types

package
v1.18.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 17, 2022 License: Apache-2.0 Imports: 4 Imported by: 211

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessAdvisorUsageGranularityType

type AccessAdvisorUsageGranularityType string
const (
	AccessAdvisorUsageGranularityTypeServiceLevel AccessAdvisorUsageGranularityType = "SERVICE_LEVEL"
	AccessAdvisorUsageGranularityTypeActionLevel  AccessAdvisorUsageGranularityType = "ACTION_LEVEL"
)

Enum values for AccessAdvisorUsageGranularityType

func (AccessAdvisorUsageGranularityType) Values added in v0.29.0

Values returns all known values for AccessAdvisorUsageGranularityType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type AccessDetail

type AccessDetail struct {

	// The name of the service in which access was attempted.
	//
	// This member is required.
	ServiceName *string

	// The namespace of the service in which access was attempted. To learn the service
	// namespace of a service, see Actions, resources, and condition keys for Amazon
	// Web Services services
	// (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
	// in the Service Authorization Reference. Choose the name of the service to view
	// details for that service. In the first paragraph, find the service prefix. For
	// example, (service prefix: a4b). For more information about service namespaces,
	// see Amazon Web Services service namespaces
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
	// in the Amazon Web Services General Reference.
	//
	// This member is required.
	ServiceNamespace *string

	// The path of the Organizations entity (root, organizational unit, or account)
	// from which an authenticated principal last attempted to access the service.
	// Amazon Web Services does not report unauthenticated requests. This field is null
	// if no principals (IAM users, IAM roles, or root users) in the reported
	// Organizations entity attempted to access the service within the reporting period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	EntityPath *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when an authenticated principal most recently
	// attempted to access the service. Amazon Web Services does not report
	// unauthenticated requests. This field is null if no principals in the reported
	// Organizations entity attempted to access the service within the reporting period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAuthenticatedTime *time.Time

	// The Region where the last service access attempt occurred. This field is null if
	// no principals in the reported Organizations entity attempted to access the
	// service within the reporting period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	Region *string

	// The number of accounts with authenticated principals (root users, IAM users, and
	// IAM roles) that attempted to access the service in the reporting period.
	TotalAuthenticatedEntities *int32
	// contains filtered or unexported fields
}

An object that contains details about when a principal in the reported Organizations entity last attempted to access an Amazon Web Services service. A principal can be an IAM user, an IAM role, or the Amazon Web Services account root user within the reported Organizations entity. This data type is a response element in the GetOrganizationsAccessReport operation.

type AccessKey

type AccessKey struct {

	// The ID for this access key.
	//
	// This member is required.
	AccessKeyId *string

	// The secret key used to sign requests.
	//
	// This member is required.
	SecretAccessKey *string

	// The status of the access key. Active means that the key is valid for API calls,
	// while Inactive means it is not.
	//
	// This member is required.
	Status StatusType

	// The name of the IAM user that the access key is associated with.
	//
	// This member is required.
	UserName *string

	// The date when the access key was created.
	CreateDate *time.Time
	// contains filtered or unexported fields
}

Contains information about an Amazon Web Services access key. This data type is used as a response element in the CreateAccessKey and ListAccessKeys operations. The SecretAccessKey value is returned only in response to CreateAccessKey. You can get a secret access key only when you first create an access key; you cannot recover the secret access key later. If you lose a secret access key, you must create a new access key.

type AccessKeyLastUsed

type AccessKeyLastUsed struct {

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the access key was most recently used.
	// This field is null in the following situations:
	//
	// * The user does not have an
	// access key.
	//
	// * An access key exists but has not been used since IAM began
	// tracking this information.
	//
	// * There is no sign-in data associated with the user.
	//
	// This member is required.
	LastUsedDate *time.Time

	// The Amazon Web Services Region where this access key was most recently used. The
	// value for this field is "N/A" in the following situations:
	//
	// * The user does not
	// have an access key.
	//
	// * An access key exists but has not been used since IAM
	// began tracking this information.
	//
	// * There is no sign-in data associated with the
	// user.
	//
	// For more information about Amazon Web Services Regions, see Regions and
	// endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html) in the
	// Amazon Web Services General Reference.
	//
	// This member is required.
	Region *string

	// The name of the Amazon Web Services service with which this access key was most
	// recently used. The value of this field is "N/A" in the following situations:
	//
	// *
	// The user does not have an access key.
	//
	// * An access key exists but has not been
	// used since IAM started tracking this information.
	//
	// * There is no sign-in data
	// associated with the user.
	//
	// This member is required.
	ServiceName *string
	// contains filtered or unexported fields
}

Contains information about the last time an Amazon Web Services access key was used since IAM began tracking this information on April 22, 2015. This data type is used as a response element in the GetAccessKeyLastUsed operation.

type AccessKeyMetadata

type AccessKeyMetadata struct {

	// The ID for this access key.
	AccessKeyId *string

	// The date when the access key was created.
	CreateDate *time.Time

	// The status of the access key. Active means that the key is valid for API calls;
	// Inactive means it is not.
	Status StatusType

	// The name of the IAM user that the key is associated with.
	UserName *string
	// contains filtered or unexported fields
}

Contains information about an Amazon Web Services access key, without its secret key. This data type is used as a response element in the ListAccessKeys operation.

type AssignmentStatusType

type AssignmentStatusType string
const (
	AssignmentStatusTypeAssigned   AssignmentStatusType = "Assigned"
	AssignmentStatusTypeUnassigned AssignmentStatusType = "Unassigned"
	AssignmentStatusTypeAny        AssignmentStatusType = "Any"
)

Enum values for AssignmentStatusType

func (AssignmentStatusType) Values added in v0.29.0

Values returns all known values for AssignmentStatusType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type AttachedPermissionsBoundary

type AttachedPermissionsBoundary struct {

	// The ARN of the policy used to set the permissions boundary for the user or role.
	PermissionsBoundaryArn *string

	// The permissions boundary usage type that indicates what type of IAM resource is
	// used as the permissions boundary for an entity. This data type can only have a
	// value of Policy.
	PermissionsBoundaryType PermissionsBoundaryAttachmentType
	// contains filtered or unexported fields
}

Contains information about an attached permissions boundary. An attached permissions boundary is a managed policy that has been attached to a user or role to set the permissions boundary. For more information about permissions boundaries, see Permissions boundaries for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the IAM User Guide.

type AttachedPolicy

type AttachedPolicy struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources. For more information about ARNs, go to Amazon Resource Names
	// (ARNs)
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the Amazon Web Services General Reference.
	PolicyArn *string

	// The friendly name of the attached policy.
	PolicyName *string
	// contains filtered or unexported fields
}

Contains information about an attached policy. An attached policy is a managed policy that has been attached to a user, group, or role. This data type is used as a response element in the ListAttachedGroupPolicies, ListAttachedRolePolicies, ListAttachedUserPolicies, and GetAccountAuthorizationDetails operations. For more information about managed policies, refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

type ConcurrentModificationException

type ConcurrentModificationException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

func (*ConcurrentModificationException) Error

func (*ConcurrentModificationException) ErrorCode

func (e *ConcurrentModificationException) ErrorCode() string

func (*ConcurrentModificationException) ErrorFault

func (*ConcurrentModificationException) ErrorMessage

func (e *ConcurrentModificationException) ErrorMessage() string

type ContextEntry

type ContextEntry struct {

	// The full name of a condition context key, including the service prefix. For
	// example, aws:SourceIp or s3:VersionId.
	ContextKeyName *string

	// The data type of the value (or values) specified in the ContextKeyValues
	// parameter.
	ContextKeyType ContextKeyTypeEnum

	// The value (or values, if the condition context key supports multiple values) to
	// provide to the simulation when the key is referenced by a Condition element in
	// an input policy.
	ContextKeyValues []string
	// contains filtered or unexported fields
}

Contains information about a condition context key. It includes the name of the key and specifies the value (or values, if the context key supports multiple values) to use in the simulation. This information is used when evaluating the Condition elements of the input policies. This data type is used as an input parameter to SimulateCustomPolicy and SimulatePrincipalPolicy.

type ContextKeyTypeEnum

type ContextKeyTypeEnum string
const (
	ContextKeyTypeEnumString      ContextKeyTypeEnum = "string"
	ContextKeyTypeEnumStringList  ContextKeyTypeEnum = "stringList"
	ContextKeyTypeEnumNumeric     ContextKeyTypeEnum = "numeric"
	ContextKeyTypeEnumNumericList ContextKeyTypeEnum = "numericList"
	ContextKeyTypeEnumBoolean     ContextKeyTypeEnum = "boolean"
	ContextKeyTypeEnumBooleanList ContextKeyTypeEnum = "booleanList"
	ContextKeyTypeEnumIp          ContextKeyTypeEnum = "ip"
	ContextKeyTypeEnumIpList      ContextKeyTypeEnum = "ipList"
	ContextKeyTypeEnumBinary      ContextKeyTypeEnum = "binary"
	ContextKeyTypeEnumBinaryList  ContextKeyTypeEnum = "binaryList"
	ContextKeyTypeEnumDate        ContextKeyTypeEnum = "date"
	ContextKeyTypeEnumDateList    ContextKeyTypeEnum = "dateList"
)

Enum values for ContextKeyTypeEnum

func (ContextKeyTypeEnum) Values added in v0.29.0

Values returns all known values for ContextKeyTypeEnum. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type CredentialReportExpiredException

type CredentialReportExpiredException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because the most recent credential report has expired. To generate a new credential report, use GenerateCredentialReport. For more information about credential report expiration, see Getting credential reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) in the IAM User Guide.

func (*CredentialReportExpiredException) Error

func (*CredentialReportExpiredException) ErrorCode

func (*CredentialReportExpiredException) ErrorFault

func (*CredentialReportExpiredException) ErrorMessage

func (e *CredentialReportExpiredException) ErrorMessage() string

type CredentialReportNotPresentException

type CredentialReportNotPresentException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because the credential report does not exist. To generate a credential report, use GenerateCredentialReport.

func (*CredentialReportNotPresentException) Error

func (*CredentialReportNotPresentException) ErrorCode

func (*CredentialReportNotPresentException) ErrorFault

func (*CredentialReportNotPresentException) ErrorMessage

func (e *CredentialReportNotPresentException) ErrorMessage() string

type CredentialReportNotReadyException

type CredentialReportNotReadyException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because the credential report is still being generated.

func (*CredentialReportNotReadyException) Error

func (*CredentialReportNotReadyException) ErrorCode

func (*CredentialReportNotReadyException) ErrorFault

func (*CredentialReportNotReadyException) ErrorMessage

func (e *CredentialReportNotReadyException) ErrorMessage() string

type DeleteConflictException

type DeleteConflictException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

func (*DeleteConflictException) Error

func (e *DeleteConflictException) Error() string

func (*DeleteConflictException) ErrorCode

func (e *DeleteConflictException) ErrorCode() string

func (*DeleteConflictException) ErrorFault

func (e *DeleteConflictException) ErrorFault() smithy.ErrorFault

func (*DeleteConflictException) ErrorMessage

func (e *DeleteConflictException) ErrorMessage() string

type DeletionTaskFailureReasonType

type DeletionTaskFailureReasonType struct {

	// A short description of the reason that the service-linked role deletion failed.
	Reason *string

	// A list of objects that contains details about the service-linked role deletion
	// failure, if that information is returned by the service. If the service-linked
	// role has active sessions or if any resources that were used by the role have not
	// been deleted from the linked service, the role can't be deleted. This parameter
	// includes a list of the resources that are associated with the role and the
	// Region in which the resources are being used.
	RoleUsageList []RoleUsageType
	// contains filtered or unexported fields
}

The reason that the service-linked role deletion failed. This data type is used as a response element in the GetServiceLinkedRoleDeletionStatus operation.

type DeletionTaskStatusType

type DeletionTaskStatusType string
const (
	DeletionTaskStatusTypeSucceeded  DeletionTaskStatusType = "SUCCEEDED"
	DeletionTaskStatusTypeInProgress DeletionTaskStatusType = "IN_PROGRESS"
	DeletionTaskStatusTypeFailed     DeletionTaskStatusType = "FAILED"
	DeletionTaskStatusTypeNotStarted DeletionTaskStatusType = "NOT_STARTED"
)

Enum values for DeletionTaskStatusType

func (DeletionTaskStatusType) Values added in v0.29.0

Values returns all known values for DeletionTaskStatusType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type DuplicateCertificateException

type DuplicateCertificateException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because the same certificate is associated with an IAM user in the account.

func (*DuplicateCertificateException) Error

func (*DuplicateCertificateException) ErrorCode

func (e *DuplicateCertificateException) ErrorCode() string

func (*DuplicateCertificateException) ErrorFault

func (*DuplicateCertificateException) ErrorMessage

func (e *DuplicateCertificateException) ErrorMessage() string

type DuplicateSSHPublicKeyException

type DuplicateSSHPublicKeyException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because the SSH public key is already associated with the specified IAM user.

func (*DuplicateSSHPublicKeyException) Error

func (*DuplicateSSHPublicKeyException) ErrorCode

func (e *DuplicateSSHPublicKeyException) ErrorCode() string

func (*DuplicateSSHPublicKeyException) ErrorFault

func (*DuplicateSSHPublicKeyException) ErrorMessage

func (e *DuplicateSSHPublicKeyException) ErrorMessage() string

type EncodingType

type EncodingType string
const (
	EncodingTypeSsh EncodingType = "SSH"
	EncodingTypePem EncodingType = "PEM"
)

Enum values for EncodingType

func (EncodingType) Values added in v0.29.0

func (EncodingType) Values() []EncodingType

Values returns all known values for EncodingType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type EntityAlreadyExistsException

type EntityAlreadyExistsException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because it attempted to create a resource that already exists.

func (*EntityAlreadyExistsException) Error

func (*EntityAlreadyExistsException) ErrorCode

func (e *EntityAlreadyExistsException) ErrorCode() string

func (*EntityAlreadyExistsException) ErrorFault

func (*EntityAlreadyExistsException) ErrorMessage

func (e *EntityAlreadyExistsException) ErrorMessage() string

type EntityDetails

type EntityDetails struct {

	// The EntityInfo object that contains details about the entity (user or role).
	//
	// This member is required.
	EntityInfo *EntityInfo

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the authenticated entity last attempted
	// to access Amazon Web Services. Amazon Web Services does not report
	// unauthenticated requests. This field is null if no IAM entities attempted to
	// access the service within the reporting period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAuthenticated *time.Time
	// contains filtered or unexported fields
}

An object that contains details about when the IAM entities (users or roles) were last used in an attempt to access the specified Amazon Web Services service. This data type is a response element in the GetServiceLastAccessedDetailsWithEntities operation.

type EntityInfo

type EntityInfo struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources. For more information about ARNs, go to Amazon Resource Names
	// (ARNs)
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the Amazon Web Services General Reference.
	//
	// This member is required.
	Arn *string

	// The identifier of the entity (user or role).
	//
	// This member is required.
	Id *string

	// The name of the entity (user or role).
	//
	// This member is required.
	Name *string

	// The type of entity (user or role).
	//
	// This member is required.
	Type PolicyOwnerEntityType

	// The path to the entity (user or role). For more information about paths, see IAM
	// identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	Path *string
	// contains filtered or unexported fields
}

Contains details about the specified entity (user or role). This data type is an element of the EntityDetails object.

type EntityTemporarilyUnmodifiableException

type EntityTemporarilyUnmodifiableException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

func (*EntityTemporarilyUnmodifiableException) Error

func (*EntityTemporarilyUnmodifiableException) ErrorCode

func (*EntityTemporarilyUnmodifiableException) ErrorFault

func (*EntityTemporarilyUnmodifiableException) ErrorMessage

type EntityType

type EntityType string
const (
	EntityTypeUser               EntityType = "User"
	EntityTypeRole               EntityType = "Role"
	EntityTypeGroup              EntityType = "Group"
	EntityTypeLocalManagedPolicy EntityType = "LocalManagedPolicy"
	EntityTypeAWSManagedPolicy   EntityType = "AWSManagedPolicy"
)

Enum values for EntityType

func (EntityType) Values added in v0.29.0

func (EntityType) Values() []EntityType

Values returns all known values for EntityType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type ErrorDetails

type ErrorDetails struct {

	// The error code associated with the operation failure.
	//
	// This member is required.
	Code *string

	// Detailed information about the reason that the operation failed.
	//
	// This member is required.
	Message *string
	// contains filtered or unexported fields
}

Contains information about the reason that the operation failed. This data type is used as a response element in the GetOrganizationsAccessReport, GetServiceLastAccessedDetails, and GetServiceLastAccessedDetailsWithEntities operations.

type EvaluationResult

type EvaluationResult struct {

	// The name of the API operation tested on the indicated resource.
	//
	// This member is required.
	EvalActionName *string

	// The result of the simulation.
	//
	// This member is required.
	EvalDecision PolicyEvaluationDecisionType

	// Additional details about the results of the cross-account evaluation decision.
	// This parameter is populated for only cross-account simulations. It contains a
	// brief summary of how each policy type contributes to the final evaluation
	// decision. If the simulation evaluates policies within the same account and
	// includes a resource ARN, then the parameter is present but the response is
	// empty. If the simulation evaluates policies within the same account and
	// specifies all resources (*), then the parameter is not returned. When you make a
	// cross-account request, Amazon Web Services evaluates the request in the trusting
	// account and the trusted account. The request is allowed only if both evaluations
	// return true. For more information about how policies are evaluated, see
	// Evaluating policies within a single account
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics).
	// If an Organizations SCP included in the evaluation denies access, the simulation
	// ends. In this case, policy evaluation does not proceed any further and this
	// parameter is not returned.
	EvalDecisionDetails map[string]PolicyEvaluationDecisionType

	// The ARN of the resource that the indicated API operation was tested on.
	EvalResourceName *string

	// A list of the statements in the input policies that determine the result for
	// this scenario. Remember that even if multiple statements allow the operation on
	// the resource, if only one statement denies that operation, then the explicit
	// deny overrides any allow. In addition, the deny statement is the only entry
	// included in the result.
	MatchedStatements []Statement

	// A list of context keys that are required by the included input policies but that
	// were not provided by one of the input parameters. This list is used when the
	// resource in a simulation is "*", either explicitly, or when the ResourceArns
	// parameter blank. If you include a list of resources, then any missing context
	// values are instead included under the ResourceSpecificResults section. To
	// discover the context keys used by a set of policies, you can call
	// GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
	MissingContextValues []string

	// A structure that details how Organizations and its service control policies
	// affect the results of the simulation. Only applies if the simulated user's
	// account is part of an organization.
	OrganizationsDecisionDetail *OrganizationsDecisionDetail

	// Contains information about the effect that a permissions boundary has on a
	// policy simulation when the boundary is applied to an IAM entity.
	PermissionsBoundaryDecisionDetail *PermissionsBoundaryDecisionDetail

	// The individual results of the simulation of the API operation specified in
	// EvalActionName on each resource.
	ResourceSpecificResults []ResourceSpecificResult
	// contains filtered or unexported fields
}

Contains the results of a simulation. This data type is used by the return parameter of SimulateCustomPolicy and SimulatePrincipalPolicy.

type GlobalEndpointTokenVersion

type GlobalEndpointTokenVersion string
const (
	GlobalEndpointTokenVersionV1Token GlobalEndpointTokenVersion = "v1Token"
	GlobalEndpointTokenVersionV2Token GlobalEndpointTokenVersion = "v2Token"
)

Enum values for GlobalEndpointTokenVersion

func (GlobalEndpointTokenVersion) Values added in v0.29.0

Values returns all known values for GlobalEndpointTokenVersion. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type Group

type Group struct {

	// The Amazon Resource Name (ARN) specifying the group. For more information about
	// ARNs and how to use them in policies, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	Arn *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the group was created.
	//
	// This member is required.
	CreateDate *time.Time

	// The stable and unique string identifying the group. For more information about
	// IDs, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	GroupId *string

	// The friendly name that identifies the group.
	//
	// This member is required.
	GroupName *string

	// The path to the group. For more information about paths, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	Path *string
	// contains filtered or unexported fields
}

Contains information about an IAM group entity. This data type is used as a response element in the following operations:

* CreateGroup

* GetGroup

* ListGroups

type GroupDetail

type GroupDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources. For more information about ARNs, go to Amazon Resource Names
	// (ARNs)
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the Amazon Web Services General Reference.
	Arn *string

	// A list of the managed policies attached to the group.
	AttachedManagedPolicies []AttachedPolicy

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the group was created.
	CreateDate *time.Time

	// The stable and unique string identifying the group. For more information about
	// IDs, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	GroupId *string

	// The friendly name that identifies the group.
	GroupName *string

	// A list of the inline policies embedded in the group.
	GroupPolicyList []PolicyDetail

	// The path to the group. For more information about paths, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	Path *string
	// contains filtered or unexported fields
}

Contains information about an IAM group, including all of the group's policies. This data type is used as a response element in the GetAccountAuthorizationDetails operation.

type InstanceProfile

type InstanceProfile struct {

	// The Amazon Resource Name (ARN) specifying the instance profile. For more
	// information about ARNs and how to use them in policies, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	Arn *string

	// The date when the instance profile was created.
	//
	// This member is required.
	CreateDate *time.Time

	// The stable and unique string identifying the instance profile. For more
	// information about IDs, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	InstanceProfileId *string

	// The name identifying the instance profile.
	//
	// This member is required.
	InstanceProfileName *string

	// The path to the instance profile. For more information about paths, see IAM
	// identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	Path *string

	// The role associated with the instance profile.
	//
	// This member is required.
	Roles []Role

	// A list of tags that are attached to the instance profile. For more information
	// about tagging, see Tagging IAM resources
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User
	// Guide.
	Tags []Tag
	// contains filtered or unexported fields
}

Contains information about an instance profile. This data type is used as a response element in the following operations:

* CreateInstanceProfile

* GetInstanceProfile

* ListInstanceProfiles

* ListInstanceProfilesForRole

type InvalidAuthenticationCodeException

type InvalidAuthenticationCodeException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because the authentication code was not recognized. The error message describes the specific error.

func (*InvalidAuthenticationCodeException) Error

func (*InvalidAuthenticationCodeException) ErrorCode

func (*InvalidAuthenticationCodeException) ErrorFault

func (*InvalidAuthenticationCodeException) ErrorMessage

func (e *InvalidAuthenticationCodeException) ErrorMessage() string

type InvalidCertificateException

type InvalidCertificateException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because the certificate is invalid.

func (*InvalidCertificateException) Error

func (*InvalidCertificateException) ErrorCode

func (e *InvalidCertificateException) ErrorCode() string

func (*InvalidCertificateException) ErrorFault

func (*InvalidCertificateException) ErrorMessage

func (e *InvalidCertificateException) ErrorMessage() string

type InvalidInputException

type InvalidInputException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

func (*InvalidInputException) Error

func (e *InvalidInputException) Error() string

func (*InvalidInputException) ErrorCode

func (e *InvalidInputException) ErrorCode() string

func (*InvalidInputException) ErrorFault

func (e *InvalidInputException) ErrorFault() smithy.ErrorFault

func (*InvalidInputException) ErrorMessage

func (e *InvalidInputException) ErrorMessage() string

type InvalidPublicKeyException

type InvalidPublicKeyException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because the public key is malformed or otherwise invalid.

func (*InvalidPublicKeyException) Error

func (e *InvalidPublicKeyException) Error() string

func (*InvalidPublicKeyException) ErrorCode

func (e *InvalidPublicKeyException) ErrorCode() string

func (*InvalidPublicKeyException) ErrorFault

func (*InvalidPublicKeyException) ErrorMessage

func (e *InvalidPublicKeyException) ErrorMessage() string

type InvalidUserTypeException

type InvalidUserTypeException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because the type of user for the transaction was incorrect.

func (*InvalidUserTypeException) Error

func (e *InvalidUserTypeException) Error() string

func (*InvalidUserTypeException) ErrorCode

func (e *InvalidUserTypeException) ErrorCode() string

func (*InvalidUserTypeException) ErrorFault

func (e *InvalidUserTypeException) ErrorFault() smithy.ErrorFault

func (*InvalidUserTypeException) ErrorMessage

func (e *InvalidUserTypeException) ErrorMessage() string

type JobStatusType

type JobStatusType string
const (
	JobStatusTypeInProgress JobStatusType = "IN_PROGRESS"
	JobStatusTypeCompleted  JobStatusType = "COMPLETED"
	JobStatusTypeFailed     JobStatusType = "FAILED"
)

Enum values for JobStatusType

func (JobStatusType) Values added in v0.29.0

func (JobStatusType) Values() []JobStatusType

Values returns all known values for JobStatusType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type KeyPairMismatchException

type KeyPairMismatchException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because the public key certificate and the private key do not match.

func (*KeyPairMismatchException) Error

func (e *KeyPairMismatchException) Error() string

func (*KeyPairMismatchException) ErrorCode

func (e *KeyPairMismatchException) ErrorCode() string

func (*KeyPairMismatchException) ErrorFault

func (e *KeyPairMismatchException) ErrorFault() smithy.ErrorFault

func (*KeyPairMismatchException) ErrorMessage

func (e *KeyPairMismatchException) ErrorMessage() string

type LimitExceededException

type LimitExceededException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

func (*LimitExceededException) Error

func (e *LimitExceededException) Error() string

func (*LimitExceededException) ErrorCode

func (e *LimitExceededException) ErrorCode() string

func (*LimitExceededException) ErrorFault

func (e *LimitExceededException) ErrorFault() smithy.ErrorFault

func (*LimitExceededException) ErrorMessage

func (e *LimitExceededException) ErrorMessage() string

type ListPoliciesGrantingServiceAccessEntry

type ListPoliciesGrantingServiceAccessEntry struct {

	// The PoliciesGrantingServiceAccess object that contains details about the policy.
	Policies []PolicyGrantingServiceAccess

	// The namespace of the service that was accessed. To learn the service namespace
	// of a service, see Actions, resources, and condition keys for Amazon Web Services
	// services
	// (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
	// in the Service Authorization Reference. Choose the name of the service to view
	// details for that service. In the first paragraph, find the service prefix. For
	// example, (service prefix: a4b). For more information about service namespaces,
	// see Amazon Web Services service namespaces
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
	// in the Amazon Web Services General Reference.
	ServiceNamespace *string
	// contains filtered or unexported fields
}

Contains details about the permissions policies that are attached to the specified identity (user, group, or role). This data type is used as a response element in the ListPoliciesGrantingServiceAccess operation.

type LoginProfile

type LoginProfile struct {

	// The date when the password for the user was created.
	//
	// This member is required.
	CreateDate *time.Time

	// The name of the user, which can be used for signing in to the Amazon Web
	// Services Management Console.
	//
	// This member is required.
	UserName *string

	// Specifies whether the user is required to set a new password on next sign-in.
	PasswordResetRequired bool
	// contains filtered or unexported fields
}

Contains the user name and password create date for a user. This data type is used as a response element in the CreateLoginProfile and GetLoginProfile operations.

type MFADevice

type MFADevice struct {

	// The date when the MFA device was enabled for the user.
	//
	// This member is required.
	EnableDate *time.Time

	// The serial number that uniquely identifies the MFA device. For virtual MFA
	// devices, the serial number is the device ARN.
	//
	// This member is required.
	SerialNumber *string

	// The user with whom the MFA device is associated.
	//
	// This member is required.
	UserName *string
	// contains filtered or unexported fields
}

Contains information about an MFA device. This data type is used as a response element in the ListMFADevices operation.

type MalformedCertificateException

type MalformedCertificateException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because the certificate was malformed or expired. The error message describes the specific error.

func (*MalformedCertificateException) Error

func (*MalformedCertificateException) ErrorCode

func (e *MalformedCertificateException) ErrorCode() string

func (*MalformedCertificateException) ErrorFault

func (*MalformedCertificateException) ErrorMessage

func (e *MalformedCertificateException) ErrorMessage() string

type MalformedPolicyDocumentException

type MalformedPolicyDocumentException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because the policy document was malformed. The error message describes the specific error.

func (*MalformedPolicyDocumentException) Error

func (*MalformedPolicyDocumentException) ErrorCode

func (*MalformedPolicyDocumentException) ErrorFault

func (*MalformedPolicyDocumentException) ErrorMessage

func (e *MalformedPolicyDocumentException) ErrorMessage() string

type ManagedPolicyDetail

type ManagedPolicyDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources. For more information about ARNs, go to Amazon Resource Names
	// (ARNs)
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the Amazon Web Services General Reference.
	Arn *string

	// The number of principal entities (users, groups, and roles) that the policy is
	// attached to.
	AttachmentCount *int32

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the policy was created.
	CreateDate *time.Time

	// The identifier for the version of the policy that is set as the default
	// (operative) version. For more information about policy versions, see Versioning
	// for managed policies
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the IAM User Guide.
	DefaultVersionId *string

	// A friendly description of the policy.
	Description *string

	// Specifies whether the policy can be attached to an IAM user, group, or role.
	IsAttachable bool

	// The path to the policy. For more information about paths, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	Path *string

	// The number of entities (users and roles) for which the policy is used as the
	// permissions boundary. For more information about permissions boundaries, see
	// Permissions boundaries for IAM identities
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundaryUsageCount *int32

	// The stable and unique string identifying the policy. For more information about
	// IDs, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	PolicyId *string

	// The friendly name (not ARN) identifying the policy.
	PolicyName *string

	// A list containing information about the versions of the policy.
	PolicyVersionList []PolicyVersion

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the policy was last updated. When a
	// policy has only one version, this field contains the date and time when the
	// policy was created. When a policy has more than one version, this field contains
	// the date and time when the most recent policy version was created.
	UpdateDate *time.Time
	// contains filtered or unexported fields
}

Contains information about a managed policy, including the policy's ARN, versions, and the number of principal entities (users, groups, and roles) that the policy is attached to. This data type is used as a response element in the GetAccountAuthorizationDetails operation. For more information about managed policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

type NoSuchEntityException

type NoSuchEntityException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

func (*NoSuchEntityException) Error

func (e *NoSuchEntityException) Error() string

func (*NoSuchEntityException) ErrorCode

func (e *NoSuchEntityException) ErrorCode() string

func (*NoSuchEntityException) ErrorFault

func (e *NoSuchEntityException) ErrorFault() smithy.ErrorFault

func (*NoSuchEntityException) ErrorMessage

func (e *NoSuchEntityException) ErrorMessage() string

type OpenIDConnectProviderListEntry

type OpenIDConnectProviderListEntry struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources. For more information about ARNs, go to Amazon Resource Names
	// (ARNs)
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the Amazon Web Services General Reference.
	Arn *string
	// contains filtered or unexported fields
}

Contains the Amazon Resource Name (ARN) for an IAM OpenID Connect provider.

type OrganizationsDecisionDetail

type OrganizationsDecisionDetail struct {

	// Specifies whether the simulated operation is allowed by the Organizations
	// service control policies that impact the simulated user's account.
	AllowedByOrganizations bool
	// contains filtered or unexported fields
}

Contains information about the effect that Organizations has on a policy simulation.

type PasswordPolicy

type PasswordPolicy struct {

	// Specifies whether IAM users are allowed to change their own password. Gives IAM
	// users permissions to iam:ChangePassword for only their user and to the
	// iam:GetAccountPasswordPolicy action. This option does not attach a permissions
	// policy to each user, rather the permissions are applied at the account-level for
	// all users by IAM.
	AllowUsersToChangePassword bool

	// Indicates whether passwords in the account expire. Returns true if
	// MaxPasswordAge contains a value greater than 0. Returns false if MaxPasswordAge
	// is 0 or not present.
	ExpirePasswords bool

	// Specifies whether IAM users are prevented from setting a new password via the
	// Amazon Web Services Management Console after their password has expired. The IAM
	// user cannot access the console until an administrator resets the password. IAM
	// users with iam:ChangePassword permission and active access keys can reset their
	// own expired console password using the CLI or API.
	HardExpiry *bool

	// The number of days that an IAM user password is valid.
	MaxPasswordAge *int32

	// Minimum length to require for IAM user passwords.
	MinimumPasswordLength *int32

	// Specifies the number of previous passwords that IAM users are prevented from
	// reusing.
	PasswordReusePrevention *int32

	// Specifies whether IAM user passwords must contain at least one lowercase
	// character (a to z).
	RequireLowercaseCharacters bool

	// Specifies whether IAM user passwords must contain at least one numeric character
	// (0 to 9).
	RequireNumbers bool

	// Specifies whether IAM user passwords must contain at least one of the following
	// symbols: ! @ # $ % ^ & * ( ) _ + - = [ ] { } | '
	RequireSymbols bool

	// Specifies whether IAM user passwords must contain at least one uppercase
	// character (A to Z).
	RequireUppercaseCharacters bool
	// contains filtered or unexported fields
}

Contains information about the account password policy. This data type is used as a response element in the GetAccountPasswordPolicy operation.

type PasswordPolicyViolationException

type PasswordPolicyViolationException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because the provided password did not meet the requirements imposed by the account password policy.

func (*PasswordPolicyViolationException) Error

func (*PasswordPolicyViolationException) ErrorCode

func (*PasswordPolicyViolationException) ErrorFault

func (*PasswordPolicyViolationException) ErrorMessage

func (e *PasswordPolicyViolationException) ErrorMessage() string

type PermissionsBoundaryAttachmentType

type PermissionsBoundaryAttachmentType string
const (
	PermissionsBoundaryAttachmentTypePolicy PermissionsBoundaryAttachmentType = "PermissionsBoundaryPolicy"
)

Enum values for PermissionsBoundaryAttachmentType

func (PermissionsBoundaryAttachmentType) Values added in v0.29.0

Values returns all known values for PermissionsBoundaryAttachmentType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type PermissionsBoundaryDecisionDetail

type PermissionsBoundaryDecisionDetail struct {

	// Specifies whether an action is allowed by a permissions boundary that is applied
	// to an IAM entity (user or role). A value of true means that the permissions
	// boundary does not deny the action. This means that the policy includes an Allow
	// statement that matches the request. In this case, if an identity-based policy
	// also allows the action, the request is allowed. A value of false means that
	// either the requested action is not allowed (implicitly denied) or that the
	// action is explicitly denied by the permissions boundary. In both of these cases,
	// the action is not allowed, regardless of the identity-based policy.
	AllowedByPermissionsBoundary bool
	// contains filtered or unexported fields
}

Contains information about the effect that a permissions boundary has on a policy simulation when the boundary is applied to an IAM entity.

type Policy

type Policy struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources. For more information about ARNs, go to Amazon Resource Names
	// (ARNs)
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the Amazon Web Services General Reference.
	Arn *string

	// The number of entities (users, groups, and roles) that the policy is attached
	// to.
	AttachmentCount *int32

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the policy was created.
	CreateDate *time.Time

	// The identifier for the version of the policy that is set as the default version.
	DefaultVersionId *string

	// A friendly description of the policy. This element is included in the response
	// to the GetPolicy operation. It is not included in the response to the
	// ListPolicies operation.
	Description *string

	// Specifies whether the policy can be attached to an IAM user, group, or role.
	IsAttachable bool

	// The path to the policy. For more information about paths, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	Path *string

	// The number of entities (users and roles) for which the policy is used to set the
	// permissions boundary. For more information about permissions boundaries, see
	// Permissions boundaries for IAM identities
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundaryUsageCount *int32

	// The stable and unique string identifying the policy. For more information about
	// IDs, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	PolicyId *string

	// The friendly name (not ARN) identifying the policy.
	PolicyName *string

	// A list of tags that are attached to the instance profile. For more information
	// about tagging, see Tagging IAM resources
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User
	// Guide.
	Tags []Tag

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the policy was last updated. When a
	// policy has only one version, this field contains the date and time when the
	// policy was created. When a policy has more than one version, this field contains
	// the date and time when the most recent policy version was created.
	UpdateDate *time.Time
	// contains filtered or unexported fields
}

Contains information about a managed policy. This data type is used as a response element in the CreatePolicy, GetPolicy, and ListPolicies operations. For more information about managed policies, refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

type PolicyDetail

type PolicyDetail struct {

	// The policy document.
	PolicyDocument *string

	// The name of the policy.
	PolicyName *string
	// contains filtered or unexported fields
}

Contains information about an IAM policy, including the policy document. This data type is used as a response element in the GetAccountAuthorizationDetails operation.

type PolicyEvaluationDecisionType

type PolicyEvaluationDecisionType string
const (
	PolicyEvaluationDecisionTypeAllowed      PolicyEvaluationDecisionType = "allowed"
	PolicyEvaluationDecisionTypeExplicitDeny PolicyEvaluationDecisionType = "explicitDeny"
	PolicyEvaluationDecisionTypeImplicitDeny PolicyEvaluationDecisionType = "implicitDeny"
)

Enum values for PolicyEvaluationDecisionType

func (PolicyEvaluationDecisionType) Values added in v0.29.0

Values returns all known values for PolicyEvaluationDecisionType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type PolicyEvaluationException

type PolicyEvaluationException struct {
	Message *string
	// contains filtered or unexported fields
}

The request failed because a provided policy could not be successfully evaluated. An additional detailed message indicates the source of the failure.

func (*PolicyEvaluationException) Error

func (e *PolicyEvaluationException) Error() string

func (*PolicyEvaluationException) ErrorCode

func (e *PolicyEvaluationException) ErrorCode() string

func (*PolicyEvaluationException) ErrorFault

func (*PolicyEvaluationException) ErrorMessage

func (e *PolicyEvaluationException) ErrorMessage() string

type PolicyGrantingServiceAccess

type PolicyGrantingServiceAccess struct {

	// The policy name.
	//
	// This member is required.
	PolicyName *string

	// The policy type. For more information about these policy types, see Managed
	// policies and inline policies
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
	// in the IAM User Guide.
	//
	// This member is required.
	PolicyType PolicyType

	// The name of the entity (user or role) to which the inline policy is attached.
	// This field is null for managed policies. For more information about these policy
	// types, see Managed policies and inline policies
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
	// in the IAM User Guide.
	EntityName *string

	// The type of entity (user or role) that used the policy to access the service to
	// which the inline policy is attached. This field is null for managed policies.
	// For more information about these policy types, see Managed policies and inline
	// policies
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
	// in the IAM User Guide.
	EntityType PolicyOwnerEntityType

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources. For more information about ARNs, go to Amazon Resource Names
	// (ARNs)
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the Amazon Web Services General Reference.
	PolicyArn *string
	// contains filtered or unexported fields
}

Contains details about the permissions policies that are attached to the specified identity (user, group, or role). This data type is an element of the ListPoliciesGrantingServiceAccessEntry object.

type PolicyGroup

type PolicyGroup struct {

	// The stable and unique string identifying the group. For more information about
	// IDs, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in
	// the IAM User Guide.
	GroupId *string

	// The name (friendly name, not ARN) identifying the group.
	GroupName *string
	// contains filtered or unexported fields
}

Contains information about a group that a managed policy is attached to. This data type is used as a response element in the ListEntitiesForPolicy operation. For more information about managed policies, refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

type PolicyNotAttachableException

type PolicyNotAttachableException struct {
	Message *string
	// contains filtered or unexported fields
}

The request failed because Amazon Web Services service role policies can only be attached to the service-linked role for that service.

func (*PolicyNotAttachableException) Error

func (*PolicyNotAttachableException) ErrorCode

func (e *PolicyNotAttachableException) ErrorCode() string

func (*PolicyNotAttachableException) ErrorFault

func (*PolicyNotAttachableException) ErrorMessage

func (e *PolicyNotAttachableException) ErrorMessage() string

type PolicyOwnerEntityType

type PolicyOwnerEntityType string
const (
	PolicyOwnerEntityTypeUser  PolicyOwnerEntityType = "USER"
	PolicyOwnerEntityTypeRole  PolicyOwnerEntityType = "ROLE"
	PolicyOwnerEntityTypeGroup PolicyOwnerEntityType = "GROUP"
)

Enum values for PolicyOwnerEntityType

func (PolicyOwnerEntityType) Values added in v0.29.0

Values returns all known values for PolicyOwnerEntityType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type PolicyRole

type PolicyRole struct {

	// The stable and unique string identifying the role. For more information about
	// IDs, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in
	// the IAM User Guide.
	RoleId *string

	// The name (friendly name, not ARN) identifying the role.
	RoleName *string
	// contains filtered or unexported fields
}

Contains information about a role that a managed policy is attached to. This data type is used as a response element in the ListEntitiesForPolicy operation. For more information about managed policies, refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

type PolicyScopeType

type PolicyScopeType string
const (
	PolicyScopeTypeAll   PolicyScopeType = "All"
	PolicyScopeTypeAws   PolicyScopeType = "AWS"
	PolicyScopeTypeLocal PolicyScopeType = "Local"
)

Enum values for PolicyScopeType

func (PolicyScopeType) Values added in v0.29.0

func (PolicyScopeType) Values() []PolicyScopeType

Values returns all known values for PolicyScopeType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type PolicySourceType

type PolicySourceType string
const (
	PolicySourceTypeUser        PolicySourceType = "user"
	PolicySourceTypeGroup       PolicySourceType = "group"
	PolicySourceTypeRole        PolicySourceType = "role"
	PolicySourceTypeAwsManaged  PolicySourceType = "aws-managed"
	PolicySourceTypeUserManaged PolicySourceType = "user-managed"
	PolicySourceTypeResource    PolicySourceType = "resource"
	PolicySourceTypeNone        PolicySourceType = "none"
)

Enum values for PolicySourceType

func (PolicySourceType) Values added in v0.29.0

Values returns all known values for PolicySourceType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type PolicyType

type PolicyType string
const (
	PolicyTypeInline  PolicyType = "INLINE"
	PolicyTypeManaged PolicyType = "MANAGED"
)

Enum values for PolicyType

func (PolicyType) Values added in v0.29.0

func (PolicyType) Values() []PolicyType

Values returns all known values for PolicyType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type PolicyUsageType

type PolicyUsageType string
const (
	PolicyUsageTypePermissionsPolicy   PolicyUsageType = "PermissionsPolicy"
	PolicyUsageTypePermissionsBoundary PolicyUsageType = "PermissionsBoundary"
)

Enum values for PolicyUsageType

func (PolicyUsageType) Values added in v0.29.0

func (PolicyUsageType) Values() []PolicyUsageType

Values returns all known values for PolicyUsageType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type PolicyUser

type PolicyUser struct {

	// The stable and unique string identifying the user. For more information about
	// IDs, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in
	// the IAM User Guide.
	UserId *string

	// The name (friendly name, not ARN) identifying the user.
	UserName *string
	// contains filtered or unexported fields
}

Contains information about a user that a managed policy is attached to. This data type is used as a response element in the ListEntitiesForPolicy operation. For more information about managed policies, refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

type PolicyVersion

type PolicyVersion struct {

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the policy version was created.
	CreateDate *time.Time

	// The policy document. The policy document is returned in the response to the
	// GetPolicyVersion and GetAccountAuthorizationDetails operations. It is not
	// returned in the response to the CreatePolicyVersion or ListPolicyVersions
	// operations. The policy document returned in this structure is URL-encoded
	// compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL
	// decoding method to convert the policy back to plain JSON text. For example, if
	// you use Java, you can use the decode method of the java.net.URLDecoder utility
	// class in the Java SDK. Other languages and SDKs provide similar functionality.
	Document *string

	// Specifies whether the policy version is set as the policy's default version.
	IsDefaultVersion bool

	// The identifier for the policy version. Policy version identifiers always begin
	// with v (always lowercase). When a policy is created, the first policy version is
	// v1.
	VersionId *string
	// contains filtered or unexported fields
}

Contains information about a version of a managed policy. This data type is used as a response element in the CreatePolicyVersion, GetPolicyVersion, ListPolicyVersions, and GetAccountAuthorizationDetails operations. For more information about managed policies, refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

type Position

type Position struct {

	// The column in the line containing the specified position in the document.
	Column int32

	// The line containing the specified position in the document.
	Line int32
	// contains filtered or unexported fields
}

Contains the row and column of a location of a Statement element in a policy document. This data type is used as a member of the Statement type.

type ReportFormatType

type ReportFormatType string
const (
	ReportFormatTypeTextCsv ReportFormatType = "text/csv"
)

Enum values for ReportFormatType

func (ReportFormatType) Values added in v0.29.0

Values returns all known values for ReportFormatType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type ReportGenerationLimitExceededException

type ReportGenerationLimitExceededException struct {
	Message *string
	// contains filtered or unexported fields
}

The request failed because the maximum number of concurrent requests for this account are already running.

func (*ReportGenerationLimitExceededException) Error

func (*ReportGenerationLimitExceededException) ErrorCode

func (*ReportGenerationLimitExceededException) ErrorFault

func (*ReportGenerationLimitExceededException) ErrorMessage

type ReportStateType

type ReportStateType string
const (
	ReportStateTypeStarted    ReportStateType = "STARTED"
	ReportStateTypeInprogress ReportStateType = "INPROGRESS"
	ReportStateTypeComplete   ReportStateType = "COMPLETE"
)

Enum values for ReportStateType

func (ReportStateType) Values added in v0.29.0

func (ReportStateType) Values() []ReportStateType

Values returns all known values for ReportStateType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type ResourceSpecificResult

type ResourceSpecificResult struct {

	// The result of the simulation of the simulated API operation on the resource
	// specified in EvalResourceName.
	//
	// This member is required.
	EvalResourceDecision PolicyEvaluationDecisionType

	// The name of the simulated resource, in Amazon Resource Name (ARN) format.
	//
	// This member is required.
	EvalResourceName *string

	// Additional details about the results of the evaluation decision on a single
	// resource. This parameter is returned only for cross-account simulations. This
	// parameter explains how each policy type contributes to the resource-specific
	// evaluation decision.
	EvalDecisionDetails map[string]PolicyEvaluationDecisionType

	// A list of the statements in the input policies that determine the result for
	// this part of the simulation. Remember that even if multiple statements allow the
	// operation on the resource, if any statement denies that operation, then the
	// explicit deny overrides any allow. In addition, the deny statement is the only
	// entry included in the result.
	MatchedStatements []Statement

	// A list of context keys that are required by the included input policies but that
	// were not provided by one of the input parameters. This list is used when a list
	// of ARNs is included in the ResourceArns parameter instead of "*". If you do not
	// specify individual resources, by setting ResourceArns to "*" or by not including
	// the ResourceArns parameter, then any missing context values are instead included
	// under the EvaluationResults section. To discover the context keys used by a set
	// of policies, you can call GetContextKeysForCustomPolicy or
	// GetContextKeysForPrincipalPolicy.
	MissingContextValues []string

	// Contains information about the effect that a permissions boundary has on a
	// policy simulation when that boundary is applied to an IAM entity.
	PermissionsBoundaryDecisionDetail *PermissionsBoundaryDecisionDetail
	// contains filtered or unexported fields
}

Contains the result of the simulation of a single API operation call on a single resource. This data type is used by a member of the EvaluationResult data type.

type Role

type Role struct {

	// The Amazon Resource Name (ARN) specifying the role. For more information about
	// ARNs and how to use them in policies, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide guide.
	//
	// This member is required.
	Arn *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the role was created.
	//
	// This member is required.
	CreateDate *time.Time

	// The path to the role. For more information about paths, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	Path *string

	// The stable and unique string identifying the role. For more information about
	// IDs, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	RoleId *string

	// The friendly name that identifies the role.
	//
	// This member is required.
	RoleName *string

	// The policy that grants an entity permission to assume the role.
	AssumeRolePolicyDocument *string

	// A description of the role that you provide.
	Description *string

	// The maximum session duration (in seconds) for the specified role. Anyone who
	// uses the CLI, or API to assume the role can specify the duration using the
	// optional DurationSeconds API parameter or duration-seconds CLI parameter.
	MaxSessionDuration *int32

	// The ARN of the policy used to set the permissions boundary for the role. For
	// more information about permissions boundaries, see Permissions boundaries for
	// IAM identities
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundary *AttachedPermissionsBoundary

	// Contains information about the last time that an IAM role was used. This
	// includes the date and time and the Region in which the role was last used.
	// Activity is only reported for the trailing 400 days. This period can be shorter
	// if your Region began supporting these features within the last year. The role
	// might have been used more than 400 days ago. For more information, see Regions
	// where data is tracked
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
	// in the IAM User Guide.
	RoleLastUsed *RoleLastUsed

	// A list of tags that are attached to the role. For more information about
	// tagging, see Tagging IAM resources
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User
	// Guide.
	Tags []Tag
	// contains filtered or unexported fields
}

Contains information about an IAM role. This structure is returned as a response element in several API operations that interact with roles.

type RoleDetail

type RoleDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources. For more information about ARNs, go to Amazon Resource Names
	// (ARNs)
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the Amazon Web Services General Reference.
	Arn *string

	// The trust policy that grants permission to assume the role.
	AssumeRolePolicyDocument *string

	// A list of managed policies attached to the role. These policies are the role's
	// access (permissions) policies.
	AttachedManagedPolicies []AttachedPolicy

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the role was created.
	CreateDate *time.Time

	// A list of instance profiles that contain this role.
	InstanceProfileList []InstanceProfile

	// The path to the role. For more information about paths, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	Path *string

	// The ARN of the policy used to set the permissions boundary for the role. For
	// more information about permissions boundaries, see Permissions boundaries for
	// IAM identities
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundary *AttachedPermissionsBoundary

	// The stable and unique string identifying the role. For more information about
	// IDs, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	RoleId *string

	// Contains information about the last time that an IAM role was used. This
	// includes the date and time and the Region in which the role was last used.
	// Activity is only reported for the trailing 400 days. This period can be shorter
	// if your Region began supporting these features within the last year. The role
	// might have been used more than 400 days ago. For more information, see Regions
	// where data is tracked
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
	// in the IAM User Guide.
	RoleLastUsed *RoleLastUsed

	// The friendly name that identifies the role.
	RoleName *string

	// A list of inline policies embedded in the role. These policies are the role's
	// access (permissions) policies.
	RolePolicyList []PolicyDetail

	// A list of tags that are attached to the role. For more information about
	// tagging, see Tagging IAM resources
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User
	// Guide.
	Tags []Tag
	// contains filtered or unexported fields
}

Contains information about an IAM role, including all of the role's policies. This data type is used as a response element in the GetAccountAuthorizationDetails operation.

type RoleLastUsed

type RoleLastUsed struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601)
	// that the role was last used. This field is null if the role has not been used
	// within the IAM tracking period. For more information about the tracking period,
	// see Regions where data is tracked
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
	// in the IAM User Guide.
	LastUsedDate *time.Time

	// The name of the Amazon Web Services Region in which the role was last used.
	Region *string
	// contains filtered or unexported fields
}

Contains information about the last time that an IAM role was used. This includes the date and time and the Region in which the role was last used. Activity is only reported for the trailing 400 days. This period can be shorter if your Region began supporting these features within the last year. The role might have been used more than 400 days ago. For more information, see Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period) in the IAM User Guide. This data type is returned as a response element in the GetRole and GetAccountAuthorizationDetails operations.

type RoleUsageType

type RoleUsageType struct {

	// The name of the Region where the service-linked role is being used.
	Region *string

	// The name of the resource that is using the service-linked role.
	Resources []string
	// contains filtered or unexported fields
}

An object that contains details about how a service-linked role is used, if that information is returned by the service. This data type is used as a response element in the GetServiceLinkedRoleDeletionStatus operation.

type SAMLProviderListEntry

type SAMLProviderListEntry struct {

	// The Amazon Resource Name (ARN) of the SAML provider.
	Arn *string

	// The date and time when the SAML provider was created.
	CreateDate *time.Time

	// The expiration date and time for the SAML provider.
	ValidUntil *time.Time
	// contains filtered or unexported fields
}

Contains the list of SAML providers for this account.

type SSHPublicKey

type SSHPublicKey struct {

	// The MD5 message digest of the SSH public key.
	//
	// This member is required.
	Fingerprint *string

	// The SSH public key.
	//
	// This member is required.
	SSHPublicKeyBody *string

	// The unique identifier for the SSH public key.
	//
	// This member is required.
	SSHPublicKeyId *string

	// The status of the SSH public key. Active means that the key can be used for
	// authentication with an CodeCommit repository. Inactive means that the key cannot
	// be used.
	//
	// This member is required.
	Status StatusType

	// The name of the IAM user associated with the SSH public key.
	//
	// This member is required.
	UserName *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the SSH public key was uploaded.
	UploadDate *time.Time
	// contains filtered or unexported fields
}

Contains information about an SSH public key. This data type is used as a response element in the GetSSHPublicKey and UploadSSHPublicKey operations.

type SSHPublicKeyMetadata

type SSHPublicKeyMetadata struct {

	// The unique identifier for the SSH public key.
	//
	// This member is required.
	SSHPublicKeyId *string

	// The status of the SSH public key. Active means that the key can be used for
	// authentication with an CodeCommit repository. Inactive means that the key cannot
	// be used.
	//
	// This member is required.
	Status StatusType

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the SSH public key was uploaded.
	//
	// This member is required.
	UploadDate *time.Time

	// The name of the IAM user associated with the SSH public key.
	//
	// This member is required.
	UserName *string
	// contains filtered or unexported fields
}

Contains information about an SSH public key, without the key's body or fingerprint. This data type is used as a response element in the ListSSHPublicKeys operation.

type ServerCertificate

type ServerCertificate struct {

	// The contents of the public key certificate.
	//
	// This member is required.
	CertificateBody *string

	// The meta information of the server certificate, such as its name, path, ID, and
	// ARN.
	//
	// This member is required.
	ServerCertificateMetadata *ServerCertificateMetadata

	// The contents of the public key certificate chain.
	CertificateChain *string

	// A list of tags that are attached to the server certificate. For more information
	// about tagging, see Tagging IAM resources
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User
	// Guide.
	Tags []Tag
	// contains filtered or unexported fields
}

Contains information about a server certificate. This data type is used as a response element in the GetServerCertificate operation.

type ServerCertificateMetadata

type ServerCertificateMetadata struct {

	// The Amazon Resource Name (ARN) specifying the server certificate. For more
	// information about ARNs and how to use them in policies, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	Arn *string

	// The path to the server certificate. For more information about paths, see IAM
	// identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	Path *string

	// The stable and unique string identifying the server certificate. For more
	// information about IDs, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	ServerCertificateId *string

	// The name that identifies the server certificate.
	//
	// This member is required.
	ServerCertificateName *string

	// The date on which the certificate is set to expire.
	Expiration *time.Time

	// The date when the server certificate was uploaded.
	UploadDate *time.Time
	// contains filtered or unexported fields
}

Contains information about a server certificate without its certificate body, certificate chain, and private key. This data type is used as a response element in the UploadServerCertificate and ListServerCertificates operations.

type ServiceFailureException

type ServiceFailureException struct {
	Message *string
	// contains filtered or unexported fields
}

The request processing has failed because of an unknown error, exception or failure.

func (*ServiceFailureException) Error

func (e *ServiceFailureException) Error() string

func (*ServiceFailureException) ErrorCode

func (e *ServiceFailureException) ErrorCode() string

func (*ServiceFailureException) ErrorFault

func (e *ServiceFailureException) ErrorFault() smithy.ErrorFault

func (*ServiceFailureException) ErrorMessage

func (e *ServiceFailureException) ErrorMessage() string

type ServiceLastAccessed

type ServiceLastAccessed struct {

	// The name of the service in which access was attempted.
	//
	// This member is required.
	ServiceName *string

	// The namespace of the service in which access was attempted. To learn the service
	// namespace of a service, see Actions, resources, and condition keys for Amazon
	// Web Services services
	// (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
	// in the Service Authorization Reference. Choose the name of the service to view
	// details for that service. In the first paragraph, find the service prefix. For
	// example, (service prefix: a4b). For more information about service namespaces,
	// see Amazon Web Services Service Namespaces
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
	// in the Amazon Web Services General Reference.
	//
	// This member is required.
	ServiceNamespace *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when an authenticated entity most recently
	// attempted to access the service. Amazon Web Services does not report
	// unauthenticated requests. This field is null if no IAM entities attempted to
	// access the service within the reporting period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAuthenticated *time.Time

	// The ARN of the authenticated entity (user or role) that last attempted to access
	// the service. Amazon Web Services does not report unauthenticated requests. This
	// field is null if no IAM entities attempted to access the service within the
	// reporting period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAuthenticatedEntity *string

	// The Region from which the authenticated entity (user or role) last attempted to
	// access the service. Amazon Web Services does not report unauthenticated
	// requests. This field is null if no IAM entities attempted to access the service
	// within the reporting period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAuthenticatedRegion *string

	// The total number of authenticated principals (root user, IAM users, or IAM
	// roles) that have attempted to access the service. This field is null if no
	// principals attempted to access the service within the reporting period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	TotalAuthenticatedEntities *int32

	// An object that contains details about the most recent attempt to access a
	// tracked action within the service. This field is null if there no tracked
	// actions or if the principal did not use the tracked actions within the reporting
	// period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	// This field is also null if the report was generated at the service level and not
	// the action level. For more information, see the Granularity field in
	// GenerateServiceLastAccessedDetails.
	TrackedActionsLastAccessed []TrackedActionLastAccessed
	// contains filtered or unexported fields
}

Contains details about the most recent attempt to access the service. This data type is used as a response element in the GetServiceLastAccessedDetails operation.

type ServiceNotSupportedException

type ServiceNotSupportedException struct {
	Message *string
	// contains filtered or unexported fields
}

The specified service does not support service-specific credentials.

func (*ServiceNotSupportedException) Error

func (*ServiceNotSupportedException) ErrorCode

func (e *ServiceNotSupportedException) ErrorCode() string

func (*ServiceNotSupportedException) ErrorFault

func (*ServiceNotSupportedException) ErrorMessage

func (e *ServiceNotSupportedException) ErrorMessage() string

type ServiceSpecificCredential

type ServiceSpecificCredential struct {

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the service-specific credential were
	// created.
	//
	// This member is required.
	CreateDate *time.Time

	// The name of the service associated with the service-specific credential.
	//
	// This member is required.
	ServiceName *string

	// The generated password for the service-specific credential.
	//
	// This member is required.
	ServicePassword *string

	// The unique identifier for the service-specific credential.
	//
	// This member is required.
	ServiceSpecificCredentialId *string

	// The generated user name for the service-specific credential. This value is
	// generated by combining the IAM user's name combined with the ID number of the
	// Amazon Web Services account, as in jane-at-123456789012, for example. This value
	// cannot be configured by the user.
	//
	// This member is required.
	ServiceUserName *string

	// The status of the service-specific credential. Active means that the key is
	// valid for API calls, while Inactive means it is not.
	//
	// This member is required.
	Status StatusType

	// The name of the IAM user associated with the service-specific credential.
	//
	// This member is required.
	UserName *string
	// contains filtered or unexported fields
}

Contains the details of a service-specific credential.

type ServiceSpecificCredentialMetadata

type ServiceSpecificCredentialMetadata struct {

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the service-specific credential were
	// created.
	//
	// This member is required.
	CreateDate *time.Time

	// The name of the service associated with the service-specific credential.
	//
	// This member is required.
	ServiceName *string

	// The unique identifier for the service-specific credential.
	//
	// This member is required.
	ServiceSpecificCredentialId *string

	// The generated user name for the service-specific credential.
	//
	// This member is required.
	ServiceUserName *string

	// The status of the service-specific credential. Active means that the key is
	// valid for API calls, while Inactive means it is not.
	//
	// This member is required.
	Status StatusType

	// The name of the IAM user associated with the service-specific credential.
	//
	// This member is required.
	UserName *string
	// contains filtered or unexported fields
}

Contains additional details about a service-specific credential.

type SigningCertificate

type SigningCertificate struct {

	// The contents of the signing certificate.
	//
	// This member is required.
	CertificateBody *string

	// The ID for the signing certificate.
	//
	// This member is required.
	CertificateId *string

	// The status of the signing certificate. Active means that the key is valid for
	// API calls, while Inactive means it is not.
	//
	// This member is required.
	Status StatusType

	// The name of the user the signing certificate is associated with.
	//
	// This member is required.
	UserName *string

	// The date when the signing certificate was uploaded.
	UploadDate *time.Time
	// contains filtered or unexported fields
}

Contains information about an X.509 signing certificate. This data type is used as a response element in the UploadSigningCertificate and ListSigningCertificates operations.

type SortKeyType

type SortKeyType string
const (
	SortKeyTypeServiceNamespaceAscending       SortKeyType = "SERVICE_NAMESPACE_ASCENDING"
	SortKeyTypeServiceNamespaceDescending      SortKeyType = "SERVICE_NAMESPACE_DESCENDING"
	SortKeyTypeLastAuthenticatedTimeAscending  SortKeyType = "LAST_AUTHENTICATED_TIME_ASCENDING"
	SortKeyTypeLastAuthenticatedTimeDescending SortKeyType = "LAST_AUTHENTICATED_TIME_DESCENDING"
)

Enum values for SortKeyType

func (SortKeyType) Values added in v0.29.0

func (SortKeyType) Values() []SortKeyType

Values returns all known values for SortKeyType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type Statement

type Statement struct {

	// The row and column of the end of a Statement in an IAM policy.
	EndPosition *Position

	// The identifier of the policy that was provided as an input.
	SourcePolicyId *string

	// The type of the policy.
	SourcePolicyType PolicySourceType

	// The row and column of the beginning of the Statement in an IAM policy.
	StartPosition *Position
	// contains filtered or unexported fields
}

Contains a reference to a Statement element in a policy document that determines the result of the simulation. This data type is used by the MatchedStatements member of the EvaluationResult type.

type StatusType

type StatusType string
const (
	StatusTypeActive   StatusType = "Active"
	StatusTypeInactive StatusType = "Inactive"
)

Enum values for StatusType

func (StatusType) Values added in v0.29.0

func (StatusType) Values() []StatusType

Values returns all known values for StatusType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type SummaryKeyType

type SummaryKeyType string
const (
	SummaryKeyTypeUsers                             SummaryKeyType = "Users"
	SummaryKeyTypeUsersQuota                        SummaryKeyType = "UsersQuota"
	SummaryKeyTypeGroups                            SummaryKeyType = "Groups"
	SummaryKeyTypeGroupsQuota                       SummaryKeyType = "GroupsQuota"
	SummaryKeyTypeServerCertificates                SummaryKeyType = "ServerCertificates"
	SummaryKeyTypeServerCertificatesQuota           SummaryKeyType = "ServerCertificatesQuota"
	SummaryKeyTypeUserPolicySizeQuota               SummaryKeyType = "UserPolicySizeQuota"
	SummaryKeyTypeGroupPolicySizeQuota              SummaryKeyType = "GroupPolicySizeQuota"
	SummaryKeyTypeGroupsPerUserQuota                SummaryKeyType = "GroupsPerUserQuota"
	SummaryKeyTypeSigningCertificatesPerUserQuota   SummaryKeyType = "SigningCertificatesPerUserQuota"
	SummaryKeyTypeAccessKeysPerUserQuota            SummaryKeyType = "AccessKeysPerUserQuota"
	SummaryKeyTypeMFADevices                        SummaryKeyType = "MFADevices"
	SummaryKeyTypeMFADevicesInUse                   SummaryKeyType = "MFADevicesInUse"
	SummaryKeyTypeAccountMFAEnabled                 SummaryKeyType = "AccountMFAEnabled"
	SummaryKeyTypeAccountAccessKeysPresent          SummaryKeyType = "AccountAccessKeysPresent"
	SummaryKeyTypeAccountSigningCertificatesPresent SummaryKeyType = "AccountSigningCertificatesPresent"
	SummaryKeyTypeAttachedPoliciesPerGroupQuota     SummaryKeyType = "AttachedPoliciesPerGroupQuota"
	SummaryKeyTypeAttachedPoliciesPerRoleQuota      SummaryKeyType = "AttachedPoliciesPerRoleQuota"
	SummaryKeyTypeAttachedPoliciesPerUserQuota      SummaryKeyType = "AttachedPoliciesPerUserQuota"
	SummaryKeyTypePolicies                          SummaryKeyType = "Policies"
	SummaryKeyTypePoliciesQuota                     SummaryKeyType = "PoliciesQuota"
	SummaryKeyTypePolicySizeQuota                   SummaryKeyType = "PolicySizeQuota"
	SummaryKeyTypePolicyVersionsInUse               SummaryKeyType = "PolicyVersionsInUse"
	SummaryKeyTypePolicyVersionsInUseQuota          SummaryKeyType = "PolicyVersionsInUseQuota"
	SummaryKeyTypeVersionsPerPolicyQuota            SummaryKeyType = "VersionsPerPolicyQuota"
	SummaryKeyTypeGlobalEndpointTokenVersion        SummaryKeyType = "GlobalEndpointTokenVersion"
)

Enum values for SummaryKeyType

func (SummaryKeyType) Values added in v0.29.0

func (SummaryKeyType) Values() []SummaryKeyType

Values returns all known values for SummaryKeyType. Note that this can be expanded in the future, and so it is only as up to date as the client. The ordering of this slice is not guaranteed to be stable across updates.

type Tag

type Tag struct {

	// The key name that can be used to look up or retrieve the associated value. For
	// example, Department or Cost Center are common choices.
	//
	// This member is required.
	Key *string

	// The value associated with this tag. For example, tags with a key name of
	// Department could have values such as Human Resources, Accounting, and Support.
	// Tags with a key name of Cost Center might have values that consist of the number
	// associated with the different cost centers in your company. Typically, many
	// resources have tags with the same key name but with different values. Amazon Web
	// Services always interprets the tag Value as a single string. If you need to
	// store an array, you can store comma-separated values in the string. However, you
	// must interpret the value in your code.
	//
	// This member is required.
	Value *string
	// contains filtered or unexported fields
}

A structure that represents user-provided metadata that can be associated with an IAM resource. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

type TrackedActionLastAccessed

type TrackedActionLastAccessed struct {

	// The name of the tracked action to which access was attempted. Tracked actions
	// are actions that report activity to IAM.
	ActionName *string

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources. For more information about ARNs, go to Amazon Resource Names
	// (ARNs)
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the Amazon Web Services General Reference.
	LastAccessedEntity *string

	// The Region from which the authenticated entity (user or role) last attempted to
	// access the tracked action. Amazon Web Services does not report unauthenticated
	// requests. This field is null if no IAM entities attempted to access the service
	// within the reporting period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAccessedRegion *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when an authenticated entity most recently
	// attempted to access the tracked service. Amazon Web Services does not report
	// unauthenticated requests. This field is null if no IAM entities attempted to
	// access the service within the reporting period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAccessedTime *time.Time
	// contains filtered or unexported fields
}

Contains details about the most recent attempt to access an action within the service. This data type is used as a response element in the GetServiceLastAccessedDetails operation.

type UnmodifiableEntityException

type UnmodifiableEntityException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

func (*UnmodifiableEntityException) Error

func (*UnmodifiableEntityException) ErrorCode

func (e *UnmodifiableEntityException) ErrorCode() string

func (*UnmodifiableEntityException) ErrorFault

func (*UnmodifiableEntityException) ErrorMessage

func (e *UnmodifiableEntityException) ErrorMessage() string

type UnrecognizedPublicKeyEncodingException

type UnrecognizedPublicKeyEncodingException struct {
	Message *string
	// contains filtered or unexported fields
}

The request was rejected because the public key encoding format is unsupported or unrecognized.

func (*UnrecognizedPublicKeyEncodingException) Error

func (*UnrecognizedPublicKeyEncodingException) ErrorCode

func (*UnrecognizedPublicKeyEncodingException) ErrorFault

func (*UnrecognizedPublicKeyEncodingException) ErrorMessage

type User

type User struct {

	// The Amazon Resource Name (ARN) that identifies the user. For more information
	// about ARNs and how to use ARNs in policies, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	Arn *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the user was created.
	//
	// This member is required.
	CreateDate *time.Time

	// The path to the user. For more information about paths, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide. The ARN of the policy used to set the permissions boundary for
	// the user.
	//
	// This member is required.
	Path *string

	// The stable and unique string identifying the user. For more information about
	// IDs, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	UserId *string

	// The friendly name identifying the user.
	//
	// This member is required.
	UserName *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the user's password was last used to sign
	// in to an Amazon Web Services website. For a list of Amazon Web Services websites
	// that capture a user's last sign-in time, see the Credential reports
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) topic
	// in the IAM User Guide. If a password is used more than once in a five-minute
	// span, only the first use is returned in this field. If the field is null (no
	// value), then it indicates that they never signed in with a password. This can be
	// because:
	//
	// * The user never had a password.
	//
	// * A password exists but has not been
	// used since IAM started tracking this information on October 20, 2014.
	//
	// A null
	// value does not mean that the user never had a password. Also, if the user does
	// not currently have a password but had one in the past, then this field contains
	// the date and time the most recent password was used. This value is returned only
	// in the GetUser and ListUsers operations.
	PasswordLastUsed *time.Time

	// For more information about permissions boundaries, see Permissions boundaries
	// for IAM identities
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundary *AttachedPermissionsBoundary

	// A list of tags that are associated with the user. For more information about
	// tagging, see Tagging IAM resources
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User
	// Guide.
	Tags []Tag
	// contains filtered or unexported fields
}

Contains information about an IAM user entity. This data type is used as a response element in the following operations:

* CreateUser

* GetUser

* ListUsers

type UserDetail

type UserDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources. For more information about ARNs, go to Amazon Resource Names
	// (ARNs)
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the Amazon Web Services General Reference.
	Arn *string

	// A list of the managed policies attached to the user.
	AttachedManagedPolicies []AttachedPolicy

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the user was created.
	CreateDate *time.Time

	// A list of IAM groups that the user is in.
	GroupList []string

	// The path to the user. For more information about paths, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	Path *string

	// The ARN of the policy used to set the permissions boundary for the user. For
	// more information about permissions boundaries, see Permissions boundaries for
	// IAM identities
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundary *AttachedPermissionsBoundary

	// A list of tags that are associated with the user. For more information about
	// tagging, see Tagging IAM resources
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User
	// Guide.
	Tags []Tag

	// The stable and unique string identifying the user. For more information about
	// IDs, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	UserId *string

	// The friendly name identifying the user.
	UserName *string

	// A list of the inline policies embedded in the user.
	UserPolicyList []PolicyDetail
	// contains filtered or unexported fields
}

Contains information about an IAM user, including all the user's policies and all the IAM groups the user is in. This data type is used as a response element in the GetAccountAuthorizationDetails operation.

type VirtualMFADevice

type VirtualMFADevice struct {

	// The serial number associated with VirtualMFADevice.
	//
	// This member is required.
	SerialNumber *string

	// The base32 seed defined as specified in RFC3548
	// (https://tools.ietf.org/html/rfc3548.txt). The Base32StringSeed is
	// base64-encoded.
	Base32StringSeed []byte

	// The date and time on which the virtual MFA device was enabled.
	EnableDate *time.Time

	// A QR code PNG image that encodes
	// otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String where
	// $virtualMFADeviceName is one of the create call arguments. AccountName is the
	// user name if set (otherwise, the account ID otherwise), and Base32String is the
	// seed in base32 format. The Base32String value is base64-encoded.
	QRCodePNG []byte

	// A list of tags that are attached to the virtual MFA device. For more information
	// about tagging, see Tagging IAM resources
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User
	// Guide.
	Tags []Tag

	// The IAM user associated with this virtual MFA device.
	User *User
	// contains filtered or unexported fields
}

Contains information about a virtual MFA device.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL