysForCustomPolicy to understand what key names and values you must supply when you call SimulateCustomPolicy. Note that all parameters are shown in unencoded form here for clarity, but must be URL encoded to be included as a part of a real HTML request. |
| GetContextKeysForCustomPolicyResponse | Contains the response to a successful GetContextKeysForPrincipalPolicy or GetContextKeysForCustomPolicy request. |
| GetContextKeysForPrincipalPolicyRequest | Container for the parameters to the GetContextKeysForPrincipalPolicy operation. Gets a list of all of the context keys referenced in all of the IAM policies attached to the specified IAM entity. The entity can be an IAM user, group, or role. If you specify a user, then the request also includes all of the policies attached to groups that the user is a member of. You can optionally include a list of one or more additional policies, specified as strings. If you want to include only a list of policies by string, use GetContextKeysForCustomPolicy instead. Note: This API discloses information about the permissions granted to other users. If you do not want users to see other user's permissions, then consider allowing them to use GetContextKeysForCustomPolicy instead. Context keys are variables maintained by AWS and its services that provide details about the context of an API query request, and can be evaluated by testing against a value in an IAM policy. Use GetContextKeysForPrincipalPolicy to understand what key names and values you must supply when you call SimulatePrincipalPolicy. |
| GetContextKeysForPrincipalPolicyResponse | Contains the response to a successful GetContextKeysForPrincipalPolicy or GetContextKeysForCustomPolicy request. |
| GetCredentialReportResponse | Contains the response to a successful GetCredentialReport request. |
| GetGroupPolicyRequest | Container for the parameters to the GetGroupPolicy operation. Retrieves the specified policy document for the specified group. The returned policy is URL-encoded according to RFC 3986. For more information about RFC 3986, go to http://www.faqs.org/rfcs/rfc3986.html . |
| GetGroupPolicyResponse | Returns information about the GetGroupPolicyResult response and response metadata. |
| GetGroupPolicyResult | Contains the result of a successful invocation of the GetGroupPolicy action. |
| GetGroupRequest | Container for the parameters to the GetGroup operation. Returns a list of Users that are in the specified group. You can paginate the results using the |
| GetGroupResponse | Returns information about the GetGroup response and response metadata. |
| GetGroupResult | Contains the result of a successful invocation of the GetGroup action. |
| GetInstanceProfileRequest | Container for the parameters to the GetInstanceProfile operation. Retrieves information about the specified instance profile, including the instance profile's path, GUID, ARN, and role. For more information about instance profiles, go to About Instance Profiles . For more information about ARNs, go to ARNs . |
| GetInstanceProfileResponse | Returns information about the GetInstanceProfile response and response metadata. |
| GetInstanceProfileResult | Contains the result of a successful invocation of the GetInstanceProfileResponse action. |
| GetLoginProfileRequest | Container for the parameters to the GetLoginProfile operation. Retrieves the login profile for the specified User. NOTE:In the full release you will be able to use IAM to access your services through the AWS Management Console. Although this feature is not currently available, you can create login profiles for your Users now. Then, when this feature is implemented, your Users can use IAM to access your services through the AWS Management Console. |
| GetLoginProfileResponse | Contains the response to a successful GetLoginProfile request. |
| GetLoginProfileResult | Contains the result of a successful invocation of the GetLoginProfile action. |
| GetOpenIDConnectProviderRequest | Container for the parameters to the GetOpenIDConnectProvider operation. Returns information about the specified OpenID Connect (OIDC) provider resource object in IAM. |
| GetOpenIDConnectProviderResponse | Contains the response to a successful GetOpenIDConnectProvider request. |
| GetPolicyRequest | Container for the parameters to the GetPolicy operation. Retrieves information about the specified managed policy, including the policy's default version and the total number of IAM users, groups, and roles to which the policy is attached. To retrieve the list of the specific users, groups, and roles that the policy is attached to, use the ListEntitiesForPolicy API. This API returns metadata about the policy. To retrieve the actual policy document for a specific version of the policy, use GetPolicyVersion. This API retrieves information about managed policies. To retrieve information about an inline policy that is embedded with an IAM user, group, or role, use the GetUserPolicy, GetGroupPolicy, or GetRolePolicy API. For more information about policies, see Managed Policies and Inline Policies in the IAM User Guide. |
| GetPolicyResponse | Contains the response to a successful GetPolicy request. |
| GetPolicyVersionRequest | Container for the parameters to the GetPolicyVersion operation. Retrieves information about the specified version of the specified managed policy, including the policy document. Policies returned by this API are URL-encoded compliant with RFC 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the To list the available versions for a policy, use ListPolicyVersions. This API retrieves information about managed policies. To retrieve information about an inline policy that is embedded in a user, group, or role, use the GetUserPolicy, GetGroupPolicy, or GetRolePolicy API. For more information about the types of policies, see Managed Policies and Inline Policies in the IAM User Guide. For more information about managed policy versions, see Versioning for Managed Policies in the IAM User Guide. |
| GetRolePolicyRequest | Container for the parameters to the GetRolePolicy operation. Retrieves the specified policy document for the specified role. For more information about roles, go to Working with Roles . The returned policy is URL-encoded according to RFC 3986. For more information about RFC 3986, go to http://www.faqs.org/rfcs/rfc3986.html . |
| GetRolePolicyResponse | Returns information about the GetRolePolicyResult response and response metadata. |
| GetRolePolicyResult | Contains the result of a successful invocation of the GetRolePolicyResponse action. |
| GetRoleRequest | Container for the parameters to the GetRole operation. Retrieves information about the specified role, including the role's path, GUID, ARN, and the policy granting permission to EC2 to assume the role. For more information about ARNs, go to ARNs . For more information about roles, go to Working with Roles . The returned policy is URL-encoded according to RFC 3986. For more information about RFC 3986, go to http://www.faqs.org/rfcs/rfc3986.html . |
| GetRoleResponse | Returns information about the GetRole response and response metadata. |
| GetRoleResult | Contains the result of a successful invocation of the GetRole action. |
| GetSAMLProviderRequest | Container for the parameters to the GetSAMLProvider operation. Returns the SAML provider metadocument that was uploaded when the IAM SAML provider resource object was created or updated. This operation requires Signature Version 4. |
| GetSAMLProviderResponse | Returns information about the GetSAMLProvider response and response metadata. |
| GetSAMLProviderResult | Contains the result of a successful invocation of the GetSAMLProvider action. |
| GetSSHPublicKeyRequest | Container for the parameters to the GetSSHPublicKey operation. Retrieves the specified SSH public key, including metadata about the key. The SSH public key retrieved by this action is used only for authenticating the associated IAM user to an AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS CodeCommit for SSH Connections in the AWS CodeCommit User Guide. |
| GetSSHPublicKeyResponse | Contains the response to a successful GetSSHPublicKey request. |
| GetServerCertificateRequest | Container for the parameters to the GetServerCertificate operation. Retrieves information about the specified server certificate stored in IAM. For more information about working with server certificates, including a list of AWS services that can use the server certificates that you manage with IAM, go to Working with Server Certificates in the IAM User Guide. |
| GetServerCertificateResponse | Contains the response to a successful GetServerCertificate request. |
| GetServerCertificateResult | Contains the result of a successful invocation of the GetServerCertificate action. |
| GetUserPolicyRequest | Container for the parameters to the GetUserPolicy operation. Retrieves the specified policy document for the specified User. The returned policy is URL-encoded according to RFC 3986. For more information about RFC 3986, go to http://www.faqs.org/rfcs/rfc3986.html. |
| GetUserPolicyResponse | Contains the response to a successful GetUserPolicy request. |
| GetUserPolicyResult | Contains the result of a successful invocation of the GetUserPolicy action. |
| GetUserRequest | Container for the parameters to the GetUser operation. Retrieves information about the specified IAM user, including the user's creation date, path, unique ID, and ARN. If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID used to sign the request to this API. |
| GetUserResponse | Returns information about the GetUserResult response and response metadata. |
| GetUserResult | Contains the result of a successful invocation of the GetUser action. |
| Group | The Group data type contains information about a group. This data type is used as a response element in the following actions:
|
| GroupDetail | Contains information about an IAM group, including all of the group's policies. This data type is used as a response element in the GetAccountAuthorizationDetails action. |
| InstanceProfile | The InstanceProfile data type contains information about an instance profile. This data type is used as a response element in the following actions:
|
| InvalidAuthenticationCodeException | AmazonIdentityManagementService exception |
| InvalidCertificateException | |
| InvalidInputException | |
| InvalidPublicKeyException | |
| InvalidUserTypeException | |
| KeyPairMismatchException | |
| LimitExceededException | |
| ListAccessKeysRequest | Container for the parameters to the ListAccessKeys operation. Returns information about the access key IDs associated with the specified IAM user. If there are none, the action returns an empty list. Although each user is limited to a small number of keys, you can still paginate the results using the If the To ensure the security of your AWS account, the secret access key is accessible only during key and user creation. |
| ListAccessKeysResponse | Returns information about the ListAccessKeys response and response metadata. |
| ListAccessKeysResult | Contains the result of a successful invocation of the ListAccessKeys action. |
| ListAccountAliasesRequest | Container for the parameters to the ListAccountAliases operation. Lists the account alias associated with the AWS account (Note: you can have only one). For information about using an AWS account alias, see Using an Alias for Your AWS Account ID in the IAM User Guide. |
| ListAccountAliasesResponse | Returns information about the ListAccountAliases response and response metadata. |
| ListAccountAliasesResult | Contains the result of a successful invocation of the ListAccountAliases action. |
| ListAttachedGroupPoliciesRequest | Container for the parameters to the ListAttachedGroupPolicies operation. Lists all managed policies that are attached to the specified IAM group. An IAM group can also have inline policies embedded with it. To list the inline policies for a group, use the ListGroupPolicies API. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide. You can paginate the results using the |
| ListAttachedUserPoliciesRequest | Container for the parameters to the ListAttachedUserPolicies operation. Lists all managed policies that are attached to the specified IAM user. An IAM user can also have inline policies embedded with it. To list the inline policies for a user, use the ListUserPolicies API. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide. You can paginate the results using the |
| ListEntitiesForPolicyRequest | Container for the parameters to the ListEntitiesForPolicy operation. Lists all IAM users, groups, and roles that the specified managed policy is attached to. You can use the optional You can paginate the results using the |
| ListEntitiesForPolicyResponse | Contains the response to a successful ListEntitiesForPolicy request. |
| ListGroupPoliciesRequest | Container for the parameters to the ListGroupPolicies operation. Lists the names of the policies associated with the specified group. If there are none, the action returns an empty list. You can paginate the results using the |
| ListGroupPoliciesResponse | Contains the response to a successful ListGroupPolicies request. |
| ListGroupPoliciesResult | Contains the result of a successful invocation of the ListGroupPolicies action. |
| ListGroupsForUserRequest | Container for the parameters to the ListGroupsForUser operation. Lists the IAM groups that the specified IAM user belongs to. You can paginate the results using the |
| ListGroupsForUserResponse | Contains the response to a successful ListGroupsForUser request. |
| ListGroupsForUserResult | Contains the result of a successful invocation of the ListGroupsForUser action. |
| ListGroupsRequest | Container for the parameters to the ListGroups operation. Lists the IAM groups that have the specified path prefix. You can paginate the results using the |
| ListGroupsResponse | Returns information about the ListGroupsResult response and response metadata. |
| ListGroupsResult | Contains the result of a successful invocation of the ListGroups action. |
| ListInstanceProfilesForRoleRequest | Container for the parameters to the ListInstanceProfilesForRole operation. Lists the instance profiles that have the specified associated IAM role. If there are none, the action returns an empty list. For more information about instance profiles, go to About Instance Profiles. You can paginate the results using the |
| ListInstanceProfilesForRoleResponse | Returns information about the ListInstanceProfilesForRoleResult response and response metadata. |
| ListInstanceProfilesForRoleResult | Contains the result of a successful invocation of the ListInstanceProfilesForRoleResponse action. |
| ListInstanceProfilesRequest | Container for the parameters to the ListInstanceProfiles operation. Lists the instance profiles that have the specified path prefix. If there are none, the action returns an empty list. For more information about instance profiles, go to About Instance Profiles. You can paginate the results using the |
| ListInstanceProfilesResponse | Returns information about the ListInstanceProfiles response and response metadata. |
| ListInstanceProfilesResult | Contains the result of a successful invocation of the ListInstanceProfiles action. |
| ListMFADevicesRequest | Container for the parameters to the ListMFADevices operation. Lists the MFA devices for an IAM user. If the request includes a IAM user name, then this action lists all the MFA devices associated with the specified user. If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing the request for this API. You can paginate the results using the |
| ListMFADevicesResponse | Contains the response to a successful ListMFADevices request. |
| ListMFADevicesResult | Contains the result of a successful invocation of the ListMFADevices action. |
| ListOpenIDConnectProvidersResponse | Configuration for accessing Amazon ListOpenIDConnectProviders service |
| ListPoliciesRequest | Container for the parameters to the ListPolicies operation. Lists all the managed policies that are available in your AWS account, including your own customer-defined managed policies and all AWS managed policies. You can filter the list of policies that is returned using the optional You can paginate the results using the For more information about managed policies, see Managed Policies and Inline Policies in the IAM User Guide. |
| ListPolicyVersionsRequest | Container for the parameters to the ListPolicyVersions operation. Lists information about the versions of the specified managed policy, including the version that is currently set as the policy's default version. For more information about managed policies, see Managed Policies and Inline Policies in the IAM User Guide. |
| ListRolePoliciesRequest | Container for the parameters to the ListRolePolicies operation. Lists the names of the policies associated with the specified role. If there are none, the action returns an empty list. You can paginate the results using the |
| ListRolePoliciesResponse | Returns information about the ListRolePoliciesResult response and response metadata. |
| ListRolePoliciesResult | Contains the result of a successful invocation of the ListRolePolicies action. |
| ListRolesRequest | Container for the parameters to the ListRoles operation. Lists the roles that have the specified path prefix. If there are none, the action returns an empty list. For more information about roles, go to Working with Roles . You can paginate the results using the The returned policy is URL-encoded according to RFC 3986. For more information about RFC 3986, go to http://www.faqs.org/rfcs/rfc3986.html . |
| ListRolesResponse | Contains the response to a successful ListRoles request. |
| ListRolesResult | Contains the result of a successful invocation of the ListRoles action. |
| ListSAMLProvidersResponse | Returns information about the ListSAMLProviders response and response metadata. |
| ListSAMLProvidersResult | Contains the result of a successful invocation of the ListSAMLProviders action. |
| ListSSHPublicKeysResponse | Contains the response to a successful ListSSHPublicKeys request. |
| ListServerCertificatesRequest | Container for the parameters to the ListServerCertificates operation. Lists the server certificates that have the specified path prefix. If none exist, the action returns an empty list. You can paginate the results using the |
| ListServerCertificatesResponse | Contains the response to a successful ListServerCertificates request. |
| ListServerCertificatesResult | Contains the result of a successful invocation of the ListServerCertificates action. |
| ListServiceSpecificCredentialsRequest | Container for the parameters to the ListServiceSpecificCredentials operation. Returns information about the service-specific credentials associated with the specified IAM user. If there are none, the action returns an empty list. The service-specific credentials returned by this action are used only for authenticating the IAM user to a specific service. For more information about using service-specific credentials to authenticate to an AWS service, see Set Up service-specific credentials in the AWS CodeCommit User Guide. |
| ListServiceSpecificCredentialsResponse | This is the response object from the ListServiceSpecificCredentials operation. |
| ListSigningCertificatesRequest | Container for the parameters to the ListSigningCertificates operation. Returns information about the signing certificates associated with the specified user. If there are none, the action returns an empty list. Although each user is limited to a small number of signing certificates, you can still paginate the results using the If the |
| ListSigningCertificatesResponse | Returns information about the ListSigningCertificatesResult response and response metadata. |
| ListSigningCertificatesResult | Contains the result of a successful invocation of the ListSigningCertificates action. |
| ListUserPoliciesRequest | Container for the parameters to the ListUserPolicies operation. Lists the names of the inline policies embedded in the specified IAM user. An IAM user can also have managed policies attached to it. To list the managed policies that are attached to a user, use ListAttachedUserPolicies. For more information about policies, see Managed Policies and Inline Policies in the IAM User Guide. You can paginate the results using the |
| ListUserPoliciesResponse | Returns information about the ListUserPolicies response and response metadata. |
| ListUserPoliciesResult | Contains the result of a successful invocation of the ListUserPolicies action. |
| ListUsersRequest | Container for the parameters to the ListUsers operation. Lists the users that have the specified path prefix. If there are none, the action returns an empty list. You can paginate the results using the |
| ListUsersResponse | Contains the response to a successful ListUsers request. |
| ListUsersResult | Contains the result of a successful invocation of the ListUsers action. |
| ListVirtualMFADevicesRequest | Container for the parameters to the ListVirtualMFADevices operation. Lists the virtual MFA devices under the AWS account by assignment status. If you do not specify an assignment status, the action returns a list of all virtual MFA devices. Assignment status can be You can paginate the results using the |
| ListVirtualMFADevicesResponse | Contains the response to a successful ListVirtualMFADevices request. |
| ListVirtualMFADevicesResult | Contains the result of a successful invocation of the ListVirtualMFADevices action. |
| LoginProfile | The LoginProfile data type contains information about a login profile for a User. This data type is used as a response element in the actions CreateLoginProfile and GetLoginProfile. |
| MFADevice | The This data type is used as a response element in the action ListMFADevices. |
| MalformedCertificateException | |
| MalformedPolicyDocumentException | |
| ManagedPolicy | Contains information about a managed policy. This data type is used as a response element in the CreatePolicy, GetPolicy, and ListPolicies actions. For more information about managed policies, refer to Managed Policies and Inline Policies in the Using IAM guide. |
| ManagedPolicyDetail | Contains information about a managed policy, including the policy's ARN, versions, and the number of principal entities (users, groups, and roles) that the policy is attached to. This data type is used as a response element in the GetAccountAuthorizationDetails action. For more information about managed policies, see Managed Policies and Inline Policies in the Using IAM guide. |
| NoSuchEntityException | |
| PasswordPolicy | The PasswordPolicy data type contains information about the account password policy. This data type is used as a response element in the action GetAccountPasswordPolicy. |
| PasswordPolicyViolationException | |
| PolicyEvaluationException | |
| PolicyGroup | Contains information about a group that a managed policy is attached to. This data type is used as a response element in the ListEntitiesForPolicy action. For more information about managed policies, refer to Managed Policies and Inline Policies in the Using IAM guide. |
| PolicyRole | Contains information about a role that a managed policy is attached to. This data type is used as a response element in the ListEntitiesForPolicy action. For more information about managed policies, refer to Managed Policies and Inline Policies in the Using IAM guide. |
| PolicyUser | Contains information about a user that a managed policy is attached to. This data type is used as a response element in the ListEntitiesForPolicy action. For more information about managed policies, refer to Managed Policies and Inline Policies in the Using IAM guide. |
| Position | Contains the row and column of a location of a Statement element in a policy document. This data type is used as a member of the |
| PutGroupPolicyRequest | Container for the parameters to the PutGroupPolicy operation. Adds or updates an inline policy document that is embedded in the specified IAM group. A user can also have managed policies attached to it. To attach a managed policy to a group, use AttachGroupPolicy. To create a new managed policy, use CreatePolicy. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide. For information about limits on the number of inline policies that you can embed in a group, see Limitations on IAM Entities in the IAM User Guide. Because policy documents can be large, you should use POST rather than GET when calling |
| PutRolePolicyRequest | Container for the parameters to the PutRolePolicy operation. Adds or updates an inline policy document that is embedded in the specified IAM role. When you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role, using CreateRole. You can update a role's trust policy using UpdateAssumeRolePolicy. For more information about IAM roles, go to Using Roles to Delegate Permissions and Federate Identities. A role can also have a managed policy attached to it. To attach a managed policy to a role, use AttachRolePolicy. To create a new managed policy, use CreatePolicy. For information about policies, see Managed Policies and Inline Policies in the IAM User Guide. For information about limits on the number of inline policies that you can embed with a role, see Limitations on IAM Entities in the IAM User Guide. Because policy documents can be large, you should use POST rather than GET when calling |
| PutUserPolicyRequest | Container for the parameters to the PutUserPolicy operation. Adds (or updates) a policy document associated with the specified User. For information about how to write a policy, refer to Using AWS Identity and Access Management. For information about limits on the number of policies you can associate with a User, see Limitations on IAM Entities in Using AWS Identity and Access Management. NOTE:Because policy documents can be large, you should use POST rather than GET when calling PutUserPolicy. For more information, see Using the Query API in Using AWS Identity and Access Management. |
| RemoveClientIDFromOpenIDConnectProviderRequest | Container for the parameters to the RemoveClientIDFromOpenIDConnectProvider operation. Removes the specified client ID (also known as audience) from the list of client IDs registered for the specified IAM OpenID Connect (OIDC) provider resource object. This action is idempotent; it does not fail or return an error if you try to remove a client ID that does not exist. |
| RemoveRoleFromInstanceProfileRequest | Container for the parameters to the RemoveRoleFromInstanceProfile operation. Removes the specified role from the specified instance profile. |
| RemoveUserFromGroupRequest | Container for the parameters to the RemoveUserFromGroup operation. Removes the specified User from the specified group. |
| ResetServiceSpecificCredentialRequest | Container for the parameters to the ResetServiceSpecificCredential operation. Resets the password for a service-specific credential. The new password is AWS generated and cryptographically strong. It cannot be configured by the user. Resetting the password immediately invalidates the previous password associated with this user. |
| ResetServiceSpecificCredentialResponse | This is the response object from the ResetServiceSpecificCredential operation. |
| ResourceSpecificResult | Contains the result of the simulation of a single API action call on a single resource. This data type is used by a member of the EvaluationResult data type. |
| ResyncMFADeviceRequest | Container for the parameters to the ResyncMFADevice operation. Synchronizes the specified MFA device with AWS servers. |
| Role | The Role data type contains information about a role. This data type is used as a response element in the following actions:
|
| RoleDetail | Contains information about an IAM role, including all of the role's policies. This data type is used as a response element in the GetAccountAuthorizationDetails action. |
| SAMLProviderListEntry | Contains the list of SAML providers for this account. |
| ServerCertificate | The ServerCertificate data type contains information about a server certificate. This data type is used as a response element in the action GetServerCertificate. |
| ServerCertificateMetadata | Contains information about a server certificate without its certificate body, certificate chain, and private key. This data type is used as a response element in the UploadServerCertificate and ListServerCertificates actions. |
| ServiceFailureException | |
| ServiceNotSupportedException | |
| ServiceSpecificCredential | Contains the details of a service specific credential. |
| ServiceSpecificCredentialMetadata | Contains additional details about a service-specific credential. |
| SetDefaultPolicyVersionRequest | Container for the parameters to the SetDefaultPolicyVersion operation. Sets the specified version of the specified policy as the policy's default (operative) version. This action affects all users, groups, and roles that the policy is attached to. To list the users, groups, and roles that the policy is attached to, use the ListEntitiesForPolicy API. For information about managed policies, see Managed Policies and Inline Policies in the IAM User Guide. |
| SigningCertificate | The SigningCertificate data type contains information about an X.509 signing certificate. This data type is used as a response element in the actions UploadSigningCertificate and ListSigningCertificates. |
| SimulateCustomPolicyRequest | Container for the parameters to the SimulateCustomPolicy operation. Simulate how a set of IAM policies and optionally a resource-based policy works with a list of API actions and AWS resources to determine the policies' effective permissions. The policies are provided as strings. The simulation does not perform the API actions; it only checks the authorization to determine if the simulated policies allow or deny the actions. If you want to simulate existing policies attached to an IAM user, group, or role, use SimulatePrincipalPolicy instead. Context keys are variables maintained by AWS and its services that provide details about the context of an API query request. You can use the If the output is long, you can use |
| SimulatePrincipalPolicyRequest | Container for the parameters to the SimulatePrincipalPolicy operation. Simulate how a set of IAM policies attached to an IAM entity works with a list of API actions and AWS resources to determine the policies' effective permissions. The entity can be an IAM user, group, or role. If you specify a user, then the simulation also includes all of the policies that are attached to groups that the user belongs to . You can optionally include a list of one or more additional policies specified as strings to include in the simulation. If you want to simulate only policies specified as strings, use SimulateCustomPolicy instead. You can also optionally include one resource-based policy to be evaluated with each of the resources included in the simulation. The simulation does not perform the API actions, it only checks the authorization to determine if the simulated policies allow or deny the actions. Note: This API discloses information about the permissions granted to other users. If you do not want users to see other user's permissions, then consider allowing them to use SimulateCustomPolicy instead. Context keys are variables maintained by AWS and its services that provide details about the context of an API query request. You can use the If the output is long, you can use the |
| Statement | Contains a reference to a Statement element in a policy document that determines the result of the simulation. This data type is used by the |
| UnrecognizedPublicKeyEncodingException | |
| UpdateAccessKeyRequest | Container for the parameters to the UpdateAccessKey operation. Changes the status of the specified access key from Active to Inactive, or vice versa. This action can be used to disable a user's key as part of a key rotation work flow. If the For information about rotating keys, see Managing Keys and Certificates in Using AWS Identity and Access Management . |
| UpdateAccountPasswordPolicyRequest | Container for the parameters to the UpdateAccountPasswordPolicy operation. Updates the password policy settings for the account. For more information about using a password policy, go to Managing an IAM Password Policy . |
| UpdateAssumeRolePolicyRequest | Container for the parameters to the UpdateAssumeRolePolicy operation. Updates the policy that grants an entity permission to assume a role. Currently, only an Amazon EC2 instance can assume a role. For more information about roles, go to Working with Roles . |
| UpdateGroupRequest | Container for the parameters to the UpdateGroup operation. Updates the name and/or the path of the specified IAM group. You should understand the implications of changing a group's path or name. For more information, see Renaming Users and Groups in the IAM User Guide. To change an IAM group name the requester must have appropriate permissions on both the source object and the target object. For example, to change "Managers" to "MGRs", the entity making the request must have permission on both "Managers" and "MGRs", or must have permission on all (*). For more information about permissions, see Permissions and Policies. |
| UpdateLoginProfileRequest | Container for the parameters to the UpdateLoginProfile operation. Updates the login profile for the specified User. Use this API to change the User's password. NOTE:In the full release you will be able to use IAM to access your services through the AWS Management Console. Although this feature is not currently available, you can create login profiles for your Users now. Then, when this feature is implemented, your Users can use IAM to access your services through the AWS Management Console. |
| UpdateOpenIDConnectProviderThumbprintRequest | Container for the parameters to the UpdateOpenIDConnectProviderThumbprint operation. Replaces the existing list of server certificate thumbprints associated with an OpenID Connect (OIDC) provider resource object with a new list of thumbprints. The list that you pass with this action completely replaces the existing list of thumbprints. (The lists are not merged.) Typically, you need to update a thumbprint only when the identity provider's certificate changes, which occurs rarely. However, if the provider's certificate does change, any attempt to assume an IAM role that specifies the OIDC provider as a principal fails until the certificate thumbprint is updated. Because trust for the OIDC provider is ultimately derived from the provider's certificate and is validated by the thumbprint, it is a best practice to limit access to the |
| UpdateSAMLProviderRequest | Container for the parameters to the UpdateSAMLProvider operation. Updates the metadata document for an existing SAML provider resource object. This operation requires Signature Version 4. |
| UpdateSAMLProviderResponse | Returns information about the UpdateSAMLProvider response and response metadata. |
| UpdateSAMLProviderResult | Contains the result of a successful invocation of the UpdateSAMLProvider action. |
| UpdateSSHPublicKeyRequest | Container for the parameters to the UpdateSSHPublicKey operation. Sets the status of an IAM user's SSH public key to active or inactive. SSH public keys that are inactive cannot be used for authentication. This action can be used to disable a user's SSH public key as part of a key rotation work flow. The SSH public key affected by this action is used only for authenticating the associated IAM user to an AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS CodeCommit for SSH Connections in the AWS CodeCommit User Guide. |
| UpdateServerCertificateRequest | Container for the parameters to the UpdateServerCertificate operation. Updates the name and/or the path of the specified server certificate stored in IAM. For more information about working with server certificates, including a list of AWS services that can use the server certificates that you manage with IAM, go to Working with Server Certificates in the IAM User Guide. You should understand the implications of changing a server certificate's path or name. For more information, see Renaming a Server Certificate in the IAM User Guide. To change a server certificate name the requester must have appropriate permissions on both the source object and the target object. For example, to change the name from "ProductionCert" to "ProdCert", the entity making the request must have permission on "ProductionCert" and "ProdCert", or must have permission on all (*). For more information about permissions, see Access Management in the IAM User Guide. |
| UpdateServiceSpecificCredentialRequest | Container for the parameters to the UpdateServiceSpecificCredential operation. Sets the status of a service-specific credential to Active or Inactive. Service-specific credentials that are inactive cannot be used for authentication to the service. This action can be used to disable a user’s service-specific credential as part of a credential rotation work flow. |
| UpdateSigningCertificateRequest | Container for the parameters to the UpdateSigningCertificate operation. Changes the status of the specified user signing certificate from active to disabled, or vice versa. This action can be used to disable an IAM user's signing certificate as part of a certificate rotation work flow. If the |
| UpdateUserRequest | Container for the parameters to the UpdateUser operation. Updates the name and/or the path of the specified User. IMPORTANT: You should understand the implications of changing a User's path or name. For more information, see Renaming Users and Groups in Using AWS Identity and Access Management. NOTE:To change a User name the requester must have appropriate permissions on both the source object and the target object. For example, to change Bob to Robert, the entity making the request must have permission on Bob and Robert, or must have permission on all (*). For more information about permissions, see Permissions and Policies. |
| UploadSSHPublicKeyRequest | Container for the parameters to the UploadSSHPublicKey operation. Uploads an SSH public key and associates it with the specified IAM user. The SSH public key uploaded by this action can be used only for authenticating the associated IAM user to an AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS CodeCommit for SSH Connections in the AWS CodeCommit User Guide. |
| UploadServerCertificateRequest | Container for the parameters to the UploadServerCertificate operation. Uploads a server certificate entity for the AWS account. The server certificate entity includes a public key certificate, a private key, and an optional certificate chain, which should all be PEM-encoded. For information about the number of server certificates you can upload, see Limitations on IAM Entities in Using AWS Identity and Access Management . NOTE:Because the body of the public key certificate, private key, and the certificate chain can be large, you should use POST rather than GET when calling UploadServerCertificate. For information about setting up signatures and authorization through the API, go to Signing AWS API Requests in the AWS General Reference. For general information about using the Query API with IAM, go to Making Query Requests in Using IAM. |
| UploadServerCertificateResponse | Returns information about the UploadServerCertificate response and response metadata. |
| UploadServerCertificateResult | Contains the result of a successful invocation of the UploadServerCertificate action. |
| UploadSigningCertificateRequest | Container for the parameters to the UploadSigningCertificate operation. Uploads an X.509 signing certificate and associates it with the specified User. Some AWS services use X.509 signing certificates to validate requests that are signed with a corresponding private key. When you upload the certificate, its default status is If the NOTE:Because the body of a X.509 certificate can be large, you should use POST rather than GET when calling UploadSigningCertificate. For more information, see Using the Query API in Using AWS Identity and Access Management. |
| UploadSigningCertificateResponse | Contains the response to a successful UploadSigningCertificate request. |
| UploadSigningCertificateResult | Contains the result of a successful invocation of the UploadSigningCertificate action. |
| User | The User data type contains information about a User. This data type is used as a response element in the following actions:
|
| VirtualMFADevice | The VirtualMFADevice data type contains information about a virtual MFA device. |
