iam

package
v0.14.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 8, 2019 License: Apache-2.0 Imports: 8 Imported by: 556

Documentation

Overview

Package iam provides the client and types for making API requests to IAM.

AWS Identity and Access Management (IAM) is a web service that you can use to manage users and user permissions under your AWS account. This guide provides descriptions of IAM actions that you can call programmatically. For general information about IAM, see AWS Identity and Access Management (IAM) (http://aws.amazon.com/iam/). For the user guide for IAM, see Using IAM (https://docs.aws.amazon.com/IAM/latest/UserGuide/).

AWS provides SDKs that consist of libraries and sample code for various programming languages and platforms (Java, Ruby, .NET, iOS, Android, etc.). The SDKs provide a convenient way to create programmatic access to IAM and AWS. For example, the SDKs take care of tasks such as cryptographically signing requests (see below), managing errors, and retrying requests automatically. For information about the AWS SDKs, including how to download and install them, see the Tools for Amazon Web Services (http://aws.amazon.com/tools/) page.

We recommend that you use the AWS SDKs to make programmatic API calls to IAM. However, you can also use the IAM Query API to make direct calls to the IAM web service. To learn more about the IAM Query API, see Making Query Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) in the Using IAM guide. IAM supports GET and POST requests for all actions. That is, the API does not require you to use GET for some actions and POST for others. However, GET requests are subject to the limitation size of a URL. Therefore, for operations that require larger sizes, use a POST request.

Signing Requests

Requests must be signed using an access key ID and a secret access key. We strongly recommend that you do not use your AWS account access key ID and secret access key for everyday work with IAM. You can use the access key ID and secret access key for an IAM user or you can use the AWS Security Token Service to generate temporary security credentials and use those to sign requests.

To sign requests, we recommend that you use Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). If you have an existing application that uses Signature Version 2, you do not have to update it to use Signature Version 4. However, some operations now require Signature Version 4. The documentation for operations that require version 4 indicate this requirement.

Additional Resources

For more information, see the following:

See https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08 for more information on this service.

See iam package documentation for more information. https://docs.aws.amazon.com/sdk-for-go/api/service/iam/

Using the Client

To use IAM with the SDK use the New function to create a new service client. With that client you can make API requests to the service. These clients are safe to use concurrently.

See the SDK's documentation for more information on how to use the SDK. https://docs.aws.amazon.com/sdk-for-go/api/

See aws.Config documentation for more information on configuring SDK clients. https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config

See the IAM client for more information on creating client for this service. https://docs.aws.amazon.com/sdk-for-go/api/service/iam/#New

Index

Examples

Constants

View Source
const (
	ServiceName = "IAM" // Service's name
	ServiceID   = "IAM" // Service's identifier
	EndpointsID = "iam" // Service's Endpoint identifier
)
View Source
const (

	// ErrCodeConcurrentModificationException for service response error code
	// "ConcurrentModification".
	//
	// The request was rejected because multiple requests to change this object
	// were submitted simultaneously. Wait a few minutes and submit your request
	// again.
	ErrCodeConcurrentModificationException = "ConcurrentModification"

	// ErrCodeCredentialReportExpiredException for service response error code
	// "ReportExpired".
	//
	// The request was rejected because the most recent credential report has expired.
	// To generate a new credential report, use GenerateCredentialReport. For more
	// information about credential report expiration, see Getting Credential Reports
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
	// in the IAM User Guide.
	ErrCodeCredentialReportExpiredException = "ReportExpired"

	// ErrCodeCredentialReportNotPresentException for service response error code
	// "ReportNotPresent".
	//
	// The request was rejected because the credential report does not exist. To
	// generate a credential report, use GenerateCredentialReport.
	ErrCodeCredentialReportNotPresentException = "ReportNotPresent"

	// ErrCodeCredentialReportNotReadyException for service response error code
	// "ReportInProgress".
	//
	// The request was rejected because the credential report is still being generated.
	ErrCodeCredentialReportNotReadyException = "ReportInProgress"

	// ErrCodeDeleteConflictException for service response error code
	// "DeleteConflict".
	//
	// The request was rejected because it attempted to delete a resource that has
	// attached subordinate entities. The error message describes these entities.
	ErrCodeDeleteConflictException = "DeleteConflict"

	// ErrCodeDuplicateCertificateException for service response error code
	// "DuplicateCertificate".
	//
	// The request was rejected because the same certificate is associated with
	// an IAM user in the account.
	ErrCodeDuplicateCertificateException = "DuplicateCertificate"

	// ErrCodeDuplicateSSHPublicKeyException for service response error code
	// "DuplicateSSHPublicKey".
	//
	// The request was rejected because the SSH public key is already associated
	// with the specified IAM user.
	ErrCodeDuplicateSSHPublicKeyException = "DuplicateSSHPublicKey"

	// ErrCodeEntityAlreadyExistsException for service response error code
	// "EntityAlreadyExists".
	//
	// The request was rejected because it attempted to create a resource that already
	// exists.
	ErrCodeEntityAlreadyExistsException = "EntityAlreadyExists"

	// ErrCodeEntityTemporarilyUnmodifiableException for service response error code
	// "EntityTemporarilyUnmodifiable".
	//
	// The request was rejected because it referenced an entity that is temporarily
	// unmodifiable, such as a user name that was deleted and then recreated. The
	// error indicates that the request is likely to succeed if you try again after
	// waiting several minutes. The error message describes the entity.
	ErrCodeEntityTemporarilyUnmodifiableException = "EntityTemporarilyUnmodifiable"

	// ErrCodeInvalidAuthenticationCodeException for service response error code
	// "InvalidAuthenticationCode".
	//
	// The request was rejected because the authentication code was not recognized.
	// The error message describes the specific error.
	ErrCodeInvalidAuthenticationCodeException = "InvalidAuthenticationCode"

	// ErrCodeInvalidCertificateException for service response error code
	// "InvalidCertificate".
	//
	// The request was rejected because the certificate is invalid.
	ErrCodeInvalidCertificateException = "InvalidCertificate"

	// ErrCodeInvalidInputException for service response error code
	// "InvalidInput".
	//
	// The request was rejected because an invalid or out-of-range value was supplied
	// for an input parameter.
	ErrCodeInvalidInputException = "InvalidInput"

	// ErrCodeInvalidPublicKeyException for service response error code
	// "InvalidPublicKey".
	//
	// The request was rejected because the public key is malformed or otherwise
	// invalid.
	ErrCodeInvalidPublicKeyException = "InvalidPublicKey"

	// ErrCodeInvalidUserTypeException for service response error code
	// "InvalidUserType".
	//
	// The request was rejected because the type of user for the transaction was
	// incorrect.
	ErrCodeInvalidUserTypeException = "InvalidUserType"

	// ErrCodeKeyPairMismatchException for service response error code
	// "KeyPairMismatch".
	//
	// The request was rejected because the public key certificate and the private
	// key do not match.
	ErrCodeKeyPairMismatchException = "KeyPairMismatch"

	// ErrCodeLimitExceededException for service response error code
	// "LimitExceeded".
	//
	// The request was rejected because it attempted to create resources beyond
	// the current AWS account limits. The error message describes the limit exceeded.
	ErrCodeLimitExceededException = "LimitExceeded"

	// ErrCodeMalformedCertificateException for service response error code
	// "MalformedCertificate".
	//
	// The request was rejected because the certificate was malformed or expired.
	// The error message describes the specific error.
	ErrCodeMalformedCertificateException = "MalformedCertificate"

	// ErrCodeMalformedPolicyDocumentException for service response error code
	// "MalformedPolicyDocument".
	//
	// The request was rejected because the policy document was malformed. The error
	// message describes the specific error.
	ErrCodeMalformedPolicyDocumentException = "MalformedPolicyDocument"

	// ErrCodeNoSuchEntityException for service response error code
	// "NoSuchEntity".
	//
	// The request was rejected because it referenced a resource entity that does
	// not exist. The error message describes the resource.
	ErrCodeNoSuchEntityException = "NoSuchEntity"

	// ErrCodePasswordPolicyViolationException for service response error code
	// "PasswordPolicyViolation".
	//
	// The request was rejected because the provided password did not meet the requirements
	// imposed by the account password policy.
	ErrCodePasswordPolicyViolationException = "PasswordPolicyViolation"

	// ErrCodePolicyEvaluationException for service response error code
	// "PolicyEvaluation".
	//
	// The request failed because a provided policy could not be successfully evaluated.
	// An additional detailed message indicates the source of the failure.
	ErrCodePolicyEvaluationException = "PolicyEvaluation"

	// ErrCodePolicyNotAttachableException for service response error code
	// "PolicyNotAttachable".
	//
	// The request failed because AWS service role policies can only be attached
	// to the service-linked role for that service.
	ErrCodePolicyNotAttachableException = "PolicyNotAttachable"

	// ErrCodeReportGenerationLimitExceededException for service response error code
	// "ReportGenerationLimitExceeded".
	//
	// The request failed because the maximum number of concurrent requests for
	// this account are already running.
	ErrCodeReportGenerationLimitExceededException = "ReportGenerationLimitExceeded"

	// ErrCodeServiceFailureException for service response error code
	// "ServiceFailure".
	//
	// The request processing has failed because of an unknown error, exception
	// or failure.
	ErrCodeServiceFailureException = "ServiceFailure"

	// ErrCodeServiceNotSupportedException for service response error code
	// "NotSupportedService".
	//
	// The specified service does not support service-specific credentials.
	ErrCodeServiceNotSupportedException = "NotSupportedService"

	// ErrCodeUnmodifiableEntityException for service response error code
	// "UnmodifiableEntity".
	//
	// The request was rejected because only the service that depends on the service-linked
	// role can modify or delete the role on your behalf. The error message includes
	// the name of the service that depends on this service-linked role. You must
	// request the change through that service.
	ErrCodeUnmodifiableEntityException = "UnmodifiableEntity"

	// ErrCodeUnrecognizedPublicKeyEncodingException for service response error code
	// "UnrecognizedPublicKeyEncoding".
	//
	// The request was rejected because the public key encoding format is unsupported
	// or unrecognized.
	ErrCodeUnrecognizedPublicKeyEncodingException = "UnrecognizedPublicKeyEncoding"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessDetail added in v0.10.0

type AccessDetail struct {

	// The path of the Organizations entity (root, organizational unit, or account)
	// from which an authenticated principal last attempted to access the service.
	// AWS does not report unauthenticated requests.
	//
	// This field is null if no principals (IAM users, IAM roles, or root users)
	// in the reported Organizations entity attempted to access the service within
	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	EntityPath *string `min:"19" type:"string"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when an authenticated principal most recently attempted to access the service.
	// AWS does not report unauthenticated requests.
	//
	// This field is null if no principals in the reported Organizations entity
	// attempted to access the service within the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAuthenticatedTime *time.Time `type:"timestamp"`

	// The Region where the last service access attempt occurred.
	//
	// This field is null if no principals in the reported Organizations entity
	// attempted to access the service within the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	Region *string `type:"string"`

	// The name of the service in which access was attempted.
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`

	// The namespace of the service in which access was attempted.
	//
	// To learn the service namespace of a service, go to Actions, Resources, and
	// Condition Keys for AWS Services (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_actions-resources-contextkeys.html)
	// in the IAM User Guide. Choose the name of the service to view details for
	// that service. In the first paragraph, find the service prefix. For example,
	// (service prefix: a4b). For more information about service namespaces, see
	// AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
	// in the AWS General Reference.
	//
	// ServiceNamespace is a required field
	ServiceNamespace *string `min:"1" type:"string" required:"true"`

	// The number of accounts with authenticated principals (root users, IAM users,
	// and IAM roles) that attempted to access the service in the reporting period.
	TotalAuthenticatedEntities *int64 `type:"integer"`
	// contains filtered or unexported fields
}

An object that contains details about when a principal in the reported AWS Organizations entity last attempted to access an AWS service. A principal can be an IAM user, an IAM role, or the AWS account root user within the reported Organizations entity.

This data type is a response element in the GetOrganizationsAccessReport operation.

func (AccessDetail) String added in v0.10.0

func (s AccessDetail) String() string

String returns the string representation

type AccessKey

type AccessKey struct {

	// The ID for this access key.
	//
	// AccessKeyId is a required field
	AccessKeyId *string `min:"16" type:"string" required:"true"`

	// The date when the access key was created.
	CreateDate *time.Time `type:"timestamp"`

	// The secret key used to sign requests.
	//
	// SecretAccessKey is a required field
	SecretAccessKey *string `type:"string" required:"true" sensitive:"true"`

	// The status of the access key. Active means that the key is valid for API
	// calls, while Inactive means it is not.
	//
	// Status is a required field
	Status StatusType `type:"string" required:"true" enum:"true"`

	// The name of the IAM user that the access key is associated with.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an AWS access key.

This data type is used as a response element in the CreateAccessKey and ListAccessKeys operations.

The SecretAccessKey value is returned only in response to CreateAccessKey. You can get a secret access key only when you first create an access key; you cannot recover the secret access key later. If you lose a secret access key, you must create a new access key.

func (AccessKey) String

func (s AccessKey) String() string

String returns the string representation

type AccessKeyLastUsed

type AccessKeyLastUsed struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the access key was most recently used. This field is null in the following
	// situations:
	//
	//    * The user does not have an access key.
	//
	//    * An access key exists but has not been used since IAM began tracking
	//    this information.
	//
	//    * There is no sign-in data associated with the user.
	//
	// LastUsedDate is a required field
	LastUsedDate *time.Time `type:"timestamp" required:"true"`

	// The AWS Region where this access key was most recently used. The value for
	// this field is "N/A" in the following situations:
	//
	//    * The user does not have an access key.
	//
	//    * An access key exists but has not been used since IAM began tracking
	//    this information.
	//
	//    * There is no sign-in data associated with the user.
	//
	// For more information about AWS Regions, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html)
	// in the Amazon Web Services General Reference.
	//
	// Region is a required field
	Region *string `type:"string" required:"true"`

	// The name of the AWS service with which this access key was most recently
	// used. The value of this field is "N/A" in the following situations:
	//
	//    * The user does not have an access key.
	//
	//    * An access key exists but has not been used since IAM started tracking
	//    this information.
	//
	//    * There is no sign-in data associated with the user.
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about the last time an AWS access key was used since IAM began tracking this information on April 22, 2015.

This data type is used as a response element in the GetAccessKeyLastUsed operation.

func (AccessKeyLastUsed) String

func (s AccessKeyLastUsed) String() string

String returns the string representation

type AccessKeyMetadata

type AccessKeyMetadata struct {

	// The ID for this access key.
	AccessKeyId *string `min:"16" type:"string"`

	// The date when the access key was created.
	CreateDate *time.Time `type:"timestamp"`

	// The status of the access key. Active means that the key is valid for API
	// calls; Inactive means it is not.
	Status StatusType `type:"string" enum:"true"`

	// The name of the IAM user that the key is associated with.
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about an AWS access key, without its secret key.

This data type is used as a response element in the ListAccessKeys operation.

func (AccessKeyMetadata) String

func (s AccessKeyMetadata) String() string

String returns the string representation

type AddClientIDToOpenIDConnectProviderInput

type AddClientIDToOpenIDConnectProviderInput struct {

	// The client ID (also known as audience) to add to the IAM OpenID Connect provider
	// resource.
	//
	// ClientID is a required field
	ClientID *string `min:"1" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the IAM OpenID Connect (OIDC) provider
	// resource to add the client ID to. You can get a list of OIDC provider ARNs
	// by using the ListOpenIDConnectProviders operation.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AddClientIDToOpenIDConnectProviderInput) String

String returns the string representation

func (*AddClientIDToOpenIDConnectProviderInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type AddClientIDToOpenIDConnectProviderOutput

type AddClientIDToOpenIDConnectProviderOutput struct {
	// contains filtered or unexported fields
}

func (AddClientIDToOpenIDConnectProviderOutput) String

String returns the string representation

type AddClientIDToOpenIDConnectProviderRequest

AddClientIDToOpenIDConnectProviderRequest is the request type for the AddClientIDToOpenIDConnectProvider API operation.

func (AddClientIDToOpenIDConnectProviderRequest) Send

Send marshals and sends the AddClientIDToOpenIDConnectProvider API request.

type AddClientIDToOpenIDConnectProviderResponse added in v0.9.0

type AddClientIDToOpenIDConnectProviderResponse struct {
	*AddClientIDToOpenIDConnectProviderOutput
	// contains filtered or unexported fields
}

AddClientIDToOpenIDConnectProviderResponse is the response type for the AddClientIDToOpenIDConnectProvider API operation.

func (*AddClientIDToOpenIDConnectProviderResponse) SDKResponseMetdata added in v0.9.0

func (r *AddClientIDToOpenIDConnectProviderResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the AddClientIDToOpenIDConnectProvider request.

type AddRoleToInstanceProfileInput

type AddRoleToInstanceProfileInput struct {

	// The name of the instance profile to update.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`

	// The name of the role to add.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AddRoleToInstanceProfileInput) String

String returns the string representation

func (*AddRoleToInstanceProfileInput) Validate

func (s *AddRoleToInstanceProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AddRoleToInstanceProfileOutput

type AddRoleToInstanceProfileOutput struct {
	// contains filtered or unexported fields
}

func (AddRoleToInstanceProfileOutput) String

String returns the string representation

type AddRoleToInstanceProfileRequest

type AddRoleToInstanceProfileRequest struct {
	*aws.Request
	Input *AddRoleToInstanceProfileInput
	Copy  func(*AddRoleToInstanceProfileInput) AddRoleToInstanceProfileRequest
}

AddRoleToInstanceProfileRequest is the request type for the AddRoleToInstanceProfile API operation.

func (AddRoleToInstanceProfileRequest) Send

Send marshals and sends the AddRoleToInstanceProfile API request.

type AddRoleToInstanceProfileResponse added in v0.9.0

type AddRoleToInstanceProfileResponse struct {
	*AddRoleToInstanceProfileOutput
	// contains filtered or unexported fields
}

AddRoleToInstanceProfileResponse is the response type for the AddRoleToInstanceProfile API operation.

func (*AddRoleToInstanceProfileResponse) SDKResponseMetdata added in v0.9.0

func (r *AddRoleToInstanceProfileResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the AddRoleToInstanceProfile request.

type AddUserToGroupInput

type AddUserToGroupInput struct {

	// The name of the group to update.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The name of the user to add.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AddUserToGroupInput) String

func (s AddUserToGroupInput) String() string

String returns the string representation

func (*AddUserToGroupInput) Validate

func (s *AddUserToGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AddUserToGroupOutput

type AddUserToGroupOutput struct {
	// contains filtered or unexported fields
}

func (AddUserToGroupOutput) String

func (s AddUserToGroupOutput) String() string

String returns the string representation

type AddUserToGroupRequest

type AddUserToGroupRequest struct {
	*aws.Request
	Input *AddUserToGroupInput
	Copy  func(*AddUserToGroupInput) AddUserToGroupRequest
}

AddUserToGroupRequest is the request type for the AddUserToGroup API operation.

func (AddUserToGroupRequest) Send

Send marshals and sends the AddUserToGroup API request.

type AddUserToGroupResponse added in v0.9.0

type AddUserToGroupResponse struct {
	*AddUserToGroupOutput
	// contains filtered or unexported fields
}

AddUserToGroupResponse is the response type for the AddUserToGroup API operation.

func (*AddUserToGroupResponse) SDKResponseMetdata added in v0.9.0

func (r *AddUserToGroupResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the AddUserToGroup request.

type AssignmentStatusType

type AssignmentStatusType string
const (
	AssignmentStatusTypeAssigned   AssignmentStatusType = "Assigned"
	AssignmentStatusTypeUnassigned AssignmentStatusType = "Unassigned"
	AssignmentStatusTypeAny        AssignmentStatusType = "Any"
)

Enum values for AssignmentStatusType

func (AssignmentStatusType) MarshalValue added in v0.3.0

func (enum AssignmentStatusType) MarshalValue() (string, error)

func (AssignmentStatusType) MarshalValueBuf added in v0.3.0

func (enum AssignmentStatusType) MarshalValueBuf(b []byte) ([]byte, error)

type AttachGroupPolicyInput

type AttachGroupPolicyInput struct {

	// The name (friendly name, not ARN) of the group to attach the policy to.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AttachGroupPolicyInput) String

func (s AttachGroupPolicyInput) String() string

String returns the string representation

func (*AttachGroupPolicyInput) Validate

func (s *AttachGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AttachGroupPolicyOutput

type AttachGroupPolicyOutput struct {
	// contains filtered or unexported fields
}

func (AttachGroupPolicyOutput) String

func (s AttachGroupPolicyOutput) String() string

String returns the string representation

type AttachGroupPolicyRequest

type AttachGroupPolicyRequest struct {
	*aws.Request
	Input *AttachGroupPolicyInput
	Copy  func(*AttachGroupPolicyInput) AttachGroupPolicyRequest
}

AttachGroupPolicyRequest is the request type for the AttachGroupPolicy API operation.

func (AttachGroupPolicyRequest) Send

Send marshals and sends the AttachGroupPolicy API request.

type AttachGroupPolicyResponse added in v0.9.0

type AttachGroupPolicyResponse struct {
	*AttachGroupPolicyOutput
	// contains filtered or unexported fields
}

AttachGroupPolicyResponse is the response type for the AttachGroupPolicy API operation.

func (*AttachGroupPolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *AttachGroupPolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the AttachGroupPolicy request.

type AttachRolePolicyInput

type AttachRolePolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the role to attach the policy to.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AttachRolePolicyInput) String

func (s AttachRolePolicyInput) String() string

String returns the string representation

func (*AttachRolePolicyInput) Validate

func (s *AttachRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AttachRolePolicyOutput

type AttachRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (AttachRolePolicyOutput) String

func (s AttachRolePolicyOutput) String() string

String returns the string representation

type AttachRolePolicyRequest

type AttachRolePolicyRequest struct {
	*aws.Request
	Input *AttachRolePolicyInput
	Copy  func(*AttachRolePolicyInput) AttachRolePolicyRequest
}

AttachRolePolicyRequest is the request type for the AttachRolePolicy API operation.

func (AttachRolePolicyRequest) Send

Send marshals and sends the AttachRolePolicy API request.

type AttachRolePolicyResponse added in v0.9.0

type AttachRolePolicyResponse struct {
	*AttachRolePolicyOutput
	// contains filtered or unexported fields
}

AttachRolePolicyResponse is the response type for the AttachRolePolicy API operation.

func (*AttachRolePolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *AttachRolePolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the AttachRolePolicy request.

type AttachUserPolicyInput

type AttachUserPolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the IAM user to attach the policy to.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AttachUserPolicyInput) String

func (s AttachUserPolicyInput) String() string

String returns the string representation

func (*AttachUserPolicyInput) Validate

func (s *AttachUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AttachUserPolicyOutput

type AttachUserPolicyOutput struct {
	// contains filtered or unexported fields
}

func (AttachUserPolicyOutput) String

func (s AttachUserPolicyOutput) String() string

String returns the string representation

type AttachUserPolicyRequest

type AttachUserPolicyRequest struct {
	*aws.Request
	Input *AttachUserPolicyInput
	Copy  func(*AttachUserPolicyInput) AttachUserPolicyRequest
}

AttachUserPolicyRequest is the request type for the AttachUserPolicy API operation.

func (AttachUserPolicyRequest) Send

Send marshals and sends the AttachUserPolicy API request.

type AttachUserPolicyResponse added in v0.9.0

type AttachUserPolicyResponse struct {
	*AttachUserPolicyOutput
	// contains filtered or unexported fields
}

AttachUserPolicyResponse is the response type for the AttachUserPolicy API operation.

func (*AttachUserPolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *AttachUserPolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the AttachUserPolicy request.

type AttachedPermissionsBoundary added in v0.5.0

type AttachedPermissionsBoundary struct {

	// The ARN of the policy used to set the permissions boundary for the user or
	// role.
	PermissionsBoundaryArn *string `min:"20" type:"string"`

	// The permissions boundary usage type that indicates what type of IAM resource
	// is used as the permissions boundary for an entity. This data type can only
	// have a value of Policy.
	PermissionsBoundaryType PermissionsBoundaryAttachmentType `type:"string" enum:"true"`
	// contains filtered or unexported fields
}

Contains information about an attached permissions boundary.

An attached permissions boundary is a managed policy that has been attached to a user or role to set the permissions boundary.

For more information about permissions boundaries, see Permissions Boundaries for IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the IAM User Guide.

func (AttachedPermissionsBoundary) String added in v0.5.0

String returns the string representation

type AttachedPolicy

type AttachedPolicy struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	PolicyArn *string `min:"20" type:"string"`

	// The friendly name of the attached policy.
	PolicyName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about an attached policy.

An attached policy is a managed policy that has been attached to a user, group, or role. This data type is used as a response element in the ListAttachedGroupPolicies, ListAttachedRolePolicies, ListAttachedUserPolicies, and GetAccountAuthorizationDetails operations.

For more information about managed policies, refer to Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (AttachedPolicy) String

func (s AttachedPolicy) String() string

String returns the string representation

type ChangePasswordInput

type ChangePasswordInput struct {

	// The new password. The new password must conform to the AWS account's password
	// policy, if one exists.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
	// this parameter is a string of characters. That string can include almost
	// any printable ASCII character from the space (\u0020) through the end of
	// the ASCII character range (\u00FF). You can also include the tab (\u0009),
	// line feed (\u000A), and carriage return (\u000D) characters. Any of these
	// characters are valid in a password. However, many tools, such as the AWS
	// Management Console, might restrict the ability to type certain characters
	// because they have special meaning within that tool.
	//
	// NewPassword is a required field
	NewPassword *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// The IAM user's current password.
	//
	// OldPassword is a required field
	OldPassword *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (ChangePasswordInput) String

func (s ChangePasswordInput) String() string

String returns the string representation

func (*ChangePasswordInput) Validate

func (s *ChangePasswordInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ChangePasswordOutput

type ChangePasswordOutput struct {
	// contains filtered or unexported fields
}

func (ChangePasswordOutput) String

func (s ChangePasswordOutput) String() string

String returns the string representation

type ChangePasswordRequest

type ChangePasswordRequest struct {
	*aws.Request
	Input *ChangePasswordInput
	Copy  func(*ChangePasswordInput) ChangePasswordRequest
}

ChangePasswordRequest is the request type for the ChangePassword API operation.

func (ChangePasswordRequest) Send

Send marshals and sends the ChangePassword API request.

type ChangePasswordResponse added in v0.9.0

type ChangePasswordResponse struct {
	*ChangePasswordOutput
	// contains filtered or unexported fields
}

ChangePasswordResponse is the response type for the ChangePassword API operation.

func (*ChangePasswordResponse) SDKResponseMetdata added in v0.9.0

func (r *ChangePasswordResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ChangePassword request.

type Client added in v0.9.0

type Client struct {
	*aws.Client
}

Client provides the API operation methods for making requests to IAM. See this package's package overview docs for details on the service.

The client's methods are safe to use concurrently. It is not safe to modify mutate any of the struct's properties though.

func New

func New(config aws.Config) *Client

New creates a new instance of the client from the provided Config.

Example:

// Create a client from just a config.
svc := iam.New(myConfig)

func (*Client) AddClientIDToOpenIDConnectProviderRequest added in v0.9.0

func (c *Client) AddClientIDToOpenIDConnectProviderRequest(input *AddClientIDToOpenIDConnectProviderInput) AddClientIDToOpenIDConnectProviderRequest

AddClientIDToOpenIDConnectProviderRequest returns a request value for making API operation for AWS Identity and Access Management.

Adds a new client ID (also known as audience) to the list of client IDs already registered for the specified IAM OpenID Connect (OIDC) provider resource.

This operation is idempotent; it does not fail or return an error if you add an existing client ID to the provider.

// Example sending a request using AddClientIDToOpenIDConnectProviderRequest.
req := client.AddClientIDToOpenIDConnectProviderRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddClientIDToOpenIDConnectProvider

Example (Shared00)

To add a client ID (audience) to an Open-ID Connect (OIDC) provider

The following add-client-id-to-open-id-connect-provider command adds the client ID my-application-ID to the OIDC provider named server.example.com:

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.AddClientIDToOpenIDConnectProviderInput{
		ClientID:                 aws.String("my-application-ID"),
		OpenIDConnectProviderArn: aws.String("arn:aws:iam::123456789012:oidc-provider/server.example.com"),
	}

	req := svc.AddClientIDToOpenIDConnectProviderRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) AddRoleToInstanceProfileRequest added in v0.9.0

func (c *Client) AddRoleToInstanceProfileRequest(input *AddRoleToInstanceProfileInput) AddRoleToInstanceProfileRequest

AddRoleToInstanceProfileRequest returns a request value for making API operation for AWS Identity and Access Management.

Adds the specified IAM role to the specified instance profile. An instance profile can contain only one role, and this limit cannot be increased. You can remove the existing role and then add a different role to an instance profile. You must then wait for the change to appear across all of AWS because of eventual consistency (https://en.wikipedia.org/wiki/Eventual_consistency). To force the change, you must disassociate the instance profile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateIamInstanceProfile.html) and then associate the instance profile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateIamInstanceProfile.html), or you can stop your instance and then restart it.

The caller of this API must be granted the PassRole permission on the IAM role by a permissions policy.

For more information about roles, go to Working with Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). For more information about instance profiles, go to About Instance Profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).

// Example sending a request using AddRoleToInstanceProfileRequest.
req := client.AddRoleToInstanceProfileRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddRoleToInstanceProfile

Example (Shared00)

To add a role to an instance profile

The following command adds the role named S3Access to the instance profile named Webserver:

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.AddRoleToInstanceProfileInput{
		InstanceProfileName: aws.String("Webserver"),
		RoleName:            aws.String("S3Access"),
	}

	req := svc.AddRoleToInstanceProfileRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) AddUserToGroupRequest added in v0.9.0

func (c *Client) AddUserToGroupRequest(input *AddUserToGroupInput) AddUserToGroupRequest

AddUserToGroupRequest returns a request value for making API operation for AWS Identity and Access Management.

Adds the specified user to the specified group.

// Example sending a request using AddUserToGroupRequest.
req := client.AddUserToGroupRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddUserToGroup

Example (Shared00)

To add a user to an IAM group

The following command adds an IAM user named Bob to the IAM group named Admins:

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.AddUserToGroupInput{
		GroupName: aws.String("Admins"),
		UserName:  aws.String("Bob"),
	}

	req := svc.AddUserToGroupRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) AttachGroupPolicyRequest added in v0.9.0

func (c *Client) AttachGroupPolicyRequest(input *AttachGroupPolicyInput) AttachGroupPolicyRequest

AttachGroupPolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Attaches the specified managed policy to the specified IAM group.

You use this API to attach a managed policy to a group. To embed an inline policy in a group, use PutGroupPolicy.

For more information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

// Example sending a request using AttachGroupPolicyRequest.
req := client.AttachGroupPolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachGroupPolicy

Example (Shared00)

To attach a managed policy to an IAM group

The following command attaches the AWS managed policy named ReadOnlyAccess to the IAM group named Finance.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.AttachGroupPolicyInput{
		GroupName: aws.String("Finance"),
		PolicyArn: aws.String("arn:aws:iam::aws:policy/ReadOnlyAccess"),
	}

	req := svc.AttachGroupPolicyRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodePolicyNotAttachableException:
				fmt.Println(iam.ErrCodePolicyNotAttachableException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) AttachRolePolicyRequest added in v0.9.0

func (c *Client) AttachRolePolicyRequest(input *AttachRolePolicyInput) AttachRolePolicyRequest

AttachRolePolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Attaches the specified managed policy to the specified IAM role. When you attach a managed policy to a role, the managed policy becomes part of the role's permission (access) policy.

You cannot use a managed policy as the role's trust policy. The role's trust policy is created at the same time as the role, using CreateRole. You can update a role's trust policy using UpdateAssumeRolePolicy.

Use this API to attach a managed policy to a role. To embed an inline policy in a role, use PutRolePolicy. For more information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

// Example sending a request using AttachRolePolicyRequest.
req := client.AttachRolePolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachRolePolicy

Example (Shared00)

To attach a managed policy to an IAM role

The following command attaches the AWS managed policy named ReadOnlyAccess to the IAM role named ReadOnlyRole.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.AttachRolePolicyInput{
		PolicyArn: aws.String("arn:aws:iam::aws:policy/ReadOnlyAccess"),
		RoleName:  aws.String("ReadOnlyRole"),
	}

	req := svc.AttachRolePolicyRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodePolicyNotAttachableException:
				fmt.Println(iam.ErrCodePolicyNotAttachableException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) AttachUserPolicyRequest added in v0.9.0

func (c *Client) AttachUserPolicyRequest(input *AttachUserPolicyInput) AttachUserPolicyRequest

AttachUserPolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Attaches the specified managed policy to the specified user.

You use this API to attach a managed policy to a user. To embed an inline policy in a user, use PutUserPolicy.

For more information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

// Example sending a request using AttachUserPolicyRequest.
req := client.AttachUserPolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachUserPolicy

Example (Shared00)

To attach a managed policy to an IAM user

The following command attaches the AWS managed policy named AdministratorAccess to the IAM user named Alice.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.AttachUserPolicyInput{
		PolicyArn: aws.String("arn:aws:iam::aws:policy/AdministratorAccess"),
		UserName:  aws.String("Alice"),
	}

	req := svc.AttachUserPolicyRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodePolicyNotAttachableException:
				fmt.Println(iam.ErrCodePolicyNotAttachableException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) ChangePasswordRequest added in v0.9.0

func (c *Client) ChangePasswordRequest(input *ChangePasswordInput) ChangePasswordRequest

ChangePasswordRequest returns a request value for making API operation for AWS Identity and Access Management.

Changes the password of the IAM user who is calling this operation. The AWS account root user password is not affected by this operation.

To change the password for a different user, see UpdateLoginProfile. For more information about modifying passwords, see Managing Passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the IAM User Guide.

// Example sending a request using ChangePasswordRequest.
req := client.ChangePasswordRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ChangePassword

Example (Shared00)

To change the password for your IAM user

The following command changes the password for the current IAM user.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.ChangePasswordInput{
		NewPassword: aws.String("]35d/{pB9Fo9wJ"),
		OldPassword: aws.String("3s0K_;xh4~8XXI"),
	}

	req := svc.ChangePasswordRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeInvalidUserTypeException:
				fmt.Println(iam.ErrCodeInvalidUserTypeException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityTemporarilyUnmodifiableException:
				fmt.Println(iam.ErrCodeEntityTemporarilyUnmodifiableException, aerr.Error())
			case iam.ErrCodePasswordPolicyViolationException:
				fmt.Println(iam.ErrCodePasswordPolicyViolationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) CreateAccessKeyRequest added in v0.9.0

func (c *Client) CreateAccessKeyRequest(input *CreateAccessKeyInput) CreateAccessKeyRequest

CreateAccessKeyRequest returns a request value for making API operation for AWS Identity and Access Management.

Creates a new AWS secret access key and corresponding AWS access key ID for the specified user. The default status for new keys is Active.

If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing the request. This operation works for access keys under the AWS account. Consequently, you can use this operation to manage AWS account root user credentials. This is true even if the AWS account has no associated users.

For information about limits on the number of keys you can create, see Limitations on IAM Entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

To ensure the security of your AWS account, the secret access key is accessible only during key and user creation. You must save the key (for example, in a text file) if you want to be able to access it again. If a secret key is lost, you can delete the access keys for the associated user and then create new keys.

// Example sending a request using CreateAccessKeyRequest.
req := client.CreateAccessKeyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccessKey

Example (Shared00)

To create an access key for an IAM user

The following command creates an access key (access key ID and secret access key) for the IAM user named Bob.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.CreateAccessKeyInput{
		UserName: aws.String("Bob"),
	}

	req := svc.CreateAccessKeyRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) CreateAccountAliasRequest added in v0.9.0

func (c *Client) CreateAccountAliasRequest(input *CreateAccountAliasInput) CreateAccountAliasRequest

CreateAccountAliasRequest returns a request value for making API operation for AWS Identity and Access Management.

Creates an alias for your AWS account. For information about using an AWS account alias, see Using an Alias for Your AWS Account ID (https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) in the IAM User Guide.

// Example sending a request using CreateAccountAliasRequest.
req := client.CreateAccountAliasRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccountAlias

Example (Shared00)

To create an account alias

The following command associates the alias examplecorp to your AWS account.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.CreateAccountAliasInput{
		AccountAlias: aws.String("examplecorp"),
	}

	req := svc.CreateAccountAliasRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) CreateGroupRequest added in v0.9.0

func (c *Client) CreateGroupRequest(input *CreateGroupInput) CreateGroupRequest

CreateGroupRequest returns a request value for making API operation for AWS Identity and Access Management.

Creates a new group.

For information about the number of groups you can create, see Limitations on IAM Entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

// Example sending a request using CreateGroupRequest.
req := client.CreateGroupRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateGroup

Example (Shared00)

To create an IAM group

The following command creates an IAM group named Admins.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.CreateGroupInput{
		GroupName: aws.String("Admins"),
	}

	req := svc.CreateGroupRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) CreateInstanceProfileRequest added in v0.9.0

func (c *Client) CreateInstanceProfileRequest(input *CreateInstanceProfileInput) CreateInstanceProfileRequest

CreateInstanceProfileRequest returns a request value for making API operation for AWS Identity and Access Management.

Creates a new instance profile. For information about instance profiles, go to About Instance Profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).

For information about the number of instance profiles you can create, see Limitations on IAM Entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

// Example sending a request using CreateInstanceProfileRequest.
req := client.CreateInstanceProfileRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateInstanceProfile

Example (Shared00)

To create an instance profile

The following command creates an instance profile named Webserver that is ready to have a role attached and then be associated with an EC2 instance.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.CreateInstanceProfileInput{
		InstanceProfileName: aws.String("Webserver"),
	}

	req := svc.CreateInstanceProfileRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) CreateLoginProfileRequest added in v0.9.0

func (c *Client) CreateLoginProfileRequest(input *CreateLoginProfileInput) CreateLoginProfileRequest

CreateLoginProfileRequest returns a request value for making API operation for AWS Identity and Access Management.

Creates a password for the specified user, giving the user the ability to access AWS services through the AWS Management Console. For more information about managing passwords, see Managing Passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the IAM User Guide.

// Example sending a request using CreateLoginProfileRequest.
req := client.CreateLoginProfileRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateLoginProfile

Example (Shared00)

To create an instance profile

The following command changes IAM user Bob's password and sets the flag that required Bob to change the password the next time he signs in.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.CreateLoginProfileInput{
		Password:              aws.String("h]6EszR}vJ*m"),
		PasswordResetRequired: aws.Bool(true),
		UserName:              aws.String("Bob"),
	}

	req := svc.CreateLoginProfileRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodePasswordPolicyViolationException:
				fmt.Println(iam.ErrCodePasswordPolicyViolationException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) CreateOpenIDConnectProviderRequest added in v0.9.0

func (c *Client) CreateOpenIDConnectProviderRequest(input *CreateOpenIDConnectProviderInput) CreateOpenIDConnectProviderRequest

CreateOpenIDConnectProviderRequest returns a request value for making API operation for AWS Identity and Access Management.

Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC) (http://openid.net/connect/).

The OIDC provider that you create with this operation can be used as a principal in a role's trust policy. Such a policy establishes a trust relationship between AWS and the OIDC provider.

When you create the IAM OIDC provider, you specify the following:

  • The URL of the OIDC identity provider (IdP) to trust

  • A list of client IDs (also known as audiences) that identify the application or applications that are allowed to authenticate using the OIDC provider

  • A list of thumbprints of the server certificate(s) that the IdP uses

You get all of this information from the OIDC IdP that you want to use to access AWS.

The trust for the OIDC provider is derived from the IAM provider that this operation creates. Therefore, it is best to limit access to the CreateOpenIDConnectProvider operation to highly privileged users.

// Example sending a request using CreateOpenIDConnectProviderRequest.
req := client.CreateOpenIDConnectProviderRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateOpenIDConnectProvider

Example (Shared00)

To create an instance profile

The following example defines a new OIDC provider in IAM with a client ID of my-application-id and pointing at the server with a URL of https://server.example.com.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.CreateOpenIDConnectProviderInput{
		ClientIDList: []string{
			"my-application-id",
		},
		ThumbprintList: []string{
			"3768084dfb3d2b68b7897bf5f565da8efEXAMPLE",
		},
		Url: aws.String("https://server.example.com"),
	}

	req := svc.CreateOpenIDConnectProviderRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) CreatePolicyRequest added in v0.9.0

func (c *Client) CreatePolicyRequest(input *CreatePolicyInput) CreatePolicyRequest

CreatePolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Creates a new managed policy for your AWS account.

This operation creates a policy version with a version identifier of v1 and sets v1 as the policy's default version. For more information about policy versions, see Versioning for Managed Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) in the IAM User Guide.

For more information about managed policies in general, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

// Example sending a request using CreatePolicyRequest.
req := client.CreatePolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicy

func (*Client) CreatePolicyVersionRequest added in v0.9.0

func (c *Client) CreatePolicyVersionRequest(input *CreatePolicyVersionInput) CreatePolicyVersionRequest

CreatePolicyVersionRequest returns a request value for making API operation for AWS Identity and Access Management.

Creates a new version of the specified managed policy. To update a managed policy, you create a new policy version. A managed policy can have up to five versions. If the policy has five versions, you must delete an existing version using DeletePolicyVersion before you create a new version.

Optionally, you can set the new version as the policy's default version. The default version is the version that is in effect for the IAM users, groups, and roles to which the policy is attached.

For more information about managed policy versions, see Versioning for Managed Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) in the IAM User Guide.

// Example sending a request using CreatePolicyVersionRequest.
req := client.CreatePolicyVersionRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicyVersion

func (*Client) CreateRoleRequest added in v0.9.0

func (c *Client) CreateRoleRequest(input *CreateRoleInput) CreateRoleRequest

CreateRoleRequest returns a request value for making API operation for AWS Identity and Access Management.

Creates a new role for your AWS account. For more information about roles, go to IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). For information about limitations on role names and the number of roles you can create, go to Limitations on IAM Entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

// Example sending a request using CreateRoleRequest.
req := client.CreateRoleRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateRole

Example (Shared00)

To create an IAM role

The following command creates a role named Test-Role and attaches a trust policy that you must convert from JSON to a string. Upon success, the response includes the same policy as a URL-encoded JSON string.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.CreateRoleInput{
		AssumeRolePolicyDocument: aws.String("<Stringified-JSON>"),
		Path:                     aws.String("/"),
		RoleName:                 aws.String("Test-Role"),
	}

	req := svc.CreateRoleRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) CreateSAMLProviderRequest added in v0.9.0

func (c *Client) CreateSAMLProviderRequest(input *CreateSAMLProviderInput) CreateSAMLProviderRequest

CreateSAMLProviderRequest returns a request value for making API operation for AWS Identity and Access Management.

Creates an IAM resource that describes an identity provider (IdP) that supports SAML 2.0.

The SAML provider resource that you create with this operation can be used as a principal in an IAM role's trust policy. Such a policy can enable federated users who sign in using the SAML IdP to assume the role. You can create an IAM role that supports Web-based single sign-on (SSO) to the AWS Management Console or one that supports API access to AWS.

When you create the SAML provider resource, you upload a SAML metadata document that you get from your IdP. That document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that the IdP sends. You must generate the metadata document using the identity management software that is used as your organization's IdP.

This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

For more information, see Enabling SAML 2.0 Federated Users to Access the AWS Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html) and About SAML 2.0-based Federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) in the IAM User Guide.

// Example sending a request using CreateSAMLProviderRequest.
req := client.CreateSAMLProviderRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateSAMLProvider

func (*Client) CreateServiceLinkedRoleRequest added in v0.9.0

func (c *Client) CreateServiceLinkedRoleRequest(input *CreateServiceLinkedRoleInput) CreateServiceLinkedRoleRequest

CreateServiceLinkedRoleRequest returns a request value for making API operation for AWS Identity and Access Management.

Creates an IAM role that is linked to a specific AWS service. The service controls the attached policies and when the role can be deleted. This helps ensure that the service is not broken by an unexpectedly changed or deleted role, which could put your AWS resources into an unknown state. Allowing the service to control the role helps improve service stability and proper cleanup when a service and its role are no longer needed. For more information, see Using Service-Linked Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html) in the IAM User Guide.

To attach a policy to this service-linked role, you must make the request using the AWS service that depends on this role.

// Example sending a request using CreateServiceLinkedRoleRequest.
req := client.CreateServiceLinkedRoleRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceLinkedRole

func (*Client) CreateServiceSpecificCredentialRequest added in v0.9.0

func (c *Client) CreateServiceSpecificCredentialRequest(input *CreateServiceSpecificCredentialInput) CreateServiceSpecificCredentialRequest

CreateServiceSpecificCredentialRequest returns a request value for making API operation for AWS Identity and Access Management.

Generates a set of credentials consisting of a user name and password that can be used to access the service specified in the request. These credentials are generated by IAM, and can be used only for the specified service.

You can have a maximum of two sets of service-specific credentials for each supported service per user.

The only supported service at this time is AWS CodeCommit.

You can reset the password to a new service-generated value by calling ResetServiceSpecificCredential.

For more information about service-specific credentials, see Using IAM with AWS CodeCommit: Git Credentials, SSH Keys, and AWS Access Keys (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_ssh-keys.html) in the IAM User Guide.

// Example sending a request using CreateServiceSpecificCredentialRequest.
req := client.CreateServiceSpecificCredentialRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceSpecificCredential

func (*Client) CreateUserRequest added in v0.9.0

func (c *Client) CreateUserRequest(input *CreateUserInput) CreateUserRequest

CreateUserRequest returns a request value for making API operation for AWS Identity and Access Management.

Creates a new IAM user for your AWS account.

For information about limitations on the number of IAM users you can create, see Limitations on IAM Entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

// Example sending a request using CreateUserRequest.
req := client.CreateUserRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateUser

Example (Shared00)

To create an IAM user

The following create-user command creates an IAM user named Bob in the current account.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.CreateUserInput{
		UserName: aws.String("Bob"),
	}

	req := svc.CreateUserRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) CreateVirtualMFADeviceRequest added in v0.9.0

func (c *Client) CreateVirtualMFADeviceRequest(input *CreateVirtualMFADeviceInput) CreateVirtualMFADeviceRequest

CreateVirtualMFADeviceRequest returns a request value for making API operation for AWS Identity and Access Management.

Creates a new virtual MFA device for the AWS account. After creating the virtual MFA, use EnableMFADevice to attach the MFA device to an IAM user. For more information about creating and working with virtual MFA devices, go to Using a Virtual MFA Device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) in the IAM User Guide.

For information about limits on the number of MFA devices you can create, see Limitations on Entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

The seed information contained in the QR code and the Base32 string should be treated like any other secret access information. In other words, protect the seed information as you would your AWS access keys or your passwords. After you provision your virtual device, you should ensure that the information is destroyed following secure procedures.

// Example sending a request using CreateVirtualMFADeviceRequest.
req := client.CreateVirtualMFADeviceRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateVirtualMFADevice

func (*Client) DeactivateMFADeviceRequest added in v0.9.0

func (c *Client) DeactivateMFADeviceRequest(input *DeactivateMFADeviceInput) DeactivateMFADeviceRequest

DeactivateMFADeviceRequest returns a request value for making API operation for AWS Identity and Access Management.

Deactivates the specified MFA device and removes it from association with the user name for which it was originally enabled.

For more information about creating and working with virtual MFA devices, go to Enabling a Virtual Multi-factor Authentication (MFA) Device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) in the IAM User Guide.

// Example sending a request using DeactivateMFADeviceRequest.
req := client.DeactivateMFADeviceRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeactivateMFADevice

func (*Client) DeleteAccessKeyRequest added in v0.9.0

func (c *Client) DeleteAccessKeyRequest(input *DeleteAccessKeyInput) DeleteAccessKeyRequest

DeleteAccessKeyRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes the access key pair associated with the specified IAM user.

If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing the request. This operation works for access keys under the AWS account. Consequently, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated users.

// Example sending a request using DeleteAccessKeyRequest.
req := client.DeleteAccessKeyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccessKey

Example (Shared00)

To delete an access key for an IAM user

The following command deletes one access key (access key ID and secret access key) assigned to the IAM user named Bob.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.DeleteAccessKeyInput{
		AccessKeyId: aws.String("AKIDPMS9RO4H3FEXAMPLE"),
		UserName:    aws.String("Bob"),
	}

	req := svc.DeleteAccessKeyRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) DeleteAccountAliasRequest added in v0.9.0

func (c *Client) DeleteAccountAliasRequest(input *DeleteAccountAliasInput) DeleteAccountAliasRequest

DeleteAccountAliasRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes the specified AWS account alias. For information about using an AWS account alias, see Using an Alias for Your AWS Account ID (https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) in the IAM User Guide.

// Example sending a request using DeleteAccountAliasRequest.
req := client.DeleteAccountAliasRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountAlias

Example (Shared00)

To delete an account alias

The following command removes the alias mycompany from the current AWS account:

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.DeleteAccountAliasInput{
		AccountAlias: aws.String("mycompany"),
	}

	req := svc.DeleteAccountAliasRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) DeleteAccountPasswordPolicyRequest added in v0.9.0

func (c *Client) DeleteAccountPasswordPolicyRequest(input *DeleteAccountPasswordPolicyInput) DeleteAccountPasswordPolicyRequest

DeleteAccountPasswordPolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes the password policy for the AWS account. There are no parameters.

// Example sending a request using DeleteAccountPasswordPolicyRequest.
req := client.DeleteAccountPasswordPolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountPasswordPolicy

Example (Shared00)

To delete the current account password policy

The following command removes the password policy from the current AWS account:

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.DeleteAccountPasswordPolicyInput{}

	req := svc.DeleteAccountPasswordPolicyRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) DeleteGroupPolicyRequest added in v0.9.0

func (c *Client) DeleteGroupPolicyRequest(input *DeleteGroupPolicyInput) DeleteGroupPolicyRequest

DeleteGroupPolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes the specified inline policy that is embedded in the specified IAM group.

A group can also have managed policies attached to it. To detach a managed policy from a group, use DetachGroupPolicy. For more information about policies, refer to Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

// Example sending a request using DeleteGroupPolicyRequest.
req := client.DeleteGroupPolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroupPolicy

Example (Shared00)

To delete a policy from an IAM group

The following command deletes the policy named ExamplePolicy from the group named Admins:

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.DeleteGroupPolicyInput{
		GroupName:  aws.String("Admins"),
		PolicyName: aws.String("ExamplePolicy"),
	}

	req := svc.DeleteGroupPolicyRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) DeleteGroupRequest added in v0.9.0

func (c *Client) DeleteGroupRequest(input *DeleteGroupInput) DeleteGroupRequest

DeleteGroupRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes the specified IAM group. The group must not contain any users or have any attached policies.

// Example sending a request using DeleteGroupRequest.
req := client.DeleteGroupRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroup

func (*Client) DeleteInstanceProfileRequest added in v0.9.0

func (c *Client) DeleteInstanceProfileRequest(input *DeleteInstanceProfileInput) DeleteInstanceProfileRequest

DeleteInstanceProfileRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes the specified instance profile. The instance profile must not have an associated role.

Make sure that you do not have any Amazon EC2 instances running with the instance profile you are about to delete. Deleting a role or instance profile that is associated with a running instance will break any applications running on the instance.

For more information about instance profiles, go to About Instance Profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).

// Example sending a request using DeleteInstanceProfileRequest.
req := client.DeleteInstanceProfileRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteInstanceProfile

Example (Shared00)

To delete an instance profile

The following command deletes the instance profile named ExampleInstanceProfile

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.DeleteInstanceProfileInput{
		InstanceProfileName: aws.String("ExampleInstanceProfile"),
	}

	req := svc.DeleteInstanceProfileRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeDeleteConflictException:
				fmt.Println(iam.ErrCodeDeleteConflictException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) DeleteLoginProfileRequest added in v0.9.0

func (c *Client) DeleteLoginProfileRequest(input *DeleteLoginProfileInput) DeleteLoginProfileRequest

DeleteLoginProfileRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes the password for the specified IAM user, which terminates the user's ability to access AWS services through the AWS Management Console.

Deleting a user's password does not prevent a user from accessing AWS through the command line interface or the API. To prevent all user access, you must also either make any access keys inactive or delete them. For more information about making keys inactive or deleting them, see UpdateAccessKey and DeleteAccessKey.

// Example sending a request using DeleteLoginProfileRequest.
req := client.DeleteLoginProfileRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteLoginProfile

Example (Shared00)

To delete a password for an IAM user

The following command deletes the password for the IAM user named Bob.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.DeleteLoginProfileInput{
		UserName: aws.String("Bob"),
	}

	req := svc.DeleteLoginProfileRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeEntityTemporarilyUnmodifiableException:
				fmt.Println(iam.ErrCodeEntityTemporarilyUnmodifiableException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) DeleteOpenIDConnectProviderRequest added in v0.9.0

func (c *Client) DeleteOpenIDConnectProviderRequest(input *DeleteOpenIDConnectProviderInput) DeleteOpenIDConnectProviderRequest

DeleteOpenIDConnectProviderRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes an OpenID Connect identity provider (IdP) resource object in IAM.

Deleting an IAM OIDC provider resource does not update any roles that reference the provider as a principal in their trust policies. Any attempt to assume a role that references a deleted provider fails.

This operation is idempotent; it does not fail or return an error if you call the operation for a provider that does not exist.

// Example sending a request using DeleteOpenIDConnectProviderRequest.
req := client.DeleteOpenIDConnectProviderRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteOpenIDConnectProvider

func (*Client) DeletePolicyRequest added in v0.9.0

func (c *Client) DeletePolicyRequest(input *DeletePolicyInput) DeletePolicyRequest

DeletePolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes the specified managed policy.

Before you can delete a managed policy, you must first detach the policy from all users, groups, and roles that it is attached to. In addition, you must delete all the policy's versions. The following steps describe the process for deleting a managed policy:

  • Detach the policy from all users, groups, and roles that the policy is attached to, using the DetachUserPolicy, DetachGroupPolicy, or DetachRolePolicy API operations. To list all the users, groups, and roles that a policy is attached to, use ListEntitiesForPolicy.

  • Delete all versions of the policy using DeletePolicyVersion. To list the policy's versions, use ListPolicyVersions. You cannot use DeletePolicyVersion to delete the version that is marked as the default version. You delete the policy's default version in the next step of the process.

  • Delete the policy (this automatically deletes the policy's default version) using this API.

For information about managed policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

// Example sending a request using DeletePolicyRequest.
req := client.DeletePolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicy

func (*Client) DeletePolicyVersionRequest added in v0.9.0

func (c *Client) DeletePolicyVersionRequest(input *DeletePolicyVersionInput) DeletePolicyVersionRequest

DeletePolicyVersionRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes the specified version from the specified managed policy.

You cannot delete the default version from a policy using this API. To delete the default version from a policy, use DeletePolicy. To find out which version of a policy is marked as the default version, use ListPolicyVersions.

For information about versions for managed policies, see Versioning for Managed Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) in the IAM User Guide.

// Example sending a request using DeletePolicyVersionRequest.
req := client.DeletePolicyVersionRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicyVersion

func (*Client) DeleteRolePermissionsBoundaryRequest added in v0.9.0

func (c *Client) DeleteRolePermissionsBoundaryRequest(input *DeleteRolePermissionsBoundaryInput) DeleteRolePermissionsBoundaryRequest

DeleteRolePermissionsBoundaryRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes the permissions boundary for the specified IAM role.

Deleting the permissions boundary for a role might increase its permissions. For example, it might allow anyone who assumes the role to perform all the actions granted in its permissions policies.

// Example sending a request using DeleteRolePermissionsBoundaryRequest.
req := client.DeleteRolePermissionsBoundaryRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePermissionsBoundary

func (*Client) DeleteRolePolicyRequest added in v0.9.0

func (c *Client) DeleteRolePolicyRequest(input *DeleteRolePolicyInput) DeleteRolePolicyRequest

DeleteRolePolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes the specified inline policy that is embedded in the specified IAM role.

A role can also have managed policies attached to it. To detach a managed policy from a role, use DetachRolePolicy. For more information about policies, refer to Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

// Example sending a request using DeleteRolePolicyRequest.
req := client.DeleteRolePolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePolicy

Example (Shared00)

To remove a policy from an IAM role

The following command removes the policy named ExamplePolicy from the role named Test-Role.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.DeleteRolePolicyInput{
		PolicyName: aws.String("ExamplePolicy"),
		RoleName:   aws.String("Test-Role"),
	}

	req := svc.DeleteRolePolicyRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) DeleteRoleRequest added in v0.9.0

func (c *Client) DeleteRoleRequest(input *DeleteRoleInput) DeleteRoleRequest

DeleteRoleRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes the specified role. The role must not have any policies attached. For more information about roles, go to Working with Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).

Make sure that you do not have any Amazon EC2 instances running with the role you are about to delete. Deleting a role or instance profile that is associated with a running instance will break any applications running on the instance.

// Example sending a request using DeleteRoleRequest.
req := client.DeleteRoleRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRole

Example (Shared00)

To delete an IAM role

The following command removes the role named Test-Role.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.DeleteRoleInput{
		RoleName: aws.String("Test-Role"),
	}

	req := svc.DeleteRoleRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeDeleteConflictException:
				fmt.Println(iam.ErrCodeDeleteConflictException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) DeleteSAMLProviderRequest added in v0.9.0

func (c *Client) DeleteSAMLProviderRequest(input *DeleteSAMLProviderInput) DeleteSAMLProviderRequest

DeleteSAMLProviderRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes a SAML provider resource in IAM.

Deleting the provider resource from IAM does not update any roles that reference the SAML provider resource's ARN as a principal in their trust policies. Any attempt to assume a role that references a non-existent provider resource ARN fails.

This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

// Example sending a request using DeleteSAMLProviderRequest.
req := client.DeleteSAMLProviderRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSAMLProvider

func (*Client) DeleteSSHPublicKeyRequest added in v0.9.0

func (c *Client) DeleteSSHPublicKeyRequest(input *DeleteSSHPublicKeyInput) DeleteSSHPublicKeyRequest

DeleteSSHPublicKeyRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes the specified SSH public key.

The SSH public key deleted by this operation is used only for authenticating the associated IAM user to an AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS CodeCommit for SSH Connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the AWS CodeCommit User Guide.

// Example sending a request using DeleteSSHPublicKeyRequest.
req := client.DeleteSSHPublicKeyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSSHPublicKey

func (*Client) DeleteServerCertificateRequest added in v0.9.0

func (c *Client) DeleteServerCertificateRequest(input *DeleteServerCertificateInput) DeleteServerCertificateRequest

DeleteServerCertificateRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes the specified server certificate.

For more information about working with server certificates, see Working with Server Certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic also includes a list of AWS services that can use the server certificates that you manage with IAM.

If you are using a server certificate with Elastic Load Balancing, deleting the certificate could have implications for your application. If Elastic Load Balancing doesn't detect the deletion of bound certificates, it may continue to use the certificates. This could cause Elastic Load Balancing to stop accepting traffic. We recommend that you remove the reference to the certificate from Elastic Load Balancing before using this command to delete the certificate. For more information, go to DeleteLoadBalancerListeners (https://docs.aws.amazon.com/ElasticLoadBalancing/latest/APIReference/API_DeleteLoadBalancerListeners.html) in the Elastic Load Balancing API Reference.

// Example sending a request using DeleteServerCertificateRequest.
req := client.DeleteServerCertificateRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServerCertificate

func (*Client) DeleteServiceLinkedRoleRequest added in v0.9.0

func (c *Client) DeleteServiceLinkedRoleRequest(input *DeleteServiceLinkedRoleInput) DeleteServiceLinkedRoleRequest

DeleteServiceLinkedRoleRequest returns a request value for making API operation for AWS Identity and Access Management.

Submits a service-linked role deletion request and returns a DeletionTaskId, which you can use to check the status of the deletion. Before you call this operation, confirm that the role has no active sessions and that any resources used by the role in the linked service are deleted. If you call this operation more than once for the same service-linked role and an earlier deletion task is not complete, then the DeletionTaskId of the earlier request is returned.

If you submit a deletion request for a service-linked role whose linked service is still accessing a resource, then the deletion task fails. If it fails, the GetServiceLinkedRoleDeletionStatus API operation returns the reason for the failure, usually including the resources that must be deleted. To delete the service-linked role, you must first remove those resources from the linked service and then submit the deletion request again. Resources are specific to the service that is linked to the role. For more information about removing resources from a service, see the AWS documentation (http://docs.aws.amazon.com/) for your service.

For more information about service-linked roles, see Roles Terms and Concepts: AWS Service-Linked Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#iam-term-service-linked-role) in the IAM User Guide.

// Example sending a request using DeleteServiceLinkedRoleRequest.
req := client.DeleteServiceLinkedRoleRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceLinkedRole

func (*Client) DeleteServiceSpecificCredentialRequest added in v0.9.0

func (c *Client) DeleteServiceSpecificCredentialRequest(input *DeleteServiceSpecificCredentialInput) DeleteServiceSpecificCredentialRequest

DeleteServiceSpecificCredentialRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes the specified service-specific credential.

// Example sending a request using DeleteServiceSpecificCredentialRequest.
req := client.DeleteServiceSpecificCredentialRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceSpecificCredential

func (*Client) DeleteSigningCertificateRequest added in v0.9.0

func (c *Client) DeleteSigningCertificateRequest(input *DeleteSigningCertificateInput) DeleteSigningCertificateRequest

DeleteSigningCertificateRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes a signing certificate associated with the specified IAM user.

If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing the request. This operation works for access keys under the AWS account. Consequently, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated IAM users.

// Example sending a request using DeleteSigningCertificateRequest.
req := client.DeleteSigningCertificateRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSigningCertificate

Example (Shared00)

To delete a signing certificate for an IAM user

The following command deletes the specified signing certificate for the IAM user named Anika.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.DeleteSigningCertificateInput{
		CertificateId: aws.String("TA7SMP42TDN5Z26OBPJE7EXAMPLE"),
		UserName:      aws.String("Anika"),
	}

	req := svc.DeleteSigningCertificateRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) DeleteUserPermissionsBoundaryRequest added in v0.9.0

func (c *Client) DeleteUserPermissionsBoundaryRequest(input *DeleteUserPermissionsBoundaryInput) DeleteUserPermissionsBoundaryRequest

DeleteUserPermissionsBoundaryRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes the permissions boundary for the specified IAM user.

Deleting the permissions boundary for a user might increase its permissions by allowing the user to perform all the actions granted in its permissions policies.

// Example sending a request using DeleteUserPermissionsBoundaryRequest.
req := client.DeleteUserPermissionsBoundaryRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPermissionsBoundary

func (*Client) DeleteUserPolicyRequest added in v0.9.0

func (c *Client) DeleteUserPolicyRequest(input *DeleteUserPolicyInput) DeleteUserPolicyRequest

DeleteUserPolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes the specified inline policy that is embedded in the specified IAM user.

A user can also have managed policies attached to it. To detach a managed policy from a user, use DetachUserPolicy. For more information about policies, refer to Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

// Example sending a request using DeleteUserPolicyRequest.
req := client.DeleteUserPolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPolicy

Example (Shared00)

To remove a policy from an IAM user

The following delete-user-policy command removes the specified policy from the IAM user named Juan:

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.DeleteUserPolicyInput{
		PolicyName: aws.String("ExamplePolicy"),
		UserName:   aws.String("Juan"),
	}

	req := svc.DeleteUserPolicyRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) DeleteUserRequest added in v0.9.0

func (c *Client) DeleteUserRequest(input *DeleteUserInput) DeleteUserRequest

DeleteUserRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes the specified IAM user. Unlike the AWS Management Console, when you delete a user programmatically, you must delete the items attached to the user manually, or the deletion fails. For more information, see Deleting an IAM User (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_manage.html#id_users_deleting_cli). Before attempting to delete a user, remove the following items:

  • Password (DeleteLoginProfile)

  • Access keys (DeleteAccessKey)

  • Signing certificate (DeleteSigningCertificate)

  • SSH public key (DeleteSSHPublicKey)

  • Git credentials (DeleteServiceSpecificCredential)

  • Multi-factor authentication (MFA) device (DeactivateMFADevice, DeleteVirtualMFADevice)

  • Inline policies (DeleteUserPolicy)

  • Attached managed policies (DetachUserPolicy)

  • Group memberships (RemoveUserFromGroup)

    // Example sending a request using DeleteUserRequest. req := client.DeleteUserRequest(params) resp, err := req.Send(context.TODO()) if err == nil { fmt.Println(resp) }

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUser

Example (Shared00)

To delete an IAM user

The following command removes the IAM user named Bob from the current account.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.DeleteUserInput{
		UserName: aws.String("Bob"),
	}

	req := svc.DeleteUserRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeDeleteConflictException:
				fmt.Println(iam.ErrCodeDeleteConflictException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) DeleteVirtualMFADeviceRequest added in v0.9.0

func (c *Client) DeleteVirtualMFADeviceRequest(input *DeleteVirtualMFADeviceInput) DeleteVirtualMFADeviceRequest

DeleteVirtualMFADeviceRequest returns a request value for making API operation for AWS Identity and Access Management.

Deletes a virtual MFA device.

You must deactivate a user's virtual MFA device before you can delete it. For information about deactivating MFA devices, see DeactivateMFADevice.

// Example sending a request using DeleteVirtualMFADeviceRequest.
req := client.DeleteVirtualMFADeviceRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteVirtualMFADevice

Example (Shared00)

To remove a virtual MFA device

The following delete-virtual-mfa-device command removes the specified MFA device from the current AWS account.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.DeleteVirtualMFADeviceInput{
		SerialNumber: aws.String("arn:aws:iam::123456789012:mfa/ExampleName"),
	}

	req := svc.DeleteVirtualMFADeviceRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeDeleteConflictException:
				fmt.Println(iam.ErrCodeDeleteConflictException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) DetachGroupPolicyRequest added in v0.9.0

func (c *Client) DetachGroupPolicyRequest(input *DetachGroupPolicyInput) DetachGroupPolicyRequest

DetachGroupPolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Removes the specified managed policy from the specified IAM group.

A group can also have inline policies embedded with it. To delete an inline policy, use the DeleteGroupPolicy API. For information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

// Example sending a request using DetachGroupPolicyRequest.
req := client.DetachGroupPolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachGroupPolicy

func (*Client) DetachRolePolicyRequest added in v0.9.0

func (c *Client) DetachRolePolicyRequest(input *DetachRolePolicyInput) DetachRolePolicyRequest

DetachRolePolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Removes the specified managed policy from the specified role.

A role can also have inline policies embedded with it. To delete an inline policy, use the DeleteRolePolicy API. For information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

// Example sending a request using DetachRolePolicyRequest.
req := client.DetachRolePolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachRolePolicy

func (*Client) DetachUserPolicyRequest added in v0.9.0

func (c *Client) DetachUserPolicyRequest(input *DetachUserPolicyInput) DetachUserPolicyRequest

DetachUserPolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Removes the specified managed policy from the specified user.

A user can also have inline policies embedded with it. To delete an inline policy, use the DeleteUserPolicy API. For information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

// Example sending a request using DetachUserPolicyRequest.
req := client.DetachUserPolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachUserPolicy

func (*Client) EnableMFADeviceRequest added in v0.9.0

func (c *Client) EnableMFADeviceRequest(input *EnableMFADeviceInput) EnableMFADeviceRequest

EnableMFADeviceRequest returns a request value for making API operation for AWS Identity and Access Management.

Enables the specified MFA device and associates it with the specified IAM user. When enabled, the MFA device is required for every subsequent login by the IAM user associated with the device.

// Example sending a request using EnableMFADeviceRequest.
req := client.EnableMFADeviceRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/EnableMFADevice

func (*Client) GenerateCredentialReportRequest added in v0.9.0

func (c *Client) GenerateCredentialReportRequest(input *GenerateCredentialReportInput) GenerateCredentialReportRequest

GenerateCredentialReportRequest returns a request value for making API operation for AWS Identity and Access Management.

Generates a credential report for the AWS account. For more information about the credential report, see Getting Credential Reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) in the IAM User Guide.

// Example sending a request using GenerateCredentialReportRequest.
req := client.GenerateCredentialReportRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateCredentialReport

func (*Client) GenerateOrganizationsAccessReportRequest added in v0.10.0

func (c *Client) GenerateOrganizationsAccessReportRequest(input *GenerateOrganizationsAccessReportInput) GenerateOrganizationsAccessReportRequest

GenerateOrganizationsAccessReportRequest returns a request value for making API operation for AWS Identity and Access Management.

Generates a report for service last accessed data for AWS Organizations. You can generate a report for any entities (organization root, organizational unit, or account) or policies in your organization.

To call this operation, you must be signed in using your AWS Organizations master account credentials. You can use your long-term IAM user or root user credentials, or temporary credentials from assuming an IAM role. SCPs must be enabled for your organization root. You must have the required IAM and AWS Organizations permissions. For more information, see Refining Permissions Using Service Last Accessed Data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) in the IAM User Guide.

You can generate a service last accessed data report for entities by specifying only the entity's path. This data includes a list of services that are allowed by any service control policies (SCPs) that apply to the entity.

You can generate a service last accessed data report for a policy by specifying an entity's path and an optional AWS Organizations policy ID. This data includes a list of services that are allowed by the specified SCP.

For each service in both report types, the data includes the most recent account activity that the policy allows to account principals in the entity or the entity's children. For important information about the data, reporting period, permissions required, troubleshooting, and supported Regions see Reducing Permissions Using Service Last Accessed Data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) in the IAM User Guide.

The data includes all attempts to access AWS, not just the successful ones. This includes all attempts that were made using the AWS Management Console, the AWS API through any of the SDKs, or any of the command line tools. An unexpected entry in the service last accessed data does not mean that an account has been compromised, because the request might have been denied. Refer to your CloudTrail logs as the authoritative source for information about all API calls and whether they were successful or denied access. For more information, see Logging IAM Events with CloudTrail (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html) in the IAM User Guide.

This operation returns a JobId. Use this parameter in the GetOrganizationsAccessReport operation to check the status of the report generation. To check the status of this request, use the JobId parameter in the GetOrganizationsAccessReport operation and test the JobStatus response parameter. When the job is complete, you can retrieve the report.

To generate a service last accessed data report for entities, specify an entity path without specifying the optional AWS Organizations policy ID. The type of entity that you specify determines the data returned in the report.

  • Root – When you specify the organizations root as the entity, the resulting report lists all of the services allowed by SCPs that are attached to your root. For each service, the report includes data for all accounts in your organization except the master account, because the master account is not limited by SCPs.

  • OU – When you specify an organizational unit (OU) as the entity, the resulting report lists all of the services allowed by SCPs that are attached to the OU and its parents. For each service, the report includes data for all accounts in the OU or its children. This data excludes the master account, because the master account is not limited by SCPs.

  • Master account – When you specify the master account, the resulting report lists all AWS services, because the master account is not limited by SCPs. For each service, the report includes data for only the master account.

  • Account – When you specify another account as the entity, the resulting report lists all of the services allowed by SCPs that are attached to the account and its parents. For each service, the report includes data for only the specified account.

To generate a service last accessed data report for policies, specify an entity path and the optional AWS Organizations policy ID. The type of entity that you specify determines the data returned for each service.

  • Root – When you specify the root entity and a policy ID, the resulting report lists all of the services that are allowed by the specified SCP. For each service, the report includes data for all accounts in your organization to which the SCP applies. This data excludes the master account, because the master account is not limited by SCPs. If the SCP is not attached to any entities in the organization, then the report will return a list of services with no data.

  • OU – When you specify an OU entity and a policy ID, the resulting report lists all of the services that are allowed by the specified SCP. For each service, the report includes data for all accounts in the OU or its children to which the SCP applies. This means that other accounts outside the OU that are affected by the SCP might not be included in the data. This data excludes the master account, because the master account is not limited by SCPs. If the SCP is not attached to the OU or one of its children, the report will return a list of services with no data.

  • Master account – When you specify the master account, the resulting report lists all AWS services, because the master account is not limited by SCPs. If you specify a policy ID in the CLI or API, the policy is ignored. For each service, the report includes data for only the master account.

  • Account – When you specify another account entity and a policy ID, the resulting report lists all of the services that are allowed by the specified SCP. For each service, the report includes data for only the specified account. This means that other accounts in the organization that are affected by the SCP might not be included in the data. If the SCP is not attached to the account, the report will return a list of services with no data.

Service last accessed data does not use other policy types when determining whether a principal could access a service. These other policy types include identity-based policies, resource-based policies, access control lists, IAM permissions boundaries, and STS assume role policies. It only applies SCP logic. For more about the evaluation of policy types, see Evaluating Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics) in the IAM User Guide.

For more information about service last accessed data, see Reducing Policy Scope by Viewing User Activity (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) in the IAM User Guide.

// Example sending a request using GenerateOrganizationsAccessReportRequest.
req := client.GenerateOrganizationsAccessReportRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateOrganizationsAccessReport

Example (Shared00)

To generate a service last accessed data report for an organizational unit

The following operation generates a report for the organizational unit ou-rge0-awexample

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.GenerateOrganizationsAccessReportInput{
		EntityPath: aws.String("o-a1b2c3d4e5/r-f6g7h8i9j0example/ou-1a2b3c-k9l8m7n6o5example"),
	}

	req := svc.GenerateOrganizationsAccessReportRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeReportGenerationLimitExceededException:
				fmt.Println(iam.ErrCodeReportGenerationLimitExceededException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) GenerateServiceLastAccessedDetailsRequest added in v0.9.0

func (c *Client) GenerateServiceLastAccessedDetailsRequest(input *GenerateServiceLastAccessedDetailsInput) GenerateServiceLastAccessedDetailsRequest

GenerateServiceLastAccessedDetailsRequest returns a request value for making API operation for AWS Identity and Access Management.

Generates a report that includes details about when an IAM resource (user, group, role, or policy) was last used in an attempt to access AWS services. Recent activity usually appears within four hours. IAM reports activity for the last 365 days, or less if your Region began supporting this feature within the last year. For more information, see Regions Where Data Is Tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period).

The service last accessed data includes all attempts to access an AWS API, not just the successful ones. This includes all attempts that were made using the AWS Management Console, the AWS API through any of the SDKs, or any of the command line tools. An unexpected entry in the service last accessed data does not mean that your account has been compromised, because the request might have been denied. Refer to your CloudTrail logs as the authoritative source for information about all API calls and whether they were successful or denied access. For more information, see Logging IAM Events with CloudTrail (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html) in the IAM User Guide.

The GenerateServiceLastAccessedDetails operation returns a JobId. Use this parameter in the following operations to retrieve the following details from your report:

  • GetServiceLastAccessedDetails – Use this operation for users, groups, roles, or policies to list every AWS service that the resource could access using permissions policies. For each service, the response includes information about the most recent access attempt.

  • GetServiceLastAccessedDetailsWithEntities – Use this operation for groups and policies to list information about the associated entities (users or roles) that attempted to access a specific AWS service.

To check the status of the GenerateServiceLastAccessedDetails request, use the JobId parameter in the same operations and test the JobStatus response parameter.

For additional information about the permissions policies that allow an identity (user, group, or role) to access specific services, use the ListPoliciesGrantingServiceAccess operation.

Service last accessed data does not use other policy types when determining whether a resource could access a service. These other policy types include resource-based policies, access control lists, AWS Organizations policies, IAM permissions boundaries, and AWS STS assume role policies. It only applies permissions policy logic. For more about the evaluation of policy types, see Evaluating Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics) in the IAM User Guide.

For more information about service last accessed data, see Reducing Policy Scope by Viewing User Activity (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) in the IAM User Guide.

// Example sending a request using GenerateServiceLastAccessedDetailsRequest.
req := client.GenerateServiceLastAccessedDetailsRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateServiceLastAccessedDetails

Example (Shared00)

To generate a service last accessed data report for a policy

The following operation generates a report for the policy: ExamplePolicy1

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.GenerateServiceLastAccessedDetailsInput{
		Arn: aws.String("arn:aws:iam::123456789012:policy/ExamplePolicy1"),
	}

	req := svc.GenerateServiceLastAccessedDetailsRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) GetAccessKeyLastUsedRequest added in v0.9.0

func (c *Client) GetAccessKeyLastUsedRequest(input *GetAccessKeyLastUsedInput) GetAccessKeyLastUsedRequest

GetAccessKeyLastUsedRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves information about when the specified access key was last used. The information includes the date and time of last use, along with the AWS service and Region that were specified in the last request made with that key.

// Example sending a request using GetAccessKeyLastUsedRequest.
req := client.GetAccessKeyLastUsedRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccessKeyLastUsed

func (*Client) GetAccountAuthorizationDetailsRequest added in v0.9.0

func (c *Client) GetAccountAuthorizationDetailsRequest(input *GetAccountAuthorizationDetailsInput) GetAccountAuthorizationDetailsRequest

GetAccountAuthorizationDetailsRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves information about all IAM users, groups, roles, and policies in your AWS account, including their relationships to one another. Use this API to obtain a snapshot of the configuration of IAM permissions (users, groups, roles, and policies) in your account.

Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

You can optionally filter the results using the Filter parameter. You can paginate the results using the MaxItems and Marker parameters.

// Example sending a request using GetAccountAuthorizationDetailsRequest.
req := client.GetAccountAuthorizationDetailsRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountAuthorizationDetails

func (*Client) GetAccountPasswordPolicyRequest added in v0.9.0

func (c *Client) GetAccountPasswordPolicyRequest(input *GetAccountPasswordPolicyInput) GetAccountPasswordPolicyRequest

GetAccountPasswordPolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves the password policy for the AWS account. For more information about using a password policy, go to Managing an IAM Password Policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html).

// Example sending a request using GetAccountPasswordPolicyRequest.
req := client.GetAccountPasswordPolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountPasswordPolicy

Example (Shared00)

To see the current account password policy

The following command displays details about the password policy for the current AWS account.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.GetAccountPasswordPolicyInput{}

	req := svc.GetAccountPasswordPolicyRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) GetAccountSummaryRequest added in v0.9.0

func (c *Client) GetAccountSummaryRequest(input *GetAccountSummaryInput) GetAccountSummaryRequest

GetAccountSummaryRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves information about IAM entity usage and IAM quotas in the AWS account.

For information about limitations on IAM entities, see Limitations on IAM Entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

// Example sending a request using GetAccountSummaryRequest.
req := client.GetAccountSummaryRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountSummary

Example (Shared00)

To get information about IAM entity quotas and usage in the current account

The following command returns information about the IAM entity quotas and usage in the current AWS account.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.GetAccountSummaryInput{}

	req := svc.GetAccountSummaryRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) GetContextKeysForCustomPolicyRequest added in v0.9.0

func (c *Client) GetContextKeysForCustomPolicyRequest(input *GetContextKeysForCustomPolicyInput) GetContextKeysForCustomPolicyRequest

GetContextKeysForCustomPolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Gets a list of all of the context keys referenced in the input policies. The policies are supplied as a list of one or more strings. To get the context keys from policies associated with an IAM user, group, or role, use GetContextKeysForPrincipalPolicy.

Context keys are variables maintained by AWS and its services that provide details about the context of an API query request. Context keys can be evaluated by testing against a value specified in an IAM policy. Use GetContextKeysForCustomPolicy to understand what key names and values you must supply when you call SimulateCustomPolicy. Note that all parameters are shown in unencoded form here for clarity but must be URL encoded to be included as a part of a real HTML request.

// Example sending a request using GetContextKeysForCustomPolicyRequest.
req := client.GetContextKeysForCustomPolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForCustomPolicy

func (*Client) GetContextKeysForPrincipalPolicyRequest added in v0.9.0

func (c *Client) GetContextKeysForPrincipalPolicyRequest(input *GetContextKeysForPrincipalPolicyInput) GetContextKeysForPrincipalPolicyRequest

GetContextKeysForPrincipalPolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Gets a list of all of the context keys referenced in all the IAM policies that are attached to the specified IAM entity. The entity can be an IAM user, group, or role. If you specify a user, then the request also includes all of the policies attached to groups that the user is a member of.

You can optionally include a list of one or more additional policies, specified as strings. If you want to include only a list of policies by string, use GetContextKeysForCustomPolicy instead.

Note: This API discloses information about the permissions granted to other users. If you do not want users to see other user's permissions, then consider allowing them to use GetContextKeysForCustomPolicy instead.

Context keys are variables maintained by AWS and its services that provide details about the context of an API query request. Context keys can be evaluated by testing against a value in an IAM policy. Use GetContextKeysForPrincipalPolicy to understand what key names and values you must supply when you call SimulatePrincipalPolicy.

// Example sending a request using GetContextKeysForPrincipalPolicyRequest.
req := client.GetContextKeysForPrincipalPolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForPrincipalPolicy

func (*Client) GetCredentialReportRequest added in v0.9.0

func (c *Client) GetCredentialReportRequest(input *GetCredentialReportInput) GetCredentialReportRequest

GetCredentialReportRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves a credential report for the AWS account. For more information about the credential report, see Getting Credential Reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) in the IAM User Guide.

// Example sending a request using GetCredentialReportRequest.
req := client.GetCredentialReportRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetCredentialReport

func (*Client) GetGroupPolicyRequest added in v0.9.0

func (c *Client) GetGroupPolicyRequest(input *GetGroupPolicyInput) GetGroupPolicyRequest

GetGroupPolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves the specified inline policy document that is embedded in the specified IAM group.

Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

An IAM group can also have managed policies attached to it. To retrieve a managed policy document that is attached to a group, use GetPolicy to determine the policy's default version, then use GetPolicyVersion to retrieve the policy document.

For more information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

// Example sending a request using GetGroupPolicyRequest.
req := client.GetGroupPolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroupPolicy

func (*Client) GetGroupRequest added in v0.9.0

func (c *Client) GetGroupRequest(input *GetGroupInput) GetGroupRequest

GetGroupRequest returns a request value for making API operation for AWS Identity and Access Management.

Returns a list of IAM users that are in the specified IAM group. You can paginate the results using the MaxItems and Marker parameters.

// Example sending a request using GetGroupRequest.
req := client.GetGroupRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroup

func (*Client) GetInstanceProfileRequest added in v0.9.0

func (c *Client) GetInstanceProfileRequest(input *GetInstanceProfileInput) GetInstanceProfileRequest

GetInstanceProfileRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves information about the specified instance profile, including the instance profile's path, GUID, ARN, and role. For more information about instance profiles, see About Instance Profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html) in the IAM User Guide.

// Example sending a request using GetInstanceProfileRequest.
req := client.GetInstanceProfileRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetInstanceProfile

Example (Shared00)

To get information about an instance profile

The following command gets information about the instance profile named ExampleInstanceProfile.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.GetInstanceProfileInput{
		InstanceProfileName: aws.String("ExampleInstanceProfile"),
	}

	req := svc.GetInstanceProfileRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) GetLoginProfileRequest added in v0.9.0

func (c *Client) GetLoginProfileRequest(input *GetLoginProfileInput) GetLoginProfileRequest

GetLoginProfileRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves the user name and password-creation date for the specified IAM user. If the user has not been assigned a password, the operation returns a 404 (NoSuchEntity) error.

// Example sending a request using GetLoginProfileRequest.
req := client.GetLoginProfileRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetLoginProfile

Example (Shared00)

To get password information for an IAM user

The following command gets information about the password for the IAM user named Anika.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.GetLoginProfileInput{
		UserName: aws.String("Anika"),
	}

	req := svc.GetLoginProfileRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) GetOpenIDConnectProviderRequest added in v0.9.0

func (c *Client) GetOpenIDConnectProviderRequest(input *GetOpenIDConnectProviderInput) GetOpenIDConnectProviderRequest

GetOpenIDConnectProviderRequest returns a request value for making API operation for AWS Identity and Access Management.

Returns information about the specified OpenID Connect (OIDC) provider resource object in IAM.

// Example sending a request using GetOpenIDConnectProviderRequest.
req := client.GetOpenIDConnectProviderRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOpenIDConnectProvider

func (*Client) GetOrganizationsAccessReportRequest added in v0.10.0

func (c *Client) GetOrganizationsAccessReportRequest(input *GetOrganizationsAccessReportInput) GetOrganizationsAccessReportRequest

GetOrganizationsAccessReportRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves the service last accessed data report for AWS Organizations that was previously generated using the GenerateOrganizationsAccessReport operation. This operation retrieves the status of your report job and the report contents.

Depending on the parameters that you passed when you generated the report, the data returned could include different information. For details, see GenerateOrganizationsAccessReport.

To call this operation, you must be signed in to the master account in your organization. SCPs must be enabled for your organization root. You must have permissions to perform this operation. For more information, see Refining Permissions Using Service Last Accessed Data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) in the IAM User Guide.

For each service that principals in an account (root users, IAM users, or IAM roles) could access using SCPs, the operation returns details about the most recent access attempt. If there was no attempt, the service is listed without details about the most recent attempt to access the service. If the operation fails, it returns the reason that it failed.

By default, the list is sorted by service namespace.

// Example sending a request using GetOrganizationsAccessReportRequest.
req := client.GetOrganizationsAccessReportRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOrganizationsAccessReport

Example (Shared00)

To get details from a previously generated organizational unit report

The following operation gets details about the report with the job ID: examplea-1234-b567-cde8-90fg123abcd4

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.GetOrganizationsAccessReportInput{
		JobId: aws.String("examplea-1234-b567-cde8-90fg123abcd4"),
	}

	req := svc.GetOrganizationsAccessReportRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) GetPolicyRequest added in v0.9.0

func (c *Client) GetPolicyRequest(input *GetPolicyInput) GetPolicyRequest

GetPolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves information about the specified managed policy, including the policy's default version and the total number of IAM users, groups, and roles to which the policy is attached. To retrieve the list of the specific users, groups, and roles that the policy is attached to, use the ListEntitiesForPolicy API. This API returns metadata about the policy. To retrieve the actual policy document for a specific version of the policy, use GetPolicyVersion.

This API retrieves information about managed policies. To retrieve information about an inline policy that is embedded with an IAM user, group, or role, use the GetUserPolicy, GetGroupPolicy, or GetRolePolicy API.

For more information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

// Example sending a request using GetPolicyRequest.
req := client.GetPolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicy

func (*Client) GetPolicyVersionRequest added in v0.9.0

func (c *Client) GetPolicyVersionRequest(input *GetPolicyVersionInput) GetPolicyVersionRequest

GetPolicyVersionRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves information about the specified version of the specified managed policy, including the policy document.

Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

To list the available versions for a policy, use ListPolicyVersions.

This API retrieves information about managed policies. To retrieve information about an inline policy that is embedded in a user, group, or role, use the GetUserPolicy, GetGroupPolicy, or GetRolePolicy API.

For more information about the types of policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For more information about managed policy versions, see Versioning for Managed Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) in the IAM User Guide.

// Example sending a request using GetPolicyVersionRequest.
req := client.GetPolicyVersionRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicyVersion

func (*Client) GetRolePolicyRequest added in v0.9.0

func (c *Client) GetRolePolicyRequest(input *GetRolePolicyInput) GetRolePolicyRequest

GetRolePolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves the specified inline policy document that is embedded with the specified IAM role.

Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

An IAM role can also have managed policies attached to it. To retrieve a managed policy document that is attached to a role, use GetPolicy to determine the policy's default version, then use GetPolicyVersion to retrieve the policy document.

For more information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For more information about roles, see Using Roles to Delegate Permissions and Federate Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html).

// Example sending a request using GetRolePolicyRequest.
req := client.GetRolePolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRolePolicy

func (*Client) GetRoleRequest added in v0.9.0

func (c *Client) GetRoleRequest(input *GetRoleInput) GetRoleRequest

GetRoleRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves information about the specified role, including the role's path, GUID, ARN, and the role's trust policy that grants permission to assume the role. For more information about roles, see Working with Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).

Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

// Example sending a request using GetRoleRequest.
req := client.GetRoleRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRole

Example (Shared00)

To get information about an IAM role

The following command gets information about the role named Test-Role.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.GetRoleInput{
		RoleName: aws.String("Test-Role"),
	}

	req := svc.GetRoleRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) GetSAMLProviderRequest added in v0.9.0

func (c *Client) GetSAMLProviderRequest(input *GetSAMLProviderInput) GetSAMLProviderRequest

GetSAMLProviderRequest returns a request value for making API operation for AWS Identity and Access Management.

Returns the SAML provider metadocument that was uploaded when the IAM SAML provider resource object was created or updated.

This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

// Example sending a request using GetSAMLProviderRequest.
req := client.GetSAMLProviderRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSAMLProvider

func (*Client) GetSSHPublicKeyRequest added in v0.9.0

func (c *Client) GetSSHPublicKeyRequest(input *GetSSHPublicKeyInput) GetSSHPublicKeyRequest

GetSSHPublicKeyRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves the specified SSH public key, including metadata about the key.

The SSH public key retrieved by this operation is used only for authenticating the associated IAM user to an AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS CodeCommit for SSH Connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the AWS CodeCommit User Guide.

// Example sending a request using GetSSHPublicKeyRequest.
req := client.GetSSHPublicKeyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSSHPublicKey

func (*Client) GetServerCertificateRequest added in v0.9.0

func (c *Client) GetServerCertificateRequest(input *GetServerCertificateInput) GetServerCertificateRequest

GetServerCertificateRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves information about the specified server certificate stored in IAM.

For more information about working with server certificates, see Working with Server Certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic includes a list of AWS services that can use the server certificates that you manage with IAM.

// Example sending a request using GetServerCertificateRequest.
req := client.GetServerCertificateRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServerCertificate

func (*Client) GetServiceLastAccessedDetailsRequest added in v0.9.0

func (c *Client) GetServiceLastAccessedDetailsRequest(input *GetServiceLastAccessedDetailsInput) GetServiceLastAccessedDetailsRequest

GetServiceLastAccessedDetailsRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves a service last accessed report that was created using the GenerateServiceLastAccessedDetails operation. You can use the JobId parameter in GetServiceLastAccessedDetails to retrieve the status of your report job. When the report is complete, you can retrieve the generated report. The report includes a list of AWS services that the resource (user, group, role, or managed policy) can access.

Service last accessed data does not use other policy types when determining whether a resource could access a service. These other policy types include resource-based policies, access control lists, AWS Organizations policies, IAM permissions boundaries, and AWS STS assume role policies. It only applies permissions policy logic. For more about the evaluation of policy types, see Evaluating Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics) in the IAM User Guide.

For each service that the resource could access using permissions policies, the operation returns details about the most recent access attempt. If there was no attempt, the service is listed without details about the most recent attempt to access the service. If the operation fails, the GetServiceLastAccessedDetails operation returns the reason that it failed.

The GetServiceLastAccessedDetails operation returns a list of services. This list includes the number of entities that have attempted to access the service and the date and time of the last attempt. It also returns the ARN of the following entity, depending on the resource ARN that you used to generate the report:

  • User – Returns the user ARN that you used to generate the report

  • Group – Returns the ARN of the group member (user) that last attempted to access the service

  • Role – Returns the role ARN that you used to generate the report

  • Policy – Returns the ARN of the user or role that last used the policy to attempt to access the service

By default, the list is sorted by service namespace.

// Example sending a request using GetServiceLastAccessedDetailsRequest.
req := client.GetServiceLastAccessedDetailsRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLastAccessedDetails

Example (Shared00)

To get details from a previously-generated report

The following operation gets details about the report with the job ID: examplef-1305-c245-eba4-71fe298bcda7

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.GetServiceLastAccessedDetailsInput{
		JobId: aws.String("examplef-1305-c245-eba4-71fe298bcda7"),
	}

	req := svc.GetServiceLastAccessedDetailsRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) GetServiceLastAccessedDetailsWithEntitiesRequest added in v0.9.0

func (c *Client) GetServiceLastAccessedDetailsWithEntitiesRequest(input *GetServiceLastAccessedDetailsWithEntitiesInput) GetServiceLastAccessedDetailsWithEntitiesRequest

GetServiceLastAccessedDetailsWithEntitiesRequest returns a request value for making API operation for AWS Identity and Access Management.

After you generate a group or policy report using the GenerateServiceLastAccessedDetails operation, you can use the JobId parameter in GetServiceLastAccessedDetailsWithEntities. This operation retrieves the status of your report job and a list of entities that could have used group or policy permissions to access the specified service.

  • Group – For a group report, this operation returns a list of users in the group that could have used the group’s policies in an attempt to access the service.

  • Policy – For a policy report, this operation returns a list of entities (users or roles) that could have used the policy in an attempt to access the service.

You can also use this operation for user or role reports to retrieve details about those entities.

If the operation fails, the GetServiceLastAccessedDetailsWithEntities operation returns the reason that it failed.

By default, the list of associated entities is sorted by date, with the most recent access listed first.

// Example sending a request using GetServiceLastAccessedDetailsWithEntitiesRequest.
req := client.GetServiceLastAccessedDetailsWithEntitiesRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLastAccessedDetailsWithEntities

Example (Shared00)

To get sntity details from a previously-generated report

The following operation returns details about the entities that attempted to access the IAM service.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.GetServiceLastAccessedDetailsWithEntitiesInput{
		JobId:            aws.String("examplef-1305-c245-eba4-71fe298bcda7"),
		ServiceNamespace: aws.String("iam"),
	}

	req := svc.GetServiceLastAccessedDetailsWithEntitiesRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) GetServiceLinkedRoleDeletionStatusRequest added in v0.9.0

func (c *Client) GetServiceLinkedRoleDeletionStatusRequest(input *GetServiceLinkedRoleDeletionStatusInput) GetServiceLinkedRoleDeletionStatusRequest

GetServiceLinkedRoleDeletionStatusRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves the status of your service-linked role deletion. After you use the DeleteServiceLinkedRole API operation to submit a service-linked role for deletion, you can use the DeletionTaskId parameter in GetServiceLinkedRoleDeletionStatus to check the status of the deletion. If the deletion fails, this operation returns the reason that it failed, if that information is returned by the service.

// Example sending a request using GetServiceLinkedRoleDeletionStatusRequest.
req := client.GetServiceLinkedRoleDeletionStatusRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLinkedRoleDeletionStatus

func (*Client) GetUserPolicyRequest added in v0.9.0

func (c *Client) GetUserPolicyRequest(input *GetUserPolicyInput) GetUserPolicyRequest

GetUserPolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves the specified inline policy document that is embedded in the specified IAM user.

Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

An IAM user can also have managed policies attached to it. To retrieve a managed policy document that is attached to a user, use GetPolicy to determine the policy's default version. Then use GetPolicyVersion to retrieve the policy document.

For more information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

// Example sending a request using GetUserPolicyRequest.
req := client.GetUserPolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUserPolicy

func (*Client) GetUserRequest added in v0.9.0

func (c *Client) GetUserRequest(input *GetUserInput) GetUserRequest

GetUserRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves information about the specified IAM user, including the user's creation date, path, unique ID, and ARN.

If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID used to sign the request to this API.

// Example sending a request using GetUserRequest.
req := client.GetUserRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUser

Example (Shared00)

To get information about an IAM user

The following command gets information about the IAM user named Bob.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.GetUserInput{
		UserName: aws.String("Bob"),
	}

	req := svc.GetUserRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) ListAccessKeysRequest added in v0.9.0

func (c *Client) ListAccessKeysRequest(input *ListAccessKeysInput) ListAccessKeysRequest

ListAccessKeysRequest returns a request value for making API operation for AWS Identity and Access Management.

Returns information about the access key IDs associated with the specified IAM user. If there is none, the operation returns an empty list.

Although each user is limited to a small number of keys, you can still paginate the results using the MaxItems and Marker parameters.

If the UserName field is not specified, the user name is determined implicitly based on the AWS access key ID used to sign the request. This operation works for access keys under the AWS account. Consequently, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated users.

To ensure the security of your AWS account, the secret access key is accessible only during key and user creation.

// Example sending a request using ListAccessKeysRequest.
req := client.ListAccessKeysRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccessKeys

Example (Shared00)

To list the access key IDs for an IAM user

The following command lists the access keys IDs for the IAM user named Alice.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.ListAccessKeysInput{
		UserName: aws.String("Alice"),
	}

	req := svc.ListAccessKeysRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) ListAccountAliasesRequest added in v0.9.0

func (c *Client) ListAccountAliasesRequest(input *ListAccountAliasesInput) ListAccountAliasesRequest

ListAccountAliasesRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists the account alias associated with the AWS account (Note: you can have only one). For information about using an AWS account alias, see Using an Alias for Your AWS Account ID (https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) in the IAM User Guide.

// Example sending a request using ListAccountAliasesRequest.
req := client.ListAccountAliasesRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccountAliases

Example (Shared00)

To list account aliases

The following command lists the aliases for the current account.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.ListAccountAliasesInput{}

	req := svc.ListAccountAliasesRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) ListAttachedGroupPoliciesRequest added in v0.9.0

func (c *Client) ListAttachedGroupPoliciesRequest(input *ListAttachedGroupPoliciesInput) ListAttachedGroupPoliciesRequest

ListAttachedGroupPoliciesRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists all managed policies that are attached to the specified IAM group.

An IAM group can also have inline policies embedded with it. To list the inline policies for a group, use the ListGroupPolicies API. For information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. You can use the PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. If there are no policies attached to the specified group (or none that match the specified path prefix), the operation returns an empty list.

// Example sending a request using ListAttachedGroupPoliciesRequest.
req := client.ListAttachedGroupPoliciesRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedGroupPolicies

func (*Client) ListAttachedRolePoliciesRequest added in v0.9.0

func (c *Client) ListAttachedRolePoliciesRequest(input *ListAttachedRolePoliciesInput) ListAttachedRolePoliciesRequest

ListAttachedRolePoliciesRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists all managed policies that are attached to the specified IAM role.

An IAM role can also have inline policies embedded with it. To list the inline policies for a role, use the ListRolePolicies API. For information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. You can use the PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. If there are no policies attached to the specified role (or none that match the specified path prefix), the operation returns an empty list.

// Example sending a request using ListAttachedRolePoliciesRequest.
req := client.ListAttachedRolePoliciesRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedRolePolicies

func (*Client) ListAttachedUserPoliciesRequest added in v0.9.0

func (c *Client) ListAttachedUserPoliciesRequest(input *ListAttachedUserPoliciesInput) ListAttachedUserPoliciesRequest

ListAttachedUserPoliciesRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists all managed policies that are attached to the specified IAM user.

An IAM user can also have inline policies embedded with it. To list the inline policies for a user, use the ListUserPolicies API. For information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. You can use the PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. If there are no policies attached to the specified group (or none that match the specified path prefix), the operation returns an empty list.

// Example sending a request using ListAttachedUserPoliciesRequest.
req := client.ListAttachedUserPoliciesRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedUserPolicies

func (*Client) ListEntitiesForPolicyRequest added in v0.9.0

func (c *Client) ListEntitiesForPolicyRequest(input *ListEntitiesForPolicyInput) ListEntitiesForPolicyRequest

ListEntitiesForPolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists all IAM users, groups, and roles that the specified managed policy is attached to.

You can use the optional EntityFilter parameter to limit the results to a particular type of entity (users, groups, or roles). For example, to list only the roles that are attached to the specified policy, set EntityFilter to Role.

You can paginate the results using the MaxItems and Marker parameters.

// Example sending a request using ListEntitiesForPolicyRequest.
req := client.ListEntitiesForPolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListEntitiesForPolicy

func (*Client) ListGroupPoliciesRequest added in v0.9.0

func (c *Client) ListGroupPoliciesRequest(input *ListGroupPoliciesInput) ListGroupPoliciesRequest

ListGroupPoliciesRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists the names of the inline policies that are embedded in the specified IAM group.

An IAM group can also have managed policies attached to it. To list the managed policies that are attached to a group, use ListAttachedGroupPolicies. For more information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. If there are no inline policies embedded with the specified group, the operation returns an empty list.

// Example sending a request using ListGroupPoliciesRequest.
req := client.ListGroupPoliciesRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupPolicies

Example (Shared00)

To list the in-line policies for an IAM group

The following command lists the names of in-line policies that are embedded in the IAM group named Admins.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.ListGroupPoliciesInput{
		GroupName: aws.String("Admins"),
	}

	req := svc.ListGroupPoliciesRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) ListGroupsForUserRequest added in v0.9.0

func (c *Client) ListGroupsForUserRequest(input *ListGroupsForUserInput) ListGroupsForUserRequest

ListGroupsForUserRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists the IAM groups that the specified IAM user belongs to.

You can paginate the results using the MaxItems and Marker parameters.

// Example sending a request using ListGroupsForUserRequest.
req := client.ListGroupsForUserRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupsForUser

Example (Shared00)

To list the groups that an IAM user belongs to

The following command displays the groups that the IAM user named Bob belongs to.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.ListGroupsForUserInput{
		UserName: aws.String("Bob"),
	}

	req := svc.ListGroupsForUserRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) ListGroupsRequest added in v0.9.0

func (c *Client) ListGroupsRequest(input *ListGroupsInput) ListGroupsRequest

ListGroupsRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists the IAM groups that have the specified path prefix.

You can paginate the results using the MaxItems and Marker parameters.

// Example sending a request using ListGroupsRequest.
req := client.ListGroupsRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroups

Example (Shared00)

To list the IAM groups for the current account

The following command lists the IAM groups in the current account:

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.ListGroupsInput{}

	req := svc.ListGroupsRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) ListInstanceProfilesForRoleRequest added in v0.9.0

func (c *Client) ListInstanceProfilesForRoleRequest(input *ListInstanceProfilesForRoleInput) ListInstanceProfilesForRoleRequest

ListInstanceProfilesForRoleRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists the instance profiles that have the specified associated IAM role. If there are none, the operation returns an empty list. For more information about instance profiles, go to About Instance Profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).

You can paginate the results using the MaxItems and Marker parameters.

// Example sending a request using ListInstanceProfilesForRoleRequest.
req := client.ListInstanceProfilesForRoleRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfilesForRole

func (*Client) ListInstanceProfilesRequest added in v0.9.0

func (c *Client) ListInstanceProfilesRequest(input *ListInstanceProfilesInput) ListInstanceProfilesRequest

ListInstanceProfilesRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists the instance profiles that have the specified path prefix. If there are none, the operation returns an empty list. For more information about instance profiles, go to About Instance Profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).

You can paginate the results using the MaxItems and Marker parameters.

// Example sending a request using ListInstanceProfilesRequest.
req := client.ListInstanceProfilesRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfiles

func (*Client) ListMFADevicesRequest added in v0.9.0

func (c *Client) ListMFADevicesRequest(input *ListMFADevicesInput) ListMFADevicesRequest

ListMFADevicesRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists the MFA devices for an IAM user. If the request includes a IAM user name, then this operation lists all the MFA devices associated with the specified user. If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing the request for this API.

You can paginate the results using the MaxItems and Marker parameters.

// Example sending a request using ListMFADevicesRequest.
req := client.ListMFADevicesRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADevices

func (*Client) ListOpenIDConnectProvidersRequest added in v0.9.0

func (c *Client) ListOpenIDConnectProvidersRequest(input *ListOpenIDConnectProvidersInput) ListOpenIDConnectProvidersRequest

ListOpenIDConnectProvidersRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists information about the IAM OpenID Connect (OIDC) provider resource objects defined in the AWS account.

// Example sending a request using ListOpenIDConnectProvidersRequest.
req := client.ListOpenIDConnectProvidersRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviders

func (*Client) ListPoliciesGrantingServiceAccessRequest added in v0.9.0

func (c *Client) ListPoliciesGrantingServiceAccessRequest(input *ListPoliciesGrantingServiceAccessInput) ListPoliciesGrantingServiceAccessRequest

ListPoliciesGrantingServiceAccessRequest returns a request value for making API operation for AWS Identity and Access Management.

Retrieves a list of policies that the IAM identity (user, group, or role) can use to access each specified service.

This operation does not use other policy types when determining whether a resource could access a service. These other policy types include resource-based policies, access control lists, AWS Organizations policies, IAM permissions boundaries, and AWS STS assume role policies. It only applies permissions policy logic. For more about the evaluation of policy types, see Evaluating Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics) in the IAM User Guide.

The list of policies returned by the operation depends on the ARN of the identity that you provide.

  • User – The list of policies includes the managed and inline policies that are attached to the user directly. The list also includes any additional managed and inline policies that are attached to the group to which the user belongs.

  • Group – The list of policies includes only the managed and inline policies that are attached to the group directly. Policies that are attached to the group’s user are not included.

  • Role – The list of policies includes only the managed and inline policies that are attached to the role.

For each managed policy, this operation returns the ARN and policy name. For each inline policy, it returns the policy name and the entity to which it is attached. Inline policies do not have an ARN. For more information about these policy types, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html) in the IAM User Guide.

Policies that are attached to users and roles as permissions boundaries are not returned. To view which managed policy is currently used to set the permissions boundary for a user or role, use the GetUser or GetRole operations.

// Example sending a request using ListPoliciesGrantingServiceAccessRequest.
req := client.ListPoliciesGrantingServiceAccessRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPoliciesGrantingServiceAccess

Example (Shared00)

To list policies that allow access to a service

The following operation lists policies that allow ExampleUser01 to access IAM or EC2.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.ListPoliciesGrantingServiceAccessInput{
		Arn: aws.String("arn:aws:iam::123456789012:user/ExampleUser01"),
		ServiceNamespaces: []string{
			"iam",
			"ec2",
		},
	}

	req := svc.ListPoliciesGrantingServiceAccessRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) ListPoliciesRequest added in v0.9.0

func (c *Client) ListPoliciesRequest(input *ListPoliciesInput) ListPoliciesRequest

ListPoliciesRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists all the managed policies that are available in your AWS account, including your own customer-defined managed policies and all AWS managed policies.

You can filter the list of policies that is returned using the optional OnlyAttached, Scope, and PathPrefix parameters. For example, to list only the customer managed policies in your AWS account, set Scope to Local. To list only AWS managed policies, set Scope to AWS.

You can paginate the results using the MaxItems and Marker parameters.

For more information about managed policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

// Example sending a request using ListPoliciesRequest.
req := client.ListPoliciesRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicies

func (*Client) ListPolicyVersionsRequest added in v0.9.0

func (c *Client) ListPolicyVersionsRequest(input *ListPolicyVersionsInput) ListPolicyVersionsRequest

ListPolicyVersionsRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists information about the versions of the specified managed policy, including the version that is currently set as the policy's default version.

For more information about managed policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

// Example sending a request using ListPolicyVersionsRequest.
req := client.ListPolicyVersionsRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyVersions

func (*Client) ListRolePoliciesRequest added in v0.9.0

func (c *Client) ListRolePoliciesRequest(input *ListRolePoliciesInput) ListRolePoliciesRequest

ListRolePoliciesRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists the names of the inline policies that are embedded in the specified IAM role.

An IAM role can also have managed policies attached to it. To list the managed policies that are attached to a role, use ListAttachedRolePolicies. For more information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. If there are no inline policies embedded with the specified role, the operation returns an empty list.

// Example sending a request using ListRolePoliciesRequest.
req := client.ListRolePoliciesRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRolePolicies

func (*Client) ListRoleTagsRequest added in v0.9.0

func (c *Client) ListRoleTagsRequest(input *ListRoleTagsInput) ListRoleTagsRequest

ListRoleTagsRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists the tags that are attached to the specified role. The returned list of tags is sorted by tag key. For more information about tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

// Example sending a request using ListRoleTagsRequest.
req := client.ListRoleTagsRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoleTags

Example (Shared00)

To list the tags attached to an IAM role

The following example shows how to list the tags attached to a role.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.ListRoleTagsInput{
		RoleName: aws.String("taggedrole1"),
	}

	req := svc.ListRoleTagsRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) ListRolesRequest added in v0.9.0

func (c *Client) ListRolesRequest(input *ListRolesInput) ListRolesRequest

ListRolesRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists the IAM roles that have the specified path prefix. If there are none, the operation returns an empty list. For more information about roles, go to Working with Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).

You can paginate the results using the MaxItems and Marker parameters.

// Example sending a request using ListRolesRequest.
req := client.ListRolesRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoles

func (*Client) ListSAMLProvidersRequest added in v0.9.0

func (c *Client) ListSAMLProvidersRequest(input *ListSAMLProvidersInput) ListSAMLProvidersRequest

ListSAMLProvidersRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists the SAML provider resource objects defined in IAM in the account.

This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

// Example sending a request using ListSAMLProvidersRequest.
req := client.ListSAMLProvidersRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviders

func (*Client) ListSSHPublicKeysRequest added in v0.9.0

func (c *Client) ListSSHPublicKeysRequest(input *ListSSHPublicKeysInput) ListSSHPublicKeysRequest

ListSSHPublicKeysRequest returns a request value for making API operation for AWS Identity and Access Management.

Returns information about the SSH public keys associated with the specified IAM user. If none exists, the operation returns an empty list.

The SSH public keys returned by this operation are used only for authenticating the IAM user to an AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS CodeCommit for SSH Connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the AWS CodeCommit User Guide.

Although each user is limited to a small number of keys, you can still paginate the results using the MaxItems and Marker parameters.

// Example sending a request using ListSSHPublicKeysRequest.
req := client.ListSSHPublicKeysRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSSHPublicKeys

func (*Client) ListServerCertificatesRequest added in v0.9.0

func (c *Client) ListServerCertificatesRequest(input *ListServerCertificatesInput) ListServerCertificatesRequest

ListServerCertificatesRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists the server certificates stored in IAM that have the specified path prefix. If none exist, the operation returns an empty list.

You can paginate the results using the MaxItems and Marker parameters.

For more information about working with server certificates, see Working with Server Certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic also includes a list of AWS services that can use the server certificates that you manage with IAM.

// Example sending a request using ListServerCertificatesRequest.
req := client.ListServerCertificatesRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificates

func (*Client) ListServiceSpecificCredentialsRequest added in v0.9.0

func (c *Client) ListServiceSpecificCredentialsRequest(input *ListServiceSpecificCredentialsInput) ListServiceSpecificCredentialsRequest

ListServiceSpecificCredentialsRequest returns a request value for making API operation for AWS Identity and Access Management.

Returns information about the service-specific credentials associated with the specified IAM user. If none exists, the operation returns an empty list. The service-specific credentials returned by this operation are used only for authenticating the IAM user to a specific service. For more information about using service-specific credentials to authenticate to an AWS service, see Set Up service-specific credentials (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html) in the AWS CodeCommit User Guide.

// Example sending a request using ListServiceSpecificCredentialsRequest.
req := client.ListServiceSpecificCredentialsRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServiceSpecificCredentials

func (*Client) ListSigningCertificatesRequest added in v0.9.0

func (c *Client) ListSigningCertificatesRequest(input *ListSigningCertificatesInput) ListSigningCertificatesRequest

ListSigningCertificatesRequest returns a request value for making API operation for AWS Identity and Access Management.

Returns information about the signing certificates associated with the specified IAM user. If none exists, the operation returns an empty list.

Although each user is limited to a small number of signing certificates, you can still paginate the results using the MaxItems and Marker parameters.

If the UserName field is not specified, the user name is determined implicitly based on the AWS access key ID used to sign the request for this API. This operation works for access keys under the AWS account. Consequently, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated users.

// Example sending a request using ListSigningCertificatesRequest.
req := client.ListSigningCertificatesRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSigningCertificates

Example (Shared00)

To list the signing certificates for an IAM user

The following command lists the signing certificates for the IAM user named Bob.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.ListSigningCertificatesInput{
		UserName: aws.String("Bob"),
	}

	req := svc.ListSigningCertificatesRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) ListUserPoliciesRequest added in v0.9.0

func (c *Client) ListUserPoliciesRequest(input *ListUserPoliciesInput) ListUserPoliciesRequest

ListUserPoliciesRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists the names of the inline policies embedded in the specified IAM user.

An IAM user can also have managed policies attached to it. To list the managed policies that are attached to a user, use ListAttachedUserPolicies. For more information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. If there are no inline policies embedded with the specified user, the operation returns an empty list.

// Example sending a request using ListUserPoliciesRequest.
req := client.ListUserPoliciesRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserPolicies

func (*Client) ListUserTagsRequest added in v0.9.0

func (c *Client) ListUserTagsRequest(input *ListUserTagsInput) ListUserTagsRequest

ListUserTagsRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists the tags that are attached to the specified user. The returned list of tags is sorted by tag key. For more information about tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

// Example sending a request using ListUserTagsRequest.
req := client.ListUserTagsRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserTags

Example (Shared00)

To list the tags attached to an IAM user

The following example shows how to list the tags attached to a user.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.ListUserTagsInput{
		UserName: aws.String("anika"),
	}

	req := svc.ListUserTagsRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) ListUsersRequest added in v0.9.0

func (c *Client) ListUsersRequest(input *ListUsersInput) ListUsersRequest

ListUsersRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists the IAM users that have the specified path prefix. If no path prefix is specified, the operation returns all users in the AWS account. If there are none, the operation returns an empty list.

You can paginate the results using the MaxItems and Marker parameters.

// Example sending a request using ListUsersRequest.
req := client.ListUsersRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUsers

Example (Shared00)

To list IAM users

The following command lists the IAM users in the current account.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.ListUsersInput{}

	req := svc.ListUsersRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) ListVirtualMFADevicesRequest added in v0.9.0

func (c *Client) ListVirtualMFADevicesRequest(input *ListVirtualMFADevicesInput) ListVirtualMFADevicesRequest

ListVirtualMFADevicesRequest returns a request value for making API operation for AWS Identity and Access Management.

Lists the virtual MFA devices defined in the AWS account by assignment status. If you do not specify an assignment status, the operation returns a list of all virtual MFA devices. Assignment status can be Assigned, Unassigned, or Any.

You can paginate the results using the MaxItems and Marker parameters.

// Example sending a request using ListVirtualMFADevicesRequest.
req := client.ListVirtualMFADevicesRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListVirtualMFADevices

Example (Shared00)

To list virtual MFA devices

The following command lists the virtual MFA devices that have been configured for the current account.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.ListVirtualMFADevicesInput{}

	req := svc.ListVirtualMFADevicesRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) PutGroupPolicyRequest added in v0.9.0

func (c *Client) PutGroupPolicyRequest(input *PutGroupPolicyInput) PutGroupPolicyRequest

PutGroupPolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Adds or updates an inline policy document that is embedded in the specified IAM group.

A user can also have managed policies attached to it. To attach a managed policy to a group, use AttachGroupPolicy. To create a new managed policy, use CreatePolicy. For information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For information about limits on the number of inline policies that you can embed in a group, see Limitations on IAM Entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutGroupPolicy. For general information about using the Query API with IAM, go to Making Query Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) in the IAM User Guide.

// Example sending a request using PutGroupPolicyRequest.
req := client.PutGroupPolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutGroupPolicy

Example (Shared00)

To add a policy to a group

The following command adds a policy named AllPerms to the IAM group named Admins.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.PutGroupPolicyInput{
		GroupName:      aws.String("Admins"),
		PolicyDocument: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"),
		PolicyName:     aws.String("AllPerms"),
	}

	req := svc.PutGroupPolicyRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) PutRolePermissionsBoundaryRequest added in v0.9.0

func (c *Client) PutRolePermissionsBoundaryRequest(input *PutRolePermissionsBoundaryInput) PutRolePermissionsBoundaryRequest

PutRolePermissionsBoundaryRequest returns a request value for making API operation for AWS Identity and Access Management.

Adds or updates the policy that is specified as the IAM role's permissions boundary. You can use an AWS managed policy or a customer managed policy to set the boundary for a role. Use the boundary to control the maximum permissions that the role can have. Setting a permissions boundary is an advanced feature that can affect the permissions for the role.

You cannot set the boundary for a service-linked role.

Policies used as permissions boundaries do not provide permissions. You must also attach a permissions policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON Policy Evaluation Logic (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) in the IAM User Guide.

// Example sending a request using PutRolePermissionsBoundaryRequest.
req := client.PutRolePermissionsBoundaryRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePermissionsBoundary

func (*Client) PutRolePolicyRequest added in v0.9.0

func (c *Client) PutRolePolicyRequest(input *PutRolePolicyInput) PutRolePolicyRequest

PutRolePolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Adds or updates an inline policy document that is embedded in the specified IAM role.

When you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role, using CreateRole. You can update a role's trust policy using UpdateAssumeRolePolicy. For more information about IAM roles, go to Using Roles to Delegate Permissions and Federate Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html).

A role can also have a managed policy attached to it. To attach a managed policy to a role, use AttachRolePolicy. To create a new managed policy, use CreatePolicy. For information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For information about limits on the number of inline policies that you can embed with a role, see Limitations on IAM Entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutRolePolicy. For general information about using the Query API with IAM, go to Making Query Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) in the IAM User Guide.

// Example sending a request using PutRolePolicyRequest.
req := client.PutRolePolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePolicy

Example (Shared00)

To attach a permissions policy to an IAM role

The following command adds a permissions policy to the role named Test-Role.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.PutRolePolicyInput{
		PolicyDocument: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"s3:*\",\"Resource\":\"*\"}}"),
		PolicyName:     aws.String("S3AccessPolicy"),
		RoleName:       aws.String("S3Access"),
	}

	req := svc.PutRolePolicyRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) PutUserPermissionsBoundaryRequest added in v0.9.0

func (c *Client) PutUserPermissionsBoundaryRequest(input *PutUserPermissionsBoundaryInput) PutUserPermissionsBoundaryRequest

PutUserPermissionsBoundaryRequest returns a request value for making API operation for AWS Identity and Access Management.

Adds or updates the policy that is specified as the IAM user's permissions boundary. You can use an AWS managed policy or a customer managed policy to set the boundary for a user. Use the boundary to control the maximum permissions that the user can have. Setting a permissions boundary is an advanced feature that can affect the permissions for the user.

Policies that are used as permissions boundaries do not provide permissions. You must also attach a permissions policy to the user. To learn how the effective permissions for a user are evaluated, see IAM JSON Policy Evaluation Logic (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) in the IAM User Guide.

// Example sending a request using PutUserPermissionsBoundaryRequest.
req := client.PutUserPermissionsBoundaryRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPermissionsBoundary

func (*Client) PutUserPolicyRequest added in v0.9.0

func (c *Client) PutUserPolicyRequest(input *PutUserPolicyInput) PutUserPolicyRequest

PutUserPolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Adds or updates an inline policy document that is embedded in the specified IAM user.

An IAM user can also have a managed policy attached to it. To attach a managed policy to a user, use AttachUserPolicy. To create a new managed policy, use CreatePolicy. For information about policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For information about limits on the number of inline policies that you can embed in a user, see Limitations on IAM Entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutUserPolicy. For general information about using the Query API with IAM, go to Making Query Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) in the IAM User Guide.

// Example sending a request using PutUserPolicyRequest.
req := client.PutUserPolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPolicy

Example (Shared00)

To attach a policy to an IAM user

The following command attaches a policy to the IAM user named Bob.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.PutUserPolicyInput{
		PolicyDocument: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"),
		PolicyName:     aws.String("AllAccessPolicy"),
		UserName:       aws.String("Bob"),
	}

	req := svc.PutUserPolicyRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) RemoveClientIDFromOpenIDConnectProviderRequest added in v0.9.0

func (c *Client) RemoveClientIDFromOpenIDConnectProviderRequest(input *RemoveClientIDFromOpenIDConnectProviderInput) RemoveClientIDFromOpenIDConnectProviderRequest

RemoveClientIDFromOpenIDConnectProviderRequest returns a request value for making API operation for AWS Identity and Access Management.

Removes the specified client ID (also known as audience) from the list of client IDs registered for the specified IAM OpenID Connect (OIDC) provider resource object.

This operation is idempotent; it does not fail or return an error if you try to remove a client ID that does not exist.

// Example sending a request using RemoveClientIDFromOpenIDConnectProviderRequest.
req := client.RemoveClientIDFromOpenIDConnectProviderRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveClientIDFromOpenIDConnectProvider

func (*Client) RemoveRoleFromInstanceProfileRequest added in v0.9.0

func (c *Client) RemoveRoleFromInstanceProfileRequest(input *RemoveRoleFromInstanceProfileInput) RemoveRoleFromInstanceProfileRequest

RemoveRoleFromInstanceProfileRequest returns a request value for making API operation for AWS Identity and Access Management.

Removes the specified IAM role from the specified EC2 instance profile.

Make sure that you do not have any Amazon EC2 instances running with the role you are about to remove from the instance profile. Removing a role from an instance profile that is associated with a running instance might break any applications running on the instance.

For more information about IAM roles, go to Working with Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). For more information about instance profiles, go to About Instance Profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).

// Example sending a request using RemoveRoleFromInstanceProfileRequest.
req := client.RemoveRoleFromInstanceProfileRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveRoleFromInstanceProfile

Example (Shared00)

To remove a role from an instance profile

The following command removes the role named Test-Role from the instance profile named ExampleInstanceProfile.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.RemoveRoleFromInstanceProfileInput{
		InstanceProfileName: aws.String("ExampleInstanceProfile"),
		RoleName:            aws.String("Test-Role"),
	}

	req := svc.RemoveRoleFromInstanceProfileRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) RemoveUserFromGroupRequest added in v0.9.0

func (c *Client) RemoveUserFromGroupRequest(input *RemoveUserFromGroupInput) RemoveUserFromGroupRequest

RemoveUserFromGroupRequest returns a request value for making API operation for AWS Identity and Access Management.

Removes the specified user from the specified group.

// Example sending a request using RemoveUserFromGroupRequest.
req := client.RemoveUserFromGroupRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveUserFromGroup

Example (Shared00)

To remove a user from an IAM group

The following command removes the user named Bob from the IAM group named Admins.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.RemoveUserFromGroupInput{
		GroupName: aws.String("Admins"),
		UserName:  aws.String("Bob"),
	}

	req := svc.RemoveUserFromGroupRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) ResetServiceSpecificCredentialRequest added in v0.9.0

func (c *Client) ResetServiceSpecificCredentialRequest(input *ResetServiceSpecificCredentialInput) ResetServiceSpecificCredentialRequest

ResetServiceSpecificCredentialRequest returns a request value for making API operation for AWS Identity and Access Management.

Resets the password for a service-specific credential. The new password is AWS generated and cryptographically strong. It cannot be configured by the user. Resetting the password immediately invalidates the previous password associated with this user.

// Example sending a request using ResetServiceSpecificCredentialRequest.
req := client.ResetServiceSpecificCredentialRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResetServiceSpecificCredential

func (*Client) ResyncMFADeviceRequest added in v0.9.0

func (c *Client) ResyncMFADeviceRequest(input *ResyncMFADeviceInput) ResyncMFADeviceRequest

ResyncMFADeviceRequest returns a request value for making API operation for AWS Identity and Access Management.

Synchronizes the specified MFA device with its IAM resource object on the AWS servers.

For more information about creating and working with virtual MFA devices, go to Using a Virtual MFA Device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) in the IAM User Guide.

// Example sending a request using ResyncMFADeviceRequest.
req := client.ResyncMFADeviceRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResyncMFADevice

func (*Client) SetDefaultPolicyVersionRequest added in v0.9.0

func (c *Client) SetDefaultPolicyVersionRequest(input *SetDefaultPolicyVersionInput) SetDefaultPolicyVersionRequest

SetDefaultPolicyVersionRequest returns a request value for making API operation for AWS Identity and Access Management.

Sets the specified version of the specified policy as the policy's default (operative) version.

This operation affects all users, groups, and roles that the policy is attached to. To list the users, groups, and roles that the policy is attached to, use the ListEntitiesForPolicy API.

For information about managed policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

// Example sending a request using SetDefaultPolicyVersionRequest.
req := client.SetDefaultPolicyVersionRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetDefaultPolicyVersion

func (*Client) SetSecurityTokenServicePreferencesRequest added in v0.9.0

func (c *Client) SetSecurityTokenServicePreferencesRequest(input *SetSecurityTokenServicePreferencesInput) SetSecurityTokenServicePreferencesRequest

SetSecurityTokenServicePreferencesRequest returns a request value for making API operation for AWS Identity and Access Management.

Sets the specified version of the global endpoint token as the token version used for the AWS account.

By default, AWS Security Token Service (STS) is available as a global service, and all STS requests go to a single endpoint at https://sts.amazonaws.com. AWS recommends using Regional STS endpoints to reduce latency, build in redundancy, and increase session token availability. For information about Regional endpoints for STS, see AWS Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#sts_region) in the AWS General Reference.

If you make an STS call to the global endpoint, the resulting session tokens might be valid in some Regions but not others. It depends on the version that is set in this operation. Version 1 tokens are valid only in AWS Regions that are available by default. These tokens do not work in manually enabled Regions, such as Asia Pacific (Hong Kong). Version 2 tokens are valid in all Regions. However, version 2 tokens are longer and might affect systems where you temporarily store tokens. For information, see Activating and Deactivating STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) in the IAM User Guide.

To view the current session token version, see the GlobalEndpointTokenVersion entry in the response of the GetAccountSummary operation.

// Example sending a request using SetSecurityTokenServicePreferencesRequest.
req := client.SetSecurityTokenServicePreferencesRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetSecurityTokenServicePreferences

Example (Shared00)

To delete an access key for an IAM user

The following command sets the STS global endpoint token to version 2. Version 2 tokens are valid in all Regions.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.SetSecurityTokenServicePreferencesInput{
		GlobalEndpointTokenVersion: iam.GlobalEndpointTokenVersionV2token,
	}

	req := svc.SetSecurityTokenServicePreferencesRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) SimulateCustomPolicyRequest added in v0.9.0

func (c *Client) SimulateCustomPolicyRequest(input *SimulateCustomPolicyInput) SimulateCustomPolicyRequest

SimulateCustomPolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Simulate how a set of IAM policies and optionally a resource-based policy works with a list of API operations and AWS resources to determine the policies' effective permissions. The policies are provided as strings.

The simulation does not perform the API operations; it only checks the authorization to determine if the simulated policies allow or deny the operations.

If you want to simulate existing policies attached to an IAM user, group, or role, use SimulatePrincipalPolicy instead.

Context keys are variables maintained by AWS and its services that provide details about the context of an API query request. You can use the Condition element of an IAM policy to evaluate context keys. To get the list of context keys that the policies require for correct simulation, use GetContextKeysForCustomPolicy.

If the output is long, you can use MaxItems and Marker parameters to paginate the results.

// Example sending a request using SimulateCustomPolicyRequest.
req := client.SimulateCustomPolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulateCustomPolicy

func (*Client) SimulatePrincipalPolicyRequest added in v0.9.0

func (c *Client) SimulatePrincipalPolicyRequest(input *SimulatePrincipalPolicyInput) SimulatePrincipalPolicyRequest

SimulatePrincipalPolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Simulate how a set of IAM policies attached to an IAM entity works with a list of API operations and AWS resources to determine the policies' effective permissions. The entity can be an IAM user, group, or role. If you specify a user, then the simulation also includes all of the policies that are attached to groups that the user belongs to.

You can optionally include a list of one or more additional policies specified as strings to include in the simulation. If you want to simulate only policies specified as strings, use SimulateCustomPolicy instead.

You can also optionally include one resource-based policy to be evaluated with each of the resources included in the simulation.

The simulation does not perform the API operations; it only checks the authorization to determine if the simulated policies allow or deny the operations.

Note: This API discloses information about the permissions granted to other users. If you do not want users to see other user's permissions, then consider allowing them to use SimulateCustomPolicy instead.

Context keys are variables maintained by AWS and its services that provide details about the context of an API query request. You can use the Condition element of an IAM policy to evaluate context keys. To get the list of context keys that the policies require for correct simulation, use GetContextKeysForPrincipalPolicy.

If the output is long, you can use the MaxItems and Marker parameters to paginate the results.

// Example sending a request using SimulatePrincipalPolicyRequest.
req := client.SimulatePrincipalPolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulatePrincipalPolicy

func (*Client) TagRoleRequest added in v0.9.0

func (c *Client) TagRoleRequest(input *TagRoleInput) TagRoleRequest

TagRoleRequest returns a request value for making API operation for AWS Identity and Access Management.

Adds one or more tags to an IAM role. The role can be a regular role or a service-linked role. If a tag with the same key name already exists, then that tag is overwritten with the new value.

A tag consists of a key name and an associated value. By assigning tags to your resources, you can do the following:

  • Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For example, you could search for all resources with the key name Project and the value MyImportantProject. Or search for all resources with the key name Cost Center and the value 41200.

  • Access control - Reference tags in IAM user-based and resource-based policies. You can use tags to restrict access to only an IAM user or role that has a specified tag attached. You can also restrict access to only those resources that have a certain tag attached. For examples of policies that show how to use tags to control access, see Control Access Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) in the IAM User Guide.

  • Cost allocation - Use tags to help track which individuals and teams are using which AWS resources.

  • Make sure that you have no invalid tags and that you do not exceed the allowed number of tags per role. In either case, the entire request fails and no tags are added to the role.

  • AWS always interprets the tag Value as a single string. If you need to store an array, you can store comma-separated values in the string. However, you must interpret the value in your code.

For more information about tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

// Example sending a request using TagRoleRequest.
req := client.TagRoleRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagRole

Example (Shared00)

To add a tag key and value to an IAM role

The following example shows how to add tags to an existing role.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.TagRoleInput{
		RoleName: aws.String("taggedrole"),
		Tags: []iam.Tag{
			{
				Key:   aws.String("Dept"),
				Value: aws.String("Accounting"),
			},
			{
				Key:   aws.String("CostCenter"),
				Value: aws.String("12345"),
			},
		},
	}

	req := svc.TagRoleRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) TagUserRequest added in v0.9.0

func (c *Client) TagUserRequest(input *TagUserInput) TagUserRequest

TagUserRequest returns a request value for making API operation for AWS Identity and Access Management.

Adds one or more tags to an IAM user. If a tag with the same key name already exists, then that tag is overwritten with the new value.

A tag consists of a key name and an associated value. By assigning tags to your resources, you can do the following:

  • Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For example, you could search for all resources with the key name Project and the value MyImportantProject. Or search for all resources with the key name Cost Center and the value 41200.

  • Access control - Reference tags in IAM user-based and resource-based policies. You can use tags to restrict access to only an IAM requesting user or to a role that has a specified tag attached. You can also restrict access to only those resources that have a certain tag attached. For examples of policies that show how to use tags to control access, see Control Access Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) in the IAM User Guide.

  • Cost allocation - Use tags to help track which individuals and teams are using which AWS resources.

  • Make sure that you have no invalid tags and that you do not exceed the allowed number of tags per role. In either case, the entire request fails and no tags are added to the role.

  • AWS always interprets the tag Value as a single string. If you need to store an array, you can store comma-separated values in the string. However, you must interpret the value in your code.

For more information about tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

// Example sending a request using TagUserRequest.
req := client.TagUserRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagUser

Example (Shared00)

To add a tag key and value to an IAM user

The following example shows how to add tags to an existing user.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.TagUserInput{
		Tags: []iam.Tag{
			{
				Key:   aws.String("Dept"),
				Value: aws.String("Accounting"),
			},
			{
				Key:   aws.String("CostCenter"),
				Value: aws.String("12345"),
			},
		},
		UserName: aws.String("anika"),
	}

	req := svc.TagUserRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) UntagRoleRequest added in v0.9.0

func (c *Client) UntagRoleRequest(input *UntagRoleInput) UntagRoleRequest

UntagRoleRequest returns a request value for making API operation for AWS Identity and Access Management.

Removes the specified tags from the role. For more information about tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

// Example sending a request using UntagRoleRequest.
req := client.UntagRoleRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagRole

Example (Shared00)

To remove a tag from an IAM role

The following example shows how to remove a tag with the key 'Dept' from a role named 'taggedrole'.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.UntagRoleInput{
		RoleName: aws.String("taggedrole"),
		TagKeys: []string{
			"Dept",
		},
	}

	req := svc.UntagRoleRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) UntagUserRequest added in v0.9.0

func (c *Client) UntagUserRequest(input *UntagUserInput) UntagUserRequest

UntagUserRequest returns a request value for making API operation for AWS Identity and Access Management.

Removes the specified tags from the user. For more information about tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

// Example sending a request using UntagUserRequest.
req := client.UntagUserRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagUser

Example (Shared00)

To remove a tag from an IAM user

The following example shows how to remove tags that are attached to a user named 'anika'.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.UntagUserInput{
		TagKeys: []string{
			"Dept",
		},
		UserName: aws.String("anika"),
	}

	req := svc.UntagUserRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) UpdateAccessKeyRequest added in v0.9.0

func (c *Client) UpdateAccessKeyRequest(input *UpdateAccessKeyInput) UpdateAccessKeyRequest

UpdateAccessKeyRequest returns a request value for making API operation for AWS Identity and Access Management.

Changes the status of the specified access key from Active to Inactive, or vice versa. This operation can be used to disable a user's key as part of a key rotation workflow.

If the UserName is not specified, the user name is determined implicitly based on the AWS access key ID used to sign the request. This operation works for access keys under the AWS account. Consequently, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated users.

For information about rotating keys, see Managing Keys and Certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingCredentials.html) in the IAM User Guide.

// Example sending a request using UpdateAccessKeyRequest.
req := client.UpdateAccessKeyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccessKey

Example (Shared00)

To activate or deactivate an access key for an IAM user

The following command deactivates the specified access key (access key ID and secret access key) for the IAM user named Bob.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.UpdateAccessKeyInput{
		AccessKeyId: aws.String("AKIAIOSFODNN7EXAMPLE"),
		Status:      iam.StatusTypeInactive,
		UserName:    aws.String("Bob"),
	}

	req := svc.UpdateAccessKeyRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) UpdateAccountPasswordPolicyRequest added in v0.9.0

func (c *Client) UpdateAccountPasswordPolicyRequest(input *UpdateAccountPasswordPolicyInput) UpdateAccountPasswordPolicyRequest

UpdateAccountPasswordPolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Updates the password policy settings for the AWS account.

  • This operation does not support partial updates. No parameters are required, but if you do not specify a parameter, that parameter's value reverts to its default value. See the Request Parameters section for each parameter's default value. Also note that some parameters do not allow the default parameter to be explicitly set. Instead, to invoke the default value, do not include that parameter when you invoke the operation.

For more information about using a password policy, see Managing an IAM Password Policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html) in the IAM User Guide.

// Example sending a request using UpdateAccountPasswordPolicyRequest.
req := client.UpdateAccountPasswordPolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccountPasswordPolicy

Example (Shared00)

To set or change the current account password policy

The following command sets the password policy to require a minimum length of eight characters and to require one or more numbers in the password:

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.UpdateAccountPasswordPolicyInput{
		MinimumPasswordLength: aws.Int64(8),
		RequireNumbers:        aws.Bool(true),
	}

	req := svc.UpdateAccountPasswordPolicyRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) UpdateAssumeRolePolicyRequest added in v0.9.0

func (c *Client) UpdateAssumeRolePolicyRequest(input *UpdateAssumeRolePolicyInput) UpdateAssumeRolePolicyRequest

UpdateAssumeRolePolicyRequest returns a request value for making API operation for AWS Identity and Access Management.

Updates the policy that grants an IAM entity permission to assume a role. This is typically referred to as the "role trust policy". For more information about roles, go to Using Roles to Delegate Permissions and Federate Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html).

// Example sending a request using UpdateAssumeRolePolicyRequest.
req := client.UpdateAssumeRolePolicyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAssumeRolePolicy

Example (Shared00)

To update the trust policy for an IAM role

The following command updates the role trust policy for the role named Test-Role:

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.UpdateAssumeRolePolicyInput{
		PolicyDocument: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}"),
		RoleName:       aws.String("S3AccessForEC2Instances"),
	}

	req := svc.UpdateAssumeRolePolicyRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) UpdateGroupRequest added in v0.9.0

func (c *Client) UpdateGroupRequest(input *UpdateGroupInput) UpdateGroupRequest

UpdateGroupRequest returns a request value for making API operation for AWS Identity and Access Management.

Updates the name and/or the path of the specified IAM group.

You should understand the implications of changing a group's path or name. For more information, see Renaming Users and Groups (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_WorkingWithGroupsAndUsers.html) in the IAM User Guide.

The person making the request (the principal), must have permission to change the role group with the old name and the new name. For example, to change the group named Managers to MGRs, the principal must have a policy that allows them to update both groups. If the principal has permission to update the Managers group, but not the MGRs group, then the update fails. For more information about permissions, see Access Management (https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html).

// Example sending a request using UpdateGroupRequest.
req := client.UpdateGroupRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateGroup

Example (Shared00)

To rename an IAM group

The following command changes the name of the IAM group Test to Test-1.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.UpdateGroupInput{
		GroupName:    aws.String("Test"),
		NewGroupName: aws.String("Test-1"),
	}

	req := svc.UpdateGroupRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) UpdateLoginProfileRequest added in v0.9.0

func (c *Client) UpdateLoginProfileRequest(input *UpdateLoginProfileInput) UpdateLoginProfileRequest

UpdateLoginProfileRequest returns a request value for making API operation for AWS Identity and Access Management.

Changes the password for the specified IAM user.

IAM users can change their own passwords by calling ChangePassword. For more information about modifying passwords, see Managing Passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the IAM User Guide.

// Example sending a request using UpdateLoginProfileRequest.
req := client.UpdateLoginProfileRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateLoginProfile

Example (Shared00)

To change the password for an IAM user

The following command creates or changes the password for the IAM user named Bob.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.UpdateLoginProfileInput{
		Password: aws.String("SomeKindOfPassword123!@#"),
		UserName: aws.String("Bob"),
	}

	req := svc.UpdateLoginProfileRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeEntityTemporarilyUnmodifiableException:
				fmt.Println(iam.ErrCodeEntityTemporarilyUnmodifiableException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodePasswordPolicyViolationException:
				fmt.Println(iam.ErrCodePasswordPolicyViolationException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) UpdateOpenIDConnectProviderThumbprintRequest added in v0.9.0

func (c *Client) UpdateOpenIDConnectProviderThumbprintRequest(input *UpdateOpenIDConnectProviderThumbprintInput) UpdateOpenIDConnectProviderThumbprintRequest

UpdateOpenIDConnectProviderThumbprintRequest returns a request value for making API operation for AWS Identity and Access Management.

Replaces the existing list of server certificate thumbprints associated with an OpenID Connect (OIDC) provider resource object with a new list of thumbprints.

The list that you pass with this operation completely replaces the existing list of thumbprints. (The lists are not merged.)

Typically, you need to update a thumbprint only when the identity provider's certificate changes, which occurs rarely. However, if the provider's certificate does change, any attempt to assume an IAM role that specifies the OIDC provider as a principal fails until the certificate thumbprint is updated.

Trust for the OIDC provider is derived from the provider's certificate and is validated by the thumbprint. Therefore, it is best to limit access to the UpdateOpenIDConnectProviderThumbprint operation to highly privileged users.

// Example sending a request using UpdateOpenIDConnectProviderThumbprintRequest.
req := client.UpdateOpenIDConnectProviderThumbprintRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateOpenIDConnectProviderThumbprint

func (*Client) UpdateRoleDescriptionRequest added in v0.9.0

func (c *Client) UpdateRoleDescriptionRequest(input *UpdateRoleDescriptionInput) UpdateRoleDescriptionRequest

UpdateRoleDescriptionRequest returns a request value for making API operation for AWS Identity and Access Management.

Use UpdateRole instead.

Modifies only the description of a role. This operation performs the same function as the Description parameter in the UpdateRole operation.

// Example sending a request using UpdateRoleDescriptionRequest.
req := client.UpdateRoleDescriptionRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRoleDescription

func (*Client) UpdateRoleRequest added in v0.9.0

func (c *Client) UpdateRoleRequest(input *UpdateRoleInput) UpdateRoleRequest

UpdateRoleRequest returns a request value for making API operation for AWS Identity and Access Management.

Updates the description or maximum session duration setting of a role.

// Example sending a request using UpdateRoleRequest.
req := client.UpdateRoleRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRole

func (*Client) UpdateSAMLProviderRequest added in v0.9.0

func (c *Client) UpdateSAMLProviderRequest(input *UpdateSAMLProviderInput) UpdateSAMLProviderRequest

UpdateSAMLProviderRequest returns a request value for making API operation for AWS Identity and Access Management.

Updates the metadata document for an existing SAML provider resource object.

This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

// Example sending a request using UpdateSAMLProviderRequest.
req := client.UpdateSAMLProviderRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSAMLProvider

func (*Client) UpdateSSHPublicKeyRequest added in v0.9.0

func (c *Client) UpdateSSHPublicKeyRequest(input *UpdateSSHPublicKeyInput) UpdateSSHPublicKeyRequest

UpdateSSHPublicKeyRequest returns a request value for making API operation for AWS Identity and Access Management.

Sets the status of an IAM user's SSH public key to active or inactive. SSH public keys that are inactive cannot be used for authentication. This operation can be used to disable a user's SSH public key as part of a key rotation work flow.

The SSH public key affected by this operation is used only for authenticating the associated IAM user to an AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS CodeCommit for SSH Connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the AWS CodeCommit User Guide.

// Example sending a request using UpdateSSHPublicKeyRequest.
req := client.UpdateSSHPublicKeyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSSHPublicKey

func (*Client) UpdateServerCertificateRequest added in v0.9.0

func (c *Client) UpdateServerCertificateRequest(input *UpdateServerCertificateInput) UpdateServerCertificateRequest

UpdateServerCertificateRequest returns a request value for making API operation for AWS Identity and Access Management.

Updates the name and/or the path of the specified server certificate stored in IAM.

For more information about working with server certificates, see Working with Server Certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic also includes a list of AWS services that can use the server certificates that you manage with IAM.

You should understand the implications of changing a server certificate's path or name. For more information, see Renaming a Server Certificate (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs_manage.html#RenamingServerCerts) in the IAM User Guide.

The person making the request (the principal), must have permission to change the server certificate with the old name and the new name. For example, to change the certificate named ProductionCert to ProdCert, the principal must have a policy that allows them to update both certificates. If the principal has permission to update the ProductionCert group, but not the ProdCert certificate, then the update fails. For more information about permissions, see Access Management (https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) in the IAM User Guide.

// Example sending a request using UpdateServerCertificateRequest.
req := client.UpdateServerCertificateRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServerCertificate

func (*Client) UpdateServiceSpecificCredentialRequest added in v0.9.0

func (c *Client) UpdateServiceSpecificCredentialRequest(input *UpdateServiceSpecificCredentialInput) UpdateServiceSpecificCredentialRequest

UpdateServiceSpecificCredentialRequest returns a request value for making API operation for AWS Identity and Access Management.

Sets the status of a service-specific credential to Active or Inactive. Service-specific credentials that are inactive cannot be used for authentication to the service. This operation can be used to disable a user's service-specific credential as part of a credential rotation work flow.

// Example sending a request using UpdateServiceSpecificCredentialRequest.
req := client.UpdateServiceSpecificCredentialRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServiceSpecificCredential

func (*Client) UpdateSigningCertificateRequest added in v0.9.0

func (c *Client) UpdateSigningCertificateRequest(input *UpdateSigningCertificateInput) UpdateSigningCertificateRequest

UpdateSigningCertificateRequest returns a request value for making API operation for AWS Identity and Access Management.

Changes the status of the specified user signing certificate from active to disabled, or vice versa. This operation can be used to disable an IAM user's signing certificate as part of a certificate rotation work flow.

If the UserName field is not specified, the user name is determined implicitly based on the AWS access key ID used to sign the request. This operation works for access keys under the AWS account. Consequently, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated users.

// Example sending a request using UpdateSigningCertificateRequest.
req := client.UpdateSigningCertificateRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSigningCertificate

Example (Shared00)

To change the active status of a signing certificate for an IAM user

The following command changes the status of a signing certificate for a user named Bob to Inactive.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.UpdateSigningCertificateInput{
		CertificateId: aws.String("TA7SMP42TDN5Z26OBPJE7EXAMPLE"),
		Status:        iam.StatusTypeInactive,
		UserName:      aws.String("Bob"),
	}

	req := svc.UpdateSigningCertificateRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) UpdateUserRequest added in v0.9.0

func (c *Client) UpdateUserRequest(input *UpdateUserInput) UpdateUserRequest

UpdateUserRequest returns a request value for making API operation for AWS Identity and Access Management.

Updates the name and/or the path of the specified IAM user.

You should understand the implications of changing an IAM user's path or name. For more information, see Renaming an IAM User (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_manage.html#id_users_renaming) and Renaming an IAM Group (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_groups_manage_rename.html) in the IAM User Guide.

To change a user name, the requester must have appropriate permissions on both the source object and the target object. For example, to change Bob to Robert, the entity making the request must have permission on Bob and Robert, or must have permission on all (*). For more information about permissions, see Permissions and Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/PermissionsAndPolicies.html).

// Example sending a request using UpdateUserRequest.
req := client.UpdateUserRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateUser

Example (Shared00)

To change an IAM user's name

The following command changes the name of the IAM user Bob to Robert. It does not change the user's path.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.UpdateUserInput{
		NewUserName: aws.String("Robert"),
		UserName:    aws.String("Bob"),
	}

	req := svc.UpdateUserRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeEntityTemporarilyUnmodifiableException:
				fmt.Println(iam.ErrCodeEntityTemporarilyUnmodifiableException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) UploadSSHPublicKeyRequest added in v0.9.0

func (c *Client) UploadSSHPublicKeyRequest(input *UploadSSHPublicKeyInput) UploadSSHPublicKeyRequest

UploadSSHPublicKeyRequest returns a request value for making API operation for AWS Identity and Access Management.

Uploads an SSH public key and associates it with the specified IAM user.

The SSH public key uploaded by this operation can be used only for authenticating the associated IAM user to an AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS CodeCommit for SSH Connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the AWS CodeCommit User Guide.

// Example sending a request using UploadSSHPublicKeyRequest.
req := client.UploadSSHPublicKeyRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSSHPublicKey

func (*Client) UploadServerCertificateRequest added in v0.9.0

func (c *Client) UploadServerCertificateRequest(input *UploadServerCertificateInput) UploadServerCertificateRequest

UploadServerCertificateRequest returns a request value for making API operation for AWS Identity and Access Management.

Uploads a server certificate entity for the AWS account. The server certificate entity includes a public key certificate, a private key, and an optional certificate chain, which should all be PEM-encoded.

We recommend that you use AWS Certificate Manager (https://docs.aws.amazon.com/acm/) to provision, manage, and deploy your server certificates. With ACM you can request a certificate, deploy it to AWS resources, and let ACM handle certificate renewals for you. Certificates provided by ACM are free. For more information about using ACM, see the AWS Certificate Manager User Guide (https://docs.aws.amazon.com/acm/latest/userguide/).

For more information about working with server certificates, see Working with Server Certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic includes a list of AWS services that can use the server certificates that you manage with IAM.

For information about the number of server certificates you can upload, see Limitations on IAM Entities and Objects (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html) in the IAM User Guide.

Because the body of the public key certificate, private key, and the certificate chain can be large, you should use POST rather than GET when calling UploadServerCertificate. For information about setting up signatures and authorization through the API, go to Signing AWS API Requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html) in the AWS General Reference. For general information about using the Query API with IAM, go to Calling the API by Making HTTP Query Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/programming.html) in the IAM User Guide.

// Example sending a request using UploadServerCertificateRequest.
req := client.UploadServerCertificateRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadServerCertificate

Example (Shared00)

To upload a server certificate to your AWS account

The following upload-server-certificate command uploads a server certificate to your AWS account:

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.UploadServerCertificateInput{
		CertificateBody:       aws.String("-----BEGIN CERTIFICATE-----<a very long certificate text string>-----END CERTIFICATE-----"),
		Path:                  aws.String("/company/servercerts/"),
		PrivateKey:            aws.String("-----BEGIN DSA PRIVATE KEY-----<a very long private key string>-----END DSA PRIVATE KEY-----"),
		ServerCertificateName: aws.String("ProdServerCert"),
	}

	req := svc.UploadServerCertificateRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeMalformedCertificateException:
				fmt.Println(iam.ErrCodeMalformedCertificateException, aerr.Error())
			case iam.ErrCodeKeyPairMismatchException:
				fmt.Println(iam.ErrCodeKeyPairMismatchException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) UploadSigningCertificateRequest added in v0.9.0

func (c *Client) UploadSigningCertificateRequest(input *UploadSigningCertificateInput) UploadSigningCertificateRequest

UploadSigningCertificateRequest returns a request value for making API operation for AWS Identity and Access Management.

Uploads an X.509 signing certificate and associates it with the specified IAM user. Some AWS services use X.509 signing certificates to validate requests that are signed with a corresponding private key. When you upload the certificate, its default status is Active.

If the UserName is not specified, the IAM user name is determined implicitly based on the AWS access key ID used to sign the request. This operation works for access keys under the AWS account. Consequently, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated users.

Because the body of an X.509 certificate can be large, you should use POST rather than GET when calling UploadSigningCertificate. For information about setting up signatures and authorization through the API, go to Signing AWS API Requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html) in the AWS General Reference. For general information about using the Query API with IAM, go to Making Query Requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) in the IAM User Guide.

// Example sending a request using UploadSigningCertificateRequest.
req := client.UploadSigningCertificateRequest(params)
resp, err := req.Send(context.TODO())
if err == nil {
    fmt.Println(resp)
}

Please also see https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSigningCertificate

Example (Shared00)

To upload a signing certificate for an IAM user

The following command uploads a signing certificate for the IAM user named Bob.

package main

import (
	"context"
	"fmt"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/aws/awserr"
	"github.com/aws/aws-sdk-go-v2/aws/external"
	"github.com/aws/aws-sdk-go-v2/service/iam"
)

func main() {
	cfg, err := external.LoadDefaultAWSConfig()
	if err != nil {
		panic("failed to load config, " + err.Error())
	}

	svc := iam.New(cfg)
	input := &iam.UploadSigningCertificateInput{
		CertificateBody: aws.String("-----BEGIN CERTIFICATE-----<certificate-body>-----END CERTIFICATE-----"),
		UserName:        aws.String("Bob"),
	}

	req := svc.UploadSigningCertificateRequest(input)
	result, err := req.Send(context.Background())
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeMalformedCertificateException:
				fmt.Println(iam.ErrCodeMalformedCertificateException, aerr.Error())
			case iam.ErrCodeInvalidCertificateException:
				fmt.Println(iam.ErrCodeInvalidCertificateException, aerr.Error())
			case iam.ErrCodeDuplicateCertificateException:
				fmt.Println(iam.ErrCodeDuplicateCertificateException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*Client) WaitUntilInstanceProfileExists added in v0.9.0

func (c *Client) WaitUntilInstanceProfileExists(ctx context.Context, input *GetInstanceProfileInput, opts ...aws.WaiterOption) error

WaitUntilInstanceProfileExists uses the IAM API operation GetInstanceProfile to wait for a condition to be met before returning. If the condition is not met within the max attempt window, an error will be returned.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*Client) WaitUntilPolicyExists added in v0.9.0

func (c *Client) WaitUntilPolicyExists(ctx context.Context, input *GetPolicyInput, opts ...aws.WaiterOption) error

WaitUntilPolicyExists uses the IAM API operation GetPolicy to wait for a condition to be met before returning. If the condition is not met within the max attempt window, an error will be returned.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*Client) WaitUntilRoleExists added in v0.9.0

func (c *Client) WaitUntilRoleExists(ctx context.Context, input *GetRoleInput, opts ...aws.WaiterOption) error

WaitUntilRoleExists uses the IAM API operation GetRole to wait for a condition to be met before returning. If the condition is not met within the max attempt window, an error will be returned.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*Client) WaitUntilUserExists added in v0.9.0

func (c *Client) WaitUntilUserExists(ctx context.Context, input *GetUserInput, opts ...aws.WaiterOption) error

WaitUntilUserExists uses the IAM API operation GetUser to wait for a condition to be met before returning. If the condition is not met within the max attempt window, an error will be returned.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

type ContextEntry

type ContextEntry struct {

	// The full name of a condition context key, including the service prefix. For
	// example, aws:SourceIp or s3:VersionId.
	ContextKeyName *string `min:"5" type:"string"`

	// The data type of the value (or values) specified in the ContextKeyValues
	// parameter.
	ContextKeyType ContextKeyTypeEnum `type:"string" enum:"true"`

	// The value (or values, if the condition context key supports multiple values)
	// to provide to the simulation when the key is referenced by a Condition element
	// in an input policy.
	ContextKeyValues []string `type:"list"`
	// contains filtered or unexported fields
}

Contains information about a condition context key. It includes the name of the key and specifies the value (or values, if the context key supports multiple values) to use in the simulation. This information is used when evaluating the Condition elements of the input policies.

This data type is used as an input parameter to SimulateCustomPolicy and SimulatePrincipalPolicy .

func (ContextEntry) String

func (s ContextEntry) String() string

String returns the string representation

func (*ContextEntry) Validate

func (s *ContextEntry) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ContextKeyTypeEnum

type ContextKeyTypeEnum string
const (
	ContextKeyTypeEnumString      ContextKeyTypeEnum = "string"
	ContextKeyTypeEnumStringList  ContextKeyTypeEnum = "stringList"
	ContextKeyTypeEnumNumeric     ContextKeyTypeEnum = "numeric"
	ContextKeyTypeEnumNumericList ContextKeyTypeEnum = "numericList"
	ContextKeyTypeEnumBoolean     ContextKeyTypeEnum = "boolean"
	ContextKeyTypeEnumBooleanList ContextKeyTypeEnum = "booleanList"
	ContextKeyTypeEnumIp          ContextKeyTypeEnum = "ip"
	ContextKeyTypeEnumIpList      ContextKeyTypeEnum = "ipList"
	ContextKeyTypeEnumBinary      ContextKeyTypeEnum = "binary"
	ContextKeyTypeEnumBinaryList  ContextKeyTypeEnum = "binaryList"
	ContextKeyTypeEnumDate        ContextKeyTypeEnum = "date"
	ContextKeyTypeEnumDateList    ContextKeyTypeEnum = "dateList"
)

Enum values for ContextKeyTypeEnum

func (ContextKeyTypeEnum) MarshalValue added in v0.3.0

func (enum ContextKeyTypeEnum) MarshalValue() (string, error)

func (ContextKeyTypeEnum) MarshalValueBuf added in v0.3.0

func (enum ContextKeyTypeEnum) MarshalValueBuf(b []byte) ([]byte, error)

type CreateAccessKeyInput

type CreateAccessKeyInput struct {

	// The name of the IAM user that the new key will belong to.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (CreateAccessKeyInput) String

func (s CreateAccessKeyInput) String() string

String returns the string representation

func (*CreateAccessKeyInput) Validate

func (s *CreateAccessKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateAccessKeyOutput

type CreateAccessKeyOutput struct {

	// A structure with details about the access key.
	//
	// AccessKey is a required field
	AccessKey *AccessKey `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateAccessKey request.

func (CreateAccessKeyOutput) String

func (s CreateAccessKeyOutput) String() string

String returns the string representation

type CreateAccessKeyRequest

type CreateAccessKeyRequest struct {
	*aws.Request
	Input *CreateAccessKeyInput
	Copy  func(*CreateAccessKeyInput) CreateAccessKeyRequest
}

CreateAccessKeyRequest is the request type for the CreateAccessKey API operation.

func (CreateAccessKeyRequest) Send

Send marshals and sends the CreateAccessKey API request.

type CreateAccessKeyResponse added in v0.9.0

type CreateAccessKeyResponse struct {
	*CreateAccessKeyOutput
	// contains filtered or unexported fields
}

CreateAccessKeyResponse is the response type for the CreateAccessKey API operation.

func (*CreateAccessKeyResponse) SDKResponseMetdata added in v0.9.0

func (r *CreateAccessKeyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the CreateAccessKey request.

type CreateAccountAliasInput

type CreateAccountAliasInput struct {

	// The account alias to create.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of lowercase letters, digits, and dashes.
	// You cannot start or finish with a dash, nor can you have two dashes in a
	// row.
	//
	// AccountAlias is a required field
	AccountAlias *string `min:"3" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateAccountAliasInput) String

func (s CreateAccountAliasInput) String() string

String returns the string representation

func (*CreateAccountAliasInput) Validate

func (s *CreateAccountAliasInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateAccountAliasOutput

type CreateAccountAliasOutput struct {
	// contains filtered or unexported fields
}

func (CreateAccountAliasOutput) String

func (s CreateAccountAliasOutput) String() string

String returns the string representation

type CreateAccountAliasRequest

type CreateAccountAliasRequest struct {
	*aws.Request
	Input *CreateAccountAliasInput
	Copy  func(*CreateAccountAliasInput) CreateAccountAliasRequest
}

CreateAccountAliasRequest is the request type for the CreateAccountAlias API operation.

func (CreateAccountAliasRequest) Send

Send marshals and sends the CreateAccountAlias API request.

type CreateAccountAliasResponse added in v0.9.0

type CreateAccountAliasResponse struct {
	*CreateAccountAliasOutput
	// contains filtered or unexported fields
}

CreateAccountAliasResponse is the response type for the CreateAccountAlias API operation.

func (*CreateAccountAliasResponse) SDKResponseMetdata added in v0.9.0

func (r *CreateAccountAliasResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the CreateAccountAlias request.

type CreateGroupInput

type CreateGroupInput struct {

	// The name of the group to create. Do not include the path in this value.
	//
	// IAM user, group, role, and policy names must be unique within the account.
	// Names are not distinguished by case. For example, you cannot create resources
	// named both "MyResource" and "myresource".
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The path to the group. For more information about paths, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (CreateGroupInput) String

func (s CreateGroupInput) String() string

String returns the string representation

func (*CreateGroupInput) Validate

func (s *CreateGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateGroupOutput

type CreateGroupOutput struct {

	// A structure containing details about the new group.
	//
	// Group is a required field
	Group *Group `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateGroup request.

func (CreateGroupOutput) String

func (s CreateGroupOutput) String() string

String returns the string representation

type CreateGroupRequest

type CreateGroupRequest struct {
	*aws.Request
	Input *CreateGroupInput
	Copy  func(*CreateGroupInput) CreateGroupRequest
}

CreateGroupRequest is the request type for the CreateGroup API operation.

func (CreateGroupRequest) Send

Send marshals and sends the CreateGroup API request.

type CreateGroupResponse added in v0.9.0

type CreateGroupResponse struct {
	*CreateGroupOutput
	// contains filtered or unexported fields
}

CreateGroupResponse is the response type for the CreateGroup API operation.

func (*CreateGroupResponse) SDKResponseMetdata added in v0.9.0

func (r *CreateGroupResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the CreateGroup request.

type CreateInstanceProfileInput

type CreateInstanceProfileInput struct {

	// The name of the instance profile to create.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`

	// The path to the instance profile. For more information about paths, see IAM
	// Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (CreateInstanceProfileInput) String

String returns the string representation

func (*CreateInstanceProfileInput) Validate

func (s *CreateInstanceProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateInstanceProfileOutput

type CreateInstanceProfileOutput struct {

	// A structure containing details about the new instance profile.
	//
	// InstanceProfile is a required field
	InstanceProfile *InstanceProfile `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateInstanceProfile request.

func (CreateInstanceProfileOutput) String

String returns the string representation

type CreateInstanceProfileRequest

type CreateInstanceProfileRequest struct {
	*aws.Request
	Input *CreateInstanceProfileInput
	Copy  func(*CreateInstanceProfileInput) CreateInstanceProfileRequest
}

CreateInstanceProfileRequest is the request type for the CreateInstanceProfile API operation.

func (CreateInstanceProfileRequest) Send

Send marshals and sends the CreateInstanceProfile API request.

type CreateInstanceProfileResponse added in v0.9.0

type CreateInstanceProfileResponse struct {
	*CreateInstanceProfileOutput
	// contains filtered or unexported fields
}

CreateInstanceProfileResponse is the response type for the CreateInstanceProfile API operation.

func (*CreateInstanceProfileResponse) SDKResponseMetdata added in v0.9.0

func (r *CreateInstanceProfileResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the CreateInstanceProfile request.

type CreateLoginProfileInput

type CreateLoginProfileInput struct {

	// The new password for the user.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
	// this parameter is a string of characters. That string can include almost
	// any printable ASCII character from the space (\u0020) through the end of
	// the ASCII character range (\u00FF). You can also include the tab (\u0009),
	// line feed (\u000A), and carriage return (\u000D) characters. Any of these
	// characters are valid in a password. However, many tools, such as the AWS
	// Management Console, might restrict the ability to type certain characters
	// because they have special meaning within that tool.
	//
	// Password is a required field
	Password *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// Specifies whether the user is required to set a new password on next sign-in.
	PasswordResetRequired *bool `type:"boolean"`

	// The name of the IAM user to create a password for. The user must already
	// exist.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateLoginProfileInput) String

func (s CreateLoginProfileInput) String() string

String returns the string representation

func (*CreateLoginProfileInput) Validate

func (s *CreateLoginProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateLoginProfileOutput

type CreateLoginProfileOutput struct {

	// A structure containing the user name and password create date.
	//
	// LoginProfile is a required field
	LoginProfile *LoginProfile `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateLoginProfile request.

func (CreateLoginProfileOutput) String

func (s CreateLoginProfileOutput) String() string

String returns the string representation

type CreateLoginProfileRequest

type CreateLoginProfileRequest struct {
	*aws.Request
	Input *CreateLoginProfileInput
	Copy  func(*CreateLoginProfileInput) CreateLoginProfileRequest
}

CreateLoginProfileRequest is the request type for the CreateLoginProfile API operation.

func (CreateLoginProfileRequest) Send

Send marshals and sends the CreateLoginProfile API request.

type CreateLoginProfileResponse added in v0.9.0

type CreateLoginProfileResponse struct {
	*CreateLoginProfileOutput
	// contains filtered or unexported fields
}

CreateLoginProfileResponse is the response type for the CreateLoginProfile API operation.

func (*CreateLoginProfileResponse) SDKResponseMetdata added in v0.9.0

func (r *CreateLoginProfileResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the CreateLoginProfile request.

type CreateOpenIDConnectProviderInput

type CreateOpenIDConnectProviderInput struct {

	// A list of client IDs (also known as audiences). When a mobile or web app
	// registers with an OpenID Connect provider, they establish a value that identifies
	// the application. (This is the value that's sent as the client_id parameter
	// on OAuth requests.)
	//
	// You can register multiple client IDs with the same provider. For example,
	// you might have multiple applications that use the same OIDC provider. You
	// cannot register more than 100 client IDs with a single IAM OIDC provider.
	//
	// There is no defined format for a client ID. The CreateOpenIDConnectProviderRequest
	// operation accepts client IDs up to 255 characters long.
	ClientIDList []string `type:"list"`

	// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity
	// provider's server certificates. Typically this list includes only one entry.
	// However, IAM lets you have up to five thumbprints for an OIDC provider. This
	// lets you maintain multiple thumbprints if the identity provider is rotating
	// certificates.
	//
	// The server certificate thumbprint is the hex-encoded SHA-1 hash value of
	// the X.509 certificate used by the domain where the OpenID Connect provider
	// makes its keys available. It is always a 40-character string.
	//
	// You must provide at least one thumbprint when creating an IAM OIDC provider.
	// For example, assume that the OIDC provider is server.example.com and the
	// provider stores its keys at https://keys.server.example.com/openid-connect.
	// In that case, the thumbprint string would be the hex-encoded SHA-1 hash value
	// of the certificate used by https://keys.server.example.com.
	//
	// For more information about obtaining the OIDC provider's thumbprint, see
	// Obtaining the Thumbprint for an OpenID Connect Provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html)
	// in the IAM User Guide.
	//
	// ThumbprintList is a required field
	ThumbprintList []string `type:"list" required:"true"`

	// The URL of the identity provider. The URL must begin with https:// and should
	// correspond to the iss claim in the provider's OpenID Connect ID tokens. Per
	// the OIDC standard, path components are allowed but query parameters are not.
	// Typically the URL consists of only a hostname, like https://server.example.org
	// or https://example.com.
	//
	// You cannot register the same provider multiple times in a single AWS account.
	// If you try to submit a URL that has already been used for an OpenID Connect
	// provider in the AWS account, you will get an error.
	//
	// Url is a required field
	Url *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateOpenIDConnectProviderInput) String

String returns the string representation

func (*CreateOpenIDConnectProviderInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type CreateOpenIDConnectProviderOutput

type CreateOpenIDConnectProviderOutput struct {

	// The Amazon Resource Name (ARN) of the new IAM OpenID Connect provider that
	// is created. For more information, see OpenIDConnectProviderListEntry.
	OpenIDConnectProviderArn *string `min:"20" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateOpenIDConnectProvider request.

func (CreateOpenIDConnectProviderOutput) String

String returns the string representation

type CreateOpenIDConnectProviderRequest

type CreateOpenIDConnectProviderRequest struct {
	*aws.Request
	Input *CreateOpenIDConnectProviderInput
	Copy  func(*CreateOpenIDConnectProviderInput) CreateOpenIDConnectProviderRequest
}

CreateOpenIDConnectProviderRequest is the request type for the CreateOpenIDConnectProvider API operation.

func (CreateOpenIDConnectProviderRequest) Send

Send marshals and sends the CreateOpenIDConnectProvider API request.

type CreateOpenIDConnectProviderResponse added in v0.9.0

type CreateOpenIDConnectProviderResponse struct {
	*CreateOpenIDConnectProviderOutput
	// contains filtered or unexported fields
}

CreateOpenIDConnectProviderResponse is the response type for the CreateOpenIDConnectProvider API operation.

func (*CreateOpenIDConnectProviderResponse) SDKResponseMetdata added in v0.9.0

func (r *CreateOpenIDConnectProviderResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the CreateOpenIDConnectProvider request.

type CreatePolicyInput

type CreatePolicyInput struct {

	// A friendly description of the policy.
	//
	// Typically used to store information about the permissions defined in the
	// policy. For example, "Grants access to production DynamoDB tables."
	//
	// The policy description is immutable. After a value is assigned, it cannot
	// be changed.
	Description *string `type:"string"`

	// The path for the policy.
	//
	// For more information about paths, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`

	// The JSON policy document that you want to use as the content for the new
	// policy.
	//
	// You must provide policies in JSON format in IAM. However, for AWS CloudFormation
	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
	// AWS CloudFormation always converts a YAML policy to JSON format before submitting
	// it to IAM.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The friendly name of the policy.
	//
	// IAM user, group, role, and policy names must be unique within the account.
	// Names are not distinguished by case. For example, you cannot create resources
	// named both "MyResource" and "myresource".
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreatePolicyInput) String

func (s CreatePolicyInput) String() string

String returns the string representation

func (*CreatePolicyInput) Validate

func (s *CreatePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreatePolicyOutput

type CreatePolicyOutput struct {

	// A structure containing details about the new policy.
	Policy *Policy `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreatePolicy request.

func (CreatePolicyOutput) String

func (s CreatePolicyOutput) String() string

String returns the string representation

type CreatePolicyRequest

type CreatePolicyRequest struct {
	*aws.Request
	Input *CreatePolicyInput
	Copy  func(*CreatePolicyInput) CreatePolicyRequest
}

CreatePolicyRequest is the request type for the CreatePolicy API operation.

func (CreatePolicyRequest) Send

Send marshals and sends the CreatePolicy API request.

type CreatePolicyResponse added in v0.9.0

type CreatePolicyResponse struct {
	*CreatePolicyOutput
	// contains filtered or unexported fields
}

CreatePolicyResponse is the response type for the CreatePolicy API operation.

func (*CreatePolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *CreatePolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the CreatePolicy request.

type CreatePolicyVersionInput

type CreatePolicyVersionInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy to which you want to add
	// a new version.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The JSON policy document that you want to use as the content for this new
	// version of the policy.
	//
	// You must provide policies in JSON format in IAM. However, for AWS CloudFormation
	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
	// AWS CloudFormation always converts a YAML policy to JSON format before submitting
	// it to IAM.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// Specifies whether to set this version as the policy's default version.
	//
	// When this parameter is true, the new policy version becomes the operative
	// version. That is, it becomes the version that is in effect for the IAM users,
	// groups, and roles that the policy is attached to.
	//
	// For more information about managed policy versions, see Versioning for Managed
	// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the IAM User Guide.
	SetAsDefault *bool `type:"boolean"`
	// contains filtered or unexported fields
}

func (CreatePolicyVersionInput) String

func (s CreatePolicyVersionInput) String() string

String returns the string representation

func (*CreatePolicyVersionInput) Validate

func (s *CreatePolicyVersionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreatePolicyVersionOutput

type CreatePolicyVersionOutput struct {

	// A structure containing details about the new policy version.
	PolicyVersion *PolicyVersion `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreatePolicyVersion request.

func (CreatePolicyVersionOutput) String

func (s CreatePolicyVersionOutput) String() string

String returns the string representation

type CreatePolicyVersionRequest

type CreatePolicyVersionRequest struct {
	*aws.Request
	Input *CreatePolicyVersionInput
	Copy  func(*CreatePolicyVersionInput) CreatePolicyVersionRequest
}

CreatePolicyVersionRequest is the request type for the CreatePolicyVersion API operation.

func (CreatePolicyVersionRequest) Send

Send marshals and sends the CreatePolicyVersion API request.

type CreatePolicyVersionResponse added in v0.9.0

type CreatePolicyVersionResponse struct {
	*CreatePolicyVersionOutput
	// contains filtered or unexported fields
}

CreatePolicyVersionResponse is the response type for the CreatePolicyVersion API operation.

func (*CreatePolicyVersionResponse) SDKResponseMetdata added in v0.9.0

func (r *CreatePolicyVersionResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the CreatePolicyVersion request.

type CreateRoleInput

type CreateRoleInput struct {

	// The trust relationship policy document that grants an entity permission to
	// assume the role.
	//
	// In IAM, you must provide a JSON policy that has been converted to a string.
	// However, for AWS CloudFormation templates formatted in YAML, you can provide
	// the policy in JSON or YAML format. AWS CloudFormation always converts a YAML
	// policy to JSON format before submitting it to IAM.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// Upon success, the response includes the same trust policy in JSON format.
	//
	// AssumeRolePolicyDocument is a required field
	AssumeRolePolicyDocument *string `min:"1" type:"string" required:"true"`

	// A description of the role.
	Description *string `type:"string"`

	// The maximum session duration (in seconds) that you want to set for the specified
	// role. If you do not specify a value for this setting, the default maximum
	// of one hour is applied. This setting can have a value from 1 hour to 12 hours.
	//
	// Anyone who assumes the role from the AWS CLI or API can use the DurationSeconds
	// API parameter or the duration-seconds CLI parameter to request a longer session.
	// The MaxSessionDuration setting determines the maximum duration that can be
	// requested using the DurationSeconds parameter. If users don't specify a value
	// for the DurationSeconds parameter, their security credentials are valid for
	// one hour by default. This applies when you use the AssumeRole* API operations
	// or the assume-role* CLI operations but does not apply when you use those
	// operations to create a console URL. For more information, see Using IAM Roles
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the
	// IAM User Guide.
	MaxSessionDuration *int64 `min:"3600" type:"integer"`

	// The path to the role. For more information about paths, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`

	// The ARN of the policy that is used to set the permissions boundary for the
	// role.
	PermissionsBoundary *string `min:"20" type:"string"`

	// The name of the role to create.
	//
	// IAM user, group, role, and policy names must be unique within the account.
	// Names are not distinguished by case. For example, you cannot create resources
	// named both "MyResource" and "myresource".
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`

	// A list of tags that you want to attach to the newly created role. Each tag
	// consists of a key name and an associated value. For more information about
	// tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	//
	// If any one of the tags is invalid or if you exceed the allowed number of
	// tags per role, then the entire request fails and the role is not created.
	Tags []Tag `type:"list"`
	// contains filtered or unexported fields
}

func (CreateRoleInput) String

func (s CreateRoleInput) String() string

String returns the string representation

func (*CreateRoleInput) Validate

func (s *CreateRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateRoleOutput

type CreateRoleOutput struct {

	// A structure containing details about the new role.
	//
	// Role is a required field
	Role *Role `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateRole request.

func (CreateRoleOutput) String

func (s CreateRoleOutput) String() string

String returns the string representation

type CreateRoleRequest

type CreateRoleRequest struct {
	*aws.Request
	Input *CreateRoleInput
	Copy  func(*CreateRoleInput) CreateRoleRequest
}

CreateRoleRequest is the request type for the CreateRole API operation.

func (CreateRoleRequest) Send

Send marshals and sends the CreateRole API request.

type CreateRoleResponse added in v0.9.0

type CreateRoleResponse struct {
	*CreateRoleOutput
	// contains filtered or unexported fields
}

CreateRoleResponse is the response type for the CreateRole API operation.

func (*CreateRoleResponse) SDKResponseMetdata added in v0.9.0

func (r *CreateRoleResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the CreateRole request.

type CreateSAMLProviderInput

type CreateSAMLProviderInput struct {

	// The name of the provider to create.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`

	// An XML document generated by an identity provider (IdP) that supports SAML
	// 2.0. The document includes the issuer's name, expiration information, and
	// keys that can be used to validate the SAML authentication response (assertions)
	// that are received from the IdP. You must generate the metadata document using
	// the identity management software that is used as your organization's IdP.
	//
	// For more information, see About SAML 2.0-based Federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html)
	// in the IAM User Guide
	//
	// SAMLMetadataDocument is a required field
	SAMLMetadataDocument *string `min:"1000" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateSAMLProviderInput) String

func (s CreateSAMLProviderInput) String() string

String returns the string representation

func (*CreateSAMLProviderInput) Validate

func (s *CreateSAMLProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateSAMLProviderOutput

type CreateSAMLProviderOutput struct {

	// The Amazon Resource Name (ARN) of the new SAML provider resource in IAM.
	SAMLProviderArn *string `min:"20" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateSAMLProvider request.

func (CreateSAMLProviderOutput) String

func (s CreateSAMLProviderOutput) String() string

String returns the string representation

type CreateSAMLProviderRequest

type CreateSAMLProviderRequest struct {
	*aws.Request
	Input *CreateSAMLProviderInput
	Copy  func(*CreateSAMLProviderInput) CreateSAMLProviderRequest
}

CreateSAMLProviderRequest is the request type for the CreateSAMLProvider API operation.

func (CreateSAMLProviderRequest) Send

Send marshals and sends the CreateSAMLProvider API request.

type CreateSAMLProviderResponse added in v0.9.0

type CreateSAMLProviderResponse struct {
	*CreateSAMLProviderOutput
	// contains filtered or unexported fields
}

CreateSAMLProviderResponse is the response type for the CreateSAMLProvider API operation.

func (*CreateSAMLProviderResponse) SDKResponseMetdata added in v0.9.0

func (r *CreateSAMLProviderResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the CreateSAMLProvider request.

type CreateServiceLinkedRoleInput

type CreateServiceLinkedRoleInput struct {

	// The service principal for the AWS service to which this role is attached.
	// You use a string similar to a URL but without the http:// in front. For example:
	// elasticbeanstalk.amazonaws.com.
	//
	// Service principals are unique and case-sensitive. To find the exact service
	// principal for your service-linked role, see AWS Services That Work with IAM
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html)
	// in the IAM User Guide. Look for the services that have Yes in the Service-Linked
	// Role column. Choose the Yes link to view the service-linked role documentation
	// for that service.
	//
	// AWSServiceName is a required field
	AWSServiceName *string `min:"1" type:"string" required:"true"`

	// A string that you provide, which is combined with the service-provided prefix
	// to form the complete role name. If you make multiple requests for the same
	// service, then you must supply a different CustomSuffix for each request.
	// Otherwise the request fails with a duplicate role name error. For example,
	// you could add -1 or -debug to the suffix.
	//
	// Some services do not support the CustomSuffix parameter. If you provide an
	// optional suffix and the operation fails, try the operation again without
	// the suffix.
	CustomSuffix *string `min:"1" type:"string"`

	// The description of the role.
	Description *string `type:"string"`
	// contains filtered or unexported fields
}

func (CreateServiceLinkedRoleInput) String

String returns the string representation

func (*CreateServiceLinkedRoleInput) Validate

func (s *CreateServiceLinkedRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateServiceLinkedRoleOutput

type CreateServiceLinkedRoleOutput struct {

	// A Role object that contains details about the newly created role.
	Role *Role `type:"structure"`
	// contains filtered or unexported fields
}

func (CreateServiceLinkedRoleOutput) String

String returns the string representation

type CreateServiceLinkedRoleRequest

type CreateServiceLinkedRoleRequest struct {
	*aws.Request
	Input *CreateServiceLinkedRoleInput
	Copy  func(*CreateServiceLinkedRoleInput) CreateServiceLinkedRoleRequest
}

CreateServiceLinkedRoleRequest is the request type for the CreateServiceLinkedRole API operation.

func (CreateServiceLinkedRoleRequest) Send

Send marshals and sends the CreateServiceLinkedRole API request.

type CreateServiceLinkedRoleResponse added in v0.9.0

type CreateServiceLinkedRoleResponse struct {
	*CreateServiceLinkedRoleOutput
	// contains filtered or unexported fields
}

CreateServiceLinkedRoleResponse is the response type for the CreateServiceLinkedRole API operation.

func (*CreateServiceLinkedRoleResponse) SDKResponseMetdata added in v0.9.0

func (r *CreateServiceLinkedRoleResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the CreateServiceLinkedRole request.

type CreateServiceSpecificCredentialInput

type CreateServiceSpecificCredentialInput struct {

	// The name of the AWS service that is to be associated with the credentials.
	// The service you specify here is the only service that can be accessed using
	// these credentials.
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`

	// The name of the IAM user that is to be associated with the credentials. The
	// new service-specific credentials have the same permissions as the associated
	// user except that they can be used only to access the specified service.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateServiceSpecificCredentialInput) String

String returns the string representation

func (*CreateServiceSpecificCredentialInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type CreateServiceSpecificCredentialOutput

type CreateServiceSpecificCredentialOutput struct {

	// A structure that contains information about the newly created service-specific
	// credential.
	//
	// This is the only time that the password for this credential set is available.
	// It cannot be recovered later. Instead, you must reset the password with ResetServiceSpecificCredential.
	ServiceSpecificCredential *ServiceSpecificCredential `type:"structure"`
	// contains filtered or unexported fields
}

func (CreateServiceSpecificCredentialOutput) String

String returns the string representation

type CreateServiceSpecificCredentialRequest

type CreateServiceSpecificCredentialRequest struct {
	*aws.Request
	Input *CreateServiceSpecificCredentialInput
	Copy  func(*CreateServiceSpecificCredentialInput) CreateServiceSpecificCredentialRequest
}

CreateServiceSpecificCredentialRequest is the request type for the CreateServiceSpecificCredential API operation.

func (CreateServiceSpecificCredentialRequest) Send

Send marshals and sends the CreateServiceSpecificCredential API request.

type CreateServiceSpecificCredentialResponse added in v0.9.0

type CreateServiceSpecificCredentialResponse struct {
	*CreateServiceSpecificCredentialOutput
	// contains filtered or unexported fields
}

CreateServiceSpecificCredentialResponse is the response type for the CreateServiceSpecificCredential API operation.

func (*CreateServiceSpecificCredentialResponse) SDKResponseMetdata added in v0.9.0

func (r *CreateServiceSpecificCredentialResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the CreateServiceSpecificCredential request.

type CreateUserInput

type CreateUserInput struct {

	// The path for the user name. For more information about paths, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`

	// The ARN of the policy that is used to set the permissions boundary for the
	// user.
	PermissionsBoundary *string `min:"20" type:"string"`

	// A list of tags that you want to attach to the newly created user. Each tag
	// consists of a key name and an associated value. For more information about
	// tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	//
	// If any one of the tags is invalid or if you exceed the allowed number of
	// tags per user, then the entire request fails and the user is not created.
	Tags []Tag `type:"list"`

	// The name of the user to create.
	//
	// IAM user, group, role, and policy names must be unique within the account.
	// Names are not distinguished by case. For example, you cannot create resources
	// named both "MyResource" and "myresource".
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateUserInput) String

func (s CreateUserInput) String() string

String returns the string representation

func (*CreateUserInput) Validate

func (s *CreateUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateUserOutput

type CreateUserOutput struct {

	// A structure with details about the new IAM user.
	User *User `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateUser request.

func (CreateUserOutput) String

func (s CreateUserOutput) String() string

String returns the string representation

type CreateUserRequest

type CreateUserRequest struct {
	*aws.Request
	Input *CreateUserInput
	Copy  func(*CreateUserInput) CreateUserRequest
}

CreateUserRequest is the request type for the CreateUser API operation.

func (CreateUserRequest) Send

Send marshals and sends the CreateUser API request.

type CreateUserResponse added in v0.9.0

type CreateUserResponse struct {
	*CreateUserOutput
	// contains filtered or unexported fields
}

CreateUserResponse is the response type for the CreateUser API operation.

func (*CreateUserResponse) SDKResponseMetdata added in v0.9.0

func (r *CreateUserResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the CreateUser request.

type CreateVirtualMFADeviceInput

type CreateVirtualMFADeviceInput struct {

	// The path for the virtual MFA device. For more information about paths, see
	// IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`

	// The name of the virtual MFA device. Use with path to uniquely identify a
	// virtual MFA device.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// VirtualMFADeviceName is a required field
	VirtualMFADeviceName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateVirtualMFADeviceInput) String

String returns the string representation

func (*CreateVirtualMFADeviceInput) Validate

func (s *CreateVirtualMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateVirtualMFADeviceOutput

type CreateVirtualMFADeviceOutput struct {

	// A structure containing details about the new virtual MFA device.
	//
	// VirtualMFADevice is a required field
	VirtualMFADevice *VirtualMFADevice `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateVirtualMFADevice request.

func (CreateVirtualMFADeviceOutput) String

String returns the string representation

type CreateVirtualMFADeviceRequest

type CreateVirtualMFADeviceRequest struct {
	*aws.Request
	Input *CreateVirtualMFADeviceInput
	Copy  func(*CreateVirtualMFADeviceInput) CreateVirtualMFADeviceRequest
}

CreateVirtualMFADeviceRequest is the request type for the CreateVirtualMFADevice API operation.

func (CreateVirtualMFADeviceRequest) Send

Send marshals and sends the CreateVirtualMFADevice API request.

type CreateVirtualMFADeviceResponse added in v0.9.0

type CreateVirtualMFADeviceResponse struct {
	*CreateVirtualMFADeviceOutput
	// contains filtered or unexported fields
}

CreateVirtualMFADeviceResponse is the response type for the CreateVirtualMFADevice API operation.

func (*CreateVirtualMFADeviceResponse) SDKResponseMetdata added in v0.9.0

func (r *CreateVirtualMFADeviceResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the CreateVirtualMFADevice request.

type DeactivateMFADeviceInput

type DeactivateMFADeviceInput struct {

	// The serial number that uniquely identifies the MFA device. For virtual MFA
	// devices, the serial number is the device ARN.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: =,.@:/-
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The name of the user whose MFA device you want to deactivate.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeactivateMFADeviceInput) String

func (s DeactivateMFADeviceInput) String() string

String returns the string representation

func (*DeactivateMFADeviceInput) Validate

func (s *DeactivateMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeactivateMFADeviceOutput

type DeactivateMFADeviceOutput struct {
	// contains filtered or unexported fields
}

func (DeactivateMFADeviceOutput) String

func (s DeactivateMFADeviceOutput) String() string

String returns the string representation

type DeactivateMFADeviceRequest

type DeactivateMFADeviceRequest struct {
	*aws.Request
	Input *DeactivateMFADeviceInput
	Copy  func(*DeactivateMFADeviceInput) DeactivateMFADeviceRequest
}

DeactivateMFADeviceRequest is the request type for the DeactivateMFADevice API operation.

func (DeactivateMFADeviceRequest) Send

Send marshals and sends the DeactivateMFADevice API request.

type DeactivateMFADeviceResponse added in v0.9.0

type DeactivateMFADeviceResponse struct {
	*DeactivateMFADeviceOutput
	// contains filtered or unexported fields
}

DeactivateMFADeviceResponse is the response type for the DeactivateMFADevice API operation.

func (*DeactivateMFADeviceResponse) SDKResponseMetdata added in v0.9.0

func (r *DeactivateMFADeviceResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeactivateMFADevice request.

type DeleteAccessKeyInput

type DeleteAccessKeyInput struct {

	// The access key ID for the access key ID and secret access key you want to
	// delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// AccessKeyId is a required field
	AccessKeyId *string `min:"16" type:"string" required:"true"`

	// The name of the user whose access key pair you want to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (DeleteAccessKeyInput) String

func (s DeleteAccessKeyInput) String() string

String returns the string representation

func (*DeleteAccessKeyInput) Validate

func (s *DeleteAccessKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteAccessKeyOutput

type DeleteAccessKeyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteAccessKeyOutput) String

func (s DeleteAccessKeyOutput) String() string

String returns the string representation

type DeleteAccessKeyRequest

type DeleteAccessKeyRequest struct {
	*aws.Request
	Input *DeleteAccessKeyInput
	Copy  func(*DeleteAccessKeyInput) DeleteAccessKeyRequest
}

DeleteAccessKeyRequest is the request type for the DeleteAccessKey API operation.

func (DeleteAccessKeyRequest) Send

Send marshals and sends the DeleteAccessKey API request.

type DeleteAccessKeyResponse added in v0.9.0

type DeleteAccessKeyResponse struct {
	*DeleteAccessKeyOutput
	// contains filtered or unexported fields
}

DeleteAccessKeyResponse is the response type for the DeleteAccessKey API operation.

func (*DeleteAccessKeyResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteAccessKeyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteAccessKey request.

type DeleteAccountAliasInput

type DeleteAccountAliasInput struct {

	// The name of the account alias to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of lowercase letters, digits, and dashes.
	// You cannot start or finish with a dash, nor can you have two dashes in a
	// row.
	//
	// AccountAlias is a required field
	AccountAlias *string `min:"3" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteAccountAliasInput) String

func (s DeleteAccountAliasInput) String() string

String returns the string representation

func (*DeleteAccountAliasInput) Validate

func (s *DeleteAccountAliasInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteAccountAliasOutput

type DeleteAccountAliasOutput struct {
	// contains filtered or unexported fields
}

func (DeleteAccountAliasOutput) String

func (s DeleteAccountAliasOutput) String() string

String returns the string representation

type DeleteAccountAliasRequest

type DeleteAccountAliasRequest struct {
	*aws.Request
	Input *DeleteAccountAliasInput
	Copy  func(*DeleteAccountAliasInput) DeleteAccountAliasRequest
}

DeleteAccountAliasRequest is the request type for the DeleteAccountAlias API operation.

func (DeleteAccountAliasRequest) Send

Send marshals and sends the DeleteAccountAlias API request.

type DeleteAccountAliasResponse added in v0.9.0

type DeleteAccountAliasResponse struct {
	*DeleteAccountAliasOutput
	// contains filtered or unexported fields
}

DeleteAccountAliasResponse is the response type for the DeleteAccountAlias API operation.

func (*DeleteAccountAliasResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteAccountAliasResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteAccountAlias request.

type DeleteAccountPasswordPolicyInput

type DeleteAccountPasswordPolicyInput struct {
	// contains filtered or unexported fields
}

func (DeleteAccountPasswordPolicyInput) String

String returns the string representation

type DeleteAccountPasswordPolicyOutput

type DeleteAccountPasswordPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteAccountPasswordPolicyOutput) String

String returns the string representation

type DeleteAccountPasswordPolicyRequest

type DeleteAccountPasswordPolicyRequest struct {
	*aws.Request
	Input *DeleteAccountPasswordPolicyInput
	Copy  func(*DeleteAccountPasswordPolicyInput) DeleteAccountPasswordPolicyRequest
}

DeleteAccountPasswordPolicyRequest is the request type for the DeleteAccountPasswordPolicy API operation.

func (DeleteAccountPasswordPolicyRequest) Send

Send marshals and sends the DeleteAccountPasswordPolicy API request.

type DeleteAccountPasswordPolicyResponse added in v0.9.0

type DeleteAccountPasswordPolicyResponse struct {
	*DeleteAccountPasswordPolicyOutput
	// contains filtered or unexported fields
}

DeleteAccountPasswordPolicyResponse is the response type for the DeleteAccountPasswordPolicy API operation.

func (*DeleteAccountPasswordPolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteAccountPasswordPolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteAccountPasswordPolicy request.

type DeleteGroupInput

type DeleteGroupInput struct {

	// The name of the IAM group to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteGroupInput) String

func (s DeleteGroupInput) String() string

String returns the string representation

func (*DeleteGroupInput) Validate

func (s *DeleteGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteGroupOutput

type DeleteGroupOutput struct {
	// contains filtered or unexported fields
}

func (DeleteGroupOutput) String

func (s DeleteGroupOutput) String() string

String returns the string representation

type DeleteGroupPolicyInput

type DeleteGroupPolicyInput struct {

	// The name (friendly name, not ARN) identifying the group that the policy is
	// embedded in.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The name identifying the policy document to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteGroupPolicyInput) String

func (s DeleteGroupPolicyInput) String() string

String returns the string representation

func (*DeleteGroupPolicyInput) Validate

func (s *DeleteGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteGroupPolicyOutput

type DeleteGroupPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteGroupPolicyOutput) String

func (s DeleteGroupPolicyOutput) String() string

String returns the string representation

type DeleteGroupPolicyRequest

type DeleteGroupPolicyRequest struct {
	*aws.Request
	Input *DeleteGroupPolicyInput
	Copy  func(*DeleteGroupPolicyInput) DeleteGroupPolicyRequest
}

DeleteGroupPolicyRequest is the request type for the DeleteGroupPolicy API operation.

func (DeleteGroupPolicyRequest) Send

Send marshals and sends the DeleteGroupPolicy API request.

type DeleteGroupPolicyResponse added in v0.9.0

type DeleteGroupPolicyResponse struct {
	*DeleteGroupPolicyOutput
	// contains filtered or unexported fields
}

DeleteGroupPolicyResponse is the response type for the DeleteGroupPolicy API operation.

func (*DeleteGroupPolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteGroupPolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteGroupPolicy request.

type DeleteGroupRequest

type DeleteGroupRequest struct {
	*aws.Request
	Input *DeleteGroupInput
	Copy  func(*DeleteGroupInput) DeleteGroupRequest
}

DeleteGroupRequest is the request type for the DeleteGroup API operation.

func (DeleteGroupRequest) Send

Send marshals and sends the DeleteGroup API request.

type DeleteGroupResponse added in v0.9.0

type DeleteGroupResponse struct {
	*DeleteGroupOutput
	// contains filtered or unexported fields
}

DeleteGroupResponse is the response type for the DeleteGroup API operation.

func (*DeleteGroupResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteGroupResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteGroup request.

type DeleteInstanceProfileInput

type DeleteInstanceProfileInput struct {

	// The name of the instance profile to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteInstanceProfileInput) String

String returns the string representation

func (*DeleteInstanceProfileInput) Validate

func (s *DeleteInstanceProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteInstanceProfileOutput

type DeleteInstanceProfileOutput struct {
	// contains filtered or unexported fields
}

func (DeleteInstanceProfileOutput) String

String returns the string representation

type DeleteInstanceProfileRequest

type DeleteInstanceProfileRequest struct {
	*aws.Request
	Input *DeleteInstanceProfileInput
	Copy  func(*DeleteInstanceProfileInput) DeleteInstanceProfileRequest
}

DeleteInstanceProfileRequest is the request type for the DeleteInstanceProfile API operation.

func (DeleteInstanceProfileRequest) Send

Send marshals and sends the DeleteInstanceProfile API request.

type DeleteInstanceProfileResponse added in v0.9.0

type DeleteInstanceProfileResponse struct {
	*DeleteInstanceProfileOutput
	// contains filtered or unexported fields
}

DeleteInstanceProfileResponse is the response type for the DeleteInstanceProfile API operation.

func (*DeleteInstanceProfileResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteInstanceProfileResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteInstanceProfile request.

type DeleteLoginProfileInput

type DeleteLoginProfileInput struct {

	// The name of the user whose password you want to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteLoginProfileInput) String

func (s DeleteLoginProfileInput) String() string

String returns the string representation

func (*DeleteLoginProfileInput) Validate

func (s *DeleteLoginProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteLoginProfileOutput

type DeleteLoginProfileOutput struct {
	// contains filtered or unexported fields
}

func (DeleteLoginProfileOutput) String

func (s DeleteLoginProfileOutput) String() string

String returns the string representation

type DeleteLoginProfileRequest

type DeleteLoginProfileRequest struct {
	*aws.Request
	Input *DeleteLoginProfileInput
	Copy  func(*DeleteLoginProfileInput) DeleteLoginProfileRequest
}

DeleteLoginProfileRequest is the request type for the DeleteLoginProfile API operation.

func (DeleteLoginProfileRequest) Send

Send marshals and sends the DeleteLoginProfile API request.

type DeleteLoginProfileResponse added in v0.9.0

type DeleteLoginProfileResponse struct {
	*DeleteLoginProfileOutput
	// contains filtered or unexported fields
}

DeleteLoginProfileResponse is the response type for the DeleteLoginProfile API operation.

func (*DeleteLoginProfileResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteLoginProfileResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteLoginProfile request.

type DeleteOpenIDConnectProviderInput

type DeleteOpenIDConnectProviderInput struct {

	// The Amazon Resource Name (ARN) of the IAM OpenID Connect provider resource
	// object to delete. You can get a list of OpenID Connect provider resource
	// ARNs by using the ListOpenIDConnectProviders operation.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteOpenIDConnectProviderInput) String

String returns the string representation

func (*DeleteOpenIDConnectProviderInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type DeleteOpenIDConnectProviderOutput

type DeleteOpenIDConnectProviderOutput struct {
	// contains filtered or unexported fields
}

func (DeleteOpenIDConnectProviderOutput) String

String returns the string representation

type DeleteOpenIDConnectProviderRequest

type DeleteOpenIDConnectProviderRequest struct {
	*aws.Request
	Input *DeleteOpenIDConnectProviderInput
	Copy  func(*DeleteOpenIDConnectProviderInput) DeleteOpenIDConnectProviderRequest
}

DeleteOpenIDConnectProviderRequest is the request type for the DeleteOpenIDConnectProvider API operation.

func (DeleteOpenIDConnectProviderRequest) Send

Send marshals and sends the DeleteOpenIDConnectProvider API request.

type DeleteOpenIDConnectProviderResponse added in v0.9.0

type DeleteOpenIDConnectProviderResponse struct {
	*DeleteOpenIDConnectProviderOutput
	// contains filtered or unexported fields
}

DeleteOpenIDConnectProviderResponse is the response type for the DeleteOpenIDConnectProvider API operation.

func (*DeleteOpenIDConnectProviderResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteOpenIDConnectProviderResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteOpenIDConnectProvider request.

type DeletePolicyInput

type DeletePolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to delete.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeletePolicyInput) String

func (s DeletePolicyInput) String() string

String returns the string representation

func (*DeletePolicyInput) Validate

func (s *DeletePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeletePolicyOutput

type DeletePolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeletePolicyOutput) String

func (s DeletePolicyOutput) String() string

String returns the string representation

type DeletePolicyRequest

type DeletePolicyRequest struct {
	*aws.Request
	Input *DeletePolicyInput
	Copy  func(*DeletePolicyInput) DeletePolicyRequest
}

DeletePolicyRequest is the request type for the DeletePolicy API operation.

func (DeletePolicyRequest) Send

Send marshals and sends the DeletePolicy API request.

type DeletePolicyResponse added in v0.9.0

type DeletePolicyResponse struct {
	*DeletePolicyOutput
	// contains filtered or unexported fields
}

DeletePolicyResponse is the response type for the DeletePolicy API operation.

func (*DeletePolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *DeletePolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeletePolicy request.

type DeletePolicyVersionInput

type DeletePolicyVersionInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy from which you want to delete
	// a version.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The policy version to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that consists of the lowercase letter 'v' followed
	// by one or two digits, and optionally followed by a period '.' and a string
	// of letters and digits.
	//
	// For more information about managed policy versions, see Versioning for Managed
	// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the IAM User Guide.
	//
	// VersionId is a required field
	VersionId *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeletePolicyVersionInput) String

func (s DeletePolicyVersionInput) String() string

String returns the string representation

func (*DeletePolicyVersionInput) Validate

func (s *DeletePolicyVersionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeletePolicyVersionOutput

type DeletePolicyVersionOutput struct {
	// contains filtered or unexported fields
}

func (DeletePolicyVersionOutput) String

func (s DeletePolicyVersionOutput) String() string

String returns the string representation

type DeletePolicyVersionRequest

type DeletePolicyVersionRequest struct {
	*aws.Request
	Input *DeletePolicyVersionInput
	Copy  func(*DeletePolicyVersionInput) DeletePolicyVersionRequest
}

DeletePolicyVersionRequest is the request type for the DeletePolicyVersion API operation.

func (DeletePolicyVersionRequest) Send

Send marshals and sends the DeletePolicyVersion API request.

type DeletePolicyVersionResponse added in v0.9.0

type DeletePolicyVersionResponse struct {
	*DeletePolicyVersionOutput
	// contains filtered or unexported fields
}

DeletePolicyVersionResponse is the response type for the DeletePolicyVersion API operation.

func (*DeletePolicyVersionResponse) SDKResponseMetdata added in v0.9.0

func (r *DeletePolicyVersionResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeletePolicyVersion request.

type DeleteRoleInput

type DeleteRoleInput struct {

	// The name of the role to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteRoleInput) String

func (s DeleteRoleInput) String() string

String returns the string representation

func (*DeleteRoleInput) Validate

func (s *DeleteRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteRoleOutput

type DeleteRoleOutput struct {
	// contains filtered or unexported fields
}

func (DeleteRoleOutput) String

func (s DeleteRoleOutput) String() string

String returns the string representation

type DeleteRolePermissionsBoundaryInput added in v0.5.0

type DeleteRolePermissionsBoundaryInput struct {

	// The name (friendly name, not ARN) of the IAM role from which you want to
	// remove the permissions boundary.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteRolePermissionsBoundaryInput) String added in v0.5.0

String returns the string representation

func (*DeleteRolePermissionsBoundaryInput) Validate added in v0.5.0

Validate inspects the fields of the type to determine if they are valid.

type DeleteRolePermissionsBoundaryOutput added in v0.5.0

type DeleteRolePermissionsBoundaryOutput struct {
	// contains filtered or unexported fields
}

func (DeleteRolePermissionsBoundaryOutput) String added in v0.5.0

String returns the string representation

type DeleteRolePermissionsBoundaryRequest added in v0.5.0

type DeleteRolePermissionsBoundaryRequest struct {
	*aws.Request
	Input *DeleteRolePermissionsBoundaryInput
	Copy  func(*DeleteRolePermissionsBoundaryInput) DeleteRolePermissionsBoundaryRequest
}

DeleteRolePermissionsBoundaryRequest is the request type for the DeleteRolePermissionsBoundary API operation.

func (DeleteRolePermissionsBoundaryRequest) Send added in v0.5.0

Send marshals and sends the DeleteRolePermissionsBoundary API request.

type DeleteRolePermissionsBoundaryResponse added in v0.9.0

type DeleteRolePermissionsBoundaryResponse struct {
	*DeleteRolePermissionsBoundaryOutput
	// contains filtered or unexported fields
}

DeleteRolePermissionsBoundaryResponse is the response type for the DeleteRolePermissionsBoundary API operation.

func (*DeleteRolePermissionsBoundaryResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteRolePermissionsBoundaryResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteRolePermissionsBoundary request.

type DeleteRolePolicyInput

type DeleteRolePolicyInput struct {

	// The name of the inline policy to delete from the specified IAM role.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name (friendly name, not ARN) identifying the role that the policy is
	// embedded in.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteRolePolicyInput) String

func (s DeleteRolePolicyInput) String() string

String returns the string representation

func (*DeleteRolePolicyInput) Validate

func (s *DeleteRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteRolePolicyOutput

type DeleteRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteRolePolicyOutput) String

func (s DeleteRolePolicyOutput) String() string

String returns the string representation

type DeleteRolePolicyRequest

type DeleteRolePolicyRequest struct {
	*aws.Request
	Input *DeleteRolePolicyInput
	Copy  func(*DeleteRolePolicyInput) DeleteRolePolicyRequest
}

DeleteRolePolicyRequest is the request type for the DeleteRolePolicy API operation.

func (DeleteRolePolicyRequest) Send

Send marshals and sends the DeleteRolePolicy API request.

type DeleteRolePolicyResponse added in v0.9.0

type DeleteRolePolicyResponse struct {
	*DeleteRolePolicyOutput
	// contains filtered or unexported fields
}

DeleteRolePolicyResponse is the response type for the DeleteRolePolicy API operation.

func (*DeleteRolePolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteRolePolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteRolePolicy request.

type DeleteRoleRequest

type DeleteRoleRequest struct {
	*aws.Request
	Input *DeleteRoleInput
	Copy  func(*DeleteRoleInput) DeleteRoleRequest
}

DeleteRoleRequest is the request type for the DeleteRole API operation.

func (DeleteRoleRequest) Send

Send marshals and sends the DeleteRole API request.

type DeleteRoleResponse added in v0.9.0

type DeleteRoleResponse struct {
	*DeleteRoleOutput
	// contains filtered or unexported fields
}

DeleteRoleResponse is the response type for the DeleteRole API operation.

func (*DeleteRoleResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteRoleResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteRole request.

type DeleteSAMLProviderInput

type DeleteSAMLProviderInput struct {

	// The Amazon Resource Name (ARN) of the SAML provider to delete.
	//
	// SAMLProviderArn is a required field
	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteSAMLProviderInput) String

func (s DeleteSAMLProviderInput) String() string

String returns the string representation

func (*DeleteSAMLProviderInput) Validate

func (s *DeleteSAMLProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteSAMLProviderOutput

type DeleteSAMLProviderOutput struct {
	// contains filtered or unexported fields
}

func (DeleteSAMLProviderOutput) String

func (s DeleteSAMLProviderOutput) String() string

String returns the string representation

type DeleteSAMLProviderRequest

type DeleteSAMLProviderRequest struct {
	*aws.Request
	Input *DeleteSAMLProviderInput
	Copy  func(*DeleteSAMLProviderInput) DeleteSAMLProviderRequest
}

DeleteSAMLProviderRequest is the request type for the DeleteSAMLProvider API operation.

func (DeleteSAMLProviderRequest) Send

Send marshals and sends the DeleteSAMLProvider API request.

type DeleteSAMLProviderResponse added in v0.9.0

type DeleteSAMLProviderResponse struct {
	*DeleteSAMLProviderOutput
	// contains filtered or unexported fields
}

DeleteSAMLProviderResponse is the response type for the DeleteSAMLProvider API operation.

func (*DeleteSAMLProviderResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteSAMLProviderResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteSAMLProvider request.

type DeleteSSHPublicKeyInput

type DeleteSSHPublicKeyInput struct {

	// The unique identifier for the SSH public key.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The name of the IAM user associated with the SSH public key.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteSSHPublicKeyInput) String

func (s DeleteSSHPublicKeyInput) String() string

String returns the string representation

func (*DeleteSSHPublicKeyInput) Validate

func (s *DeleteSSHPublicKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteSSHPublicKeyOutput

type DeleteSSHPublicKeyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteSSHPublicKeyOutput) String

func (s DeleteSSHPublicKeyOutput) String() string

String returns the string representation

type DeleteSSHPublicKeyRequest

type DeleteSSHPublicKeyRequest struct {
	*aws.Request
	Input *DeleteSSHPublicKeyInput
	Copy  func(*DeleteSSHPublicKeyInput) DeleteSSHPublicKeyRequest
}

DeleteSSHPublicKeyRequest is the request type for the DeleteSSHPublicKey API operation.

func (DeleteSSHPublicKeyRequest) Send

Send marshals and sends the DeleteSSHPublicKey API request.

type DeleteSSHPublicKeyResponse added in v0.9.0

type DeleteSSHPublicKeyResponse struct {
	*DeleteSSHPublicKeyOutput
	// contains filtered or unexported fields
}

DeleteSSHPublicKeyResponse is the response type for the DeleteSSHPublicKey API operation.

func (*DeleteSSHPublicKeyResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteSSHPublicKeyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteSSHPublicKey request.

type DeleteServerCertificateInput

type DeleteServerCertificateInput struct {

	// The name of the server certificate you want to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteServerCertificateInput) String

String returns the string representation

func (*DeleteServerCertificateInput) Validate

func (s *DeleteServerCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteServerCertificateOutput

type DeleteServerCertificateOutput struct {
	// contains filtered or unexported fields
}

func (DeleteServerCertificateOutput) String

String returns the string representation

type DeleteServerCertificateRequest

type DeleteServerCertificateRequest struct {
	*aws.Request
	Input *DeleteServerCertificateInput
	Copy  func(*DeleteServerCertificateInput) DeleteServerCertificateRequest
}

DeleteServerCertificateRequest is the request type for the DeleteServerCertificate API operation.

func (DeleteServerCertificateRequest) Send

Send marshals and sends the DeleteServerCertificate API request.

type DeleteServerCertificateResponse added in v0.9.0

type DeleteServerCertificateResponse struct {
	*DeleteServerCertificateOutput
	// contains filtered or unexported fields
}

DeleteServerCertificateResponse is the response type for the DeleteServerCertificate API operation.

func (*DeleteServerCertificateResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteServerCertificateResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteServerCertificate request.

type DeleteServiceLinkedRoleInput

type DeleteServiceLinkedRoleInput struct {

	// The name of the service-linked role to be deleted.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteServiceLinkedRoleInput) String

String returns the string representation

func (*DeleteServiceLinkedRoleInput) Validate

func (s *DeleteServiceLinkedRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteServiceLinkedRoleOutput

type DeleteServiceLinkedRoleOutput struct {

	// The deletion task identifier that you can use to check the status of the
	// deletion. This identifier is returned in the format task/aws-service-role/<service-principal-name>/<role-name>/<task-uuid>.
	//
	// DeletionTaskId is a required field
	DeletionTaskId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteServiceLinkedRoleOutput) String

String returns the string representation

type DeleteServiceLinkedRoleRequest

type DeleteServiceLinkedRoleRequest struct {
	*aws.Request
	Input *DeleteServiceLinkedRoleInput
	Copy  func(*DeleteServiceLinkedRoleInput) DeleteServiceLinkedRoleRequest
}

DeleteServiceLinkedRoleRequest is the request type for the DeleteServiceLinkedRole API operation.

func (DeleteServiceLinkedRoleRequest) Send

Send marshals and sends the DeleteServiceLinkedRole API request.

type DeleteServiceLinkedRoleResponse added in v0.9.0

type DeleteServiceLinkedRoleResponse struct {
	*DeleteServiceLinkedRoleOutput
	// contains filtered or unexported fields
}

DeleteServiceLinkedRoleResponse is the response type for the DeleteServiceLinkedRole API operation.

func (*DeleteServiceLinkedRoleResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteServiceLinkedRoleResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteServiceLinkedRole request.

type DeleteServiceSpecificCredentialInput

type DeleteServiceSpecificCredentialInput struct {

	// The unique identifier of the service-specific credential. You can get this
	// value by calling ListServiceSpecificCredentials.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The name of the IAM user associated with the service-specific credential.
	// If this value is not specified, then the operation assumes the user whose
	// credentials are used to call the operation.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (DeleteServiceSpecificCredentialInput) String

String returns the string representation

func (*DeleteServiceSpecificCredentialInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type DeleteServiceSpecificCredentialOutput

type DeleteServiceSpecificCredentialOutput struct {
	// contains filtered or unexported fields
}

func (DeleteServiceSpecificCredentialOutput) String

String returns the string representation

type DeleteServiceSpecificCredentialRequest

type DeleteServiceSpecificCredentialRequest struct {
	*aws.Request
	Input *DeleteServiceSpecificCredentialInput
	Copy  func(*DeleteServiceSpecificCredentialInput) DeleteServiceSpecificCredentialRequest
}

DeleteServiceSpecificCredentialRequest is the request type for the DeleteServiceSpecificCredential API operation.

func (DeleteServiceSpecificCredentialRequest) Send

Send marshals and sends the DeleteServiceSpecificCredential API request.

type DeleteServiceSpecificCredentialResponse added in v0.9.0

type DeleteServiceSpecificCredentialResponse struct {
	*DeleteServiceSpecificCredentialOutput
	// contains filtered or unexported fields
}

DeleteServiceSpecificCredentialResponse is the response type for the DeleteServiceSpecificCredential API operation.

func (*DeleteServiceSpecificCredentialResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteServiceSpecificCredentialResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteServiceSpecificCredential request.

type DeleteSigningCertificateInput

type DeleteSigningCertificateInput struct {

	// The ID of the signing certificate to delete.
	//
	// The format of this parameter, as described by its regex (http://wikipedia.org/wiki/regex)
	// pattern, is a string of characters that can be upper- or lower-cased letters
	// or digits.
	//
	// CertificateId is a required field
	CertificateId *string `min:"24" type:"string" required:"true"`

	// The name of the user the signing certificate belongs to.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (DeleteSigningCertificateInput) String

String returns the string representation

func (*DeleteSigningCertificateInput) Validate

func (s *DeleteSigningCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteSigningCertificateOutput

type DeleteSigningCertificateOutput struct {
	// contains filtered or unexported fields
}

func (DeleteSigningCertificateOutput) String

String returns the string representation

type DeleteSigningCertificateRequest

type DeleteSigningCertificateRequest struct {
	*aws.Request
	Input *DeleteSigningCertificateInput
	Copy  func(*DeleteSigningCertificateInput) DeleteSigningCertificateRequest
}

DeleteSigningCertificateRequest is the request type for the DeleteSigningCertificate API operation.

func (DeleteSigningCertificateRequest) Send

Send marshals and sends the DeleteSigningCertificate API request.

type DeleteSigningCertificateResponse added in v0.9.0

type DeleteSigningCertificateResponse struct {
	*DeleteSigningCertificateOutput
	// contains filtered or unexported fields
}

DeleteSigningCertificateResponse is the response type for the DeleteSigningCertificate API operation.

func (*DeleteSigningCertificateResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteSigningCertificateResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteSigningCertificate request.

type DeleteUserInput

type DeleteUserInput struct {

	// The name of the user to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteUserInput) String

func (s DeleteUserInput) String() string

String returns the string representation

func (*DeleteUserInput) Validate

func (s *DeleteUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteUserOutput

type DeleteUserOutput struct {
	// contains filtered or unexported fields
}

func (DeleteUserOutput) String

func (s DeleteUserOutput) String() string

String returns the string representation

type DeleteUserPermissionsBoundaryInput added in v0.5.0

type DeleteUserPermissionsBoundaryInput struct {

	// The name (friendly name, not ARN) of the IAM user from which you want to
	// remove the permissions boundary.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteUserPermissionsBoundaryInput) String added in v0.5.0

String returns the string representation

func (*DeleteUserPermissionsBoundaryInput) Validate added in v0.5.0

Validate inspects the fields of the type to determine if they are valid.

type DeleteUserPermissionsBoundaryOutput added in v0.5.0

type DeleteUserPermissionsBoundaryOutput struct {
	// contains filtered or unexported fields
}

func (DeleteUserPermissionsBoundaryOutput) String added in v0.5.0

String returns the string representation

type DeleteUserPermissionsBoundaryRequest added in v0.5.0

type DeleteUserPermissionsBoundaryRequest struct {
	*aws.Request
	Input *DeleteUserPermissionsBoundaryInput
	Copy  func(*DeleteUserPermissionsBoundaryInput) DeleteUserPermissionsBoundaryRequest
}

DeleteUserPermissionsBoundaryRequest is the request type for the DeleteUserPermissionsBoundary API operation.

func (DeleteUserPermissionsBoundaryRequest) Send added in v0.5.0

Send marshals and sends the DeleteUserPermissionsBoundary API request.

type DeleteUserPermissionsBoundaryResponse added in v0.9.0

type DeleteUserPermissionsBoundaryResponse struct {
	*DeleteUserPermissionsBoundaryOutput
	// contains filtered or unexported fields
}

DeleteUserPermissionsBoundaryResponse is the response type for the DeleteUserPermissionsBoundary API operation.

func (*DeleteUserPermissionsBoundaryResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteUserPermissionsBoundaryResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteUserPermissionsBoundary request.

type DeleteUserPolicyInput

type DeleteUserPolicyInput struct {

	// The name identifying the policy document to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name (friendly name, not ARN) identifying the user that the policy is
	// embedded in.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteUserPolicyInput) String

func (s DeleteUserPolicyInput) String() string

String returns the string representation

func (*DeleteUserPolicyInput) Validate

func (s *DeleteUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteUserPolicyOutput

type DeleteUserPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteUserPolicyOutput) String

func (s DeleteUserPolicyOutput) String() string

String returns the string representation

type DeleteUserPolicyRequest

type DeleteUserPolicyRequest struct {
	*aws.Request
	Input *DeleteUserPolicyInput
	Copy  func(*DeleteUserPolicyInput) DeleteUserPolicyRequest
}

DeleteUserPolicyRequest is the request type for the DeleteUserPolicy API operation.

func (DeleteUserPolicyRequest) Send

Send marshals and sends the DeleteUserPolicy API request.

type DeleteUserPolicyResponse added in v0.9.0

type DeleteUserPolicyResponse struct {
	*DeleteUserPolicyOutput
	// contains filtered or unexported fields
}

DeleteUserPolicyResponse is the response type for the DeleteUserPolicy API operation.

func (*DeleteUserPolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteUserPolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteUserPolicy request.

type DeleteUserRequest

type DeleteUserRequest struct {
	*aws.Request
	Input *DeleteUserInput
	Copy  func(*DeleteUserInput) DeleteUserRequest
}

DeleteUserRequest is the request type for the DeleteUser API operation.

func (DeleteUserRequest) Send

Send marshals and sends the DeleteUser API request.

type DeleteUserResponse added in v0.9.0

type DeleteUserResponse struct {
	*DeleteUserOutput
	// contains filtered or unexported fields
}

DeleteUserResponse is the response type for the DeleteUser API operation.

func (*DeleteUserResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteUserResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteUser request.

type DeleteVirtualMFADeviceInput

type DeleteVirtualMFADeviceInput struct {

	// The serial number that uniquely identifies the MFA device. For virtual MFA
	// devices, the serial number is the same as the ARN.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: =,.@:/-
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteVirtualMFADeviceInput) String

String returns the string representation

func (*DeleteVirtualMFADeviceInput) Validate

func (s *DeleteVirtualMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteVirtualMFADeviceOutput

type DeleteVirtualMFADeviceOutput struct {
	// contains filtered or unexported fields
}

func (DeleteVirtualMFADeviceOutput) String

String returns the string representation

type DeleteVirtualMFADeviceRequest

type DeleteVirtualMFADeviceRequest struct {
	*aws.Request
	Input *DeleteVirtualMFADeviceInput
	Copy  func(*DeleteVirtualMFADeviceInput) DeleteVirtualMFADeviceRequest
}

DeleteVirtualMFADeviceRequest is the request type for the DeleteVirtualMFADevice API operation.

func (DeleteVirtualMFADeviceRequest) Send

Send marshals and sends the DeleteVirtualMFADevice API request.

type DeleteVirtualMFADeviceResponse added in v0.9.0

type DeleteVirtualMFADeviceResponse struct {
	*DeleteVirtualMFADeviceOutput
	// contains filtered or unexported fields
}

DeleteVirtualMFADeviceResponse is the response type for the DeleteVirtualMFADevice API operation.

func (*DeleteVirtualMFADeviceResponse) SDKResponseMetdata added in v0.9.0

func (r *DeleteVirtualMFADeviceResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DeleteVirtualMFADevice request.

type DeletionTaskFailureReasonType

type DeletionTaskFailureReasonType struct {

	// A short description of the reason that the service-linked role deletion failed.
	Reason *string `type:"string"`

	// A list of objects that contains details about the service-linked role deletion
	// failure, if that information is returned by the service. If the service-linked
	// role has active sessions or if any resources that were used by the role have
	// not been deleted from the linked service, the role can't be deleted. This
	// parameter includes a list of the resources that are associated with the role
	// and the Region in which the resources are being used.
	RoleUsageList []RoleUsageType `type:"list"`
	// contains filtered or unexported fields
}

The reason that the service-linked role deletion failed.

This data type is used as a response element in the GetServiceLinkedRoleDeletionStatus operation.

func (DeletionTaskFailureReasonType) String

String returns the string representation

type DeletionTaskStatusType

type DeletionTaskStatusType string
const (
	DeletionTaskStatusTypeSucceeded  DeletionTaskStatusType = "SUCCEEDED"
	DeletionTaskStatusTypeInProgress DeletionTaskStatusType = "IN_PROGRESS"
	DeletionTaskStatusTypeFailed     DeletionTaskStatusType = "FAILED"
	DeletionTaskStatusTypeNotStarted DeletionTaskStatusType = "NOT_STARTED"
)

Enum values for DeletionTaskStatusType

func (DeletionTaskStatusType) MarshalValue added in v0.3.0

func (enum DeletionTaskStatusType) MarshalValue() (string, error)

func (DeletionTaskStatusType) MarshalValueBuf added in v0.3.0

func (enum DeletionTaskStatusType) MarshalValueBuf(b []byte) ([]byte, error)

type DetachGroupPolicyInput

type DetachGroupPolicyInput struct {

	// The name (friendly name, not ARN) of the IAM group to detach the policy from.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DetachGroupPolicyInput) String

func (s DetachGroupPolicyInput) String() string

String returns the string representation

func (*DetachGroupPolicyInput) Validate

func (s *DetachGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DetachGroupPolicyOutput

type DetachGroupPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DetachGroupPolicyOutput) String

func (s DetachGroupPolicyOutput) String() string

String returns the string representation

type DetachGroupPolicyRequest

type DetachGroupPolicyRequest struct {
	*aws.Request
	Input *DetachGroupPolicyInput
	Copy  func(*DetachGroupPolicyInput) DetachGroupPolicyRequest
}

DetachGroupPolicyRequest is the request type for the DetachGroupPolicy API operation.

func (DetachGroupPolicyRequest) Send

Send marshals and sends the DetachGroupPolicy API request.

type DetachGroupPolicyResponse added in v0.9.0

type DetachGroupPolicyResponse struct {
	*DetachGroupPolicyOutput
	// contains filtered or unexported fields
}

DetachGroupPolicyResponse is the response type for the DetachGroupPolicy API operation.

func (*DetachGroupPolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *DetachGroupPolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DetachGroupPolicy request.

type DetachRolePolicyInput

type DetachRolePolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the IAM role to detach the policy from.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DetachRolePolicyInput) String

func (s DetachRolePolicyInput) String() string

String returns the string representation

func (*DetachRolePolicyInput) Validate

func (s *DetachRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DetachRolePolicyOutput

type DetachRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (DetachRolePolicyOutput) String

func (s DetachRolePolicyOutput) String() string

String returns the string representation

type DetachRolePolicyRequest

type DetachRolePolicyRequest struct {
	*aws.Request
	Input *DetachRolePolicyInput
	Copy  func(*DetachRolePolicyInput) DetachRolePolicyRequest
}

DetachRolePolicyRequest is the request type for the DetachRolePolicy API operation.

func (DetachRolePolicyRequest) Send

Send marshals and sends the DetachRolePolicy API request.

type DetachRolePolicyResponse added in v0.9.0

type DetachRolePolicyResponse struct {
	*DetachRolePolicyOutput
	// contains filtered or unexported fields
}

DetachRolePolicyResponse is the response type for the DetachRolePolicy API operation.

func (*DetachRolePolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *DetachRolePolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DetachRolePolicy request.

type DetachUserPolicyInput

type DetachUserPolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the IAM user to detach the policy from.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DetachUserPolicyInput) String

func (s DetachUserPolicyInput) String() string

String returns the string representation

func (*DetachUserPolicyInput) Validate

func (s *DetachUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DetachUserPolicyOutput

type DetachUserPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DetachUserPolicyOutput) String

func (s DetachUserPolicyOutput) String() string

String returns the string representation

type DetachUserPolicyRequest

type DetachUserPolicyRequest struct {
	*aws.Request
	Input *DetachUserPolicyInput
	Copy  func(*DetachUserPolicyInput) DetachUserPolicyRequest
}

DetachUserPolicyRequest is the request type for the DetachUserPolicy API operation.

func (DetachUserPolicyRequest) Send

Send marshals and sends the DetachUserPolicy API request.

type DetachUserPolicyResponse added in v0.9.0

type DetachUserPolicyResponse struct {
	*DetachUserPolicyOutput
	// contains filtered or unexported fields
}

DetachUserPolicyResponse is the response type for the DetachUserPolicy API operation.

func (*DetachUserPolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *DetachUserPolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the DetachUserPolicy request.

type EnableMFADeviceInput

type EnableMFADeviceInput struct {

	// An authentication code emitted by the device.
	//
	// The format for this parameter is a string of six digits.
	//
	// Submit your request immediately after generating the authentication codes.
	// If you generate the codes and then wait too long to submit the request, the
	// MFA device successfully associates with the user but the MFA device becomes
	// out of sync. This happens because time-based one-time passwords (TOTP) expire
	// after a short period of time. If this happens, you can resync the device
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html).
	//
	// AuthenticationCode1 is a required field
	AuthenticationCode1 *string `min:"6" type:"string" required:"true"`

	// A subsequent authentication code emitted by the device.
	//
	// The format for this parameter is a string of six digits.
	//
	// Submit your request immediately after generating the authentication codes.
	// If you generate the codes and then wait too long to submit the request, the
	// MFA device successfully associates with the user but the MFA device becomes
	// out of sync. This happens because time-based one-time passwords (TOTP) expire
	// after a short period of time. If this happens, you can resync the device
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html).
	//
	// AuthenticationCode2 is a required field
	AuthenticationCode2 *string `min:"6" type:"string" required:"true"`

	// The serial number that uniquely identifies the MFA device. For virtual MFA
	// devices, the serial number is the device ARN.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: =,.@:/-
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The name of the IAM user for whom you want to enable the MFA device.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (EnableMFADeviceInput) String

func (s EnableMFADeviceInput) String() string

String returns the string representation

func (*EnableMFADeviceInput) Validate

func (s *EnableMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type EnableMFADeviceOutput

type EnableMFADeviceOutput struct {
	// contains filtered or unexported fields
}

func (EnableMFADeviceOutput) String

func (s EnableMFADeviceOutput) String() string

String returns the string representation

type EnableMFADeviceRequest

type EnableMFADeviceRequest struct {
	*aws.Request
	Input *EnableMFADeviceInput
	Copy  func(*EnableMFADeviceInput) EnableMFADeviceRequest
}

EnableMFADeviceRequest is the request type for the EnableMFADevice API operation.

func (EnableMFADeviceRequest) Send

Send marshals and sends the EnableMFADevice API request.

type EnableMFADeviceResponse added in v0.9.0

type EnableMFADeviceResponse struct {
	*EnableMFADeviceOutput
	// contains filtered or unexported fields
}

EnableMFADeviceResponse is the response type for the EnableMFADevice API operation.

func (*EnableMFADeviceResponse) SDKResponseMetdata added in v0.9.0

func (r *EnableMFADeviceResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the EnableMFADevice request.

type EncodingType

type EncodingType string
const (
	EncodingTypeSsh EncodingType = "SSH"
	EncodingTypePem EncodingType = "PEM"
)

Enum values for EncodingType

func (EncodingType) MarshalValue added in v0.3.0

func (enum EncodingType) MarshalValue() (string, error)

func (EncodingType) MarshalValueBuf added in v0.3.0

func (enum EncodingType) MarshalValueBuf(b []byte) ([]byte, error)

type EntityDetails added in v0.7.0

type EntityDetails struct {

	// The EntityInfo object that contains details about the entity (user or role).
	//
	// EntityInfo is a required field
	EntityInfo *EntityInfo `type:"structure" required:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the authenticated entity last attempted to access AWS. AWS does not
	// report unauthenticated requests.
	//
	// This field is null if no IAM entities attempted to access the service within
	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAuthenticated *time.Time `type:"timestamp"`
	// contains filtered or unexported fields
}

An object that contains details about when the IAM entities (users or roles) were last used in an attempt to access the specified AWS service.

This data type is a response element in the GetServiceLastAccessedDetailsWithEntities operation.

func (EntityDetails) String added in v0.7.0

func (s EntityDetails) String() string

String returns the string representation

type EntityInfo added in v0.7.0

type EntityInfo struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The identifier of the entity (user or role).
	//
	// Id is a required field
	Id *string `min:"16" type:"string" required:"true"`

	// The name of the entity (user or role).
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`

	// The path to the entity (user or role). For more information about paths,
	// see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	Path *string `min:"1" type:"string"`

	// The type of entity (user or role).
	//
	// Type is a required field
	Type PolicyOwnerEntityType `type:"string" required:"true" enum:"true"`
	// contains filtered or unexported fields
}

Contains details about the specified entity (user or role).

This data type is an element of the EntityDetails object.

func (EntityInfo) String added in v0.7.0

func (s EntityInfo) String() string

String returns the string representation

type EntityType

type EntityType string
const (
	EntityTypeUser               EntityType = "User"
	EntityTypeRole               EntityType = "Role"
	EntityTypeGroup              EntityType = "Group"
	EntityTypeLocalManagedPolicy EntityType = "LocalManagedPolicy"
	EntityTypeAwsmanagedPolicy   EntityType = "AWSManagedPolicy"
)

Enum values for EntityType

func (EntityType) MarshalValue added in v0.3.0

func (enum EntityType) MarshalValue() (string, error)

func (EntityType) MarshalValueBuf added in v0.3.0

func (enum EntityType) MarshalValueBuf(b []byte) ([]byte, error)

type ErrorDetails added in v0.7.0

type ErrorDetails struct {

	// The error code associated with the operation failure.
	//
	// Code is a required field
	Code *string `type:"string" required:"true"`

	// Detailed information about the reason that the operation failed.
	//
	// Message is a required field
	Message *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about the reason that the operation failed.

This data type is used as a response element in the GetOrganizationsAccessReport, GetServiceLastAccessedDetails, and GetServiceLastAccessedDetailsWithEntities operations.

func (ErrorDetails) String added in v0.7.0

func (s ErrorDetails) String() string

String returns the string representation

type EvaluationResult

type EvaluationResult struct {

	// The name of the API operation tested on the indicated resource.
	//
	// EvalActionName is a required field
	EvalActionName *string `min:"3" type:"string" required:"true"`

	// The result of the simulation.
	//
	// EvalDecision is a required field
	EvalDecision PolicyEvaluationDecisionType `type:"string" required:"true" enum:"true"`

	// Additional details about the results of the evaluation decision. When there
	// are both IAM policies and resource policies, this parameter explains how
	// each set of policies contributes to the final evaluation decision. When simulating
	// cross-account access to a resource, both the resource-based policy and the
	// caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based
	// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_compare-resource-policies.html)
	EvalDecisionDetails map[string]PolicyEvaluationDecisionType `type:"map"`

	// The ARN of the resource that the indicated API operation was tested on.
	EvalResourceName *string `min:"1" type:"string"`

	// A list of the statements in the input policies that determine the result
	// for this scenario. Remember that even if multiple statements allow the operation
	// on the resource, if only one statement denies that operation, then the explicit
	// deny overrides any allow. In addition, the deny statement is the only entry
	// included in the result.
	MatchedStatements []Statement `type:"list"`

	// A list of context keys that are required by the included input policies but
	// that were not provided by one of the input parameters. This list is used
	// when the resource in a simulation is "*", either explicitly, or when the
	// ResourceArns parameter blank. If you include a list of resources, then any
	// missing context values are instead included under the ResourceSpecificResults
	// section. To discover the context keys used by a set of policies, you can
	// call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
	MissingContextValues []string `type:"list"`

	// A structure that details how Organizations and its service control policies
	// affect the results of the simulation. Only applies if the simulated user's
	// account is part of an organization.
	OrganizationsDecisionDetail *OrganizationsDecisionDetail `type:"structure"`

	// The individual results of the simulation of the API operation specified in
	// EvalActionName on each resource.
	ResourceSpecificResults []ResourceSpecificResult `type:"list"`
	// contains filtered or unexported fields
}

Contains the results of a simulation.

This data type is used by the return parameter of SimulateCustomPolicy and SimulatePrincipalPolicy .

func (EvaluationResult) String

func (s EvaluationResult) String() string

String returns the string representation

type GenerateCredentialReportInput

type GenerateCredentialReportInput struct {
	// contains filtered or unexported fields
}

func (GenerateCredentialReportInput) String

String returns the string representation

type GenerateCredentialReportOutput

type GenerateCredentialReportOutput struct {

	// Information about the credential report.
	Description *string `type:"string"`

	// Information about the state of the credential report.
	State ReportStateType `type:"string" enum:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GenerateCredentialReport request.

func (GenerateCredentialReportOutput) String

String returns the string representation

type GenerateCredentialReportRequest

type GenerateCredentialReportRequest struct {
	*aws.Request
	Input *GenerateCredentialReportInput
	Copy  func(*GenerateCredentialReportInput) GenerateCredentialReportRequest
}

GenerateCredentialReportRequest is the request type for the GenerateCredentialReport API operation.

func (GenerateCredentialReportRequest) Send

Send marshals and sends the GenerateCredentialReport API request.

type GenerateCredentialReportResponse added in v0.9.0

type GenerateCredentialReportResponse struct {
	*GenerateCredentialReportOutput
	// contains filtered or unexported fields
}

GenerateCredentialReportResponse is the response type for the GenerateCredentialReport API operation.

func (*GenerateCredentialReportResponse) SDKResponseMetdata added in v0.9.0

func (r *GenerateCredentialReportResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GenerateCredentialReport request.

type GenerateOrganizationsAccessReportInput added in v0.10.0

type GenerateOrganizationsAccessReportInput struct {

	// The path of the AWS Organizations entity (root, OU, or account). You can
	// build an entity path using the known structure of your organization. For
	// example, assume that your account ID is 123456789012 and its parent OU ID
	// is ou-rge0-awsabcde. The organization root ID is r-f6g7h8i9j0example and
	// your organization ID is o-a1b2c3d4e5. Your entity path is o-a1b2c3d4e5/r-f6g7h8i9j0example/ou-rge0-awsabcde/123456789012.
	//
	// EntityPath is a required field
	EntityPath *string `min:"19" type:"string" required:"true"`

	// The identifier of the AWS Organizations service control policy (SCP). This
	// parameter is optional.
	//
	// This ID is used to generate information about when an account principal that
	// is limited by the SCP attempted to access an AWS service.
	OrganizationsPolicyId *string `type:"string"`
	// contains filtered or unexported fields
}

func (GenerateOrganizationsAccessReportInput) String added in v0.10.0

String returns the string representation

func (*GenerateOrganizationsAccessReportInput) Validate added in v0.10.0

Validate inspects the fields of the type to determine if they are valid.

type GenerateOrganizationsAccessReportOutput added in v0.10.0

type GenerateOrganizationsAccessReportOutput struct {

	// The job identifier that you can use in the GetOrganizationsAccessReport operation.
	JobId *string `min:"36" type:"string"`
	// contains filtered or unexported fields
}

func (GenerateOrganizationsAccessReportOutput) String added in v0.10.0

String returns the string representation

type GenerateOrganizationsAccessReportRequest added in v0.10.0

GenerateOrganizationsAccessReportRequest is the request type for the GenerateOrganizationsAccessReport API operation.

func (GenerateOrganizationsAccessReportRequest) Send added in v0.10.0

Send marshals and sends the GenerateOrganizationsAccessReport API request.

type GenerateOrganizationsAccessReportResponse added in v0.10.0

type GenerateOrganizationsAccessReportResponse struct {
	*GenerateOrganizationsAccessReportOutput
	// contains filtered or unexported fields
}

GenerateOrganizationsAccessReportResponse is the response type for the GenerateOrganizationsAccessReport API operation.

func (*GenerateOrganizationsAccessReportResponse) SDKResponseMetdata added in v0.10.0

func (r *GenerateOrganizationsAccessReportResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GenerateOrganizationsAccessReport request.

type GenerateServiceLastAccessedDetailsInput added in v0.7.0

type GenerateServiceLastAccessedDetailsInput struct {

	// The ARN of the IAM resource (user, group, role, or managed policy) used to
	// generate information about when the resource was last used in an attempt
	// to access an AWS service.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GenerateServiceLastAccessedDetailsInput) String added in v0.7.0

String returns the string representation

func (*GenerateServiceLastAccessedDetailsInput) Validate added in v0.7.0

Validate inspects the fields of the type to determine if they are valid.

type GenerateServiceLastAccessedDetailsOutput added in v0.7.0

type GenerateServiceLastAccessedDetailsOutput struct {

	// The job ID that you can use in the GetServiceLastAccessedDetails or GetServiceLastAccessedDetailsWithEntities
	// operations.
	JobId *string `min:"36" type:"string"`
	// contains filtered or unexported fields
}

func (GenerateServiceLastAccessedDetailsOutput) String added in v0.7.0

String returns the string representation

type GenerateServiceLastAccessedDetailsRequest added in v0.7.0

GenerateServiceLastAccessedDetailsRequest is the request type for the GenerateServiceLastAccessedDetails API operation.

func (GenerateServiceLastAccessedDetailsRequest) Send added in v0.7.0

Send marshals and sends the GenerateServiceLastAccessedDetails API request.

type GenerateServiceLastAccessedDetailsResponse added in v0.9.0

type GenerateServiceLastAccessedDetailsResponse struct {
	*GenerateServiceLastAccessedDetailsOutput
	// contains filtered or unexported fields
}

GenerateServiceLastAccessedDetailsResponse is the response type for the GenerateServiceLastAccessedDetails API operation.

func (*GenerateServiceLastAccessedDetailsResponse) SDKResponseMetdata added in v0.9.0

func (r *GenerateServiceLastAccessedDetailsResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GenerateServiceLastAccessedDetails request.

type GetAccessKeyLastUsedInput

type GetAccessKeyLastUsedInput struct {

	// The identifier of an access key.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// AccessKeyId is a required field
	AccessKeyId *string `min:"16" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetAccessKeyLastUsedInput) String

func (s GetAccessKeyLastUsedInput) String() string

String returns the string representation

func (*GetAccessKeyLastUsedInput) Validate

func (s *GetAccessKeyLastUsedInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetAccessKeyLastUsedOutput

type GetAccessKeyLastUsedOutput struct {

	// Contains information about the last time the access key was used.
	AccessKeyLastUsed *AccessKeyLastUsed `type:"structure"`

	// The name of the AWS IAM user that owns this access key.
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetAccessKeyLastUsed request. It is also returned as a member of the AccessKeyMetaData structure returned by the ListAccessKeys action.

func (GetAccessKeyLastUsedOutput) String

String returns the string representation

type GetAccessKeyLastUsedRequest

type GetAccessKeyLastUsedRequest struct {
	*aws.Request
	Input *GetAccessKeyLastUsedInput
	Copy  func(*GetAccessKeyLastUsedInput) GetAccessKeyLastUsedRequest
}

GetAccessKeyLastUsedRequest is the request type for the GetAccessKeyLastUsed API operation.

func (GetAccessKeyLastUsedRequest) Send

Send marshals and sends the GetAccessKeyLastUsed API request.

type GetAccessKeyLastUsedResponse added in v0.9.0

type GetAccessKeyLastUsedResponse struct {
	*GetAccessKeyLastUsedOutput
	// contains filtered or unexported fields
}

GetAccessKeyLastUsedResponse is the response type for the GetAccessKeyLastUsed API operation.

func (*GetAccessKeyLastUsedResponse) SDKResponseMetdata added in v0.9.0

func (r *GetAccessKeyLastUsedResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetAccessKeyLastUsed request.

type GetAccountAuthorizationDetailsInput

type GetAccountAuthorizationDetailsInput struct {

	// A list of entity types used to filter the results. Only the entities that
	// match the types you specify are included in the output. Use the value LocalManagedPolicy
	// to include customer managed policies.
	//
	// The format for this parameter is a comma-separated (if more than one) list
	// of strings. Each string value in the list must be one of the valid values
	// listed below.
	Filter []EntityType `type:"list"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (GetAccountAuthorizationDetailsInput) String

String returns the string representation

func (*GetAccountAuthorizationDetailsInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type GetAccountAuthorizationDetailsOutput

type GetAccountAuthorizationDetailsOutput struct {

	// A list containing information about IAM groups.
	GroupDetailList []GroupDetail `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list containing information about managed policies.
	Policies []ManagedPolicyDetail `type:"list"`

	// A list containing information about IAM roles.
	RoleDetailList []RoleDetail `type:"list"`

	// A list containing information about IAM users.
	UserDetailList []UserDetail `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetAccountAuthorizationDetails request.

func (GetAccountAuthorizationDetailsOutput) String

String returns the string representation

type GetAccountAuthorizationDetailsPaginator added in v0.9.0

type GetAccountAuthorizationDetailsPaginator struct {
	aws.Pager
}

GetAccountAuthorizationDetailsPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewGetAccountAuthorizationDetailsPaginator added in v0.9.0

func NewGetAccountAuthorizationDetailsPaginator(req GetAccountAuthorizationDetailsRequest) GetAccountAuthorizationDetailsPaginator

NewGetAccountAuthorizationDetailsRequestPaginator returns a paginator for GetAccountAuthorizationDetails. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.GetAccountAuthorizationDetailsRequest(input)
p := iam.NewGetAccountAuthorizationDetailsRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*GetAccountAuthorizationDetailsPaginator) CurrentPage added in v0.9.0

type GetAccountAuthorizationDetailsRequest

type GetAccountAuthorizationDetailsRequest struct {
	*aws.Request
	Input *GetAccountAuthorizationDetailsInput
	Copy  func(*GetAccountAuthorizationDetailsInput) GetAccountAuthorizationDetailsRequest
}

GetAccountAuthorizationDetailsRequest is the request type for the GetAccountAuthorizationDetails API operation.

func (GetAccountAuthorizationDetailsRequest) Send

Send marshals and sends the GetAccountAuthorizationDetails API request.

type GetAccountAuthorizationDetailsResponse added in v0.9.0

type GetAccountAuthorizationDetailsResponse struct {
	*GetAccountAuthorizationDetailsOutput
	// contains filtered or unexported fields
}

GetAccountAuthorizationDetailsResponse is the response type for the GetAccountAuthorizationDetails API operation.

func (*GetAccountAuthorizationDetailsResponse) SDKResponseMetdata added in v0.9.0

func (r *GetAccountAuthorizationDetailsResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetAccountAuthorizationDetails request.

type GetAccountPasswordPolicyInput

type GetAccountPasswordPolicyInput struct {
	// contains filtered or unexported fields
}

func (GetAccountPasswordPolicyInput) String

String returns the string representation

type GetAccountPasswordPolicyOutput

type GetAccountPasswordPolicyOutput struct {

	// A structure that contains details about the account's password policy.
	//
	// PasswordPolicy is a required field
	PasswordPolicy *PasswordPolicy `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetAccountPasswordPolicy request.

func (GetAccountPasswordPolicyOutput) String

String returns the string representation

type GetAccountPasswordPolicyRequest

type GetAccountPasswordPolicyRequest struct {
	*aws.Request
	Input *GetAccountPasswordPolicyInput
	Copy  func(*GetAccountPasswordPolicyInput) GetAccountPasswordPolicyRequest
}

GetAccountPasswordPolicyRequest is the request type for the GetAccountPasswordPolicy API operation.

func (GetAccountPasswordPolicyRequest) Send

Send marshals and sends the GetAccountPasswordPolicy API request.

type GetAccountPasswordPolicyResponse added in v0.9.0

type GetAccountPasswordPolicyResponse struct {
	*GetAccountPasswordPolicyOutput
	// contains filtered or unexported fields
}

GetAccountPasswordPolicyResponse is the response type for the GetAccountPasswordPolicy API operation.

func (*GetAccountPasswordPolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *GetAccountPasswordPolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetAccountPasswordPolicy request.

type GetAccountSummaryInput

type GetAccountSummaryInput struct {
	// contains filtered or unexported fields
}

func (GetAccountSummaryInput) String

func (s GetAccountSummaryInput) String() string

String returns the string representation

type GetAccountSummaryOutput

type GetAccountSummaryOutput struct {

	// A set of key–value pairs containing information about IAM entity usage
	// and IAM quotas.
	SummaryMap map[string]int64 `type:"map"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetAccountSummary request.

func (GetAccountSummaryOutput) String

func (s GetAccountSummaryOutput) String() string

String returns the string representation

type GetAccountSummaryRequest

type GetAccountSummaryRequest struct {
	*aws.Request
	Input *GetAccountSummaryInput
	Copy  func(*GetAccountSummaryInput) GetAccountSummaryRequest
}

GetAccountSummaryRequest is the request type for the GetAccountSummary API operation.

func (GetAccountSummaryRequest) Send

Send marshals and sends the GetAccountSummary API request.

type GetAccountSummaryResponse added in v0.9.0

type GetAccountSummaryResponse struct {
	*GetAccountSummaryOutput
	// contains filtered or unexported fields
}

GetAccountSummaryResponse is the response type for the GetAccountSummary API operation.

func (*GetAccountSummaryResponse) SDKResponseMetdata added in v0.9.0

func (r *GetAccountSummaryResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetAccountSummary request.

type GetContextKeysForCustomPolicyInput

type GetContextKeysForCustomPolicyInput struct {

	// A list of policies for which you want the list of context keys referenced
	// in those policies. Each document is specified as a string containing the
	// complete, valid JSON text of an IAM policy.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyInputList is a required field
	PolicyInputList []string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (GetContextKeysForCustomPolicyInput) String

String returns the string representation

func (*GetContextKeysForCustomPolicyInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type GetContextKeysForCustomPolicyOutput added in v0.9.0

type GetContextKeysForCustomPolicyOutput struct {

	// The list of context keys that are referenced in the input policies.
	ContextKeyNames []string `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetContextKeysForPrincipalPolicy or GetContextKeysForCustomPolicy request.

func (GetContextKeysForCustomPolicyOutput) String added in v0.9.0

String returns the string representation

type GetContextKeysForCustomPolicyRequest

type GetContextKeysForCustomPolicyRequest struct {
	*aws.Request
	Input *GetContextKeysForCustomPolicyInput
	Copy  func(*GetContextKeysForCustomPolicyInput) GetContextKeysForCustomPolicyRequest
}

GetContextKeysForCustomPolicyRequest is the request type for the GetContextKeysForCustomPolicy API operation.

func (GetContextKeysForCustomPolicyRequest) Send

Send marshals and sends the GetContextKeysForCustomPolicy API request.

type GetContextKeysForCustomPolicyResponse added in v0.9.0

type GetContextKeysForCustomPolicyResponse struct {
	*GetContextKeysForCustomPolicyOutput
	// contains filtered or unexported fields
}

GetContextKeysForCustomPolicyResponse is the response type for the GetContextKeysForCustomPolicy API operation.

func (*GetContextKeysForCustomPolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *GetContextKeysForCustomPolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetContextKeysForCustomPolicy request.

type GetContextKeysForPrincipalPolicyInput

type GetContextKeysForPrincipalPolicyInput struct {

	// An optional list of additional policies for which you want the list of context
	// keys that are referenced.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	PolicyInputList []string `type:"list"`

	// The ARN of a user, group, or role whose policies contain the context keys
	// that you want listed. If you specify a user, the list includes context keys
	// that are found in all policies that are attached to the user. The list also
	// includes all groups that the user is a member of. If you pick a group or
	// a role, then it includes only those context keys that are found in policies
	// attached to that entity. Note that all parameters are shown in unencoded
	// form here for clarity, but must be URL encoded to be included as a part of
	// a real HTML request.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicySourceArn is a required field
	PolicySourceArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetContextKeysForPrincipalPolicyInput) String

String returns the string representation

func (*GetContextKeysForPrincipalPolicyInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type GetContextKeysForPrincipalPolicyOutput

type GetContextKeysForPrincipalPolicyOutput struct {

	// The list of context keys that are referenced in the input policies.
	ContextKeyNames []string `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetContextKeysForPrincipalPolicy or GetContextKeysForCustomPolicy request.

func (GetContextKeysForPrincipalPolicyOutput) String

String returns the string representation

type GetContextKeysForPrincipalPolicyRequest

type GetContextKeysForPrincipalPolicyRequest struct {
	*aws.Request
	Input *GetContextKeysForPrincipalPolicyInput
	Copy  func(*GetContextKeysForPrincipalPolicyInput) GetContextKeysForPrincipalPolicyRequest
}

GetContextKeysForPrincipalPolicyRequest is the request type for the GetContextKeysForPrincipalPolicy API operation.

func (GetContextKeysForPrincipalPolicyRequest) Send

Send marshals and sends the GetContextKeysForPrincipalPolicy API request.

type GetContextKeysForPrincipalPolicyResponse added in v0.9.0

type GetContextKeysForPrincipalPolicyResponse struct {
	*GetContextKeysForPrincipalPolicyOutput
	// contains filtered or unexported fields
}

GetContextKeysForPrincipalPolicyResponse is the response type for the GetContextKeysForPrincipalPolicy API operation.

func (*GetContextKeysForPrincipalPolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *GetContextKeysForPrincipalPolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetContextKeysForPrincipalPolicy request.

type GetCredentialReportInput

type GetCredentialReportInput struct {
	// contains filtered or unexported fields
}

func (GetCredentialReportInput) String

func (s GetCredentialReportInput) String() string

String returns the string representation

type GetCredentialReportOutput

type GetCredentialReportOutput struct {

	// Contains the credential report. The report is Base64-encoded.
	//
	// Content is automatically base64 encoded/decoded by the SDK.
	Content []byte `type:"blob"`

	// The date and time when the credential report was created, in ISO 8601 date-time
	// format (http://www.iso.org/iso/iso8601).
	GeneratedTime *time.Time `type:"timestamp"`

	// The format (MIME type) of the credential report.
	ReportFormat ReportFormatType `type:"string" enum:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetCredentialReport request.

func (GetCredentialReportOutput) String

func (s GetCredentialReportOutput) String() string

String returns the string representation

type GetCredentialReportRequest

type GetCredentialReportRequest struct {
	*aws.Request
	Input *GetCredentialReportInput
	Copy  func(*GetCredentialReportInput) GetCredentialReportRequest
}

GetCredentialReportRequest is the request type for the GetCredentialReport API operation.

func (GetCredentialReportRequest) Send

Send marshals and sends the GetCredentialReport API request.

type GetCredentialReportResponse added in v0.9.0

type GetCredentialReportResponse struct {
	*GetCredentialReportOutput
	// contains filtered or unexported fields
}

GetCredentialReportResponse is the response type for the GetCredentialReport API operation.

func (*GetCredentialReportResponse) SDKResponseMetdata added in v0.9.0

func (r *GetCredentialReportResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetCredentialReport request.

type GetGroupInput

type GetGroupInput struct {

	// The name of the group.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (GetGroupInput) String

func (s GetGroupInput) String() string

String returns the string representation

func (*GetGroupInput) Validate

func (s *GetGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetGroupOutput

type GetGroupOutput struct {

	// A structure that contains details about the group.
	//
	// Group is a required field
	Group *Group `type:"structure" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of users in the group.
	//
	// Users is a required field
	Users []User `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetGroup request.

func (GetGroupOutput) String

func (s GetGroupOutput) String() string

String returns the string representation

type GetGroupPaginator added in v0.9.0

type GetGroupPaginator struct {
	aws.Pager
}

GetGroupPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewGetGroupPaginator added in v0.9.0

func NewGetGroupPaginator(req GetGroupRequest) GetGroupPaginator

NewGetGroupRequestPaginator returns a paginator for GetGroup. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.GetGroupRequest(input)
p := iam.NewGetGroupRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*GetGroupPaginator) CurrentPage added in v0.9.0

func (p *GetGroupPaginator) CurrentPage() *GetGroupOutput

type GetGroupPolicyInput

type GetGroupPolicyInput struct {

	// The name of the group the policy is associated with.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The name of the policy document to get.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetGroupPolicyInput) String

func (s GetGroupPolicyInput) String() string

String returns the string representation

func (*GetGroupPolicyInput) Validate

func (s *GetGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetGroupPolicyOutput

type GetGroupPolicyOutput struct {

	// The group the policy is associated with.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The policy document.
	//
	// IAM stores policies in JSON format. However, resources that were created
	// using AWS CloudFormation templates can be formatted in YAML. AWS CloudFormation
	// always converts a YAML policy to JSON format before submitting it to IAM.
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy.
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetGroupPolicy request.

func (GetGroupPolicyOutput) String

func (s GetGroupPolicyOutput) String() string

String returns the string representation

type GetGroupPolicyRequest

type GetGroupPolicyRequest struct {
	*aws.Request
	Input *GetGroupPolicyInput
	Copy  func(*GetGroupPolicyInput) GetGroupPolicyRequest
}

GetGroupPolicyRequest is the request type for the GetGroupPolicy API operation.

func (GetGroupPolicyRequest) Send

Send marshals and sends the GetGroupPolicy API request.

type GetGroupPolicyResponse added in v0.9.0

type GetGroupPolicyResponse struct {
	*GetGroupPolicyOutput
	// contains filtered or unexported fields
}

GetGroupPolicyResponse is the response type for the GetGroupPolicy API operation.

func (*GetGroupPolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *GetGroupPolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetGroupPolicy request.

type GetGroupRequest

type GetGroupRequest struct {
	*aws.Request
	Input *GetGroupInput
	Copy  func(*GetGroupInput) GetGroupRequest
}

GetGroupRequest is the request type for the GetGroup API operation.

func (GetGroupRequest) Send

Send marshals and sends the GetGroup API request.

type GetGroupResponse added in v0.9.0

type GetGroupResponse struct {
	*GetGroupOutput
	// contains filtered or unexported fields
}

GetGroupResponse is the response type for the GetGroup API operation.

func (*GetGroupResponse) SDKResponseMetdata added in v0.9.0

func (r *GetGroupResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetGroup request.

type GetInstanceProfileInput

type GetInstanceProfileInput struct {

	// The name of the instance profile to get information about.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetInstanceProfileInput) String

func (s GetInstanceProfileInput) String() string

String returns the string representation

func (*GetInstanceProfileInput) Validate

func (s *GetInstanceProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetInstanceProfileOutput

type GetInstanceProfileOutput struct {

	// A structure containing details about the instance profile.
	//
	// InstanceProfile is a required field
	InstanceProfile *InstanceProfile `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetInstanceProfile request.

func (GetInstanceProfileOutput) String

func (s GetInstanceProfileOutput) String() string

String returns the string representation

type GetInstanceProfileRequest

type GetInstanceProfileRequest struct {
	*aws.Request
	Input *GetInstanceProfileInput
	Copy  func(*GetInstanceProfileInput) GetInstanceProfileRequest
}

GetInstanceProfileRequest is the request type for the GetInstanceProfile API operation.

func (GetInstanceProfileRequest) Send

Send marshals and sends the GetInstanceProfile API request.

type GetInstanceProfileResponse added in v0.9.0

type GetInstanceProfileResponse struct {
	*GetInstanceProfileOutput
	// contains filtered or unexported fields
}

GetInstanceProfileResponse is the response type for the GetInstanceProfile API operation.

func (*GetInstanceProfileResponse) SDKResponseMetdata added in v0.9.0

func (r *GetInstanceProfileResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetInstanceProfile request.

type GetLoginProfileInput

type GetLoginProfileInput struct {

	// The name of the user whose login profile you want to retrieve.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetLoginProfileInput) String

func (s GetLoginProfileInput) String() string

String returns the string representation

func (*GetLoginProfileInput) Validate

func (s *GetLoginProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetLoginProfileOutput

type GetLoginProfileOutput struct {

	// A structure containing the user name and password create date for the user.
	//
	// LoginProfile is a required field
	LoginProfile *LoginProfile `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetLoginProfile request.

func (GetLoginProfileOutput) String

func (s GetLoginProfileOutput) String() string

String returns the string representation

type GetLoginProfileRequest

type GetLoginProfileRequest struct {
	*aws.Request
	Input *GetLoginProfileInput
	Copy  func(*GetLoginProfileInput) GetLoginProfileRequest
}

GetLoginProfileRequest is the request type for the GetLoginProfile API operation.

func (GetLoginProfileRequest) Send

Send marshals and sends the GetLoginProfile API request.

type GetLoginProfileResponse added in v0.9.0

type GetLoginProfileResponse struct {
	*GetLoginProfileOutput
	// contains filtered or unexported fields
}

GetLoginProfileResponse is the response type for the GetLoginProfile API operation.

func (*GetLoginProfileResponse) SDKResponseMetdata added in v0.9.0

func (r *GetLoginProfileResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetLoginProfile request.

type GetOpenIDConnectProviderInput

type GetOpenIDConnectProviderInput struct {

	// The Amazon Resource Name (ARN) of the OIDC provider resource object in IAM
	// to get information for. You can get a list of OIDC provider resource ARNs
	// by using the ListOpenIDConnectProviders operation.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetOpenIDConnectProviderInput) String

String returns the string representation

func (*GetOpenIDConnectProviderInput) Validate

func (s *GetOpenIDConnectProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetOpenIDConnectProviderOutput

type GetOpenIDConnectProviderOutput struct {

	// A list of client IDs (also known as audiences) that are associated with the
	// specified IAM OIDC provider resource object. For more information, see CreateOpenIDConnectProvider.
	ClientIDList []string `type:"list"`

	// The date and time when the IAM OIDC provider resource object was created
	// in the AWS account.
	CreateDate *time.Time `type:"timestamp"`

	// A list of certificate thumbprints that are associated with the specified
	// IAM OIDC provider resource object. For more information, see CreateOpenIDConnectProvider.
	ThumbprintList []string `type:"list"`

	// The URL that the IAM OIDC provider resource object is associated with. For
	// more information, see CreateOpenIDConnectProvider.
	Url *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetOpenIDConnectProvider request.

func (GetOpenIDConnectProviderOutput) String

String returns the string representation

type GetOpenIDConnectProviderRequest

type GetOpenIDConnectProviderRequest struct {
	*aws.Request
	Input *GetOpenIDConnectProviderInput
	Copy  func(*GetOpenIDConnectProviderInput) GetOpenIDConnectProviderRequest
}

GetOpenIDConnectProviderRequest is the request type for the GetOpenIDConnectProvider API operation.

func (GetOpenIDConnectProviderRequest) Send

Send marshals and sends the GetOpenIDConnectProvider API request.

type GetOpenIDConnectProviderResponse added in v0.9.0

type GetOpenIDConnectProviderResponse struct {
	*GetOpenIDConnectProviderOutput
	// contains filtered or unexported fields
}

GetOpenIDConnectProviderResponse is the response type for the GetOpenIDConnectProvider API operation.

func (*GetOpenIDConnectProviderResponse) SDKResponseMetdata added in v0.9.0

func (r *GetOpenIDConnectProviderResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetOpenIDConnectProvider request.

type GetOrganizationsAccessReportInput added in v0.10.0

type GetOrganizationsAccessReportInput struct {

	// The identifier of the request generated by the GenerateOrganizationsAccessReport
	// operation.
	//
	// JobId is a required field
	JobId *string `min:"36" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The key that is used to sort the results. If you choose the namespace key,
	// the results are returned in alphabetical order. If you choose the time key,
	// the results are sorted numerically by the date and time.
	SortKey SortKeyType `type:"string" enum:"true"`
	// contains filtered or unexported fields
}

func (GetOrganizationsAccessReportInput) String added in v0.10.0

String returns the string representation

func (*GetOrganizationsAccessReportInput) Validate added in v0.10.0

Validate inspects the fields of the type to determine if they are valid.

type GetOrganizationsAccessReportOutput added in v0.10.0

type GetOrganizationsAccessReportOutput struct {

	// An object that contains details about the most recent attempt to access the
	// service.
	AccessDetails []AccessDetail `type:"list"`

	// Contains information about the reason that the operation failed.
	//
	// This data type is used as a response element in the GetOrganizationsAccessReport,
	// GetServiceLastAccessedDetails, and GetServiceLastAccessedDetailsWithEntities
	// operations.
	ErrorDetails *ErrorDetails `type:"structure"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the generated report job was completed or failed.
	//
	// This field is null if the job is still in progress, as indicated by a job
	// status value of IN_PROGRESS.
	JobCompletionDate *time.Time `type:"timestamp"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the report job was created.
	//
	// JobCreationDate is a required field
	JobCreationDate *time.Time `type:"timestamp" required:"true"`

	// The status of the job.
	//
	// JobStatus is a required field
	JobStatus JobStatusType `type:"string" required:"true" enum:"true"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// The number of services that the applicable SCPs allow account principals
	// to access.
	NumberOfServicesAccessible *int64 `type:"integer"`

	// The number of services that account principals are allowed but did not attempt
	// to access.
	NumberOfServicesNotAccessed *int64 `type:"integer"`
	// contains filtered or unexported fields
}

func (GetOrganizationsAccessReportOutput) String added in v0.10.0

String returns the string representation

type GetOrganizationsAccessReportRequest added in v0.10.0

type GetOrganizationsAccessReportRequest struct {
	*aws.Request
	Input *GetOrganizationsAccessReportInput
	Copy  func(*GetOrganizationsAccessReportInput) GetOrganizationsAccessReportRequest
}

GetOrganizationsAccessReportRequest is the request type for the GetOrganizationsAccessReport API operation.

func (GetOrganizationsAccessReportRequest) Send added in v0.10.0

Send marshals and sends the GetOrganizationsAccessReport API request.

type GetOrganizationsAccessReportResponse added in v0.10.0

type GetOrganizationsAccessReportResponse struct {
	*GetOrganizationsAccessReportOutput
	// contains filtered or unexported fields
}

GetOrganizationsAccessReportResponse is the response type for the GetOrganizationsAccessReport API operation.

func (*GetOrganizationsAccessReportResponse) SDKResponseMetdata added in v0.10.0

func (r *GetOrganizationsAccessReportResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetOrganizationsAccessReport request.

type GetPolicyInput

type GetPolicyInput struct {

	// The Amazon Resource Name (ARN) of the managed policy that you want information
	// about.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetPolicyInput) String

func (s GetPolicyInput) String() string

String returns the string representation

func (*GetPolicyInput) Validate

func (s *GetPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetPolicyOutput

type GetPolicyOutput struct {

	// A structure containing details about the policy.
	Policy *Policy `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetPolicy request.

func (GetPolicyOutput) String

func (s GetPolicyOutput) String() string

String returns the string representation

type GetPolicyRequest

type GetPolicyRequest struct {
	*aws.Request
	Input *GetPolicyInput
	Copy  func(*GetPolicyInput) GetPolicyRequest
}

GetPolicyRequest is the request type for the GetPolicy API operation.

func (GetPolicyRequest) Send

Send marshals and sends the GetPolicy API request.

type GetPolicyResponse added in v0.9.0

type GetPolicyResponse struct {
	*GetPolicyOutput
	// contains filtered or unexported fields
}

GetPolicyResponse is the response type for the GetPolicy API operation.

func (*GetPolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *GetPolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetPolicy request.

type GetPolicyVersionInput

type GetPolicyVersionInput struct {

	// The Amazon Resource Name (ARN) of the managed policy that you want information
	// about.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// Identifies the policy version to retrieve.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that consists of the lowercase letter 'v' followed
	// by one or two digits, and optionally followed by a period '.' and a string
	// of letters and digits.
	//
	// VersionId is a required field
	VersionId *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetPolicyVersionInput) String

func (s GetPolicyVersionInput) String() string

String returns the string representation

func (*GetPolicyVersionInput) Validate

func (s *GetPolicyVersionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetPolicyVersionOutput

type GetPolicyVersionOutput struct {

	// A structure containing details about the policy version.
	PolicyVersion *PolicyVersion `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetPolicyVersion request.

func (GetPolicyVersionOutput) String

func (s GetPolicyVersionOutput) String() string

String returns the string representation

type GetPolicyVersionRequest

type GetPolicyVersionRequest struct {
	*aws.Request
	Input *GetPolicyVersionInput
	Copy  func(*GetPolicyVersionInput) GetPolicyVersionRequest
}

GetPolicyVersionRequest is the request type for the GetPolicyVersion API operation.

func (GetPolicyVersionRequest) Send

Send marshals and sends the GetPolicyVersion API request.

type GetPolicyVersionResponse added in v0.9.0

type GetPolicyVersionResponse struct {
	*GetPolicyVersionOutput
	// contains filtered or unexported fields
}

GetPolicyVersionResponse is the response type for the GetPolicyVersion API operation.

func (*GetPolicyVersionResponse) SDKResponseMetdata added in v0.9.0

func (r *GetPolicyVersionResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetPolicyVersion request.

type GetRoleInput

type GetRoleInput struct {

	// The name of the IAM role to get information about.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetRoleInput) String

func (s GetRoleInput) String() string

String returns the string representation

func (*GetRoleInput) Validate

func (s *GetRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetRoleOutput

type GetRoleOutput struct {

	// A structure containing details about the IAM role.
	//
	// Role is a required field
	Role *Role `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetRole request.

func (GetRoleOutput) String

func (s GetRoleOutput) String() string

String returns the string representation

type GetRolePolicyInput

type GetRolePolicyInput struct {

	// The name of the policy document to get.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name of the role associated with the policy.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetRolePolicyInput) String

func (s GetRolePolicyInput) String() string

String returns the string representation

func (*GetRolePolicyInput) Validate

func (s *GetRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetRolePolicyOutput

type GetRolePolicyOutput struct {

	// The policy document.
	//
	// IAM stores policies in JSON format. However, resources that were created
	// using AWS CloudFormation templates can be formatted in YAML. AWS CloudFormation
	// always converts a YAML policy to JSON format before submitting it to IAM.
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy.
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The role the policy is associated with.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetRolePolicy request.

func (GetRolePolicyOutput) String

func (s GetRolePolicyOutput) String() string

String returns the string representation

type GetRolePolicyRequest

type GetRolePolicyRequest struct {
	*aws.Request
	Input *GetRolePolicyInput
	Copy  func(*GetRolePolicyInput) GetRolePolicyRequest
}

GetRolePolicyRequest is the request type for the GetRolePolicy API operation.

func (GetRolePolicyRequest) Send

Send marshals and sends the GetRolePolicy API request.

type GetRolePolicyResponse added in v0.9.0

type GetRolePolicyResponse struct {
	*GetRolePolicyOutput
	// contains filtered or unexported fields
}

GetRolePolicyResponse is the response type for the GetRolePolicy API operation.

func (*GetRolePolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *GetRolePolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetRolePolicy request.

type GetRoleRequest

type GetRoleRequest struct {
	*aws.Request
	Input *GetRoleInput
	Copy  func(*GetRoleInput) GetRoleRequest
}

GetRoleRequest is the request type for the GetRole API operation.

func (GetRoleRequest) Send

Send marshals and sends the GetRole API request.

type GetRoleResponse added in v0.9.0

type GetRoleResponse struct {
	*GetRoleOutput
	// contains filtered or unexported fields
}

GetRoleResponse is the response type for the GetRole API operation.

func (*GetRoleResponse) SDKResponseMetdata added in v0.9.0

func (r *GetRoleResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetRole request.

type GetSAMLProviderInput

type GetSAMLProviderInput struct {

	// The Amazon Resource Name (ARN) of the SAML provider resource object in IAM
	// to get information about.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// SAMLProviderArn is a required field
	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetSAMLProviderInput) String

func (s GetSAMLProviderInput) String() string

String returns the string representation

func (*GetSAMLProviderInput) Validate

func (s *GetSAMLProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetSAMLProviderOutput

type GetSAMLProviderOutput struct {

	// The date and time when the SAML provider was created.
	CreateDate *time.Time `type:"timestamp"`

	// The XML metadata document that includes information about an identity provider.
	SAMLMetadataDocument *string `min:"1000" type:"string"`

	// The expiration date and time for the SAML provider.
	ValidUntil *time.Time `type:"timestamp"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetSAMLProvider request.

func (GetSAMLProviderOutput) String

func (s GetSAMLProviderOutput) String() string

String returns the string representation

type GetSAMLProviderRequest

type GetSAMLProviderRequest struct {
	*aws.Request
	Input *GetSAMLProviderInput
	Copy  func(*GetSAMLProviderInput) GetSAMLProviderRequest
}

GetSAMLProviderRequest is the request type for the GetSAMLProvider API operation.

func (GetSAMLProviderRequest) Send

Send marshals and sends the GetSAMLProvider API request.

type GetSAMLProviderResponse added in v0.9.0

type GetSAMLProviderResponse struct {
	*GetSAMLProviderOutput
	// contains filtered or unexported fields
}

GetSAMLProviderResponse is the response type for the GetSAMLProvider API operation.

func (*GetSAMLProviderResponse) SDKResponseMetdata added in v0.9.0

func (r *GetSAMLProviderResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetSAMLProvider request.

type GetSSHPublicKeyInput

type GetSSHPublicKeyInput struct {

	// Specifies the public key encoding format to use in the response. To retrieve
	// the public key in ssh-rsa format, use SSH. To retrieve the public key in
	// PEM format, use PEM.
	//
	// Encoding is a required field
	Encoding EncodingType `type:"string" required:"true" enum:"true"`

	// The unique identifier for the SSH public key.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The name of the IAM user associated with the SSH public key.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetSSHPublicKeyInput) String

func (s GetSSHPublicKeyInput) String() string

String returns the string representation

func (*GetSSHPublicKeyInput) Validate

func (s *GetSSHPublicKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetSSHPublicKeyOutput

type GetSSHPublicKeyOutput struct {

	// A structure containing details about the SSH public key.
	SSHPublicKey *SSHPublicKey `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetSSHPublicKey request.

func (GetSSHPublicKeyOutput) String

func (s GetSSHPublicKeyOutput) String() string

String returns the string representation

type GetSSHPublicKeyRequest

type GetSSHPublicKeyRequest struct {
	*aws.Request
	Input *GetSSHPublicKeyInput
	Copy  func(*GetSSHPublicKeyInput) GetSSHPublicKeyRequest
}

GetSSHPublicKeyRequest is the request type for the GetSSHPublicKey API operation.

func (GetSSHPublicKeyRequest) Send

Send marshals and sends the GetSSHPublicKey API request.

type GetSSHPublicKeyResponse added in v0.9.0

type GetSSHPublicKeyResponse struct {
	*GetSSHPublicKeyOutput
	// contains filtered or unexported fields
}

GetSSHPublicKeyResponse is the response type for the GetSSHPublicKey API operation.

func (*GetSSHPublicKeyResponse) SDKResponseMetdata added in v0.9.0

func (r *GetSSHPublicKeyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetSSHPublicKey request.

type GetServerCertificateInput

type GetServerCertificateInput struct {

	// The name of the server certificate you want to retrieve information about.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetServerCertificateInput) String

func (s GetServerCertificateInput) String() string

String returns the string representation

func (*GetServerCertificateInput) Validate

func (s *GetServerCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetServerCertificateOutput

type GetServerCertificateOutput struct {

	// A structure containing details about the server certificate.
	//
	// ServerCertificate is a required field
	ServerCertificate *ServerCertificate `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetServerCertificate request.

func (GetServerCertificateOutput) String

String returns the string representation

type GetServerCertificateRequest

type GetServerCertificateRequest struct {
	*aws.Request
	Input *GetServerCertificateInput
	Copy  func(*GetServerCertificateInput) GetServerCertificateRequest
}

GetServerCertificateRequest is the request type for the GetServerCertificate API operation.

func (GetServerCertificateRequest) Send

Send marshals and sends the GetServerCertificate API request.

type GetServerCertificateResponse added in v0.9.0

type GetServerCertificateResponse struct {
	*GetServerCertificateOutput
	// contains filtered or unexported fields
}

GetServerCertificateResponse is the response type for the GetServerCertificate API operation.

func (*GetServerCertificateResponse) SDKResponseMetdata added in v0.9.0

func (r *GetServerCertificateResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetServerCertificate request.

type GetServiceLastAccessedDetailsInput added in v0.7.0

type GetServiceLastAccessedDetailsInput struct {

	// The ID of the request generated by the GenerateServiceLastAccessedDetails
	// operation.
	//
	// JobId is a required field
	JobId *string `min:"36" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (GetServiceLastAccessedDetailsInput) String added in v0.7.0

String returns the string representation

func (*GetServiceLastAccessedDetailsInput) Validate added in v0.7.0

Validate inspects the fields of the type to determine if they are valid.

type GetServiceLastAccessedDetailsOutput added in v0.7.0

type GetServiceLastAccessedDetailsOutput struct {

	// An object that contains details about the reason the operation failed.
	Error *ErrorDetails `type:"structure"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the generated report job was completed or failed.
	//
	// This field is null if the job is still in progress, as indicated by a job
	// status value of IN_PROGRESS.
	//
	// JobCompletionDate is a required field
	JobCompletionDate *time.Time `type:"timestamp" required:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the report job was created.
	//
	// JobCreationDate is a required field
	JobCreationDate *time.Time `type:"timestamp" required:"true"`

	// The status of the job.
	//
	// JobStatus is a required field
	JobStatus JobStatusType `type:"string" required:"true" enum:"true"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A ServiceLastAccessed object that contains details about the most recent
	// attempt to access the service.
	//
	// ServicesLastAccessed is a required field
	ServicesLastAccessed []ServiceLastAccessed `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (GetServiceLastAccessedDetailsOutput) String added in v0.7.0

String returns the string representation

type GetServiceLastAccessedDetailsRequest added in v0.7.0

type GetServiceLastAccessedDetailsRequest struct {
	*aws.Request
	Input *GetServiceLastAccessedDetailsInput
	Copy  func(*GetServiceLastAccessedDetailsInput) GetServiceLastAccessedDetailsRequest
}

GetServiceLastAccessedDetailsRequest is the request type for the GetServiceLastAccessedDetails API operation.

func (GetServiceLastAccessedDetailsRequest) Send added in v0.7.0

Send marshals and sends the GetServiceLastAccessedDetails API request.

type GetServiceLastAccessedDetailsResponse added in v0.9.0

type GetServiceLastAccessedDetailsResponse struct {
	*GetServiceLastAccessedDetailsOutput
	// contains filtered or unexported fields
}

GetServiceLastAccessedDetailsResponse is the response type for the GetServiceLastAccessedDetails API operation.

func (*GetServiceLastAccessedDetailsResponse) SDKResponseMetdata added in v0.9.0

func (r *GetServiceLastAccessedDetailsResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetServiceLastAccessedDetails request.

type GetServiceLastAccessedDetailsWithEntitiesInput added in v0.7.0

type GetServiceLastAccessedDetailsWithEntitiesInput struct {

	// The ID of the request generated by the GenerateServiceLastAccessedDetails
	// operation.
	//
	// JobId is a required field
	JobId *string `min:"36" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The service namespace for an AWS service. Provide the service namespace to
	// learn when the IAM entity last attempted to access the specified service.
	//
	// To learn the service namespace for a service, go to Actions, Resources, and
	// Condition Keys for AWS Services (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_actions-resources-contextkeys.html)
	// in the IAM User Guide. Choose the name of the service to view details for
	// that service. In the first paragraph, find the service prefix. For example,
	// (service prefix: a4b). For more information about service namespaces, see
	// AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
	// in the AWS General Reference.
	//
	// ServiceNamespace is a required field
	ServiceNamespace *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetServiceLastAccessedDetailsWithEntitiesInput) String added in v0.7.0

String returns the string representation

func (*GetServiceLastAccessedDetailsWithEntitiesInput) Validate added in v0.7.0

Validate inspects the fields of the type to determine if they are valid.

type GetServiceLastAccessedDetailsWithEntitiesOutput added in v0.7.0

type GetServiceLastAccessedDetailsWithEntitiesOutput struct {

	// An EntityDetailsList object that contains details about when an IAM entity
	// (user or role) used group or policy permissions in an attempt to access the
	// specified AWS service.
	//
	// EntityDetailsList is a required field
	EntityDetailsList []EntityDetails `type:"list" required:"true"`

	// An object that contains details about the reason the operation failed.
	Error *ErrorDetails `type:"structure"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the generated report job was completed or failed.
	//
	// This field is null if the job is still in progress, as indicated by a job
	// status value of IN_PROGRESS.
	//
	// JobCompletionDate is a required field
	JobCompletionDate *time.Time `type:"timestamp" required:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the report job was created.
	//
	// JobCreationDate is a required field
	JobCreationDate *time.Time `type:"timestamp" required:"true"`

	// The status of the job.
	//
	// JobStatus is a required field
	JobStatus JobStatusType `type:"string" required:"true" enum:"true"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

func (GetServiceLastAccessedDetailsWithEntitiesOutput) String added in v0.7.0

String returns the string representation

type GetServiceLastAccessedDetailsWithEntitiesRequest added in v0.7.0

GetServiceLastAccessedDetailsWithEntitiesRequest is the request type for the GetServiceLastAccessedDetailsWithEntities API operation.

func (GetServiceLastAccessedDetailsWithEntitiesRequest) Send added in v0.7.0

Send marshals and sends the GetServiceLastAccessedDetailsWithEntities API request.

type GetServiceLastAccessedDetailsWithEntitiesResponse added in v0.9.0

type GetServiceLastAccessedDetailsWithEntitiesResponse struct {
	*GetServiceLastAccessedDetailsWithEntitiesOutput
	// contains filtered or unexported fields
}

GetServiceLastAccessedDetailsWithEntitiesResponse is the response type for the GetServiceLastAccessedDetailsWithEntities API operation.

func (*GetServiceLastAccessedDetailsWithEntitiesResponse) SDKResponseMetdata added in v0.9.0

SDKResponseMetdata returns the response metadata for the GetServiceLastAccessedDetailsWithEntities request.

type GetServiceLinkedRoleDeletionStatusInput

type GetServiceLinkedRoleDeletionStatusInput struct {

	// The deletion task identifier. This identifier is returned by the DeleteServiceLinkedRole
	// operation in the format task/aws-service-role/<service-principal-name>/<role-name>/<task-uuid>.
	//
	// DeletionTaskId is a required field
	DeletionTaskId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetServiceLinkedRoleDeletionStatusInput) String

String returns the string representation

func (*GetServiceLinkedRoleDeletionStatusInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type GetServiceLinkedRoleDeletionStatusOutput

type GetServiceLinkedRoleDeletionStatusOutput struct {

	// An object that contains details about the reason the deletion failed.
	Reason *DeletionTaskFailureReasonType `type:"structure"`

	// The status of the deletion.
	//
	// Status is a required field
	Status DeletionTaskStatusType `type:"string" required:"true" enum:"true"`
	// contains filtered or unexported fields
}

func (GetServiceLinkedRoleDeletionStatusOutput) String

String returns the string representation

type GetServiceLinkedRoleDeletionStatusRequest

GetServiceLinkedRoleDeletionStatusRequest is the request type for the GetServiceLinkedRoleDeletionStatus API operation.

func (GetServiceLinkedRoleDeletionStatusRequest) Send

Send marshals and sends the GetServiceLinkedRoleDeletionStatus API request.

type GetServiceLinkedRoleDeletionStatusResponse added in v0.9.0

type GetServiceLinkedRoleDeletionStatusResponse struct {
	*GetServiceLinkedRoleDeletionStatusOutput
	// contains filtered or unexported fields
}

GetServiceLinkedRoleDeletionStatusResponse is the response type for the GetServiceLinkedRoleDeletionStatus API operation.

func (*GetServiceLinkedRoleDeletionStatusResponse) SDKResponseMetdata added in v0.9.0

func (r *GetServiceLinkedRoleDeletionStatusResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetServiceLinkedRoleDeletionStatus request.

type GetUserInput

type GetUserInput struct {

	// The name of the user to get information about.
	//
	// This parameter is optional. If it is not included, it defaults to the user
	// making the request. This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (GetUserInput) String

func (s GetUserInput) String() string

String returns the string representation

func (*GetUserInput) Validate

func (s *GetUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetUserOutput

type GetUserOutput struct {

	// A structure containing details about the IAM user.
	//
	// Due to a service issue, password last used data does not include password
	// use from May 3, 2018 22:50 PDT to May 23, 2018 14:08 PDT. This affects last
	// sign-in (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_finding-unused.html)
	// dates shown in the IAM console and password last used dates in the IAM credential
	// report (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html),
	// and returned by this GetUser API. If users signed in during the affected
	// time, the password last used date that is returned is the date the user last
	// signed in before May 3, 2018. For users that signed in after May 23, 2018
	// 14:08 PDT, the returned password last used date is accurate.
	//
	// You can use password last used information to identify unused credentials
	// for deletion. For example, you might delete users who did not sign in to
	// AWS in the last 90 days. In cases like this, we recommend that you adjust
	// your evaluation window to include dates after May 23, 2018. Alternatively,
	// if your users use access keys to access AWS programmatically you can refer
	// to access key last used information because it is accurate for all dates.
	//
	// User is a required field
	User *User `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetUser request.

func (GetUserOutput) String

func (s GetUserOutput) String() string

String returns the string representation

type GetUserPolicyInput

type GetUserPolicyInput struct {

	// The name of the policy document to get.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name of the user who the policy is associated with.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetUserPolicyInput) String

func (s GetUserPolicyInput) String() string

String returns the string representation

func (*GetUserPolicyInput) Validate

func (s *GetUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetUserPolicyOutput

type GetUserPolicyOutput struct {

	// The policy document.
	//
	// IAM stores policies in JSON format. However, resources that were created
	// using AWS CloudFormation templates can be formatted in YAML. AWS CloudFormation
	// always converts a YAML policy to JSON format before submitting it to IAM.
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy.
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The user the policy is associated with.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetUserPolicy request.

func (GetUserPolicyOutput) String

func (s GetUserPolicyOutput) String() string

String returns the string representation

type GetUserPolicyRequest

type GetUserPolicyRequest struct {
	*aws.Request
	Input *GetUserPolicyInput
	Copy  func(*GetUserPolicyInput) GetUserPolicyRequest
}

GetUserPolicyRequest is the request type for the GetUserPolicy API operation.

func (GetUserPolicyRequest) Send

Send marshals and sends the GetUserPolicy API request.

type GetUserPolicyResponse added in v0.9.0

type GetUserPolicyResponse struct {
	*GetUserPolicyOutput
	// contains filtered or unexported fields
}

GetUserPolicyResponse is the response type for the GetUserPolicy API operation.

func (*GetUserPolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *GetUserPolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetUserPolicy request.

type GetUserRequest

type GetUserRequest struct {
	*aws.Request
	Input *GetUserInput
	Copy  func(*GetUserInput) GetUserRequest
}

GetUserRequest is the request type for the GetUser API operation.

func (GetUserRequest) Send

Send marshals and sends the GetUser API request.

type GetUserResponse added in v0.9.0

type GetUserResponse struct {
	*GetUserOutput
	// contains filtered or unexported fields
}

GetUserResponse is the response type for the GetUser API operation.

func (*GetUserResponse) SDKResponseMetdata added in v0.9.0

func (r *GetUserResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the GetUser request.

type GlobalEndpointTokenVersion added in v0.9.0

type GlobalEndpointTokenVersion string
const (
	GlobalEndpointTokenVersionV1token GlobalEndpointTokenVersion = "v1Token"
	GlobalEndpointTokenVersionV2token GlobalEndpointTokenVersion = "v2Token"
)

Enum values for GlobalEndpointTokenVersion

func (GlobalEndpointTokenVersion) MarshalValue added in v0.9.0

func (enum GlobalEndpointTokenVersion) MarshalValue() (string, error)

func (GlobalEndpointTokenVersion) MarshalValueBuf added in v0.9.0

func (enum GlobalEndpointTokenVersion) MarshalValueBuf(b []byte) ([]byte, error)

type Group

type Group struct {

	// The Amazon Resource Name (ARN) specifying the group. For more information
	// about ARNs and how to use them in policies, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the group was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" required:"true"`

	// The stable and unique string identifying the group. For more information
	// about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// GroupId is a required field
	GroupId *string `min:"16" type:"string" required:"true"`

	// The friendly name that identifies the group.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The path to the group. For more information about paths, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an IAM group entity.

This data type is used as a response element in the following operations:

  • CreateGroup

  • GetGroup

  • ListGroups

func (Group) String

func (s Group) String() string

String returns the string representation

type GroupDetail

type GroupDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	Arn *string `min:"20" type:"string"`

	// A list of the managed policies attached to the group.
	AttachedManagedPolicies []AttachedPolicy `type:"list"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the group was created.
	CreateDate *time.Time `type:"timestamp"`

	// The stable and unique string identifying the group. For more information
	// about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	GroupId *string `min:"16" type:"string"`

	// The friendly name that identifies the group.
	GroupName *string `min:"1" type:"string"`

	// A list of the inline policies embedded in the group.
	GroupPolicyList []PolicyDetail `type:"list"`

	// The path to the group. For more information about paths, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	Path *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about an IAM group, including all of the group's policies.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

func (GroupDetail) String

func (s GroupDetail) String() string

String returns the string representation

type InstanceProfile

type InstanceProfile struct {

	// The Amazon Resource Name (ARN) specifying the instance profile. For more
	// information about ARNs and how to use them in policies, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The date when the instance profile was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" required:"true"`

	// The stable and unique string identifying the instance profile. For more information
	// about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// InstanceProfileId is a required field
	InstanceProfileId *string `min:"16" type:"string" required:"true"`

	// The name identifying the instance profile.
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`

	// The path to the instance profile. For more information about paths, see IAM
	// Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`

	// The role associated with the instance profile.
	//
	// Roles is a required field
	Roles []Role `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an instance profile.

This data type is used as a response element in the following operations:

  • CreateInstanceProfile

  • GetInstanceProfile

  • ListInstanceProfiles

  • ListInstanceProfilesForRole

func (InstanceProfile) String

func (s InstanceProfile) String() string

String returns the string representation

type JobStatusType added in v0.7.0

type JobStatusType string
const (
	JobStatusTypeInProgress JobStatusType = "IN_PROGRESS"
	JobStatusTypeCompleted  JobStatusType = "COMPLETED"
	JobStatusTypeFailed     JobStatusType = "FAILED"
)

Enum values for JobStatusType

func (JobStatusType) MarshalValue added in v0.7.0

func (enum JobStatusType) MarshalValue() (string, error)

func (JobStatusType) MarshalValueBuf added in v0.7.0

func (enum JobStatusType) MarshalValueBuf(b []byte) ([]byte, error)

type ListAccessKeysInput

type ListAccessKeysInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the user.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListAccessKeysInput) String

func (s ListAccessKeysInput) String() string

String returns the string representation

func (*ListAccessKeysInput) Validate

func (s *ListAccessKeysInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAccessKeysOutput

type ListAccessKeysOutput struct {

	// A list of objects containing metadata about the access keys.
	//
	// AccessKeyMetadata is a required field
	AccessKeyMetadata []AccessKeyMetadata `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAccessKeys request.

func (ListAccessKeysOutput) String

func (s ListAccessKeysOutput) String() string

String returns the string representation

type ListAccessKeysPaginator added in v0.9.0

type ListAccessKeysPaginator struct {
	aws.Pager
}

ListAccessKeysPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListAccessKeysPaginator added in v0.9.0

func NewListAccessKeysPaginator(req ListAccessKeysRequest) ListAccessKeysPaginator

NewListAccessKeysRequestPaginator returns a paginator for ListAccessKeys. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListAccessKeysRequest(input)
p := iam.NewListAccessKeysRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListAccessKeysPaginator) CurrentPage added in v0.9.0

type ListAccessKeysRequest

type ListAccessKeysRequest struct {
	*aws.Request
	Input *ListAccessKeysInput
	Copy  func(*ListAccessKeysInput) ListAccessKeysRequest
}

ListAccessKeysRequest is the request type for the ListAccessKeys API operation.

func (ListAccessKeysRequest) Send

Send marshals and sends the ListAccessKeys API request.

type ListAccessKeysResponse added in v0.9.0

type ListAccessKeysResponse struct {
	*ListAccessKeysOutput
	// contains filtered or unexported fields
}

ListAccessKeysResponse is the response type for the ListAccessKeys API operation.

func (*ListAccessKeysResponse) SDKResponseMetdata added in v0.9.0

func (r *ListAccessKeysResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListAccessKeys request.

type ListAccountAliasesInput

type ListAccountAliasesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (ListAccountAliasesInput) String

func (s ListAccountAliasesInput) String() string

String returns the string representation

func (*ListAccountAliasesInput) Validate

func (s *ListAccountAliasesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAccountAliasesOutput

type ListAccountAliasesOutput struct {

	// A list of aliases associated with the account. AWS supports only one alias
	// per account.
	//
	// AccountAliases is a required field
	AccountAliases []string `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAccountAliases request.

func (ListAccountAliasesOutput) String

func (s ListAccountAliasesOutput) String() string

String returns the string representation

type ListAccountAliasesPaginator added in v0.9.0

type ListAccountAliasesPaginator struct {
	aws.Pager
}

ListAccountAliasesPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListAccountAliasesPaginator added in v0.9.0

func NewListAccountAliasesPaginator(req ListAccountAliasesRequest) ListAccountAliasesPaginator

NewListAccountAliasesRequestPaginator returns a paginator for ListAccountAliases. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListAccountAliasesRequest(input)
p := iam.NewListAccountAliasesRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListAccountAliasesPaginator) CurrentPage added in v0.9.0

type ListAccountAliasesRequest

type ListAccountAliasesRequest struct {
	*aws.Request
	Input *ListAccountAliasesInput
	Copy  func(*ListAccountAliasesInput) ListAccountAliasesRequest
}

ListAccountAliasesRequest is the request type for the ListAccountAliases API operation.

func (ListAccountAliasesRequest) Send

Send marshals and sends the ListAccountAliases API request.

type ListAccountAliasesResponse added in v0.9.0

type ListAccountAliasesResponse struct {
	*ListAccountAliasesOutput
	// contains filtered or unexported fields
}

ListAccountAliasesResponse is the response type for the ListAccountAliases API operation.

func (*ListAccountAliasesResponse) SDKResponseMetdata added in v0.9.0

func (r *ListAccountAliasesResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListAccountAliases request.

type ListAttachedGroupPoliciesInput

type ListAttachedGroupPoliciesInput struct {

	// The name (friendly name, not ARN) of the group to list attached policies
	// for.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all policies.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListAttachedGroupPoliciesInput) String

String returns the string representation

func (*ListAttachedGroupPoliciesInput) Validate

func (s *ListAttachedGroupPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAttachedGroupPoliciesOutput

type ListAttachedGroupPoliciesOutput struct {

	// A list of the attached policies.
	AttachedPolicies []AttachedPolicy `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAttachedGroupPolicies request.

func (ListAttachedGroupPoliciesOutput) String

String returns the string representation

type ListAttachedGroupPoliciesPaginator added in v0.9.0

type ListAttachedGroupPoliciesPaginator struct {
	aws.Pager
}

ListAttachedGroupPoliciesPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListAttachedGroupPoliciesPaginator added in v0.9.0

func NewListAttachedGroupPoliciesPaginator(req ListAttachedGroupPoliciesRequest) ListAttachedGroupPoliciesPaginator

NewListAttachedGroupPoliciesRequestPaginator returns a paginator for ListAttachedGroupPolicies. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListAttachedGroupPoliciesRequest(input)
p := iam.NewListAttachedGroupPoliciesRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListAttachedGroupPoliciesPaginator) CurrentPage added in v0.9.0

type ListAttachedGroupPoliciesRequest

type ListAttachedGroupPoliciesRequest struct {
	*aws.Request
	Input *ListAttachedGroupPoliciesInput
	Copy  func(*ListAttachedGroupPoliciesInput) ListAttachedGroupPoliciesRequest
}

ListAttachedGroupPoliciesRequest is the request type for the ListAttachedGroupPolicies API operation.

func (ListAttachedGroupPoliciesRequest) Send

Send marshals and sends the ListAttachedGroupPolicies API request.

type ListAttachedGroupPoliciesResponse added in v0.9.0

type ListAttachedGroupPoliciesResponse struct {
	*ListAttachedGroupPoliciesOutput
	// contains filtered or unexported fields
}

ListAttachedGroupPoliciesResponse is the response type for the ListAttachedGroupPolicies API operation.

func (*ListAttachedGroupPoliciesResponse) SDKResponseMetdata added in v0.9.0

func (r *ListAttachedGroupPoliciesResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListAttachedGroupPolicies request.

type ListAttachedRolePoliciesInput

type ListAttachedRolePoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all policies.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `min:"1" type:"string"`

	// The name (friendly name, not ARN) of the role to list attached policies for.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListAttachedRolePoliciesInput) String

String returns the string representation

func (*ListAttachedRolePoliciesInput) Validate

func (s *ListAttachedRolePoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAttachedRolePoliciesOutput

type ListAttachedRolePoliciesOutput struct {

	// A list of the attached policies.
	AttachedPolicies []AttachedPolicy `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAttachedRolePolicies request.

func (ListAttachedRolePoliciesOutput) String

String returns the string representation

type ListAttachedRolePoliciesPaginator added in v0.9.0

type ListAttachedRolePoliciesPaginator struct {
	aws.Pager
}

ListAttachedRolePoliciesPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListAttachedRolePoliciesPaginator added in v0.9.0

func NewListAttachedRolePoliciesPaginator(req ListAttachedRolePoliciesRequest) ListAttachedRolePoliciesPaginator

NewListAttachedRolePoliciesRequestPaginator returns a paginator for ListAttachedRolePolicies. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListAttachedRolePoliciesRequest(input)
p := iam.NewListAttachedRolePoliciesRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListAttachedRolePoliciesPaginator) CurrentPage added in v0.9.0

type ListAttachedRolePoliciesRequest

type ListAttachedRolePoliciesRequest struct {
	*aws.Request
	Input *ListAttachedRolePoliciesInput
	Copy  func(*ListAttachedRolePoliciesInput) ListAttachedRolePoliciesRequest
}

ListAttachedRolePoliciesRequest is the request type for the ListAttachedRolePolicies API operation.

func (ListAttachedRolePoliciesRequest) Send

Send marshals and sends the ListAttachedRolePolicies API request.

type ListAttachedRolePoliciesResponse added in v0.9.0

type ListAttachedRolePoliciesResponse struct {
	*ListAttachedRolePoliciesOutput
	// contains filtered or unexported fields
}

ListAttachedRolePoliciesResponse is the response type for the ListAttachedRolePolicies API operation.

func (*ListAttachedRolePoliciesResponse) SDKResponseMetdata added in v0.9.0

func (r *ListAttachedRolePoliciesResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListAttachedRolePolicies request.

type ListAttachedUserPoliciesInput

type ListAttachedUserPoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all policies.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `min:"1" type:"string"`

	// The name (friendly name, not ARN) of the user to list attached policies for.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListAttachedUserPoliciesInput) String

String returns the string representation

func (*ListAttachedUserPoliciesInput) Validate

func (s *ListAttachedUserPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAttachedUserPoliciesOutput

type ListAttachedUserPoliciesOutput struct {

	// A list of the attached policies.
	AttachedPolicies []AttachedPolicy `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAttachedUserPolicies request.

func (ListAttachedUserPoliciesOutput) String

String returns the string representation

type ListAttachedUserPoliciesPaginator added in v0.9.0

type ListAttachedUserPoliciesPaginator struct {
	aws.Pager
}

ListAttachedUserPoliciesPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListAttachedUserPoliciesPaginator added in v0.9.0

func NewListAttachedUserPoliciesPaginator(req ListAttachedUserPoliciesRequest) ListAttachedUserPoliciesPaginator

NewListAttachedUserPoliciesRequestPaginator returns a paginator for ListAttachedUserPolicies. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListAttachedUserPoliciesRequest(input)
p := iam.NewListAttachedUserPoliciesRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListAttachedUserPoliciesPaginator) CurrentPage added in v0.9.0

type ListAttachedUserPoliciesRequest

type ListAttachedUserPoliciesRequest struct {
	*aws.Request
	Input *ListAttachedUserPoliciesInput
	Copy  func(*ListAttachedUserPoliciesInput) ListAttachedUserPoliciesRequest
}

ListAttachedUserPoliciesRequest is the request type for the ListAttachedUserPolicies API operation.

func (ListAttachedUserPoliciesRequest) Send

Send marshals and sends the ListAttachedUserPolicies API request.

type ListAttachedUserPoliciesResponse added in v0.9.0

type ListAttachedUserPoliciesResponse struct {
	*ListAttachedUserPoliciesOutput
	// contains filtered or unexported fields
}

ListAttachedUserPoliciesResponse is the response type for the ListAttachedUserPolicies API operation.

func (*ListAttachedUserPoliciesResponse) SDKResponseMetdata added in v0.9.0

func (r *ListAttachedUserPoliciesResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListAttachedUserPolicies request.

type ListEntitiesForPolicyInput

type ListEntitiesForPolicyInput struct {

	// The entity type to use for filtering the results.
	//
	// For example, when EntityFilter is Role, only the roles that are attached
	// to the specified policy are returned. This parameter is optional. If it is
	// not included, all attached entities (users, groups, and roles) are returned.
	// The argument for this parameter must be one of the valid values listed below.
	EntityFilter EntityType `type:"string" enum:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all entities.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `min:"1" type:"string"`

	// The Amazon Resource Name (ARN) of the IAM policy for which you want the versions.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The policy usage method to use for filtering the results.
	//
	// To list only permissions policies, set PolicyUsageFilter to PermissionsPolicy.
	// To list only the policies used to set permissions boundaries, set the value
	// to PermissionsBoundary.
	//
	// This parameter is optional. If it is not included, all policies are returned.
	PolicyUsageFilter PolicyUsageType `type:"string" enum:"true"`
	// contains filtered or unexported fields
}

func (ListEntitiesForPolicyInput) String

String returns the string representation

func (*ListEntitiesForPolicyInput) Validate

func (s *ListEntitiesForPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListEntitiesForPolicyOutput

type ListEntitiesForPolicyOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of IAM groups that the policy is attached to.
	PolicyGroups []PolicyGroup `type:"list"`

	// A list of IAM roles that the policy is attached to.
	PolicyRoles []PolicyRole `type:"list"`

	// A list of IAM users that the policy is attached to.
	PolicyUsers []PolicyUser `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListEntitiesForPolicy request.

func (ListEntitiesForPolicyOutput) String

String returns the string representation

type ListEntitiesForPolicyPaginator added in v0.9.0

type ListEntitiesForPolicyPaginator struct {
	aws.Pager
}

ListEntitiesForPolicyPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListEntitiesForPolicyPaginator added in v0.9.0

func NewListEntitiesForPolicyPaginator(req ListEntitiesForPolicyRequest) ListEntitiesForPolicyPaginator

NewListEntitiesForPolicyRequestPaginator returns a paginator for ListEntitiesForPolicy. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListEntitiesForPolicyRequest(input)
p := iam.NewListEntitiesForPolicyRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListEntitiesForPolicyPaginator) CurrentPage added in v0.9.0

type ListEntitiesForPolicyRequest

type ListEntitiesForPolicyRequest struct {
	*aws.Request
	Input *ListEntitiesForPolicyInput
	Copy  func(*ListEntitiesForPolicyInput) ListEntitiesForPolicyRequest
}

ListEntitiesForPolicyRequest is the request type for the ListEntitiesForPolicy API operation.

func (ListEntitiesForPolicyRequest) Send

Send marshals and sends the ListEntitiesForPolicy API request.

type ListEntitiesForPolicyResponse added in v0.9.0

type ListEntitiesForPolicyResponse struct {
	*ListEntitiesForPolicyOutput
	// contains filtered or unexported fields
}

ListEntitiesForPolicyResponse is the response type for the ListEntitiesForPolicy API operation.

func (*ListEntitiesForPolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *ListEntitiesForPolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListEntitiesForPolicy request.

type ListGroupPoliciesInput

type ListGroupPoliciesInput struct {

	// The name of the group to list policies for.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (ListGroupPoliciesInput) String

func (s ListGroupPoliciesInput) String() string

String returns the string representation

func (*ListGroupPoliciesInput) Validate

func (s *ListGroupPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListGroupPoliciesOutput

type ListGroupPoliciesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of policy names.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyNames is a required field
	PolicyNames []string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListGroupPolicies request.

func (ListGroupPoliciesOutput) String

func (s ListGroupPoliciesOutput) String() string

String returns the string representation

type ListGroupPoliciesPaginator added in v0.9.0

type ListGroupPoliciesPaginator struct {
	aws.Pager
}

ListGroupPoliciesPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListGroupPoliciesPaginator added in v0.9.0

func NewListGroupPoliciesPaginator(req ListGroupPoliciesRequest) ListGroupPoliciesPaginator

NewListGroupPoliciesRequestPaginator returns a paginator for ListGroupPolicies. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListGroupPoliciesRequest(input)
p := iam.NewListGroupPoliciesRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListGroupPoliciesPaginator) CurrentPage added in v0.9.0

type ListGroupPoliciesRequest

type ListGroupPoliciesRequest struct {
	*aws.Request
	Input *ListGroupPoliciesInput
	Copy  func(*ListGroupPoliciesInput) ListGroupPoliciesRequest
}

ListGroupPoliciesRequest is the request type for the ListGroupPolicies API operation.

func (ListGroupPoliciesRequest) Send

Send marshals and sends the ListGroupPolicies API request.

type ListGroupPoliciesResponse added in v0.9.0

type ListGroupPoliciesResponse struct {
	*ListGroupPoliciesOutput
	// contains filtered or unexported fields
}

ListGroupPoliciesResponse is the response type for the ListGroupPolicies API operation.

func (*ListGroupPoliciesResponse) SDKResponseMetdata added in v0.9.0

func (r *ListGroupPoliciesResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListGroupPolicies request.

type ListGroupsForUserInput

type ListGroupsForUserInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the user to list groups for.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListGroupsForUserInput) String

func (s ListGroupsForUserInput) String() string

String returns the string representation

func (*ListGroupsForUserInput) Validate

func (s *ListGroupsForUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListGroupsForUserOutput

type ListGroupsForUserOutput struct {

	// A list of groups.
	//
	// Groups is a required field
	Groups []Group `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListGroupsForUser request.

func (ListGroupsForUserOutput) String

func (s ListGroupsForUserOutput) String() string

String returns the string representation

type ListGroupsForUserPaginator added in v0.9.0

type ListGroupsForUserPaginator struct {
	aws.Pager
}

ListGroupsForUserPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListGroupsForUserPaginator added in v0.9.0

func NewListGroupsForUserPaginator(req ListGroupsForUserRequest) ListGroupsForUserPaginator

NewListGroupsForUserRequestPaginator returns a paginator for ListGroupsForUser. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListGroupsForUserRequest(input)
p := iam.NewListGroupsForUserRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListGroupsForUserPaginator) CurrentPage added in v0.9.0

type ListGroupsForUserRequest

type ListGroupsForUserRequest struct {
	*aws.Request
	Input *ListGroupsForUserInput
	Copy  func(*ListGroupsForUserInput) ListGroupsForUserRequest
}

ListGroupsForUserRequest is the request type for the ListGroupsForUser API operation.

func (ListGroupsForUserRequest) Send

Send marshals and sends the ListGroupsForUser API request.

type ListGroupsForUserResponse added in v0.9.0

type ListGroupsForUserResponse struct {
	*ListGroupsForUserOutput
	// contains filtered or unexported fields
}

ListGroupsForUserResponse is the response type for the ListGroupsForUser API operation.

func (*ListGroupsForUserResponse) SDKResponseMetdata added in v0.9.0

func (r *ListGroupsForUserResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListGroupsForUser request.

type ListGroupsInput

type ListGroupsInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example, the prefix /division_abc/subdivision_xyz/
	// gets all groups whose path starts with /division_abc/subdivision_xyz/.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all groups. This parameter allows (through its regex pattern
	// (http://wikipedia.org/wiki/regex)) a string of characters consisting of either
	// a forward slash (/) by itself or a string that must begin and end with forward
	// slashes. In addition, it can contain any ASCII character from the ! (\u0021)
	// through the DEL character (\u007F), including most punctuation characters,
	// digits, and upper and lowercased letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListGroupsInput) String

func (s ListGroupsInput) String() string

String returns the string representation

func (*ListGroupsInput) Validate

func (s *ListGroupsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListGroupsOutput

type ListGroupsOutput struct {

	// A list of groups.
	//
	// Groups is a required field
	Groups []Group `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListGroups request.

func (ListGroupsOutput) String

func (s ListGroupsOutput) String() string

String returns the string representation

type ListGroupsPaginator added in v0.9.0

type ListGroupsPaginator struct {
	aws.Pager
}

ListGroupsPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListGroupsPaginator added in v0.9.0

func NewListGroupsPaginator(req ListGroupsRequest) ListGroupsPaginator

NewListGroupsRequestPaginator returns a paginator for ListGroups. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListGroupsRequest(input)
p := iam.NewListGroupsRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListGroupsPaginator) CurrentPage added in v0.9.0

func (p *ListGroupsPaginator) CurrentPage() *ListGroupsOutput

type ListGroupsRequest

type ListGroupsRequest struct {
	*aws.Request
	Input *ListGroupsInput
	Copy  func(*ListGroupsInput) ListGroupsRequest
}

ListGroupsRequest is the request type for the ListGroups API operation.

func (ListGroupsRequest) Send

Send marshals and sends the ListGroups API request.

type ListGroupsResponse added in v0.9.0

type ListGroupsResponse struct {
	*ListGroupsOutput
	// contains filtered or unexported fields
}

ListGroupsResponse is the response type for the ListGroups API operation.

func (*ListGroupsResponse) SDKResponseMetdata added in v0.9.0

func (r *ListGroupsResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListGroups request.

type ListInstanceProfilesForRoleInput

type ListInstanceProfilesForRoleInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the role to list instance profiles for.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListInstanceProfilesForRoleInput) String

String returns the string representation

func (*ListInstanceProfilesForRoleInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type ListInstanceProfilesForRoleOutput

type ListInstanceProfilesForRoleOutput struct {

	// A list of instance profiles.
	//
	// InstanceProfiles is a required field
	InstanceProfiles []InstanceProfile `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListInstanceProfilesForRole request.

func (ListInstanceProfilesForRoleOutput) String

String returns the string representation

type ListInstanceProfilesForRolePaginator added in v0.9.0

type ListInstanceProfilesForRolePaginator struct {
	aws.Pager
}

ListInstanceProfilesForRolePaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListInstanceProfilesForRolePaginator added in v0.9.0

func NewListInstanceProfilesForRolePaginator(req ListInstanceProfilesForRoleRequest) ListInstanceProfilesForRolePaginator

NewListInstanceProfilesForRoleRequestPaginator returns a paginator for ListInstanceProfilesForRole. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListInstanceProfilesForRoleRequest(input)
p := iam.NewListInstanceProfilesForRoleRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListInstanceProfilesForRolePaginator) CurrentPage added in v0.9.0

type ListInstanceProfilesForRoleRequest

type ListInstanceProfilesForRoleRequest struct {
	*aws.Request
	Input *ListInstanceProfilesForRoleInput
	Copy  func(*ListInstanceProfilesForRoleInput) ListInstanceProfilesForRoleRequest
}

ListInstanceProfilesForRoleRequest is the request type for the ListInstanceProfilesForRole API operation.

func (ListInstanceProfilesForRoleRequest) Send

Send marshals and sends the ListInstanceProfilesForRole API request.

type ListInstanceProfilesForRoleResponse added in v0.9.0

type ListInstanceProfilesForRoleResponse struct {
	*ListInstanceProfilesForRoleOutput
	// contains filtered or unexported fields
}

ListInstanceProfilesForRoleResponse is the response type for the ListInstanceProfilesForRole API operation.

func (*ListInstanceProfilesForRoleResponse) SDKResponseMetdata added in v0.9.0

func (r *ListInstanceProfilesForRoleResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListInstanceProfilesForRole request.

type ListInstanceProfilesInput

type ListInstanceProfilesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example, the prefix /application_abc/component_xyz/
	// gets all instance profiles whose path starts with /application_abc/component_xyz/.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all instance profiles. This parameter allows (through its regex
	// pattern (http://wikipedia.org/wiki/regex)) a string of characters consisting
	// of either a forward slash (/) by itself or a string that must begin and end
	// with forward slashes. In addition, it can contain any ASCII character from
	// the ! (\u0021) through the DEL character (\u007F), including most punctuation
	// characters, digits, and upper and lowercased letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListInstanceProfilesInput) String

func (s ListInstanceProfilesInput) String() string

String returns the string representation

func (*ListInstanceProfilesInput) Validate

func (s *ListInstanceProfilesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListInstanceProfilesOutput

type ListInstanceProfilesOutput struct {

	// A list of instance profiles.
	//
	// InstanceProfiles is a required field
	InstanceProfiles []InstanceProfile `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListInstanceProfiles request.

func (ListInstanceProfilesOutput) String

String returns the string representation

type ListInstanceProfilesPaginator added in v0.9.0

type ListInstanceProfilesPaginator struct {
	aws.Pager
}

ListInstanceProfilesPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListInstanceProfilesPaginator added in v0.9.0

func NewListInstanceProfilesPaginator(req ListInstanceProfilesRequest) ListInstanceProfilesPaginator

NewListInstanceProfilesRequestPaginator returns a paginator for ListInstanceProfiles. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListInstanceProfilesRequest(input)
p := iam.NewListInstanceProfilesRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListInstanceProfilesPaginator) CurrentPage added in v0.9.0

type ListInstanceProfilesRequest

type ListInstanceProfilesRequest struct {
	*aws.Request
	Input *ListInstanceProfilesInput
	Copy  func(*ListInstanceProfilesInput) ListInstanceProfilesRequest
}

ListInstanceProfilesRequest is the request type for the ListInstanceProfiles API operation.

func (ListInstanceProfilesRequest) Send

Send marshals and sends the ListInstanceProfiles API request.

type ListInstanceProfilesResponse added in v0.9.0

type ListInstanceProfilesResponse struct {
	*ListInstanceProfilesOutput
	// contains filtered or unexported fields
}

ListInstanceProfilesResponse is the response type for the ListInstanceProfiles API operation.

func (*ListInstanceProfilesResponse) SDKResponseMetdata added in v0.9.0

func (r *ListInstanceProfilesResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListInstanceProfiles request.

type ListMFADevicesInput

type ListMFADevicesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the user whose MFA devices you want to list.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListMFADevicesInput) String

func (s ListMFADevicesInput) String() string

String returns the string representation

func (*ListMFADevicesInput) Validate

func (s *ListMFADevicesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListMFADevicesOutput

type ListMFADevicesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// A list of MFA devices.
	//
	// MFADevices is a required field
	MFADevices []MFADevice `type:"list" required:"true"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListMFADevices request.

func (ListMFADevicesOutput) String

func (s ListMFADevicesOutput) String() string

String returns the string representation

type ListMFADevicesPaginator added in v0.9.0

type ListMFADevicesPaginator struct {
	aws.Pager
}

ListMFADevicesPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListMFADevicesPaginator added in v0.9.0

func NewListMFADevicesPaginator(req ListMFADevicesRequest) ListMFADevicesPaginator

NewListMFADevicesRequestPaginator returns a paginator for ListMFADevices. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListMFADevicesRequest(input)
p := iam.NewListMFADevicesRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListMFADevicesPaginator) CurrentPage added in v0.9.0

type ListMFADevicesRequest

type ListMFADevicesRequest struct {
	*aws.Request
	Input *ListMFADevicesInput
	Copy  func(*ListMFADevicesInput) ListMFADevicesRequest
}

ListMFADevicesRequest is the request type for the ListMFADevices API operation.

func (ListMFADevicesRequest) Send

Send marshals and sends the ListMFADevices API request.

type ListMFADevicesResponse added in v0.9.0

type ListMFADevicesResponse struct {
	*ListMFADevicesOutput
	// contains filtered or unexported fields
}

ListMFADevicesResponse is the response type for the ListMFADevices API operation.

func (*ListMFADevicesResponse) SDKResponseMetdata added in v0.9.0

func (r *ListMFADevicesResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListMFADevices request.

type ListOpenIDConnectProvidersInput

type ListOpenIDConnectProvidersInput struct {
	// contains filtered or unexported fields
}

func (ListOpenIDConnectProvidersInput) String

String returns the string representation

type ListOpenIDConnectProvidersOutput

type ListOpenIDConnectProvidersOutput struct {

	// The list of IAM OIDC provider resource objects defined in the AWS account.
	OpenIDConnectProviderList []OpenIDConnectProviderListEntry `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListOpenIDConnectProviders request.

func (ListOpenIDConnectProvidersOutput) String

String returns the string representation

type ListOpenIDConnectProvidersRequest

type ListOpenIDConnectProvidersRequest struct {
	*aws.Request
	Input *ListOpenIDConnectProvidersInput
	Copy  func(*ListOpenIDConnectProvidersInput) ListOpenIDConnectProvidersRequest
}

ListOpenIDConnectProvidersRequest is the request type for the ListOpenIDConnectProviders API operation.

func (ListOpenIDConnectProvidersRequest) Send

Send marshals and sends the ListOpenIDConnectProviders API request.

type ListOpenIDConnectProvidersResponse added in v0.9.0

type ListOpenIDConnectProvidersResponse struct {
	*ListOpenIDConnectProvidersOutput
	// contains filtered or unexported fields
}

ListOpenIDConnectProvidersResponse is the response type for the ListOpenIDConnectProviders API operation.

func (*ListOpenIDConnectProvidersResponse) SDKResponseMetdata added in v0.9.0

func (r *ListOpenIDConnectProvidersResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListOpenIDConnectProviders request.

type ListPoliciesGrantingServiceAccessEntry added in v0.7.0

type ListPoliciesGrantingServiceAccessEntry struct {

	// The PoliciesGrantingServiceAccess object that contains details about the
	// policy.
	Policies []PolicyGrantingServiceAccess `type:"list"`

	// The namespace of the service that was accessed.
	//
	// To learn the service namespace of a service, go to Actions, Resources, and
	// Condition Keys for AWS Services (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_actions-resources-contextkeys.html)
	// in the IAM User Guide. Choose the name of the service to view details for
	// that service. In the first paragraph, find the service prefix. For example,
	// (service prefix: a4b). For more information about service namespaces, see
	// AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
	// in the AWS General Reference.
	ServiceNamespace *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains details about the permissions policies that are attached to the specified identity (user, group, or role).

This data type is used as a response element in the ListPoliciesGrantingServiceAccess operation.

func (ListPoliciesGrantingServiceAccessEntry) String added in v0.7.0

String returns the string representation

type ListPoliciesGrantingServiceAccessInput added in v0.7.0

type ListPoliciesGrantingServiceAccessInput struct {

	// The ARN of the IAM identity (user, group, or role) whose policies you want
	// to list.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// The service namespace for the AWS services whose policies you want to list.
	//
	// To learn the service namespace for a service, go to Actions, Resources, and
	// Condition Keys for AWS Services (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_actions-resources-contextkeys.html)
	// in the IAM User Guide. Choose the name of the service to view details for
	// that service. In the first paragraph, find the service prefix. For example,
	// (service prefix: a4b). For more information about service namespaces, see
	// AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
	// in the AWS General Reference.
	//
	// ServiceNamespaces is a required field
	ServiceNamespaces []string `min:"1" type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListPoliciesGrantingServiceAccessInput) String added in v0.7.0

String returns the string representation

func (*ListPoliciesGrantingServiceAccessInput) Validate added in v0.7.0

Validate inspects the fields of the type to determine if they are valid.

type ListPoliciesGrantingServiceAccessOutput added in v0.7.0

type ListPoliciesGrantingServiceAccessOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. We recommend that you check IsTruncated
	// after every call to ensure that you receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A ListPoliciesGrantingServiceAccess object that contains details about the
	// permissions policies attached to the specified identity (user, group, or
	// role).
	//
	// PoliciesGrantingServiceAccess is a required field
	PoliciesGrantingServiceAccess []ListPoliciesGrantingServiceAccessEntry `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListPoliciesGrantingServiceAccessOutput) String added in v0.7.0

String returns the string representation

type ListPoliciesGrantingServiceAccessRequest added in v0.7.0

ListPoliciesGrantingServiceAccessRequest is the request type for the ListPoliciesGrantingServiceAccess API operation.

func (ListPoliciesGrantingServiceAccessRequest) Send added in v0.7.0

Send marshals and sends the ListPoliciesGrantingServiceAccess API request.

type ListPoliciesGrantingServiceAccessResponse added in v0.9.0

type ListPoliciesGrantingServiceAccessResponse struct {
	*ListPoliciesGrantingServiceAccessOutput
	// contains filtered or unexported fields
}

ListPoliciesGrantingServiceAccessResponse is the response type for the ListPoliciesGrantingServiceAccess API operation.

func (*ListPoliciesGrantingServiceAccessResponse) SDKResponseMetdata added in v0.9.0

func (r *ListPoliciesGrantingServiceAccessResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListPoliciesGrantingServiceAccess request.

type ListPoliciesInput

type ListPoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// A flag to filter the results to only the attached policies.
	//
	// When OnlyAttached is true, the returned list contains only the policies that
	// are attached to an IAM user, group, or role. When OnlyAttached is false,
	// or when the parameter is not included, all policies are returned.
	OnlyAttached *bool `type:"boolean"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all policies. This
	// parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `min:"1" type:"string"`

	// The policy usage method to use for filtering the results.
	//
	// To list only permissions policies, set PolicyUsageFilter to PermissionsPolicy.
	// To list only the policies used to set permissions boundaries, set the value
	// to PermissionsBoundary.
	//
	// This parameter is optional. If it is not included, all policies are returned.
	PolicyUsageFilter PolicyUsageType `type:"string" enum:"true"`

	// The scope to use for filtering the results.
	//
	// To list only AWS managed policies, set Scope to AWS. To list only the customer
	// managed policies in your AWS account, set Scope to Local.
	//
	// This parameter is optional. If it is not included, or if it is set to All,
	// all policies are returned.
	Scope PolicyScopeType `type:"string" enum:"true"`
	// contains filtered or unexported fields
}

func (ListPoliciesInput) String

func (s ListPoliciesInput) String() string

String returns the string representation

func (*ListPoliciesInput) Validate

func (s *ListPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListPoliciesOutput

type ListPoliciesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of policies.
	Policies []Policy `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListPolicies request.

func (ListPoliciesOutput) String

func (s ListPoliciesOutput) String() string

String returns the string representation

type ListPoliciesPaginator added in v0.9.0

type ListPoliciesPaginator struct {
	aws.Pager
}

ListPoliciesPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListPoliciesPaginator added in v0.9.0

func NewListPoliciesPaginator(req ListPoliciesRequest) ListPoliciesPaginator

NewListPoliciesRequestPaginator returns a paginator for ListPolicies. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListPoliciesRequest(input)
p := iam.NewListPoliciesRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListPoliciesPaginator) CurrentPage added in v0.9.0

func (p *ListPoliciesPaginator) CurrentPage() *ListPoliciesOutput

type ListPoliciesRequest

type ListPoliciesRequest struct {
	*aws.Request
	Input *ListPoliciesInput
	Copy  func(*ListPoliciesInput) ListPoliciesRequest
}

ListPoliciesRequest is the request type for the ListPolicies API operation.

func (ListPoliciesRequest) Send

Send marshals and sends the ListPolicies API request.

type ListPoliciesResponse added in v0.9.0

type ListPoliciesResponse struct {
	*ListPoliciesOutput
	// contains filtered or unexported fields
}

ListPoliciesResponse is the response type for the ListPolicies API operation.

func (*ListPoliciesResponse) SDKResponseMetdata added in v0.9.0

func (r *ListPoliciesResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListPolicies request.

type ListPolicyVersionsInput

type ListPolicyVersionsInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The Amazon Resource Name (ARN) of the IAM policy for which you want the versions.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListPolicyVersionsInput) String

func (s ListPolicyVersionsInput) String() string

String returns the string representation

func (*ListPolicyVersionsInput) Validate

func (s *ListPolicyVersionsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListPolicyVersionsOutput

type ListPolicyVersionsOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of policy versions.
	//
	// For more information about managed policy versions, see Versioning for Managed
	// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the IAM User Guide.
	Versions []PolicyVersion `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListPolicyVersions request.

func (ListPolicyVersionsOutput) String

func (s ListPolicyVersionsOutput) String() string

String returns the string representation

type ListPolicyVersionsPaginator added in v0.9.0

type ListPolicyVersionsPaginator struct {
	aws.Pager
}

ListPolicyVersionsPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListPolicyVersionsPaginator added in v0.9.0

func NewListPolicyVersionsPaginator(req ListPolicyVersionsRequest) ListPolicyVersionsPaginator

NewListPolicyVersionsRequestPaginator returns a paginator for ListPolicyVersions. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListPolicyVersionsRequest(input)
p := iam.NewListPolicyVersionsRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListPolicyVersionsPaginator) CurrentPage added in v0.9.0

type ListPolicyVersionsRequest

type ListPolicyVersionsRequest struct {
	*aws.Request
	Input *ListPolicyVersionsInput
	Copy  func(*ListPolicyVersionsInput) ListPolicyVersionsRequest
}

ListPolicyVersionsRequest is the request type for the ListPolicyVersions API operation.

func (ListPolicyVersionsRequest) Send

Send marshals and sends the ListPolicyVersions API request.

type ListPolicyVersionsResponse added in v0.9.0

type ListPolicyVersionsResponse struct {
	*ListPolicyVersionsOutput
	// contains filtered or unexported fields
}

ListPolicyVersionsResponse is the response type for the ListPolicyVersions API operation.

func (*ListPolicyVersionsResponse) SDKResponseMetdata added in v0.9.0

func (r *ListPolicyVersionsResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListPolicyVersions request.

type ListRolePoliciesInput

type ListRolePoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the role to list policies for.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListRolePoliciesInput) String

func (s ListRolePoliciesInput) String() string

String returns the string representation

func (*ListRolePoliciesInput) Validate

func (s *ListRolePoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListRolePoliciesOutput

type ListRolePoliciesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of policy names.
	//
	// PolicyNames is a required field
	PolicyNames []string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListRolePolicies request.

func (ListRolePoliciesOutput) String

func (s ListRolePoliciesOutput) String() string

String returns the string representation

type ListRolePoliciesPaginator added in v0.9.0

type ListRolePoliciesPaginator struct {
	aws.Pager
}

ListRolePoliciesPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListRolePoliciesPaginator added in v0.9.0

func NewListRolePoliciesPaginator(req ListRolePoliciesRequest) ListRolePoliciesPaginator

NewListRolePoliciesRequestPaginator returns a paginator for ListRolePolicies. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListRolePoliciesRequest(input)
p := iam.NewListRolePoliciesRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListRolePoliciesPaginator) CurrentPage added in v0.9.0

type ListRolePoliciesRequest

type ListRolePoliciesRequest struct {
	*aws.Request
	Input *ListRolePoliciesInput
	Copy  func(*ListRolePoliciesInput) ListRolePoliciesRequest
}

ListRolePoliciesRequest is the request type for the ListRolePolicies API operation.

func (ListRolePoliciesRequest) Send

Send marshals and sends the ListRolePolicies API request.

type ListRolePoliciesResponse added in v0.9.0

type ListRolePoliciesResponse struct {
	*ListRolePoliciesOutput
	// contains filtered or unexported fields
}

ListRolePoliciesResponse is the response type for the ListRolePolicies API operation.

func (*ListRolePoliciesResponse) SDKResponseMetdata added in v0.9.0

func (r *ListRolePoliciesResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListRolePolicies request.

type ListRoleTagsInput added in v0.6.0

type ListRoleTagsInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items that you want in the response. If additional items exist
	// beyond the maximum that you specify, the IsTruncated response element is
	// true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when more results are available. In that case,
	// the IsTruncated response element returns true, and Marker contains a value
	// to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the IAM role for which you want to see the list of tags.
	//
	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that consist of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListRoleTagsInput) String added in v0.6.0

func (s ListRoleTagsInput) String() string

String returns the string representation

func (*ListRoleTagsInput) Validate added in v0.6.0

func (s *ListRoleTagsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListRoleTagsOutput added in v0.6.0

type ListRoleTagsOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can use the Marker request parameter to make a subsequent
	// pagination request that retrieves more items. Note that IAM might return
	// fewer than the MaxItems number of results even when more results are available.
	// Check IsTruncated after every call to ensure that you receive all of your
	// results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// The list of tags currently that is attached to the role. Each tag consists
	// of a key name and an associated value. If no tags are attached to the specified
	// role, the response contains an empty list.
	//
	// Tags is a required field
	Tags []Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListRoleTagsOutput) String added in v0.6.0

func (s ListRoleTagsOutput) String() string

String returns the string representation

type ListRoleTagsRequest added in v0.6.0

type ListRoleTagsRequest struct {
	*aws.Request
	Input *ListRoleTagsInput
	Copy  func(*ListRoleTagsInput) ListRoleTagsRequest
}

ListRoleTagsRequest is the request type for the ListRoleTags API operation.

func (ListRoleTagsRequest) Send added in v0.6.0

Send marshals and sends the ListRoleTags API request.

type ListRoleTagsResponse added in v0.9.0

type ListRoleTagsResponse struct {
	*ListRoleTagsOutput
	// contains filtered or unexported fields
}

ListRoleTagsResponse is the response type for the ListRoleTags API operation.

func (*ListRoleTagsResponse) SDKResponseMetdata added in v0.9.0

func (r *ListRoleTagsResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListRoleTags request.

type ListRolesInput

type ListRolesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example, the prefix /application_abc/component_xyz/
	// gets all roles whose path starts with /application_abc/component_xyz/.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all roles. This parameter allows (through its regex pattern
	// (http://wikipedia.org/wiki/regex)) a string of characters consisting of either
	// a forward slash (/) by itself or a string that must begin and end with forward
	// slashes. In addition, it can contain any ASCII character from the ! (\u0021)
	// through the DEL character (\u007F), including most punctuation characters,
	// digits, and upper and lowercased letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListRolesInput) String

func (s ListRolesInput) String() string

String returns the string representation

func (*ListRolesInput) Validate

func (s *ListRolesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListRolesOutput

type ListRolesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of roles.
	//
	// Roles is a required field
	Roles []Role `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListRoles request.

func (ListRolesOutput) String

func (s ListRolesOutput) String() string

String returns the string representation

type ListRolesPaginator added in v0.9.0

type ListRolesPaginator struct {
	aws.Pager
}

ListRolesPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListRolesPaginator added in v0.9.0

func NewListRolesPaginator(req ListRolesRequest) ListRolesPaginator

NewListRolesRequestPaginator returns a paginator for ListRoles. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListRolesRequest(input)
p := iam.NewListRolesRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListRolesPaginator) CurrentPage added in v0.9.0

func (p *ListRolesPaginator) CurrentPage() *ListRolesOutput

type ListRolesRequest

type ListRolesRequest struct {
	*aws.Request
	Input *ListRolesInput
	Copy  func(*ListRolesInput) ListRolesRequest
}

ListRolesRequest is the request type for the ListRoles API operation.

func (ListRolesRequest) Send

Send marshals and sends the ListRoles API request.

type ListRolesResponse added in v0.9.0

type ListRolesResponse struct {
	*ListRolesOutput
	// contains filtered or unexported fields
}

ListRolesResponse is the response type for the ListRoles API operation.

func (*ListRolesResponse) SDKResponseMetdata added in v0.9.0

func (r *ListRolesResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListRoles request.

type ListSAMLProvidersInput

type ListSAMLProvidersInput struct {
	// contains filtered or unexported fields
}

func (ListSAMLProvidersInput) String

func (s ListSAMLProvidersInput) String() string

String returns the string representation

type ListSAMLProvidersOutput

type ListSAMLProvidersOutput struct {

	// The list of SAML provider resource objects defined in IAM for this AWS account.
	SAMLProviderList []SAMLProviderListEntry `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListSAMLProviders request.

func (ListSAMLProvidersOutput) String

func (s ListSAMLProvidersOutput) String() string

String returns the string representation

type ListSAMLProvidersRequest

type ListSAMLProvidersRequest struct {
	*aws.Request
	Input *ListSAMLProvidersInput
	Copy  func(*ListSAMLProvidersInput) ListSAMLProvidersRequest
}

ListSAMLProvidersRequest is the request type for the ListSAMLProviders API operation.

func (ListSAMLProvidersRequest) Send

Send marshals and sends the ListSAMLProviders API request.

type ListSAMLProvidersResponse added in v0.9.0

type ListSAMLProvidersResponse struct {
	*ListSAMLProvidersOutput
	// contains filtered or unexported fields
}

ListSAMLProvidersResponse is the response type for the ListSAMLProviders API operation.

func (*ListSAMLProvidersResponse) SDKResponseMetdata added in v0.9.0

func (r *ListSAMLProvidersResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListSAMLProviders request.

type ListSSHPublicKeysInput

type ListSSHPublicKeysInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the IAM user to list SSH public keys for. If none is specified,
	// the UserName field is determined implicitly based on the AWS access key used
	// to sign the request.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListSSHPublicKeysInput) String

func (s ListSSHPublicKeysInput) String() string

String returns the string representation

func (*ListSSHPublicKeysInput) Validate

func (s *ListSSHPublicKeysInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListSSHPublicKeysOutput

type ListSSHPublicKeysOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of the SSH public keys assigned to IAM user.
	SSHPublicKeys []SSHPublicKeyMetadata `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListSSHPublicKeys request.

func (ListSSHPublicKeysOutput) String

func (s ListSSHPublicKeysOutput) String() string

String returns the string representation

type ListSSHPublicKeysPaginator added in v0.9.0

type ListSSHPublicKeysPaginator struct {
	aws.Pager
}

ListSSHPublicKeysPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListSSHPublicKeysPaginator added in v0.9.0

func NewListSSHPublicKeysPaginator(req ListSSHPublicKeysRequest) ListSSHPublicKeysPaginator

NewListSSHPublicKeysRequestPaginator returns a paginator for ListSSHPublicKeys. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListSSHPublicKeysRequest(input)
p := iam.NewListSSHPublicKeysRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListSSHPublicKeysPaginator) CurrentPage added in v0.9.0

type ListSSHPublicKeysRequest

type ListSSHPublicKeysRequest struct {
	*aws.Request
	Input *ListSSHPublicKeysInput
	Copy  func(*ListSSHPublicKeysInput) ListSSHPublicKeysRequest
}

ListSSHPublicKeysRequest is the request type for the ListSSHPublicKeys API operation.

func (ListSSHPublicKeysRequest) Send

Send marshals and sends the ListSSHPublicKeys API request.

type ListSSHPublicKeysResponse added in v0.9.0

type ListSSHPublicKeysResponse struct {
	*ListSSHPublicKeysOutput
	// contains filtered or unexported fields
}

ListSSHPublicKeysResponse is the response type for the ListSSHPublicKeys API operation.

func (*ListSSHPublicKeysResponse) SDKResponseMetdata added in v0.9.0

func (r *ListSSHPublicKeysResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListSSHPublicKeys request.

type ListServerCertificatesInput

type ListServerCertificatesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example: /company/servercerts
	// would get all server certificates for which the path starts with /company/servercerts.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all server certificates. This parameter allows (through its
	// regex pattern (http://wikipedia.org/wiki/regex)) a string of characters consisting
	// of either a forward slash (/) by itself or a string that must begin and end
	// with forward slashes. In addition, it can contain any ASCII character from
	// the ! (\u0021) through the DEL character (\u007F), including most punctuation
	// characters, digits, and upper and lowercased letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListServerCertificatesInput) String

String returns the string representation

func (*ListServerCertificatesInput) Validate

func (s *ListServerCertificatesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListServerCertificatesOutput

type ListServerCertificatesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of server certificates.
	//
	// ServerCertificateMetadataList is a required field
	ServerCertificateMetadataList []ServerCertificateMetadata `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListServerCertificates request.

func (ListServerCertificatesOutput) String

String returns the string representation

type ListServerCertificatesPaginator added in v0.9.0

type ListServerCertificatesPaginator struct {
	aws.Pager
}

ListServerCertificatesPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListServerCertificatesPaginator added in v0.9.0

func NewListServerCertificatesPaginator(req ListServerCertificatesRequest) ListServerCertificatesPaginator

NewListServerCertificatesRequestPaginator returns a paginator for ListServerCertificates. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListServerCertificatesRequest(input)
p := iam.NewListServerCertificatesRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListServerCertificatesPaginator) CurrentPage added in v0.9.0

type ListServerCertificatesRequest

type ListServerCertificatesRequest struct {
	*aws.Request
	Input *ListServerCertificatesInput
	Copy  func(*ListServerCertificatesInput) ListServerCertificatesRequest
}

ListServerCertificatesRequest is the request type for the ListServerCertificates API operation.

func (ListServerCertificatesRequest) Send

Send marshals and sends the ListServerCertificates API request.

type ListServerCertificatesResponse added in v0.9.0

type ListServerCertificatesResponse struct {
	*ListServerCertificatesOutput
	// contains filtered or unexported fields
}

ListServerCertificatesResponse is the response type for the ListServerCertificates API operation.

func (*ListServerCertificatesResponse) SDKResponseMetdata added in v0.9.0

func (r *ListServerCertificatesResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListServerCertificates request.

type ListServiceSpecificCredentialsInput

type ListServiceSpecificCredentialsInput struct {

	// Filters the returned results to only those for the specified AWS service.
	// If not specified, then AWS returns service-specific credentials for all services.
	ServiceName *string `type:"string"`

	// The name of the user whose service-specific credentials you want information
	// about. If this value is not specified, then the operation assumes the user
	// whose credentials are used to call the operation.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListServiceSpecificCredentialsInput) String

String returns the string representation

func (*ListServiceSpecificCredentialsInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type ListServiceSpecificCredentialsOutput

type ListServiceSpecificCredentialsOutput struct {

	// A list of structures that each contain details about a service-specific credential.
	ServiceSpecificCredentials []ServiceSpecificCredentialMetadata `type:"list"`
	// contains filtered or unexported fields
}

func (ListServiceSpecificCredentialsOutput) String

String returns the string representation

type ListServiceSpecificCredentialsRequest

type ListServiceSpecificCredentialsRequest struct {
	*aws.Request
	Input *ListServiceSpecificCredentialsInput
	Copy  func(*ListServiceSpecificCredentialsInput) ListServiceSpecificCredentialsRequest
}

ListServiceSpecificCredentialsRequest is the request type for the ListServiceSpecificCredentials API operation.

func (ListServiceSpecificCredentialsRequest) Send

Send marshals and sends the ListServiceSpecificCredentials API request.

type ListServiceSpecificCredentialsResponse added in v0.9.0

type ListServiceSpecificCredentialsResponse struct {
	*ListServiceSpecificCredentialsOutput
	// contains filtered or unexported fields
}

ListServiceSpecificCredentialsResponse is the response type for the ListServiceSpecificCredentials API operation.

func (*ListServiceSpecificCredentialsResponse) SDKResponseMetdata added in v0.9.0

func (r *ListServiceSpecificCredentialsResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListServiceSpecificCredentials request.

type ListSigningCertificatesInput

type ListSigningCertificatesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the IAM user whose signing certificates you want to examine.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListSigningCertificatesInput) String

String returns the string representation

func (*ListSigningCertificatesInput) Validate

func (s *ListSigningCertificatesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListSigningCertificatesOutput

type ListSigningCertificatesOutput struct {

	// A list of the user's signing certificate information.
	//
	// Certificates is a required field
	Certificates []SigningCertificate `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListSigningCertificates request.

func (ListSigningCertificatesOutput) String

String returns the string representation

type ListSigningCertificatesPaginator added in v0.9.0

type ListSigningCertificatesPaginator struct {
	aws.Pager
}

ListSigningCertificatesPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListSigningCertificatesPaginator added in v0.9.0

func NewListSigningCertificatesPaginator(req ListSigningCertificatesRequest) ListSigningCertificatesPaginator

NewListSigningCertificatesRequestPaginator returns a paginator for ListSigningCertificates. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListSigningCertificatesRequest(input)
p := iam.NewListSigningCertificatesRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListSigningCertificatesPaginator) CurrentPage added in v0.9.0

type ListSigningCertificatesRequest

type ListSigningCertificatesRequest struct {
	*aws.Request
	Input *ListSigningCertificatesInput
	Copy  func(*ListSigningCertificatesInput) ListSigningCertificatesRequest
}

ListSigningCertificatesRequest is the request type for the ListSigningCertificates API operation.

func (ListSigningCertificatesRequest) Send

Send marshals and sends the ListSigningCertificates API request.

type ListSigningCertificatesResponse added in v0.9.0

type ListSigningCertificatesResponse struct {
	*ListSigningCertificatesOutput
	// contains filtered or unexported fields
}

ListSigningCertificatesResponse is the response type for the ListSigningCertificates API operation.

func (*ListSigningCertificatesResponse) SDKResponseMetdata added in v0.9.0

func (r *ListSigningCertificatesResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListSigningCertificates request.

type ListUserPoliciesInput

type ListUserPoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the user to list policies for.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListUserPoliciesInput) String

func (s ListUserPoliciesInput) String() string

String returns the string representation

func (*ListUserPoliciesInput) Validate

func (s *ListUserPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListUserPoliciesOutput

type ListUserPoliciesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of policy names.
	//
	// PolicyNames is a required field
	PolicyNames []string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListUserPolicies request.

func (ListUserPoliciesOutput) String

func (s ListUserPoliciesOutput) String() string

String returns the string representation

type ListUserPoliciesPaginator added in v0.9.0

type ListUserPoliciesPaginator struct {
	aws.Pager
}

ListUserPoliciesPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListUserPoliciesPaginator added in v0.9.0

func NewListUserPoliciesPaginator(req ListUserPoliciesRequest) ListUserPoliciesPaginator

NewListUserPoliciesRequestPaginator returns a paginator for ListUserPolicies. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListUserPoliciesRequest(input)
p := iam.NewListUserPoliciesRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListUserPoliciesPaginator) CurrentPage added in v0.9.0

type ListUserPoliciesRequest

type ListUserPoliciesRequest struct {
	*aws.Request
	Input *ListUserPoliciesInput
	Copy  func(*ListUserPoliciesInput) ListUserPoliciesRequest
}

ListUserPoliciesRequest is the request type for the ListUserPolicies API operation.

func (ListUserPoliciesRequest) Send

Send marshals and sends the ListUserPolicies API request.

type ListUserPoliciesResponse added in v0.9.0

type ListUserPoliciesResponse struct {
	*ListUserPoliciesOutput
	// contains filtered or unexported fields
}

ListUserPoliciesResponse is the response type for the ListUserPolicies API operation.

func (*ListUserPoliciesResponse) SDKResponseMetdata added in v0.9.0

func (r *ListUserPoliciesResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListUserPolicies request.

type ListUserTagsInput added in v0.6.0

type ListUserTagsInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items that you want in the response. If additional items exist
	// beyond the maximum that you specify, the IsTruncated response element is
	// true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when more results are available. In that case,
	// the IsTruncated response element returns true, and Marker contains a value
	// to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the IAM user whose tags you want to see.
	//
	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that consist of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: =,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListUserTagsInput) String added in v0.6.0

func (s ListUserTagsInput) String() string

String returns the string representation

func (*ListUserTagsInput) Validate added in v0.6.0

func (s *ListUserTagsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListUserTagsOutput added in v0.6.0

type ListUserTagsOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can use the Marker request parameter to make a subsequent
	// pagination request that retrieves more items. Note that IAM might return
	// fewer than the MaxItems number of results even when more results are available.
	// Check IsTruncated after every call to ensure that you receive all of your
	// results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// The list of tags that are currently attached to the user. Each tag consists
	// of a key name and an associated value. If no tags are attached to the specified
	// user, the response contains an empty list.
	//
	// Tags is a required field
	Tags []Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListUserTagsOutput) String added in v0.6.0

func (s ListUserTagsOutput) String() string

String returns the string representation

type ListUserTagsRequest added in v0.6.0

type ListUserTagsRequest struct {
	*aws.Request
	Input *ListUserTagsInput
	Copy  func(*ListUserTagsInput) ListUserTagsRequest
}

ListUserTagsRequest is the request type for the ListUserTags API operation.

func (ListUserTagsRequest) Send added in v0.6.0

Send marshals and sends the ListUserTags API request.

type ListUserTagsResponse added in v0.9.0

type ListUserTagsResponse struct {
	*ListUserTagsOutput
	// contains filtered or unexported fields
}

ListUserTagsResponse is the response type for the ListUserTags API operation.

func (*ListUserTagsResponse) SDKResponseMetdata added in v0.9.0

func (r *ListUserTagsResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListUserTags request.

type ListUsersInput

type ListUsersInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example: /division_abc/subdivision_xyz/,
	// which would get all user names whose path starts with /division_abc/subdivision_xyz/.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all user names. This parameter allows (through its regex pattern
	// (http://wikipedia.org/wiki/regex)) a string of characters consisting of either
	// a forward slash (/) by itself or a string that must begin and end with forward
	// slashes. In addition, it can contain any ASCII character from the ! (\u0021)
	// through the DEL character (\u007F), including most punctuation characters,
	// digits, and upper and lowercased letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListUsersInput) String

func (s ListUsersInput) String() string

String returns the string representation

func (*ListUsersInput) Validate

func (s *ListUsersInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListUsersOutput

type ListUsersOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of users.
	//
	// Users is a required field
	Users []User `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListUsers request.

func (ListUsersOutput) String

func (s ListUsersOutput) String() string

String returns the string representation

type ListUsersPaginator added in v0.9.0

type ListUsersPaginator struct {
	aws.Pager
}

ListUsersPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListUsersPaginator added in v0.9.0

func NewListUsersPaginator(req ListUsersRequest) ListUsersPaginator

NewListUsersRequestPaginator returns a paginator for ListUsers. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListUsersRequest(input)
p := iam.NewListUsersRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListUsersPaginator) CurrentPage added in v0.9.0

func (p *ListUsersPaginator) CurrentPage() *ListUsersOutput

type ListUsersRequest

type ListUsersRequest struct {
	*aws.Request
	Input *ListUsersInput
	Copy  func(*ListUsersInput) ListUsersRequest
}

ListUsersRequest is the request type for the ListUsers API operation.

func (ListUsersRequest) Send

Send marshals and sends the ListUsers API request.

type ListUsersResponse added in v0.9.0

type ListUsersResponse struct {
	*ListUsersOutput
	// contains filtered or unexported fields
}

ListUsersResponse is the response type for the ListUsers API operation.

func (*ListUsersResponse) SDKResponseMetdata added in v0.9.0

func (r *ListUsersResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListUsers request.

type ListVirtualMFADevicesInput

type ListVirtualMFADevicesInput struct {

	// The status (Unassigned or Assigned) of the devices to list. If you do not
	// specify an AssignmentStatus, the operation defaults to Any, which lists both
	// assigned and unassigned virtual MFA devices.,
	AssignmentStatus AssignmentStatusType `type:"string" enum:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (ListVirtualMFADevicesInput) String

String returns the string representation

func (*ListVirtualMFADevicesInput) Validate

func (s *ListVirtualMFADevicesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListVirtualMFADevicesOutput

type ListVirtualMFADevicesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// The list of virtual MFA devices in the current account that match the AssignmentStatus
	// value that was passed in the request.
	//
	// VirtualMFADevices is a required field
	VirtualMFADevices []VirtualMFADevice `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListVirtualMFADevices request.

func (ListVirtualMFADevicesOutput) String

String returns the string representation

type ListVirtualMFADevicesPaginator added in v0.9.0

type ListVirtualMFADevicesPaginator struct {
	aws.Pager
}

ListVirtualMFADevicesPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewListVirtualMFADevicesPaginator added in v0.9.0

func NewListVirtualMFADevicesPaginator(req ListVirtualMFADevicesRequest) ListVirtualMFADevicesPaginator

NewListVirtualMFADevicesRequestPaginator returns a paginator for ListVirtualMFADevices. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.ListVirtualMFADevicesRequest(input)
p := iam.NewListVirtualMFADevicesRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*ListVirtualMFADevicesPaginator) CurrentPage added in v0.9.0

type ListVirtualMFADevicesRequest

type ListVirtualMFADevicesRequest struct {
	*aws.Request
	Input *ListVirtualMFADevicesInput
	Copy  func(*ListVirtualMFADevicesInput) ListVirtualMFADevicesRequest
}

ListVirtualMFADevicesRequest is the request type for the ListVirtualMFADevices API operation.

func (ListVirtualMFADevicesRequest) Send

Send marshals and sends the ListVirtualMFADevices API request.

type ListVirtualMFADevicesResponse added in v0.9.0

type ListVirtualMFADevicesResponse struct {
	*ListVirtualMFADevicesOutput
	// contains filtered or unexported fields
}

ListVirtualMFADevicesResponse is the response type for the ListVirtualMFADevices API operation.

func (*ListVirtualMFADevicesResponse) SDKResponseMetdata added in v0.9.0

func (r *ListVirtualMFADevicesResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ListVirtualMFADevices request.

type LoginProfile

type LoginProfile struct {

	// The date when the password for the user was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" required:"true"`

	// Specifies whether the user is required to set a new password on next sign-in.
	PasswordResetRequired *bool `type:"boolean"`

	// The name of the user, which can be used for signing in to the AWS Management
	// Console.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the user name and password create date for a user.

This data type is used as a response element in the CreateLoginProfile and GetLoginProfile operations.

func (LoginProfile) String

func (s LoginProfile) String() string

String returns the string representation

type MFADevice

type MFADevice struct {

	// The date when the MFA device was enabled for the user.
	//
	// EnableDate is a required field
	EnableDate *time.Time `type:"timestamp" required:"true"`

	// The serial number that uniquely identifies the MFA device. For virtual MFA
	// devices, the serial number is the device ARN.
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The user with whom the MFA device is associated.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an MFA device.

This data type is used as a response element in the ListMFADevices operation.

func (MFADevice) String

func (s MFADevice) String() string

String returns the string representation

type ManagedPolicyDetail

type ManagedPolicyDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	Arn *string `min:"20" type:"string"`

	// The number of principal entities (users, groups, and roles) that the policy
	// is attached to.
	AttachmentCount *int64 `type:"integer"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy was created.
	CreateDate *time.Time `type:"timestamp"`

	// The identifier for the version of the policy that is set as the default (operative)
	// version.
	//
	// For more information about policy versions, see Versioning for Managed Policies
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the Using IAM guide.
	DefaultVersionId *string `type:"string"`

	// A friendly description of the policy.
	Description *string `type:"string"`

	// Specifies whether the policy can be attached to an IAM user, group, or role.
	IsAttachable *bool `type:"boolean"`

	// The path to the policy.
	//
	// For more information about paths, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	Path *string `min:"1" type:"string"`

	// The number of entities (users and roles) for which the policy is used as
	// the permissions boundary.
	//
	// For more information about permissions boundaries, see Permissions Boundaries
	// for IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundaryUsageCount *int64 `type:"integer"`

	// The stable and unique string identifying the policy.
	//
	// For more information about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	PolicyId *string `min:"16" type:"string"`

	// The friendly name (not ARN) identifying the policy.
	PolicyName *string `min:"1" type:"string"`

	// A list containing information about the versions of the policy.
	PolicyVersionList []PolicyVersion `type:"list"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy was last updated.
	//
	// When a policy has only one version, this field contains the date and time
	// when the policy was created. When a policy has more than one version, this
	// field contains the date and time when the most recent policy version was
	// created.
	UpdateDate *time.Time `type:"timestamp"`
	// contains filtered or unexported fields
}

Contains information about a managed policy, including the policy's ARN, versions, and the number of principal entities (users, groups, and roles) that the policy is attached to.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

For more information about managed policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (ManagedPolicyDetail) String

func (s ManagedPolicyDetail) String() string

String returns the string representation

type OpenIDConnectProviderListEntry

type OpenIDConnectProviderListEntry struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	Arn *string `min:"20" type:"string"`
	// contains filtered or unexported fields
}

Contains the Amazon Resource Name (ARN) for an IAM OpenID Connect provider.

func (OpenIDConnectProviderListEntry) String

String returns the string representation

type OrganizationsDecisionDetail

type OrganizationsDecisionDetail struct {

	// Specifies whether the simulated operation is allowed by the Organizations
	// service control policies that impact the simulated user's account.
	AllowedByOrganizations *bool `type:"boolean"`
	// contains filtered or unexported fields
}

Contains information about the effect that Organizations has on a policy simulation.

func (OrganizationsDecisionDetail) String

String returns the string representation

type PasswordPolicy

type PasswordPolicy struct {

	// Specifies whether IAM users are allowed to change their own password.
	AllowUsersToChangePassword *bool `type:"boolean"`

	// Indicates whether passwords in the account expire. Returns true if MaxPasswordAge
	// contains a value greater than 0. Returns false if MaxPasswordAge is 0 or
	// not present.
	ExpirePasswords *bool `type:"boolean"`

	// Specifies whether IAM users are prevented from setting a new password after
	// their password has expired.
	HardExpiry *bool `type:"boolean"`

	// The number of days that an IAM user password is valid.
	MaxPasswordAge *int64 `min:"1" type:"integer"`

	// Minimum length to require for IAM user passwords.
	MinimumPasswordLength *int64 `min:"6" type:"integer"`

	// Specifies the number of previous passwords that IAM users are prevented from
	// reusing.
	PasswordReusePrevention *int64 `min:"1" type:"integer"`

	// Specifies whether to require lowercase characters for IAM user passwords.
	RequireLowercaseCharacters *bool `type:"boolean"`

	// Specifies whether to require numbers for IAM user passwords.
	RequireNumbers *bool `type:"boolean"`

	// Specifies whether to require symbols for IAM user passwords.
	RequireSymbols *bool `type:"boolean"`

	// Specifies whether to require uppercase characters for IAM user passwords.
	RequireUppercaseCharacters *bool `type:"boolean"`
	// contains filtered or unexported fields
}

Contains information about the account password policy.

This data type is used as a response element in the GetAccountPasswordPolicy operation.

func (PasswordPolicy) String

func (s PasswordPolicy) String() string

String returns the string representation

type PermissionsBoundaryAttachmentType added in v0.5.0

type PermissionsBoundaryAttachmentType string
const (
	PermissionsBoundaryAttachmentTypePermissionsBoundaryPolicy PermissionsBoundaryAttachmentType = "PermissionsBoundaryPolicy"
)

Enum values for PermissionsBoundaryAttachmentType

func (PermissionsBoundaryAttachmentType) MarshalValue added in v0.5.0

func (enum PermissionsBoundaryAttachmentType) MarshalValue() (string, error)

func (PermissionsBoundaryAttachmentType) MarshalValueBuf added in v0.5.0

func (enum PermissionsBoundaryAttachmentType) MarshalValueBuf(b []byte) ([]byte, error)

type Policy

type Policy struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	Arn *string `min:"20" type:"string"`

	// The number of entities (users, groups, and roles) that the policy is attached
	// to.
	AttachmentCount *int64 `type:"integer"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy was created.
	CreateDate *time.Time `type:"timestamp"`

	// The identifier for the version of the policy that is set as the default version.
	DefaultVersionId *string `type:"string"`

	// A friendly description of the policy.
	//
	// This element is included in the response to the GetPolicy operation. It is
	// not included in the response to the ListPolicies operation.
	Description *string `type:"string"`

	// Specifies whether the policy can be attached to an IAM user, group, or role.
	IsAttachable *bool `type:"boolean"`

	// The path to the policy.
	//
	// For more information about paths, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	Path *string `min:"1" type:"string"`

	// The number of entities (users and roles) for which the policy is used to
	// set the permissions boundary.
	//
	// For more information about permissions boundaries, see Permissions Boundaries
	// for IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundaryUsageCount *int64 `type:"integer"`

	// The stable and unique string identifying the policy.
	//
	// For more information about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	PolicyId *string `min:"16" type:"string"`

	// The friendly name (not ARN) identifying the policy.
	PolicyName *string `min:"1" type:"string"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy was last updated.
	//
	// When a policy has only one version, this field contains the date and time
	// when the policy was created. When a policy has more than one version, this
	// field contains the date and time when the most recent policy version was
	// created.
	UpdateDate *time.Time `type:"timestamp"`
	// contains filtered or unexported fields
}

Contains information about a managed policy.

This data type is used as a response element in the CreatePolicy, GetPolicy, and ListPolicies operations.

For more information about managed policies, refer to Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (Policy) String

func (s Policy) String() string

String returns the string representation

type PolicyDetail

type PolicyDetail struct {

	// The policy document.
	PolicyDocument *string `min:"1" type:"string"`

	// The name of the policy.
	PolicyName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about an IAM policy, including the policy document.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

func (PolicyDetail) String

func (s PolicyDetail) String() string

String returns the string representation

type PolicyEvaluationDecisionType

type PolicyEvaluationDecisionType string
const (
	PolicyEvaluationDecisionTypeAllowed      PolicyEvaluationDecisionType = "allowed"
	PolicyEvaluationDecisionTypeExplicitDeny PolicyEvaluationDecisionType = "explicitDeny"
	PolicyEvaluationDecisionTypeImplicitDeny PolicyEvaluationDecisionType = "implicitDeny"
)

Enum values for PolicyEvaluationDecisionType

func (PolicyEvaluationDecisionType) MarshalValue added in v0.3.0

func (enum PolicyEvaluationDecisionType) MarshalValue() (string, error)

func (PolicyEvaluationDecisionType) MarshalValueBuf added in v0.3.0

func (enum PolicyEvaluationDecisionType) MarshalValueBuf(b []byte) ([]byte, error)

type PolicyGrantingServiceAccess added in v0.7.0

type PolicyGrantingServiceAccess struct {

	// The name of the entity (user or role) to which the inline policy is attached.
	//
	// This field is null for managed policies. For more information about these
	// policy types, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
	// in the IAM User Guide.
	EntityName *string `min:"1" type:"string"`

	// The type of entity (user or role) that used the policy to access the service
	// to which the inline policy is attached.
	//
	// This field is null for managed policies. For more information about these
	// policy types, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
	// in the IAM User Guide.
	EntityType PolicyOwnerEntityType `type:"string" enum:"true"`

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	PolicyArn *string `min:"20" type:"string"`

	// The policy name.
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The policy type. For more information about these policy types, see Managed
	// Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
	// in the IAM User Guide.
	//
	// PolicyType is a required field
	PolicyType PolicyType `type:"string" required:"true" enum:"true"`
	// contains filtered or unexported fields
}

Contains details about the permissions policies that are attached to the specified identity (user, group, or role).

This data type is an element of the ListPoliciesGrantingServiceAccessEntry object.

func (PolicyGrantingServiceAccess) String added in v0.7.0

String returns the string representation

type PolicyGroup

type PolicyGroup struct {

	// The stable and unique string identifying the group. For more information
	// about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
	// in the IAM User Guide.
	GroupId *string `min:"16" type:"string"`

	// The name (friendly name, not ARN) identifying the group.
	GroupName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about a group that a managed policy is attached to.

This data type is used as a response element in the ListEntitiesForPolicy operation.

For more information about managed policies, refer to Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (PolicyGroup) String

func (s PolicyGroup) String() string

String returns the string representation

type PolicyOwnerEntityType added in v0.7.0

type PolicyOwnerEntityType string
const (
	PolicyOwnerEntityTypeUser  PolicyOwnerEntityType = "USER"
	PolicyOwnerEntityTypeRole  PolicyOwnerEntityType = "ROLE"
	PolicyOwnerEntityTypeGroup PolicyOwnerEntityType = "GROUP"
)

Enum values for PolicyOwnerEntityType

func (PolicyOwnerEntityType) MarshalValue added in v0.7.0

func (enum PolicyOwnerEntityType) MarshalValue() (string, error)

func (PolicyOwnerEntityType) MarshalValueBuf added in v0.7.0

func (enum PolicyOwnerEntityType) MarshalValueBuf(b []byte) ([]byte, error)

type PolicyRole

type PolicyRole struct {

	// The stable and unique string identifying the role. For more information about
	// IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
	// in the IAM User Guide.
	RoleId *string `min:"16" type:"string"`

	// The name (friendly name, not ARN) identifying the role.
	RoleName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about a role that a managed policy is attached to.

This data type is used as a response element in the ListEntitiesForPolicy operation.

For more information about managed policies, refer to Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (PolicyRole) String

func (s PolicyRole) String() string

String returns the string representation

type PolicyScopeType

type PolicyScopeType string
const (
	PolicyScopeTypeAll   PolicyScopeType = "All"
	PolicyScopeTypeAws   PolicyScopeType = "AWS"
	PolicyScopeTypeLocal PolicyScopeType = "Local"
)

Enum values for PolicyScopeType

func (PolicyScopeType) MarshalValue added in v0.3.0

func (enum PolicyScopeType) MarshalValue() (string, error)

func (PolicyScopeType) MarshalValueBuf added in v0.3.0

func (enum PolicyScopeType) MarshalValueBuf(b []byte) ([]byte, error)

type PolicySourceType

type PolicySourceType string
const (
	PolicySourceTypeUser        PolicySourceType = "user"
	PolicySourceTypeGroup       PolicySourceType = "group"
	PolicySourceTypeRole        PolicySourceType = "role"
	PolicySourceTypeAwsManaged  PolicySourceType = "aws-managed"
	PolicySourceTypeUserManaged PolicySourceType = "user-managed"
	PolicySourceTypeResource    PolicySourceType = "resource"
	PolicySourceTypeNone        PolicySourceType = "none"
)

Enum values for PolicySourceType

func (PolicySourceType) MarshalValue added in v0.3.0

func (enum PolicySourceType) MarshalValue() (string, error)

func (PolicySourceType) MarshalValueBuf added in v0.3.0

func (enum PolicySourceType) MarshalValueBuf(b []byte) ([]byte, error)

type PolicyType added in v0.7.0

type PolicyType string
const (
	PolicyTypeInline  PolicyType = "INLINE"
	PolicyTypeManaged PolicyType = "MANAGED"
)

Enum values for PolicyType

func (PolicyType) MarshalValue added in v0.7.0

func (enum PolicyType) MarshalValue() (string, error)

func (PolicyType) MarshalValueBuf added in v0.7.0

func (enum PolicyType) MarshalValueBuf(b []byte) ([]byte, error)

type PolicyUsageType added in v0.5.0

type PolicyUsageType string

The policy usage type that indicates whether the policy is used as a permissions policy or as the permissions boundary for an entity.

For more information about permissions boundaries, see Permissions Boundaries for IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the IAM User Guide.

const (
	PolicyUsageTypePermissionsPolicy   PolicyUsageType = "PermissionsPolicy"
	PolicyUsageTypePermissionsBoundary PolicyUsageType = "PermissionsBoundary"
)

Enum values for PolicyUsageType

func (PolicyUsageType) MarshalValue added in v0.5.0

func (enum PolicyUsageType) MarshalValue() (string, error)

func (PolicyUsageType) MarshalValueBuf added in v0.5.0

func (enum PolicyUsageType) MarshalValueBuf(b []byte) ([]byte, error)

type PolicyUser

type PolicyUser struct {

	// The stable and unique string identifying the user. For more information about
	// IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
	// in the IAM User Guide.
	UserId *string `min:"16" type:"string"`

	// The name (friendly name, not ARN) identifying the user.
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about a user that a managed policy is attached to.

This data type is used as a response element in the ListEntitiesForPolicy operation.

For more information about managed policies, refer to Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (PolicyUser) String

func (s PolicyUser) String() string

String returns the string representation

type PolicyVersion

type PolicyVersion struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy version was created.
	CreateDate *time.Time `type:"timestamp"`

	// The policy document.
	//
	// The policy document is returned in the response to the GetPolicyVersion and
	// GetAccountAuthorizationDetails operations. It is not returned in the response
	// to the CreatePolicyVersion or ListPolicyVersions operations.
	//
	// The policy document returned in this structure is URL-encoded compliant with
	// RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding
	// method to convert the policy back to plain JSON text. For example, if you
	// use Java, you can use the decode method of the java.net.URLDecoder utility
	// class in the Java SDK. Other languages and SDKs provide similar functionality.
	Document *string `min:"1" type:"string"`

	// Specifies whether the policy version is set as the policy's default version.
	IsDefaultVersion *bool `type:"boolean"`

	// The identifier for the policy version.
	//
	// Policy version identifiers always begin with v (always lowercase). When a
	// policy is created, the first policy version is v1.
	VersionId *string `type:"string"`
	// contains filtered or unexported fields
}

Contains information about a version of a managed policy.

This data type is used as a response element in the CreatePolicyVersion, GetPolicyVersion, ListPolicyVersions, and GetAccountAuthorizationDetails operations.

For more information about managed policies, refer to Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (PolicyVersion) String

func (s PolicyVersion) String() string

String returns the string representation

type Position

type Position struct {

	// The column in the line containing the specified position in the document.
	Column *int64 `type:"integer"`

	// The line containing the specified position in the document.
	Line *int64 `type:"integer"`
	// contains filtered or unexported fields
}

Contains the row and column of a location of a Statement element in a policy document.

This data type is used as a member of the Statement type.

func (Position) String

func (s Position) String() string

String returns the string representation

type PutGroupPolicyInput

type PutGroupPolicyInput struct {

	// The name of the group to associate the policy with.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The policy document.
	//
	// You must provide policies in JSON format in IAM. However, for AWS CloudFormation
	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
	// AWS CloudFormation always converts a YAML policy to JSON format before submitting
	// it to IAM.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy document.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutGroupPolicyInput) String

func (s PutGroupPolicyInput) String() string

String returns the string representation

func (*PutGroupPolicyInput) Validate

func (s *PutGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PutGroupPolicyOutput

type PutGroupPolicyOutput struct {
	// contains filtered or unexported fields
}

func (PutGroupPolicyOutput) String

func (s PutGroupPolicyOutput) String() string

String returns the string representation

type PutGroupPolicyRequest

type PutGroupPolicyRequest struct {
	*aws.Request
	Input *PutGroupPolicyInput
	Copy  func(*PutGroupPolicyInput) PutGroupPolicyRequest
}

PutGroupPolicyRequest is the request type for the PutGroupPolicy API operation.

func (PutGroupPolicyRequest) Send

Send marshals and sends the PutGroupPolicy API request.

type PutGroupPolicyResponse added in v0.9.0

type PutGroupPolicyResponse struct {
	*PutGroupPolicyOutput
	// contains filtered or unexported fields
}

PutGroupPolicyResponse is the response type for the PutGroupPolicy API operation.

func (*PutGroupPolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *PutGroupPolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the PutGroupPolicy request.

type PutRolePermissionsBoundaryInput added in v0.5.0

type PutRolePermissionsBoundaryInput struct {

	// The ARN of the policy that is used to set the permissions boundary for the
	// role.
	//
	// PermissionsBoundary is a required field
	PermissionsBoundary *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the IAM role for which you want to set
	// the permissions boundary.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutRolePermissionsBoundaryInput) String added in v0.5.0

String returns the string representation

func (*PutRolePermissionsBoundaryInput) Validate added in v0.5.0

func (s *PutRolePermissionsBoundaryInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PutRolePermissionsBoundaryOutput added in v0.5.0

type PutRolePermissionsBoundaryOutput struct {
	// contains filtered or unexported fields
}

func (PutRolePermissionsBoundaryOutput) String added in v0.5.0

String returns the string representation

type PutRolePermissionsBoundaryRequest added in v0.5.0

type PutRolePermissionsBoundaryRequest struct {
	*aws.Request
	Input *PutRolePermissionsBoundaryInput
	Copy  func(*PutRolePermissionsBoundaryInput) PutRolePermissionsBoundaryRequest
}

PutRolePermissionsBoundaryRequest is the request type for the PutRolePermissionsBoundary API operation.

func (PutRolePermissionsBoundaryRequest) Send added in v0.5.0

Send marshals and sends the PutRolePermissionsBoundary API request.

type PutRolePermissionsBoundaryResponse added in v0.9.0

type PutRolePermissionsBoundaryResponse struct {
	*PutRolePermissionsBoundaryOutput
	// contains filtered or unexported fields
}

PutRolePermissionsBoundaryResponse is the response type for the PutRolePermissionsBoundary API operation.

func (*PutRolePermissionsBoundaryResponse) SDKResponseMetdata added in v0.9.0

func (r *PutRolePermissionsBoundaryResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the PutRolePermissionsBoundary request.

type PutRolePolicyInput

type PutRolePolicyInput struct {

	// The policy document.
	//
	// You must provide policies in JSON format in IAM. However, for AWS CloudFormation
	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
	// AWS CloudFormation always converts a YAML policy to JSON format before submitting
	// it to IAM.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy document.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name of the role to associate the policy with.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutRolePolicyInput) String

func (s PutRolePolicyInput) String() string

String returns the string representation

func (*PutRolePolicyInput) Validate

func (s *PutRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PutRolePolicyOutput

type PutRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (PutRolePolicyOutput) String

func (s PutRolePolicyOutput) String() string

String returns the string representation

type PutRolePolicyRequest

type PutRolePolicyRequest struct {
	*aws.Request
	Input *PutRolePolicyInput
	Copy  func(*PutRolePolicyInput) PutRolePolicyRequest
}

PutRolePolicyRequest is the request type for the PutRolePolicy API operation.

func (PutRolePolicyRequest) Send

Send marshals and sends the PutRolePolicy API request.

type PutRolePolicyResponse added in v0.9.0

type PutRolePolicyResponse struct {
	*PutRolePolicyOutput
	// contains filtered or unexported fields
}

PutRolePolicyResponse is the response type for the PutRolePolicy API operation.

func (*PutRolePolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *PutRolePolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the PutRolePolicy request.

type PutUserPermissionsBoundaryInput added in v0.5.0

type PutUserPermissionsBoundaryInput struct {

	// The ARN of the policy that is used to set the permissions boundary for the
	// user.
	//
	// PermissionsBoundary is a required field
	PermissionsBoundary *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the IAM user for which you want to set
	// the permissions boundary.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutUserPermissionsBoundaryInput) String added in v0.5.0

String returns the string representation

func (*PutUserPermissionsBoundaryInput) Validate added in v0.5.0

func (s *PutUserPermissionsBoundaryInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PutUserPermissionsBoundaryOutput added in v0.5.0

type PutUserPermissionsBoundaryOutput struct {
	// contains filtered or unexported fields
}

func (PutUserPermissionsBoundaryOutput) String added in v0.5.0

String returns the string representation

type PutUserPermissionsBoundaryRequest added in v0.5.0

type PutUserPermissionsBoundaryRequest struct {
	*aws.Request
	Input *PutUserPermissionsBoundaryInput
	Copy  func(*PutUserPermissionsBoundaryInput) PutUserPermissionsBoundaryRequest
}

PutUserPermissionsBoundaryRequest is the request type for the PutUserPermissionsBoundary API operation.

func (PutUserPermissionsBoundaryRequest) Send added in v0.5.0

Send marshals and sends the PutUserPermissionsBoundary API request.

type PutUserPermissionsBoundaryResponse added in v0.9.0

type PutUserPermissionsBoundaryResponse struct {
	*PutUserPermissionsBoundaryOutput
	// contains filtered or unexported fields
}

PutUserPermissionsBoundaryResponse is the response type for the PutUserPermissionsBoundary API operation.

func (*PutUserPermissionsBoundaryResponse) SDKResponseMetdata added in v0.9.0

func (r *PutUserPermissionsBoundaryResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the PutUserPermissionsBoundary request.

type PutUserPolicyInput

type PutUserPolicyInput struct {

	// The policy document.
	//
	// You must provide policies in JSON format in IAM. However, for AWS CloudFormation
	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
	// AWS CloudFormation always converts a YAML policy to JSON format before submitting
	// it to IAM.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy document.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name of the user to associate the policy with.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutUserPolicyInput) String

func (s PutUserPolicyInput) String() string

String returns the string representation

func (*PutUserPolicyInput) Validate

func (s *PutUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PutUserPolicyOutput

type PutUserPolicyOutput struct {
	// contains filtered or unexported fields
}

func (PutUserPolicyOutput) String

func (s PutUserPolicyOutput) String() string

String returns the string representation

type PutUserPolicyRequest

type PutUserPolicyRequest struct {
	*aws.Request
	Input *PutUserPolicyInput
	Copy  func(*PutUserPolicyInput) PutUserPolicyRequest
}

PutUserPolicyRequest is the request type for the PutUserPolicy API operation.

func (PutUserPolicyRequest) Send

Send marshals and sends the PutUserPolicy API request.

type PutUserPolicyResponse added in v0.9.0

type PutUserPolicyResponse struct {
	*PutUserPolicyOutput
	// contains filtered or unexported fields
}

PutUserPolicyResponse is the response type for the PutUserPolicy API operation.

func (*PutUserPolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *PutUserPolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the PutUserPolicy request.

type RemoveClientIDFromOpenIDConnectProviderInput

type RemoveClientIDFromOpenIDConnectProviderInput struct {

	// The client ID (also known as audience) to remove from the IAM OIDC provider
	// resource. For more information about client IDs, see CreateOpenIDConnectProvider.
	//
	// ClientID is a required field
	ClientID *string `min:"1" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the IAM OIDC provider resource to remove
	// the client ID from. You can get a list of OIDC provider ARNs by using the
	// ListOpenIDConnectProviders operation.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (RemoveClientIDFromOpenIDConnectProviderInput) String

String returns the string representation

func (*RemoveClientIDFromOpenIDConnectProviderInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type RemoveClientIDFromOpenIDConnectProviderOutput

type RemoveClientIDFromOpenIDConnectProviderOutput struct {
	// contains filtered or unexported fields
}

func (RemoveClientIDFromOpenIDConnectProviderOutput) String

String returns the string representation

type RemoveClientIDFromOpenIDConnectProviderRequest

RemoveClientIDFromOpenIDConnectProviderRequest is the request type for the RemoveClientIDFromOpenIDConnectProvider API operation.

func (RemoveClientIDFromOpenIDConnectProviderRequest) Send

Send marshals and sends the RemoveClientIDFromOpenIDConnectProvider API request.

type RemoveClientIDFromOpenIDConnectProviderResponse added in v0.9.0

type RemoveClientIDFromOpenIDConnectProviderResponse struct {
	*RemoveClientIDFromOpenIDConnectProviderOutput
	// contains filtered or unexported fields
}

RemoveClientIDFromOpenIDConnectProviderResponse is the response type for the RemoveClientIDFromOpenIDConnectProvider API operation.

func (*RemoveClientIDFromOpenIDConnectProviderResponse) SDKResponseMetdata added in v0.9.0

SDKResponseMetdata returns the response metadata for the RemoveClientIDFromOpenIDConnectProvider request.

type RemoveRoleFromInstanceProfileInput

type RemoveRoleFromInstanceProfileInput struct {

	// The name of the instance profile to update.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`

	// The name of the role to remove.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (RemoveRoleFromInstanceProfileInput) String

String returns the string representation

func (*RemoveRoleFromInstanceProfileInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type RemoveRoleFromInstanceProfileOutput

type RemoveRoleFromInstanceProfileOutput struct {
	// contains filtered or unexported fields
}

func (RemoveRoleFromInstanceProfileOutput) String

String returns the string representation

type RemoveRoleFromInstanceProfileRequest

type RemoveRoleFromInstanceProfileRequest struct {
	*aws.Request
	Input *RemoveRoleFromInstanceProfileInput
	Copy  func(*RemoveRoleFromInstanceProfileInput) RemoveRoleFromInstanceProfileRequest
}

RemoveRoleFromInstanceProfileRequest is the request type for the RemoveRoleFromInstanceProfile API operation.

func (RemoveRoleFromInstanceProfileRequest) Send

Send marshals and sends the RemoveRoleFromInstanceProfile API request.

type RemoveRoleFromInstanceProfileResponse added in v0.9.0

type RemoveRoleFromInstanceProfileResponse struct {
	*RemoveRoleFromInstanceProfileOutput
	// contains filtered or unexported fields
}

RemoveRoleFromInstanceProfileResponse is the response type for the RemoveRoleFromInstanceProfile API operation.

func (*RemoveRoleFromInstanceProfileResponse) SDKResponseMetdata added in v0.9.0

func (r *RemoveRoleFromInstanceProfileResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the RemoveRoleFromInstanceProfile request.

type RemoveUserFromGroupInput

type RemoveUserFromGroupInput struct {

	// The name of the group to update.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The name of the user to remove.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (RemoveUserFromGroupInput) String

func (s RemoveUserFromGroupInput) String() string

String returns the string representation

func (*RemoveUserFromGroupInput) Validate

func (s *RemoveUserFromGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type RemoveUserFromGroupOutput

type RemoveUserFromGroupOutput struct {
	// contains filtered or unexported fields
}

func (RemoveUserFromGroupOutput) String

func (s RemoveUserFromGroupOutput) String() string

String returns the string representation

type RemoveUserFromGroupRequest

type RemoveUserFromGroupRequest struct {
	*aws.Request
	Input *RemoveUserFromGroupInput
	Copy  func(*RemoveUserFromGroupInput) RemoveUserFromGroupRequest
}

RemoveUserFromGroupRequest is the request type for the RemoveUserFromGroup API operation.

func (RemoveUserFromGroupRequest) Send

Send marshals and sends the RemoveUserFromGroup API request.

type RemoveUserFromGroupResponse added in v0.9.0

type RemoveUserFromGroupResponse struct {
	*RemoveUserFromGroupOutput
	// contains filtered or unexported fields
}

RemoveUserFromGroupResponse is the response type for the RemoveUserFromGroup API operation.

func (*RemoveUserFromGroupResponse) SDKResponseMetdata added in v0.9.0

func (r *RemoveUserFromGroupResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the RemoveUserFromGroup request.

type ReportFormatType

type ReportFormatType string
const (
	ReportFormatTypeTextCsv ReportFormatType = "text/csv"
)

Enum values for ReportFormatType

func (ReportFormatType) MarshalValue added in v0.3.0

func (enum ReportFormatType) MarshalValue() (string, error)

func (ReportFormatType) MarshalValueBuf added in v0.3.0

func (enum ReportFormatType) MarshalValueBuf(b []byte) ([]byte, error)

type ReportStateType

type ReportStateType string
const (
	ReportStateTypeStarted    ReportStateType = "STARTED"
	ReportStateTypeInprogress ReportStateType = "INPROGRESS"
	ReportStateTypeComplete   ReportStateType = "COMPLETE"
)

Enum values for ReportStateType

func (ReportStateType) MarshalValue added in v0.3.0

func (enum ReportStateType) MarshalValue() (string, error)

func (ReportStateType) MarshalValueBuf added in v0.3.0

func (enum ReportStateType) MarshalValueBuf(b []byte) ([]byte, error)

type ResetServiceSpecificCredentialInput

type ResetServiceSpecificCredentialInput struct {

	// The unique identifier of the service-specific credential.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The name of the IAM user associated with the service-specific credential.
	// If this value is not specified, then the operation assumes the user whose
	// credentials are used to call the operation.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ResetServiceSpecificCredentialInput) String

String returns the string representation

func (*ResetServiceSpecificCredentialInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type ResetServiceSpecificCredentialOutput

type ResetServiceSpecificCredentialOutput struct {

	// A structure with details about the updated service-specific credential, including
	// the new password.
	//
	// This is the only time that you can access the password. You cannot recover
	// the password later, but you can reset it again.
	ServiceSpecificCredential *ServiceSpecificCredential `type:"structure"`
	// contains filtered or unexported fields
}

func (ResetServiceSpecificCredentialOutput) String

String returns the string representation

type ResetServiceSpecificCredentialRequest

type ResetServiceSpecificCredentialRequest struct {
	*aws.Request
	Input *ResetServiceSpecificCredentialInput
	Copy  func(*ResetServiceSpecificCredentialInput) ResetServiceSpecificCredentialRequest
}

ResetServiceSpecificCredentialRequest is the request type for the ResetServiceSpecificCredential API operation.

func (ResetServiceSpecificCredentialRequest) Send

Send marshals and sends the ResetServiceSpecificCredential API request.

type ResetServiceSpecificCredentialResponse added in v0.9.0

type ResetServiceSpecificCredentialResponse struct {
	*ResetServiceSpecificCredentialOutput
	// contains filtered or unexported fields
}

ResetServiceSpecificCredentialResponse is the response type for the ResetServiceSpecificCredential API operation.

func (*ResetServiceSpecificCredentialResponse) SDKResponseMetdata added in v0.9.0

func (r *ResetServiceSpecificCredentialResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ResetServiceSpecificCredential request.

type ResourceSpecificResult

type ResourceSpecificResult struct {

	// Additional details about the results of the evaluation decision. When there
	// are both IAM policies and resource policies, this parameter explains how
	// each set of policies contributes to the final evaluation decision. When simulating
	// cross-account access to a resource, both the resource-based policy and the
	// caller's IAM policy must grant access.
	EvalDecisionDetails map[string]PolicyEvaluationDecisionType `type:"map"`

	// The result of the simulation of the simulated API operation on the resource
	// specified in EvalResourceName.
	//
	// EvalResourceDecision is a required field
	EvalResourceDecision PolicyEvaluationDecisionType `type:"string" required:"true" enum:"true"`

	// The name of the simulated resource, in Amazon Resource Name (ARN) format.
	//
	// EvalResourceName is a required field
	EvalResourceName *string `min:"1" type:"string" required:"true"`

	// A list of the statements in the input policies that determine the result
	// for this part of the simulation. Remember that even if multiple statements
	// allow the operation on the resource, if any statement denies that operation,
	// then the explicit deny overrides any allow. In addition, the deny statement
	// is the only entry included in the result.
	MatchedStatements []Statement `type:"list"`

	// A list of context keys that are required by the included input policies but
	// that were not provided by one of the input parameters. This list is used
	// when a list of ARNs is included in the ResourceArns parameter instead of
	// "*". If you do not specify individual resources, by setting ResourceArns
	// to "*" or by not including the ResourceArns parameter, then any missing context
	// values are instead included under the EvaluationResults section. To discover
	// the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy
	// or GetContextKeysForPrincipalPolicy.
	MissingContextValues []string `type:"list"`
	// contains filtered or unexported fields
}

Contains the result of the simulation of a single API operation call on a single resource.

This data type is used by a member of the EvaluationResult data type.

func (ResourceSpecificResult) String

func (s ResourceSpecificResult) String() string

String returns the string representation

type ResyncMFADeviceInput

type ResyncMFADeviceInput struct {

	// An authentication code emitted by the device.
	//
	// The format for this parameter is a sequence of six digits.
	//
	// AuthenticationCode1 is a required field
	AuthenticationCode1 *string `min:"6" type:"string" required:"true"`

	// A subsequent authentication code emitted by the device.
	//
	// The format for this parameter is a sequence of six digits.
	//
	// AuthenticationCode2 is a required field
	AuthenticationCode2 *string `min:"6" type:"string" required:"true"`

	// Serial number that uniquely identifies the MFA device.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The name of the user whose MFA device you want to resynchronize.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ResyncMFADeviceInput) String

func (s ResyncMFADeviceInput) String() string

String returns the string representation

func (*ResyncMFADeviceInput) Validate

func (s *ResyncMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ResyncMFADeviceOutput

type ResyncMFADeviceOutput struct {
	// contains filtered or unexported fields
}

func (ResyncMFADeviceOutput) String

func (s ResyncMFADeviceOutput) String() string

String returns the string representation

type ResyncMFADeviceRequest

type ResyncMFADeviceRequest struct {
	*aws.Request
	Input *ResyncMFADeviceInput
	Copy  func(*ResyncMFADeviceInput) ResyncMFADeviceRequest
}

ResyncMFADeviceRequest is the request type for the ResyncMFADevice API operation.

func (ResyncMFADeviceRequest) Send

Send marshals and sends the ResyncMFADevice API request.

type ResyncMFADeviceResponse added in v0.9.0

type ResyncMFADeviceResponse struct {
	*ResyncMFADeviceOutput
	// contains filtered or unexported fields
}

ResyncMFADeviceResponse is the response type for the ResyncMFADevice API operation.

func (*ResyncMFADeviceResponse) SDKResponseMetdata added in v0.9.0

func (r *ResyncMFADeviceResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the ResyncMFADevice request.

type Role

type Role struct {

	// The Amazon Resource Name (ARN) specifying the role. For more information
	// about ARNs and how to use them in policies, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The policy that grants an entity permission to assume the role.
	AssumeRolePolicyDocument *string `min:"1" type:"string"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the role was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" required:"true"`

	// A description of the role that you provide.
	Description *string `type:"string"`

	// The maximum session duration (in seconds) for the specified role. Anyone
	// who uses the AWS CLI, or API to assume the role can specify the duration
	// using the optional DurationSeconds API parameter or duration-seconds CLI
	// parameter.
	MaxSessionDuration *int64 `min:"3600" type:"integer"`

	// The path to the role. For more information about paths, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`

	// The ARN of the policy used to set the permissions boundary for the role.
	//
	// For more information about permissions boundaries, see Permissions Boundaries
	// for IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`

	// The stable and unique string identifying the role. For more information about
	// IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// RoleId is a required field
	RoleId *string `min:"16" type:"string" required:"true"`

	// The friendly name that identifies the role.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`

	// A list of tags that are attached to the specified role. For more information
	// about tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	Tags []Tag `type:"list"`
	// contains filtered or unexported fields
}

Contains information about an IAM role. This structure is returned as a response element in several API operations that interact with roles.

func (Role) String

func (s Role) String() string

String returns the string representation

type RoleDetail

type RoleDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	Arn *string `min:"20" type:"string"`

	// The trust policy that grants permission to assume the role.
	AssumeRolePolicyDocument *string `min:"1" type:"string"`

	// A list of managed policies attached to the role. These policies are the role's
	// access (permissions) policies.
	AttachedManagedPolicies []AttachedPolicy `type:"list"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the role was created.
	CreateDate *time.Time `type:"timestamp"`

	// A list of instance profiles that contain this role.
	InstanceProfileList []InstanceProfile `type:"list"`

	// The path to the role. For more information about paths, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	Path *string `min:"1" type:"string"`

	// The ARN of the policy used to set the permissions boundary for the role.
	//
	// For more information about permissions boundaries, see Permissions Boundaries
	// for IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`

	// The stable and unique string identifying the role. For more information about
	// IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	RoleId *string `min:"16" type:"string"`

	// The friendly name that identifies the role.
	RoleName *string `min:"1" type:"string"`

	// A list of inline policies embedded in the role. These policies are the role's
	// access (permissions) policies.
	RolePolicyList []PolicyDetail `type:"list"`

	// A list of tags that are attached to the specified role. For more information
	// about tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	Tags []Tag `type:"list"`
	// contains filtered or unexported fields
}

Contains information about an IAM role, including all of the role's policies.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

func (RoleDetail) String

func (s RoleDetail) String() string

String returns the string representation

type RoleUsageType

type RoleUsageType struct {

	// The name of the Region where the service-linked role is being used.
	Region *string `min:"1" type:"string"`

	// The name of the resource that is using the service-linked role.
	Resources []string `type:"list"`
	// contains filtered or unexported fields
}

An object that contains details about how a service-linked role is used, if that information is returned by the service.

This data type is used as a response element in the GetServiceLinkedRoleDeletionStatus operation.

func (RoleUsageType) String

func (s RoleUsageType) String() string

String returns the string representation

type SAMLProviderListEntry

type SAMLProviderListEntry struct {

	// The Amazon Resource Name (ARN) of the SAML provider.
	Arn *string `min:"20" type:"string"`

	// The date and time when the SAML provider was created.
	CreateDate *time.Time `type:"timestamp"`

	// The expiration date and time for the SAML provider.
	ValidUntil *time.Time `type:"timestamp"`
	// contains filtered or unexported fields
}

Contains the list of SAML providers for this account.

func (SAMLProviderListEntry) String

func (s SAMLProviderListEntry) String() string

String returns the string representation

type SSHPublicKey

type SSHPublicKey struct {

	// The MD5 message digest of the SSH public key.
	//
	// Fingerprint is a required field
	Fingerprint *string `min:"48" type:"string" required:"true"`

	// The SSH public key.
	//
	// SSHPublicKeyBody is a required field
	SSHPublicKeyBody *string `min:"1" type:"string" required:"true"`

	// The unique identifier for the SSH public key.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The status of the SSH public key. Active means that the key can be used for
	// authentication with an AWS CodeCommit repository. Inactive means that the
	// key cannot be used.
	//
	// Status is a required field
	Status StatusType `type:"string" required:"true" enum:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the SSH public key was uploaded.
	UploadDate *time.Time `type:"timestamp"`

	// The name of the IAM user associated with the SSH public key.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an SSH public key.

This data type is used as a response element in the GetSSHPublicKey and UploadSSHPublicKey operations.

func (SSHPublicKey) String

func (s SSHPublicKey) String() string

String returns the string representation

type SSHPublicKeyMetadata

type SSHPublicKeyMetadata struct {

	// The unique identifier for the SSH public key.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The status of the SSH public key. Active means that the key can be used for
	// authentication with an AWS CodeCommit repository. Inactive means that the
	// key cannot be used.
	//
	// Status is a required field
	Status StatusType `type:"string" required:"true" enum:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the SSH public key was uploaded.
	//
	// UploadDate is a required field
	UploadDate *time.Time `type:"timestamp" required:"true"`

	// The name of the IAM user associated with the SSH public key.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an SSH public key, without the key's body or fingerprint.

This data type is used as a response element in the ListSSHPublicKeys operation.

func (SSHPublicKeyMetadata) String

func (s SSHPublicKeyMetadata) String() string

String returns the string representation

type ServerCertificate

type ServerCertificate struct {

	// The contents of the public key certificate.
	//
	// CertificateBody is a required field
	CertificateBody *string `min:"1" type:"string" required:"true"`

	// The contents of the public key certificate chain.
	CertificateChain *string `min:"1" type:"string"`

	// The meta information of the server certificate, such as its name, path, ID,
	// and ARN.
	//
	// ServerCertificateMetadata is a required field
	ServerCertificateMetadata *ServerCertificateMetadata `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains information about a server certificate.

This data type is used as a response element in the GetServerCertificate operation.

func (ServerCertificate) String

func (s ServerCertificate) String() string

String returns the string representation

type ServerCertificateMetadata

type ServerCertificateMetadata struct {

	// The Amazon Resource Name (ARN) specifying the server certificate. For more
	// information about ARNs and how to use them in policies, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The date on which the certificate is set to expire.
	Expiration *time.Time `type:"timestamp"`

	// The path to the server certificate. For more information about paths, see
	// IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`

	// The stable and unique string identifying the server certificate. For more
	// information about IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// ServerCertificateId is a required field
	ServerCertificateId *string `min:"16" type:"string" required:"true"`

	// The name that identifies the server certificate.
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`

	// The date when the server certificate was uploaded.
	UploadDate *time.Time `type:"timestamp"`
	// contains filtered or unexported fields
}

Contains information about a server certificate without its certificate body, certificate chain, and private key.

This data type is used as a response element in the UploadServerCertificate and ListServerCertificates operations.

func (ServerCertificateMetadata) String

func (s ServerCertificateMetadata) String() string

String returns the string representation

type ServiceLastAccessed added in v0.7.0

type ServiceLastAccessed struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when an authenticated entity most recently attempted to access the service.
	// AWS does not report unauthenticated requests.
	//
	// This field is null if no IAM entities attempted to access the service within
	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAuthenticated *time.Time `type:"timestamp"`

	// The ARN of the authenticated entity (user or role) that last attempted to
	// access the service. AWS does not report unauthenticated requests.
	//
	// This field is null if no IAM entities attempted to access the service within
	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAuthenticatedEntity *string `min:"20" type:"string"`

	// The name of the service in which access was attempted.
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`

	// The namespace of the service in which access was attempted.
	//
	// To learn the service namespace of a service, go to Actions, Resources, and
	// Condition Keys for AWS Services (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_actions-resources-contextkeys.html)
	// in the IAM User Guide. Choose the name of the service to view details for
	// that service. In the first paragraph, find the service prefix. For example,
	// (service prefix: a4b). For more information about service namespaces, see
	// AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
	// in the AWS General Reference.
	//
	// ServiceNamespace is a required field
	ServiceNamespace *string `min:"1" type:"string" required:"true"`

	// The total number of authenticated principals (root user, IAM users, or IAM
	// roles) that have attempted to access the service.
	//
	// This field is null if no principals attempted to access the service within
	// the reporting period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	TotalAuthenticatedEntities *int64 `type:"integer"`
	// contains filtered or unexported fields
}

Contains details about the most recent attempt to access the service.

This data type is used as a response element in the GetServiceLastAccessedDetails operation.

func (ServiceLastAccessed) String added in v0.7.0

func (s ServiceLastAccessed) String() string

String returns the string representation

type ServiceSpecificCredential

type ServiceSpecificCredential struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the service-specific credential were created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" required:"true"`

	// The name of the service associated with the service-specific credential.
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`

	// The generated password for the service-specific credential.
	//
	// ServicePassword is a required field
	ServicePassword *string `type:"string" required:"true" sensitive:"true"`

	// The unique identifier for the service-specific credential.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The generated user name for the service-specific credential. This value is
	// generated by combining the IAM user's name combined with the ID number of
	// the AWS account, as in jane-at-123456789012, for example. This value cannot
	// be configured by the user.
	//
	// ServiceUserName is a required field
	ServiceUserName *string `min:"17" type:"string" required:"true"`

	// The status of the service-specific credential. Active means that the key
	// is valid for API calls, while Inactive means it is not.
	//
	// Status is a required field
	Status StatusType `type:"string" required:"true" enum:"true"`

	// The name of the IAM user associated with the service-specific credential.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the details of a service-specific credential.

func (ServiceSpecificCredential) String

func (s ServiceSpecificCredential) String() string

String returns the string representation

type ServiceSpecificCredentialMetadata

type ServiceSpecificCredentialMetadata struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the service-specific credential were created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" required:"true"`

	// The name of the service associated with the service-specific credential.
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`

	// The unique identifier for the service-specific credential.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The generated user name for the service-specific credential.
	//
	// ServiceUserName is a required field
	ServiceUserName *string `min:"17" type:"string" required:"true"`

	// The status of the service-specific credential. Active means that the key
	// is valid for API calls, while Inactive means it is not.
	//
	// Status is a required field
	Status StatusType `type:"string" required:"true" enum:"true"`

	// The name of the IAM user associated with the service-specific credential.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains additional details about a service-specific credential.

func (ServiceSpecificCredentialMetadata) String

String returns the string representation

type SetDefaultPolicyVersionInput

type SetDefaultPolicyVersionInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy whose default version you
	// want to set.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The version of the policy to set as the default (operative) version.
	//
	// For more information about managed policy versions, see Versioning for Managed
	// Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the IAM User Guide.
	//
	// VersionId is a required field
	VersionId *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (SetDefaultPolicyVersionInput) String

String returns the string representation

func (*SetDefaultPolicyVersionInput) Validate

func (s *SetDefaultPolicyVersionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type SetDefaultPolicyVersionOutput

type SetDefaultPolicyVersionOutput struct {
	// contains filtered or unexported fields
}

func (SetDefaultPolicyVersionOutput) String

String returns the string representation

type SetDefaultPolicyVersionRequest

type SetDefaultPolicyVersionRequest struct {
	*aws.Request
	Input *SetDefaultPolicyVersionInput
	Copy  func(*SetDefaultPolicyVersionInput) SetDefaultPolicyVersionRequest
}

SetDefaultPolicyVersionRequest is the request type for the SetDefaultPolicyVersion API operation.

func (SetDefaultPolicyVersionRequest) Send

Send marshals and sends the SetDefaultPolicyVersion API request.

type SetDefaultPolicyVersionResponse added in v0.9.0

type SetDefaultPolicyVersionResponse struct {
	*SetDefaultPolicyVersionOutput
	// contains filtered or unexported fields
}

SetDefaultPolicyVersionResponse is the response type for the SetDefaultPolicyVersion API operation.

func (*SetDefaultPolicyVersionResponse) SDKResponseMetdata added in v0.9.0

func (r *SetDefaultPolicyVersionResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the SetDefaultPolicyVersion request.

type SetSecurityTokenServicePreferencesInput added in v0.9.0

type SetSecurityTokenServicePreferencesInput struct {

	// The version of the global endpoint token. Version 1 tokens are valid only
	// in AWS Regions that are available by default. These tokens do not work in
	// manually enabled Regions, such as Asia Pacific (Hong Kong). Version 2 tokens
	// are valid in all Regions. However, version 2 tokens are longer and might
	// affect systems where you temporarily store tokens.
	//
	// For information, see Activating and Deactivating STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
	// in the IAM User Guide.
	//
	// GlobalEndpointTokenVersion is a required field
	GlobalEndpointTokenVersion GlobalEndpointTokenVersion `type:"string" required:"true" enum:"true"`
	// contains filtered or unexported fields
}

func (SetSecurityTokenServicePreferencesInput) String added in v0.9.0

String returns the string representation

func (*SetSecurityTokenServicePreferencesInput) Validate added in v0.9.0

Validate inspects the fields of the type to determine if they are valid.

type SetSecurityTokenServicePreferencesOutput added in v0.9.0

type SetSecurityTokenServicePreferencesOutput struct {
	// contains filtered or unexported fields
}

func (SetSecurityTokenServicePreferencesOutput) String added in v0.9.0

String returns the string representation

type SetSecurityTokenServicePreferencesRequest added in v0.9.0

SetSecurityTokenServicePreferencesRequest is the request type for the SetSecurityTokenServicePreferences API operation.

func (SetSecurityTokenServicePreferencesRequest) Send added in v0.9.0

Send marshals and sends the SetSecurityTokenServicePreferences API request.

type SetSecurityTokenServicePreferencesResponse added in v0.9.0

type SetSecurityTokenServicePreferencesResponse struct {
	*SetSecurityTokenServicePreferencesOutput
	// contains filtered or unexported fields
}

SetSecurityTokenServicePreferencesResponse is the response type for the SetSecurityTokenServicePreferences API operation.

func (*SetSecurityTokenServicePreferencesResponse) SDKResponseMetdata added in v0.9.0

func (r *SetSecurityTokenServicePreferencesResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the SetSecurityTokenServicePreferences request.

type SigningCertificate

type SigningCertificate struct {

	// The contents of the signing certificate.
	//
	// CertificateBody is a required field
	CertificateBody *string `min:"1" type:"string" required:"true"`

	// The ID for the signing certificate.
	//
	// CertificateId is a required field
	CertificateId *string `min:"24" type:"string" required:"true"`

	// The status of the signing certificate. Active means that the key is valid
	// for API calls, while Inactive means it is not.
	//
	// Status is a required field
	Status StatusType `type:"string" required:"true" enum:"true"`

	// The date when the signing certificate was uploaded.
	UploadDate *time.Time `type:"timestamp"`

	// The name of the user the signing certificate is associated with.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an X.509 signing certificate.

This data type is used as a response element in the UploadSigningCertificate and ListSigningCertificates operations.

func (SigningCertificate) String

func (s SigningCertificate) String() string

String returns the string representation

type SimulateCustomPolicyInput

type SimulateCustomPolicyInput struct {

	// A list of names of API operations to evaluate in the simulation. Each operation
	// is evaluated against each resource. Each operation must include the service
	// identifier, such as iam:CreateUser. This operation does not support using
	// wildcards (*) in an action name.
	//
	// ActionNames is a required field
	ActionNames []string `type:"list" required:"true"`

	// The ARN of the IAM user that you want to use as the simulated caller of the
	// API operations. CallerArn is required if you include a ResourcePolicy so
	// that the policy's Principal element has a value to use in evaluating the
	// policy.
	//
	// You can specify only the ARN of an IAM user. You cannot specify the ARN of
	// an assumed role, federated user, or a service principal.
	CallerArn *string `min:"1" type:"string"`

	// A list of context keys and corresponding values for the simulation to use.
	// Whenever a context key is evaluated in one of the simulated IAM permissions
	// policies, the corresponding value is supplied.
	ContextEntries []ContextEntry `type:"list"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// A list of policy documents to include in the simulation. Each document is
	// specified as a string containing the complete, valid JSON text of an IAM
	// policy. Do not include any resource-based policies in this parameter. Any
	// resource-based policy must be submitted with the ResourcePolicy parameter.
	// The policies cannot be "scope-down" policies, such as you could include in
	// a call to GetFederationToken (https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetFederationToken.html)
	// or one of the AssumeRole (https://docs.aws.amazon.com/IAM/latest/APIReference/API_AssumeRole.html)
	// API operations. In other words, do not use policies designed to restrict
	// what a user can do while using the temporary credentials.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyInputList is a required field
	PolicyInputList []string `type:"list" required:"true"`

	// A list of ARNs of AWS resources to include in the simulation. If this parameter
	// is not provided, then the value defaults to * (all resources). Each API in
	// the ActionNames parameter is evaluated for each resource in this list. The
	// simulation determines the access result (allowed or denied) of each combination
	// and reports it in the response.
	//
	// The simulation does not automatically retrieve policies for the specified
	// resources. If you want to include a resource policy in the simulation, then
	// you must include the policy as a string in the ResourcePolicy parameter.
	//
	// If you include a ResourcePolicy, then it must be applicable to all of the
	// resources included in the simulation or you receive an invalid input error.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	ResourceArns []string `type:"list"`

	// Specifies the type of simulation to run. Different API operations that support
	// resource-based policies require different combinations of resources. By specifying
	// the type of simulation to run, you enable the policy simulator to enforce
	// the presence of the required resources to ensure reliable simulation results.
	// If your simulation does not match one of the following scenarios, then you
	// can omit this parameter. The following list shows each of the supported scenario
	// values and the resources that you must define to run the simulation.
	//
	// Each of the EC2 scenarios requires that you specify instance, image, and
	// security-group resources. If your scenario includes an EBS volume, then you
	// must specify that volume as a resource. If the EC2 scenario includes VPC,
	// then you must supply the network-interface resource. If it includes an IP
	// subnet, then you must specify the subnet resource. For more information on
	// the EC2 scenario options, see Supported Platforms (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html)
	// in the Amazon EC2 User Guide.
	//
	//    * EC2-Classic-InstanceStore instance, image, security-group
	//
	//    * EC2-Classic-EBS instance, image, security-group, volume
	//
	//    * EC2-VPC-InstanceStore instance, image, security-group, network-interface
	//
	//    * EC2-VPC-InstanceStore-Subnet instance, image, security-group, network-interface,
	//    subnet
	//
	//    * EC2-VPC-EBS instance, image, security-group, network-interface, volume
	//
	//    * EC2-VPC-EBS-Subnet instance, image, security-group, network-interface,
	//    subnet, volume
	ResourceHandlingOption *string `min:"1" type:"string"`

	// An ARN representing the AWS account ID that specifies the owner of any simulated
	// resource that does not identify its owner in the resource ARN. Examples of
	// resource ARNs include an S3 bucket or object. If ResourceOwner is specified,
	// it is also used as the account owner of any ResourcePolicy included in the
	// simulation. If the ResourceOwner parameter is not specified, then the owner
	// of the resources and the resource policy defaults to the account of the identity
	// provided in CallerArn. This parameter is required only if you specify a resource-based
	// policy and account that owns the resource is different from the account that
	// owns the simulated calling user CallerArn.
	//
	// The ARN for an account uses the following syntax: arn:aws:iam::AWS-account-ID:root.
	// For example, to represent the account with the 112233445566 ID, use the following
	// ARN: arn:aws:iam::112233445566-ID:root.
	ResourceOwner *string `min:"1" type:"string"`

	// A resource-based policy to include in the simulation provided as a string.
	// Each resource in the simulation is treated as if it had this policy attached.
	// You can include only one resource-based policy in a simulation.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	ResourcePolicy *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (SimulateCustomPolicyInput) String

func (s SimulateCustomPolicyInput) String() string

String returns the string representation

func (*SimulateCustomPolicyInput) Validate

func (s *SimulateCustomPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type SimulateCustomPolicyOutput added in v0.9.0

type SimulateCustomPolicyOutput struct {

	// The results of the simulation.
	EvaluationResults []EvaluationResult `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful SimulatePrincipalPolicy or SimulateCustomPolicy request.

func (SimulateCustomPolicyOutput) String added in v0.9.0

String returns the string representation

type SimulateCustomPolicyPaginator added in v0.9.0

type SimulateCustomPolicyPaginator struct {
	aws.Pager
}

SimulateCustomPolicyPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewSimulateCustomPolicyPaginator added in v0.9.0

func NewSimulateCustomPolicyPaginator(req SimulateCustomPolicyRequest) SimulateCustomPolicyPaginator

NewSimulateCustomPolicyRequestPaginator returns a paginator for SimulateCustomPolicy. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.SimulateCustomPolicyRequest(input)
p := iam.NewSimulateCustomPolicyRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*SimulateCustomPolicyPaginator) CurrentPage added in v0.9.0

type SimulateCustomPolicyRequest

type SimulateCustomPolicyRequest struct {
	*aws.Request
	Input *SimulateCustomPolicyInput
	Copy  func(*SimulateCustomPolicyInput) SimulateCustomPolicyRequest
}

SimulateCustomPolicyRequest is the request type for the SimulateCustomPolicy API operation.

func (SimulateCustomPolicyRequest) Send

Send marshals and sends the SimulateCustomPolicy API request.

type SimulateCustomPolicyResponse added in v0.9.0

type SimulateCustomPolicyResponse struct {
	*SimulateCustomPolicyOutput
	// contains filtered or unexported fields
}

SimulateCustomPolicyResponse is the response type for the SimulateCustomPolicy API operation.

func (*SimulateCustomPolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *SimulateCustomPolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the SimulateCustomPolicy request.

type SimulatePrincipalPolicyInput

type SimulatePrincipalPolicyInput struct {

	// A list of names of API operations to evaluate in the simulation. Each operation
	// is evaluated for each resource. Each operation must include the service identifier,
	// such as iam:CreateUser.
	//
	// ActionNames is a required field
	ActionNames []string `type:"list" required:"true"`

	// The ARN of the IAM user that you want to specify as the simulated caller
	// of the API operations. If you do not specify a CallerArn, it defaults to
	// the ARN of the user that you specify in PolicySourceArn, if you specified
	// a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David)
	// and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result
	// is that you simulate calling the API operations as Bob, as if Bob had David's
	// policies.
	//
	// You can specify only the ARN of an IAM user. You cannot specify the ARN of
	// an assumed role, federated user, or a service principal.
	//
	// CallerArn is required if you include a ResourcePolicy and the PolicySourceArn
	// is not the ARN for an IAM user. This is required so that the resource-based
	// policy's Principal element has a value to use in evaluating the policy.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	CallerArn *string `min:"1" type:"string"`

	// A list of context keys and corresponding values for the simulation to use.
	// Whenever a context key is evaluated in one of the simulated IAM permissions
	// policies, the corresponding value is supplied.
	ContextEntries []ContextEntry `type:"list"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// An optional list of additional policy documents to include in the simulation.
	// Each document is specified as a string containing the complete, valid JSON
	// text of an IAM policy.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	PolicyInputList []string `type:"list"`

	// The Amazon Resource Name (ARN) of a user, group, or role whose policies you
	// want to include in the simulation. If you specify a user, group, or role,
	// the simulation includes all policies that are associated with that entity.
	// If you specify a user, the simulation also includes all policies that are
	// attached to any groups the user belongs to.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicySourceArn is a required field
	PolicySourceArn *string `min:"20" type:"string" required:"true"`

	// A list of ARNs of AWS resources to include in the simulation. If this parameter
	// is not provided, then the value defaults to * (all resources). Each API in
	// the ActionNames parameter is evaluated for each resource in this list. The
	// simulation determines the access result (allowed or denied) of each combination
	// and reports it in the response.
	//
	// The simulation does not automatically retrieve policies for the specified
	// resources. If you want to include a resource policy in the simulation, then
	// you must include the policy as a string in the ResourcePolicy parameter.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	ResourceArns []string `type:"list"`

	// Specifies the type of simulation to run. Different API operations that support
	// resource-based policies require different combinations of resources. By specifying
	// the type of simulation to run, you enable the policy simulator to enforce
	// the presence of the required resources to ensure reliable simulation results.
	// If your simulation does not match one of the following scenarios, then you
	// can omit this parameter. The following list shows each of the supported scenario
	// values and the resources that you must define to run the simulation.
	//
	// Each of the EC2 scenarios requires that you specify instance, image, and
	// security group resources. If your scenario includes an EBS volume, then you
	// must specify that volume as a resource. If the EC2 scenario includes VPC,
	// then you must supply the network interface resource. If it includes an IP
	// subnet, then you must specify the subnet resource. For more information on
	// the EC2 scenario options, see Supported Platforms (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html)
	// in the Amazon EC2 User Guide.
	//
	//    * EC2-Classic-InstanceStore instance, image, security group
	//
	//    * EC2-Classic-EBS instance, image, security group, volume
	//
	//    * EC2-VPC-InstanceStore instance, image, security group, network interface
	//
	//    * EC2-VPC-InstanceStore-Subnet instance, image, security group, network
	//    interface, subnet
	//
	//    * EC2-VPC-EBS instance, image, security group, network interface, volume
	//
	//    * EC2-VPC-EBS-Subnet instance, image, security group, network interface,
	//    subnet, volume
	ResourceHandlingOption *string `min:"1" type:"string"`

	// An AWS account ID that specifies the owner of any simulated resource that
	// does not identify its owner in the resource ARN. Examples of resource ARNs
	// include an S3 bucket or object. If ResourceOwner is specified, it is also
	// used as the account owner of any ResourcePolicy included in the simulation.
	// If the ResourceOwner parameter is not specified, then the owner of the resources
	// and the resource policy defaults to the account of the identity provided
	// in CallerArn. This parameter is required only if you specify a resource-based
	// policy and account that owns the resource is different from the account that
	// owns the simulated calling user CallerArn.
	ResourceOwner *string `min:"1" type:"string"`

	// A resource-based policy to include in the simulation provided as a string.
	// Each resource in the simulation is treated as if it had this policy attached.
	// You can include only one resource-based policy in a simulation.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	ResourcePolicy *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (SimulatePrincipalPolicyInput) String

String returns the string representation

func (*SimulatePrincipalPolicyInput) Validate

func (s *SimulatePrincipalPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type SimulatePrincipalPolicyOutput

type SimulatePrincipalPolicyOutput struct {

	// The results of the simulation.
	EvaluationResults []EvaluationResult `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful SimulatePrincipalPolicy or SimulateCustomPolicy request.

func (SimulatePrincipalPolicyOutput) String

String returns the string representation

type SimulatePrincipalPolicyPaginator added in v0.9.0

type SimulatePrincipalPolicyPaginator struct {
	aws.Pager
}

SimulatePrincipalPolicyPaginator is used to paginate the request. This can be done by calling Next and CurrentPage.

func NewSimulatePrincipalPolicyPaginator added in v0.9.0

func NewSimulatePrincipalPolicyPaginator(req SimulatePrincipalPolicyRequest) SimulatePrincipalPolicyPaginator

NewSimulatePrincipalPolicyRequestPaginator returns a paginator for SimulatePrincipalPolicy. Use Next method to get the next page, and CurrentPage to get the current response page from the paginator. Next will return false, if there are no more pages, or an error was encountered.

Note: This operation can generate multiple requests to a service.

// Example iterating over pages.
req := client.SimulatePrincipalPolicyRequest(input)
p := iam.NewSimulatePrincipalPolicyRequestPaginator(req)

for p.Next(context.TODO()) {
    page := p.CurrentPage()
}

if err := p.Err(); err != nil {
    return err
}

func (*SimulatePrincipalPolicyPaginator) CurrentPage added in v0.9.0

type SimulatePrincipalPolicyRequest

type SimulatePrincipalPolicyRequest struct {
	*aws.Request
	Input *SimulatePrincipalPolicyInput
	Copy  func(*SimulatePrincipalPolicyInput) SimulatePrincipalPolicyRequest
}

SimulatePrincipalPolicyRequest is the request type for the SimulatePrincipalPolicy API operation.

func (SimulatePrincipalPolicyRequest) Send

Send marshals and sends the SimulatePrincipalPolicy API request.

type SimulatePrincipalPolicyResponse added in v0.9.0

type SimulatePrincipalPolicyResponse struct {
	*SimulatePrincipalPolicyOutput
	// contains filtered or unexported fields
}

SimulatePrincipalPolicyResponse is the response type for the SimulatePrincipalPolicy API operation.

func (*SimulatePrincipalPolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *SimulatePrincipalPolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the SimulatePrincipalPolicy request.

type SortKeyType added in v0.10.0

type SortKeyType string
const (
	SortKeyTypeServiceNamespaceAscending       SortKeyType = "SERVICE_NAMESPACE_ASCENDING"
	SortKeyTypeServiceNamespaceDescending      SortKeyType = "SERVICE_NAMESPACE_DESCENDING"
	SortKeyTypeLastAuthenticatedTimeAscending  SortKeyType = "LAST_AUTHENTICATED_TIME_ASCENDING"
	SortKeyTypeLastAuthenticatedTimeDescending SortKeyType = "LAST_AUTHENTICATED_TIME_DESCENDING"
)

Enum values for SortKeyType

func (SortKeyType) MarshalValue added in v0.10.0

func (enum SortKeyType) MarshalValue() (string, error)

func (SortKeyType) MarshalValueBuf added in v0.10.0

func (enum SortKeyType) MarshalValueBuf(b []byte) ([]byte, error)

type Statement

type Statement struct {

	// The row and column of the end of a Statement in an IAM policy.
	EndPosition *Position `type:"structure"`

	// The identifier of the policy that was provided as an input.
	SourcePolicyId *string `type:"string"`

	// The type of the policy.
	SourcePolicyType PolicySourceType `type:"string" enum:"true"`

	// The row and column of the beginning of the Statement in an IAM policy.
	StartPosition *Position `type:"structure"`
	// contains filtered or unexported fields
}

Contains a reference to a Statement element in a policy document that determines the result of the simulation.

This data type is used by the MatchedStatements member of the EvaluationResult type.

func (Statement) String

func (s Statement) String() string

String returns the string representation

type StatusType

type StatusType string
const (
	StatusTypeActive   StatusType = "Active"
	StatusTypeInactive StatusType = "Inactive"
)

Enum values for StatusType

func (StatusType) MarshalValue added in v0.3.0

func (enum StatusType) MarshalValue() (string, error)

func (StatusType) MarshalValueBuf added in v0.3.0

func (enum StatusType) MarshalValueBuf(b []byte) ([]byte, error)

type SummaryKeyType

type SummaryKeyType string
const (
	SummaryKeyTypeUsers                             SummaryKeyType = "Users"
	SummaryKeyTypeUsersQuota                        SummaryKeyType = "UsersQuota"
	SummaryKeyTypeGroups                            SummaryKeyType = "Groups"
	SummaryKeyTypeGroupsQuota                       SummaryKeyType = "GroupsQuota"
	SummaryKeyTypeServerCertificates                SummaryKeyType = "ServerCertificates"
	SummaryKeyTypeServerCertificatesQuota           SummaryKeyType = "ServerCertificatesQuota"
	SummaryKeyTypeUserPolicySizeQuota               SummaryKeyType = "UserPolicySizeQuota"
	SummaryKeyTypeGroupPolicySizeQuota              SummaryKeyType = "GroupPolicySizeQuota"
	SummaryKeyTypeGroupsPerUserQuota                SummaryKeyType = "GroupsPerUserQuota"
	SummaryKeyTypeSigningCertificatesPerUserQuota   SummaryKeyType = "SigningCertificatesPerUserQuota"
	SummaryKeyTypeAccessKeysPerUserQuota            SummaryKeyType = "AccessKeysPerUserQuota"
	SummaryKeyTypeMfadevices                        SummaryKeyType = "MFADevices"
	SummaryKeyTypeMfadevicesInUse                   SummaryKeyType = "MFADevicesInUse"
	SummaryKeyTypeAccountMfaenabled                 SummaryKeyType = "AccountMFAEnabled"
	SummaryKeyTypeAccountAccessKeysPresent          SummaryKeyType = "AccountAccessKeysPresent"
	SummaryKeyTypeAccountSigningCertificatesPresent SummaryKeyType = "AccountSigningCertificatesPresent"
	SummaryKeyTypeAttachedPoliciesPerGroupQuota     SummaryKeyType = "AttachedPoliciesPerGroupQuota"
	SummaryKeyTypeAttachedPoliciesPerRoleQuota      SummaryKeyType = "AttachedPoliciesPerRoleQuota"
	SummaryKeyTypeAttachedPoliciesPerUserQuota      SummaryKeyType = "AttachedPoliciesPerUserQuota"
	SummaryKeyTypePolicies                          SummaryKeyType = "Policies"
	SummaryKeyTypePoliciesQuota                     SummaryKeyType = "PoliciesQuota"
	SummaryKeyTypePolicySizeQuota                   SummaryKeyType = "PolicySizeQuota"
	SummaryKeyTypePolicyVersionsInUse               SummaryKeyType = "PolicyVersionsInUse"
	SummaryKeyTypePolicyVersionsInUseQuota          SummaryKeyType = "PolicyVersionsInUseQuota"
	SummaryKeyTypeVersionsPerPolicyQuota            SummaryKeyType = "VersionsPerPolicyQuota"
	SummaryKeyTypeGlobalEndpointTokenVersion        SummaryKeyType = "GlobalEndpointTokenVersion"
)

Enum values for SummaryKeyType

func (SummaryKeyType) MarshalValue added in v0.3.0

func (enum SummaryKeyType) MarshalValue() (string, error)

func (SummaryKeyType) MarshalValueBuf added in v0.3.0

func (enum SummaryKeyType) MarshalValueBuf(b []byte) ([]byte, error)

type Tag added in v0.6.0

type Tag struct {

	// The key name that can be used to look up or retrieve the associated value.
	// For example, Department or Cost Center are common choices.
	//
	// Key is a required field
	Key *string `min:"1" type:"string" required:"true"`

	// The value associated with this tag. For example, tags with a key name of
	// Department could have values such as Human Resources, Accounting, and Support.
	// Tags with a key name of Cost Center might have values that consist of the
	// number associated with the different cost centers in your company. Typically,
	// many resources have tags with the same key name but with different values.
	//
	// AWS always interprets the tag Value as a single string. If you need to store
	// an array, you can store comma-separated values in the string. However, you
	// must interpret the value in your code.
	//
	// Value is a required field
	Value *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

A structure that represents user-provided metadata that can be associated with a resource such as an IAM user or role. For more information about tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

func (Tag) String added in v0.6.0

func (s Tag) String() string

String returns the string representation

func (*Tag) Validate added in v0.6.0

func (s *Tag) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type TagRoleInput added in v0.6.0

type TagRoleInput struct {

	// The name of the role that you want to add tags to.
	//
	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that consist of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`

	// The list of tags that you want to attach to the role. Each tag consists of
	// a key name and an associated value. You can specify this with a JSON string.
	//
	// Tags is a required field
	Tags []Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (TagRoleInput) String added in v0.6.0

func (s TagRoleInput) String() string

String returns the string representation

func (*TagRoleInput) Validate added in v0.6.0

func (s *TagRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type TagRoleOutput added in v0.6.0

type TagRoleOutput struct {
	// contains filtered or unexported fields
}

func (TagRoleOutput) String added in v0.6.0

func (s TagRoleOutput) String() string

String returns the string representation

type TagRoleRequest added in v0.6.0

type TagRoleRequest struct {
	*aws.Request
	Input *TagRoleInput
	Copy  func(*TagRoleInput) TagRoleRequest
}

TagRoleRequest is the request type for the TagRole API operation.

func (TagRoleRequest) Send added in v0.6.0

Send marshals and sends the TagRole API request.

type TagRoleResponse added in v0.9.0

type TagRoleResponse struct {
	*TagRoleOutput
	// contains filtered or unexported fields
}

TagRoleResponse is the response type for the TagRole API operation.

func (*TagRoleResponse) SDKResponseMetdata added in v0.9.0

func (r *TagRoleResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the TagRole request.

type TagUserInput added in v0.6.0

type TagUserInput struct {

	// The list of tags that you want to attach to the user. Each tag consists of
	// a key name and an associated value.
	//
	// Tags is a required field
	Tags []Tag `type:"list" required:"true"`

	// The name of the user that you want to add tags to.
	//
	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that consist of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: =,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (TagUserInput) String added in v0.6.0

func (s TagUserInput) String() string

String returns the string representation

func (*TagUserInput) Validate added in v0.6.0

func (s *TagUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type TagUserOutput added in v0.6.0

type TagUserOutput struct {
	// contains filtered or unexported fields
}

func (TagUserOutput) String added in v0.6.0

func (s TagUserOutput) String() string

String returns the string representation

type TagUserRequest added in v0.6.0

type TagUserRequest struct {
	*aws.Request
	Input *TagUserInput
	Copy  func(*TagUserInput) TagUserRequest
}

TagUserRequest is the request type for the TagUser API operation.

func (TagUserRequest) Send added in v0.6.0

Send marshals and sends the TagUser API request.

type TagUserResponse added in v0.9.0

type TagUserResponse struct {
	*TagUserOutput
	// contains filtered or unexported fields
}

TagUserResponse is the response type for the TagUser API operation.

func (*TagUserResponse) SDKResponseMetdata added in v0.9.0

func (r *TagUserResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the TagUser request.

type UntagRoleInput added in v0.6.0

type UntagRoleInput struct {

	// The name of the IAM role from which you want to remove tags.
	//
	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that consist of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`

	// A list of key names as a simple array of strings. The tags with matching
	// keys are removed from the specified role.
	//
	// TagKeys is a required field
	TagKeys []string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (UntagRoleInput) String added in v0.6.0

func (s UntagRoleInput) String() string

String returns the string representation

func (*UntagRoleInput) Validate added in v0.6.0

func (s *UntagRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UntagRoleOutput added in v0.6.0

type UntagRoleOutput struct {
	// contains filtered or unexported fields
}

func (UntagRoleOutput) String added in v0.6.0

func (s UntagRoleOutput) String() string

String returns the string representation

type UntagRoleRequest added in v0.6.0

type UntagRoleRequest struct {
	*aws.Request
	Input *UntagRoleInput
	Copy  func(*UntagRoleInput) UntagRoleRequest
}

UntagRoleRequest is the request type for the UntagRole API operation.

func (UntagRoleRequest) Send added in v0.6.0

Send marshals and sends the UntagRole API request.

type UntagRoleResponse added in v0.9.0

type UntagRoleResponse struct {
	*UntagRoleOutput
	// contains filtered or unexported fields
}

UntagRoleResponse is the response type for the UntagRole API operation.

func (*UntagRoleResponse) SDKResponseMetdata added in v0.9.0

func (r *UntagRoleResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the UntagRole request.

type UntagUserInput added in v0.6.0

type UntagUserInput struct {

	// A list of key names as a simple array of strings. The tags with matching
	// keys are removed from the specified user.
	//
	// TagKeys is a required field
	TagKeys []string `type:"list" required:"true"`

	// The name of the IAM user from which you want to remove tags.
	//
	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that consist of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: =,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UntagUserInput) String added in v0.6.0

func (s UntagUserInput) String() string

String returns the string representation

func (*UntagUserInput) Validate added in v0.6.0

func (s *UntagUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UntagUserOutput added in v0.6.0

type UntagUserOutput struct {
	// contains filtered or unexported fields
}

func (UntagUserOutput) String added in v0.6.0

func (s UntagUserOutput) String() string

String returns the string representation

type UntagUserRequest added in v0.6.0

type UntagUserRequest struct {
	*aws.Request
	Input *UntagUserInput
	Copy  func(*UntagUserInput) UntagUserRequest
}

UntagUserRequest is the request type for the UntagUser API operation.

func (UntagUserRequest) Send added in v0.6.0

Send marshals and sends the UntagUser API request.

type UntagUserResponse added in v0.9.0

type UntagUserResponse struct {
	*UntagUserOutput
	// contains filtered or unexported fields
}

UntagUserResponse is the response type for the UntagUser API operation.

func (*UntagUserResponse) SDKResponseMetdata added in v0.9.0

func (r *UntagUserResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the UntagUser request.

type UpdateAccessKeyInput

type UpdateAccessKeyInput struct {

	// The access key ID of the secret access key you want to update.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// AccessKeyId is a required field
	AccessKeyId *string `min:"16" type:"string" required:"true"`

	// The status you want to assign to the secret access key. Active means that
	// the key can be used for API calls to AWS, while Inactive means that the key
	// cannot be used.
	//
	// Status is a required field
	Status StatusType `type:"string" required:"true" enum:"true"`

	// The name of the user whose key you want to update.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UpdateAccessKeyInput) String

func (s UpdateAccessKeyInput) String() string

String returns the string representation

func (*UpdateAccessKeyInput) Validate

func (s *UpdateAccessKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateAccessKeyOutput

type UpdateAccessKeyOutput struct {
	// contains filtered or unexported fields
}

func (UpdateAccessKeyOutput) String

func (s UpdateAccessKeyOutput) String() string

String returns the string representation

type UpdateAccessKeyRequest

type UpdateAccessKeyRequest struct {
	*aws.Request
	Input *UpdateAccessKeyInput
	Copy  func(*UpdateAccessKeyInput) UpdateAccessKeyRequest
}

UpdateAccessKeyRequest is the request type for the UpdateAccessKey API operation.

func (UpdateAccessKeyRequest) Send

Send marshals and sends the UpdateAccessKey API request.

type UpdateAccessKeyResponse added in v0.9.0

type UpdateAccessKeyResponse struct {
	*UpdateAccessKeyOutput
	// contains filtered or unexported fields
}

UpdateAccessKeyResponse is the response type for the UpdateAccessKey API operation.

func (*UpdateAccessKeyResponse) SDKResponseMetdata added in v0.9.0

func (r *UpdateAccessKeyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the UpdateAccessKey request.

type UpdateAccountPasswordPolicyInput

type UpdateAccountPasswordPolicyInput struct {

	// Allows all IAM users in your account to use the AWS Management Console to
	// change their own passwords. For more information, see Letting IAM Users Change
	// Their Own Passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html)
	// in the IAM User Guide.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that IAM users in the account do
	// not automatically have permissions to change their own password.
	AllowUsersToChangePassword *bool `type:"boolean"`

	// Prevents IAM users from setting a new password after their password has expired.
	// The IAM user cannot be accessed until an administrator resets the password.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that IAM users can change their
	// passwords after they expire and continue to sign in as the user.
	HardExpiry *bool `type:"boolean"`

	// The number of days that an IAM user password is valid.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of 0. The result is that IAM user passwords never expire.
	MaxPasswordAge *int64 `min:"1" type:"integer"`

	// The minimum number of characters allowed in an IAM user password.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of 6.
	MinimumPasswordLength *int64 `min:"6" type:"integer"`

	// Specifies the number of previous passwords that IAM users are prevented from
	// reusing.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of 0. The result is that IAM users are not prevented from
	// reusing previous passwords.
	PasswordReusePrevention *int64 `min:"1" type:"integer"`

	// Specifies whether IAM user passwords must contain at least one lowercase
	// character from the ISO basic Latin alphabet (a to z).
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that passwords do not require at
	// least one lowercase character.
	RequireLowercaseCharacters *bool `type:"boolean"`

	// Specifies whether IAM user passwords must contain at least one numeric character
	// (0 to 9).
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that passwords do not require at
	// least one numeric character.
	RequireNumbers *bool `type:"boolean"`

	// Specifies whether IAM user passwords must contain at least one of the following
	// non-alphanumeric characters:
	//
	// ! @ # $ % ^ & * ( ) _ + - = [ ] { } | '
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that passwords do not require at
	// least one symbol character.
	RequireSymbols *bool `type:"boolean"`

	// Specifies whether IAM user passwords must contain at least one uppercase
	// character from the ISO basic Latin alphabet (A to Z).
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that passwords do not require at
	// least one uppercase character.
	RequireUppercaseCharacters *bool `type:"boolean"`
	// contains filtered or unexported fields
}

func (UpdateAccountPasswordPolicyInput) String

String returns the string representation

func (*UpdateAccountPasswordPolicyInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type UpdateAccountPasswordPolicyOutput

type UpdateAccountPasswordPolicyOutput struct {
	// contains filtered or unexported fields
}

func (UpdateAccountPasswordPolicyOutput) String

String returns the string representation

type UpdateAccountPasswordPolicyRequest

type UpdateAccountPasswordPolicyRequest struct {
	*aws.Request
	Input *UpdateAccountPasswordPolicyInput
	Copy  func(*UpdateAccountPasswordPolicyInput) UpdateAccountPasswordPolicyRequest
}

UpdateAccountPasswordPolicyRequest is the request type for the UpdateAccountPasswordPolicy API operation.

func (UpdateAccountPasswordPolicyRequest) Send

Send marshals and sends the UpdateAccountPasswordPolicy API request.

type UpdateAccountPasswordPolicyResponse added in v0.9.0

type UpdateAccountPasswordPolicyResponse struct {
	*UpdateAccountPasswordPolicyOutput
	// contains filtered or unexported fields
}

UpdateAccountPasswordPolicyResponse is the response type for the UpdateAccountPasswordPolicy API operation.

func (*UpdateAccountPasswordPolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *UpdateAccountPasswordPolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the UpdateAccountPasswordPolicy request.

type UpdateAssumeRolePolicyInput

type UpdateAssumeRolePolicyInput struct {

	// The policy that grants an entity permission to assume the role.
	//
	// You must provide policies in JSON format in IAM. However, for AWS CloudFormation
	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
	// AWS CloudFormation always converts a YAML policy to JSON format before submitting
	// it to IAM.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the role to update with the new policy.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateAssumeRolePolicyInput) String

String returns the string representation

func (*UpdateAssumeRolePolicyInput) Validate

func (s *UpdateAssumeRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateAssumeRolePolicyOutput

type UpdateAssumeRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (UpdateAssumeRolePolicyOutput) String

String returns the string representation

type UpdateAssumeRolePolicyRequest

type UpdateAssumeRolePolicyRequest struct {
	*aws.Request
	Input *UpdateAssumeRolePolicyInput
	Copy  func(*UpdateAssumeRolePolicyInput) UpdateAssumeRolePolicyRequest
}

UpdateAssumeRolePolicyRequest is the request type for the UpdateAssumeRolePolicy API operation.

func (UpdateAssumeRolePolicyRequest) Send

Send marshals and sends the UpdateAssumeRolePolicy API request.

type UpdateAssumeRolePolicyResponse added in v0.9.0

type UpdateAssumeRolePolicyResponse struct {
	*UpdateAssumeRolePolicyOutput
	// contains filtered or unexported fields
}

UpdateAssumeRolePolicyResponse is the response type for the UpdateAssumeRolePolicy API operation.

func (*UpdateAssumeRolePolicyResponse) SDKResponseMetdata added in v0.9.0

func (r *UpdateAssumeRolePolicyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the UpdateAssumeRolePolicy request.

type UpdateGroupInput

type UpdateGroupInput struct {

	// Name of the IAM group to update. If you're changing the name of the group,
	// this is the original name.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// New name for the IAM group. Only include this if changing the group's name.
	//
	// IAM user, group, role, and policy names must be unique within the account.
	// Names are not distinguished by case. For example, you cannot create resources
	// named both "MyResource" and "myresource".
	NewGroupName *string `min:"1" type:"string"`

	// New path for the IAM group. Only include this if changing the group's path.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	NewPath *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UpdateGroupInput) String

func (s UpdateGroupInput) String() string

String returns the string representation

func (*UpdateGroupInput) Validate

func (s *UpdateGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateGroupOutput

type UpdateGroupOutput struct {
	// contains filtered or unexported fields
}

func (UpdateGroupOutput) String

func (s UpdateGroupOutput) String() string

String returns the string representation

type UpdateGroupRequest

type UpdateGroupRequest struct {
	*aws.Request
	Input *UpdateGroupInput
	Copy  func(*UpdateGroupInput) UpdateGroupRequest
}

UpdateGroupRequest is the request type for the UpdateGroup API operation.

func (UpdateGroupRequest) Send

Send marshals and sends the UpdateGroup API request.

type UpdateGroupResponse added in v0.9.0

type UpdateGroupResponse struct {
	*UpdateGroupOutput
	// contains filtered or unexported fields
}

UpdateGroupResponse is the response type for the UpdateGroup API operation.

func (*UpdateGroupResponse) SDKResponseMetdata added in v0.9.0

func (r *UpdateGroupResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the UpdateGroup request.

type UpdateLoginProfileInput

type UpdateLoginProfileInput struct {

	// The new password for the specified IAM user.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// However, the format can be further restricted by the account administrator
	// by setting a password policy on the AWS account. For more information, see
	// UpdateAccountPasswordPolicy.
	Password *string `min:"1" type:"string" sensitive:"true"`

	// Allows this new password to be used only once by requiring the specified
	// IAM user to set a new password on next sign-in.
	PasswordResetRequired *bool `type:"boolean"`

	// The name of the user whose password you want to update.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateLoginProfileInput) String

func (s UpdateLoginProfileInput) String() string

String returns the string representation

func (*UpdateLoginProfileInput) Validate

func (s *UpdateLoginProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateLoginProfileOutput

type UpdateLoginProfileOutput struct {
	// contains filtered or unexported fields
}

func (UpdateLoginProfileOutput) String

func (s UpdateLoginProfileOutput) String() string

String returns the string representation

type UpdateLoginProfileRequest

type UpdateLoginProfileRequest struct {
	*aws.Request
	Input *UpdateLoginProfileInput
	Copy  func(*UpdateLoginProfileInput) UpdateLoginProfileRequest
}

UpdateLoginProfileRequest is the request type for the UpdateLoginProfile API operation.

func (UpdateLoginProfileRequest) Send

Send marshals and sends the UpdateLoginProfile API request.

type UpdateLoginProfileResponse added in v0.9.0

type UpdateLoginProfileResponse struct {
	*UpdateLoginProfileOutput
	// contains filtered or unexported fields
}

UpdateLoginProfileResponse is the response type for the UpdateLoginProfile API operation.

func (*UpdateLoginProfileResponse) SDKResponseMetdata added in v0.9.0

func (r *UpdateLoginProfileResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the UpdateLoginProfile request.

type UpdateOpenIDConnectProviderThumbprintInput

type UpdateOpenIDConnectProviderThumbprintInput struct {

	// The Amazon Resource Name (ARN) of the IAM OIDC provider resource object for
	// which you want to update the thumbprint. You can get a list of OIDC provider
	// ARNs by using the ListOpenIDConnectProviders operation.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`

	// A list of certificate thumbprints that are associated with the specified
	// IAM OpenID Connect provider. For more information, see CreateOpenIDConnectProvider.
	//
	// ThumbprintList is a required field
	ThumbprintList []string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateOpenIDConnectProviderThumbprintInput) String

String returns the string representation

func (*UpdateOpenIDConnectProviderThumbprintInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type UpdateOpenIDConnectProviderThumbprintOutput

type UpdateOpenIDConnectProviderThumbprintOutput struct {
	// contains filtered or unexported fields
}

func (UpdateOpenIDConnectProviderThumbprintOutput) String

String returns the string representation

type UpdateOpenIDConnectProviderThumbprintRequest

UpdateOpenIDConnectProviderThumbprintRequest is the request type for the UpdateOpenIDConnectProviderThumbprint API operation.

func (UpdateOpenIDConnectProviderThumbprintRequest) Send

Send marshals and sends the UpdateOpenIDConnectProviderThumbprint API request.

type UpdateOpenIDConnectProviderThumbprintResponse added in v0.9.0

type UpdateOpenIDConnectProviderThumbprintResponse struct {
	*UpdateOpenIDConnectProviderThumbprintOutput
	// contains filtered or unexported fields
}

UpdateOpenIDConnectProviderThumbprintResponse is the response type for the UpdateOpenIDConnectProviderThumbprint API operation.

func (*UpdateOpenIDConnectProviderThumbprintResponse) SDKResponseMetdata added in v0.9.0

SDKResponseMetdata returns the response metadata for the UpdateOpenIDConnectProviderThumbprint request.

type UpdateRoleDescriptionInput

type UpdateRoleDescriptionInput struct {

	// The new description that you want to apply to the specified role.
	//
	// Description is a required field
	Description *string `type:"string" required:"true"`

	// The name of the role that you want to modify.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateRoleDescriptionInput) String

String returns the string representation

func (*UpdateRoleDescriptionInput) Validate

func (s *UpdateRoleDescriptionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateRoleDescriptionOutput

type UpdateRoleDescriptionOutput struct {

	// A structure that contains details about the modified role.
	Role *Role `type:"structure"`
	// contains filtered or unexported fields
}

func (UpdateRoleDescriptionOutput) String

String returns the string representation

type UpdateRoleDescriptionRequest

type UpdateRoleDescriptionRequest struct {
	*aws.Request
	Input *UpdateRoleDescriptionInput
	Copy  func(*UpdateRoleDescriptionInput) UpdateRoleDescriptionRequest
}

UpdateRoleDescriptionRequest is the request type for the UpdateRoleDescription API operation.

func (UpdateRoleDescriptionRequest) Send

Send marshals and sends the UpdateRoleDescription API request.

type UpdateRoleDescriptionResponse added in v0.9.0

type UpdateRoleDescriptionResponse struct {
	*UpdateRoleDescriptionOutput
	// contains filtered or unexported fields
}

UpdateRoleDescriptionResponse is the response type for the UpdateRoleDescription API operation.

func (*UpdateRoleDescriptionResponse) SDKResponseMetdata added in v0.9.0

func (r *UpdateRoleDescriptionResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the UpdateRoleDescription request.

type UpdateRoleInput added in v0.4.0

type UpdateRoleInput struct {

	// The new description that you want to apply to the specified role.
	Description *string `type:"string"`

	// The maximum session duration (in seconds) that you want to set for the specified
	// role. If you do not specify a value for this setting, the default maximum
	// of one hour is applied. This setting can have a value from 1 hour to 12 hours.
	//
	// Anyone who assumes the role from the AWS CLI or API can use the DurationSeconds
	// API parameter or the duration-seconds CLI parameter to request a longer session.
	// The MaxSessionDuration setting determines the maximum duration that can be
	// requested using the DurationSeconds parameter. If users don't specify a value
	// for the DurationSeconds parameter, their security credentials are valid for
	// one hour by default. This applies when you use the AssumeRole* API operations
	// or the assume-role* CLI operations but does not apply when you use those
	// operations to create a console URL. For more information, see Using IAM Roles
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the
	// IAM User Guide.
	MaxSessionDuration *int64 `min:"3600" type:"integer"`

	// The name of the role that you want to modify.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateRoleInput) String added in v0.4.0

func (s UpdateRoleInput) String() string

String returns the string representation

func (*UpdateRoleInput) Validate added in v0.4.0

func (s *UpdateRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateRoleOutput added in v0.4.0

type UpdateRoleOutput struct {
	// contains filtered or unexported fields
}

func (UpdateRoleOutput) String added in v0.4.0

func (s UpdateRoleOutput) String() string

String returns the string representation

type UpdateRoleRequest added in v0.4.0

type UpdateRoleRequest struct {
	*aws.Request
	Input *UpdateRoleInput
	Copy  func(*UpdateRoleInput) UpdateRoleRequest
}

UpdateRoleRequest is the request type for the UpdateRole API operation.

func (UpdateRoleRequest) Send added in v0.4.0

Send marshals and sends the UpdateRole API request.

type UpdateRoleResponse added in v0.9.0

type UpdateRoleResponse struct {
	*UpdateRoleOutput
	// contains filtered or unexported fields
}

UpdateRoleResponse is the response type for the UpdateRole API operation.

func (*UpdateRoleResponse) SDKResponseMetdata added in v0.9.0

func (r *UpdateRoleResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the UpdateRole request.

type UpdateSAMLProviderInput

type UpdateSAMLProviderInput struct {

	// An XML document generated by an identity provider (IdP) that supports SAML
	// 2.0. The document includes the issuer's name, expiration information, and
	// keys that can be used to validate the SAML authentication response (assertions)
	// that are received from the IdP. You must generate the metadata document using
	// the identity management software that is used as your organization's IdP.
	//
	// SAMLMetadataDocument is a required field
	SAMLMetadataDocument *string `min:"1000" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the SAML provider to update.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// SAMLProviderArn is a required field
	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateSAMLProviderInput) String

func (s UpdateSAMLProviderInput) String() string

String returns the string representation

func (*UpdateSAMLProviderInput) Validate

func (s *UpdateSAMLProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateSAMLProviderOutput

type UpdateSAMLProviderOutput struct {

	// The Amazon Resource Name (ARN) of the SAML provider that was updated.
	SAMLProviderArn *string `min:"20" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful UpdateSAMLProvider request.

func (UpdateSAMLProviderOutput) String

func (s UpdateSAMLProviderOutput) String() string

String returns the string representation

type UpdateSAMLProviderRequest

type UpdateSAMLProviderRequest struct {
	*aws.Request
	Input *UpdateSAMLProviderInput
	Copy  func(*UpdateSAMLProviderInput) UpdateSAMLProviderRequest
}

UpdateSAMLProviderRequest is the request type for the UpdateSAMLProvider API operation.

func (UpdateSAMLProviderRequest) Send

Send marshals and sends the UpdateSAMLProvider API request.

type UpdateSAMLProviderResponse added in v0.9.0

type UpdateSAMLProviderResponse struct {
	*UpdateSAMLProviderOutput
	// contains filtered or unexported fields
}

UpdateSAMLProviderResponse is the response type for the UpdateSAMLProvider API operation.

func (*UpdateSAMLProviderResponse) SDKResponseMetdata added in v0.9.0

func (r *UpdateSAMLProviderResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the UpdateSAMLProvider request.

type UpdateSSHPublicKeyInput

type UpdateSSHPublicKeyInput struct {

	// The unique identifier for the SSH public key.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The status to assign to the SSH public key. Active means that the key can
	// be used for authentication with an AWS CodeCommit repository. Inactive means
	// that the key cannot be used.
	//
	// Status is a required field
	Status StatusType `type:"string" required:"true" enum:"true"`

	// The name of the IAM user associated with the SSH public key.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateSSHPublicKeyInput) String

func (s UpdateSSHPublicKeyInput) String() string

String returns the string representation

func (*UpdateSSHPublicKeyInput) Validate

func (s *UpdateSSHPublicKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateSSHPublicKeyOutput

type UpdateSSHPublicKeyOutput struct {
	// contains filtered or unexported fields
}

func (UpdateSSHPublicKeyOutput) String

func (s UpdateSSHPublicKeyOutput) String() string

String returns the string representation

type UpdateSSHPublicKeyRequest

type UpdateSSHPublicKeyRequest struct {
	*aws.Request
	Input *UpdateSSHPublicKeyInput
	Copy  func(*UpdateSSHPublicKeyInput) UpdateSSHPublicKeyRequest
}

UpdateSSHPublicKeyRequest is the request type for the UpdateSSHPublicKey API operation.

func (UpdateSSHPublicKeyRequest) Send

Send marshals and sends the UpdateSSHPublicKey API request.

type UpdateSSHPublicKeyResponse added in v0.9.0

type UpdateSSHPublicKeyResponse struct {
	*UpdateSSHPublicKeyOutput
	// contains filtered or unexported fields
}

UpdateSSHPublicKeyResponse is the response type for the UpdateSSHPublicKey API operation.

func (*UpdateSSHPublicKeyResponse) SDKResponseMetdata added in v0.9.0

func (r *UpdateSSHPublicKeyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the UpdateSSHPublicKey request.

type UpdateServerCertificateInput

type UpdateServerCertificateInput struct {

	// The new path for the server certificate. Include this only if you are updating
	// the server certificate's path.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	NewPath *string `min:"1" type:"string"`

	// The new name for the server certificate. Include this only if you are updating
	// the server certificate's name. The name of the certificate cannot contain
	// any spaces.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	NewServerCertificateName *string `min:"1" type:"string"`

	// The name of the server certificate that you want to update.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateServerCertificateInput) String

String returns the string representation

func (*UpdateServerCertificateInput) Validate

func (s *UpdateServerCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateServerCertificateOutput

type UpdateServerCertificateOutput struct {
	// contains filtered or unexported fields
}

func (UpdateServerCertificateOutput) String

String returns the string representation

type UpdateServerCertificateRequest

type UpdateServerCertificateRequest struct {
	*aws.Request
	Input *UpdateServerCertificateInput
	Copy  func(*UpdateServerCertificateInput) UpdateServerCertificateRequest
}

UpdateServerCertificateRequest is the request type for the UpdateServerCertificate API operation.

func (UpdateServerCertificateRequest) Send

Send marshals and sends the UpdateServerCertificate API request.

type UpdateServerCertificateResponse added in v0.9.0

type UpdateServerCertificateResponse struct {
	*UpdateServerCertificateOutput
	// contains filtered or unexported fields
}

UpdateServerCertificateResponse is the response type for the UpdateServerCertificate API operation.

func (*UpdateServerCertificateResponse) SDKResponseMetdata added in v0.9.0

func (r *UpdateServerCertificateResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the UpdateServerCertificate request.

type UpdateServiceSpecificCredentialInput

type UpdateServiceSpecificCredentialInput struct {

	// The unique identifier of the service-specific credential.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The status to be assigned to the service-specific credential.
	//
	// Status is a required field
	Status StatusType `type:"string" required:"true" enum:"true"`

	// The name of the IAM user associated with the service-specific credential.
	// If you do not specify this value, then the operation assumes the user whose
	// credentials are used to call the operation.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UpdateServiceSpecificCredentialInput) String

String returns the string representation

func (*UpdateServiceSpecificCredentialInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type UpdateServiceSpecificCredentialOutput

type UpdateServiceSpecificCredentialOutput struct {
	// contains filtered or unexported fields
}

func (UpdateServiceSpecificCredentialOutput) String

String returns the string representation

type UpdateServiceSpecificCredentialRequest

type UpdateServiceSpecificCredentialRequest struct {
	*aws.Request
	Input *UpdateServiceSpecificCredentialInput
	Copy  func(*UpdateServiceSpecificCredentialInput) UpdateServiceSpecificCredentialRequest
}

UpdateServiceSpecificCredentialRequest is the request type for the UpdateServiceSpecificCredential API operation.

func (UpdateServiceSpecificCredentialRequest) Send

Send marshals and sends the UpdateServiceSpecificCredential API request.

type UpdateServiceSpecificCredentialResponse added in v0.9.0

type UpdateServiceSpecificCredentialResponse struct {
	*UpdateServiceSpecificCredentialOutput
	// contains filtered or unexported fields
}

UpdateServiceSpecificCredentialResponse is the response type for the UpdateServiceSpecificCredential API operation.

func (*UpdateServiceSpecificCredentialResponse) SDKResponseMetdata added in v0.9.0

func (r *UpdateServiceSpecificCredentialResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the UpdateServiceSpecificCredential request.

type UpdateSigningCertificateInput

type UpdateSigningCertificateInput struct {

	// The ID of the signing certificate you want to update.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// CertificateId is a required field
	CertificateId *string `min:"24" type:"string" required:"true"`

	// The status you want to assign to the certificate. Active means that the certificate
	// can be used for API calls to AWS Inactive means that the certificate cannot
	// be used.
	//
	// Status is a required field
	Status StatusType `type:"string" required:"true" enum:"true"`

	// The name of the IAM user the signing certificate belongs to.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UpdateSigningCertificateInput) String

String returns the string representation

func (*UpdateSigningCertificateInput) Validate

func (s *UpdateSigningCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateSigningCertificateOutput

type UpdateSigningCertificateOutput struct {
	// contains filtered or unexported fields
}

func (UpdateSigningCertificateOutput) String

String returns the string representation

type UpdateSigningCertificateRequest

type UpdateSigningCertificateRequest struct {
	*aws.Request
	Input *UpdateSigningCertificateInput
	Copy  func(*UpdateSigningCertificateInput) UpdateSigningCertificateRequest
}

UpdateSigningCertificateRequest is the request type for the UpdateSigningCertificate API operation.

func (UpdateSigningCertificateRequest) Send

Send marshals and sends the UpdateSigningCertificate API request.

type UpdateSigningCertificateResponse added in v0.9.0

type UpdateSigningCertificateResponse struct {
	*UpdateSigningCertificateOutput
	// contains filtered or unexported fields
}

UpdateSigningCertificateResponse is the response type for the UpdateSigningCertificate API operation.

func (*UpdateSigningCertificateResponse) SDKResponseMetdata added in v0.9.0

func (r *UpdateSigningCertificateResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the UpdateSigningCertificate request.

type UpdateUserInput

type UpdateUserInput struct {

	// New path for the IAM user. Include this parameter only if you're changing
	// the user's path.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	NewPath *string `min:"1" type:"string"`

	// New name for the user. Include this parameter only if you're changing the
	// user's name.
	//
	// IAM user, group, role, and policy names must be unique within the account.
	// Names are not distinguished by case. For example, you cannot create resources
	// named both "MyResource" and "myresource".
	NewUserName *string `min:"1" type:"string"`

	// Name of the user to update. If you're changing the name of the user, this
	// is the original user name.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateUserInput) String

func (s UpdateUserInput) String() string

String returns the string representation

func (*UpdateUserInput) Validate

func (s *UpdateUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateUserOutput

type UpdateUserOutput struct {
	// contains filtered or unexported fields
}

func (UpdateUserOutput) String

func (s UpdateUserOutput) String() string

String returns the string representation

type UpdateUserRequest

type UpdateUserRequest struct {
	*aws.Request
	Input *UpdateUserInput
	Copy  func(*UpdateUserInput) UpdateUserRequest
}

UpdateUserRequest is the request type for the UpdateUser API operation.

func (UpdateUserRequest) Send

Send marshals and sends the UpdateUser API request.

type UpdateUserResponse added in v0.9.0

type UpdateUserResponse struct {
	*UpdateUserOutput
	// contains filtered or unexported fields
}

UpdateUserResponse is the response type for the UpdateUser API operation.

func (*UpdateUserResponse) SDKResponseMetdata added in v0.9.0

func (r *UpdateUserResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the UpdateUser request.

type UploadSSHPublicKeyInput

type UploadSSHPublicKeyInput struct {

	// The SSH public key. The public key must be encoded in ssh-rsa format or PEM
	// format. The minimum bit-length of the public key is 2048 bits. For example,
	// you can generate a 2048-bit key, and the resulting PEM file is 1679 bytes
	// long.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// SSHPublicKeyBody is a required field
	SSHPublicKeyBody *string `min:"1" type:"string" required:"true"`

	// The name of the IAM user to associate the SSH public key with.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UploadSSHPublicKeyInput) String

func (s UploadSSHPublicKeyInput) String() string

String returns the string representation

func (*UploadSSHPublicKeyInput) Validate

func (s *UploadSSHPublicKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UploadSSHPublicKeyOutput

type UploadSSHPublicKeyOutput struct {

	// Contains information about the SSH public key.
	SSHPublicKey *SSHPublicKey `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful UploadSSHPublicKey request.

func (UploadSSHPublicKeyOutput) String

func (s UploadSSHPublicKeyOutput) String() string

String returns the string representation

type UploadSSHPublicKeyRequest

type UploadSSHPublicKeyRequest struct {
	*aws.Request
	Input *UploadSSHPublicKeyInput
	Copy  func(*UploadSSHPublicKeyInput) UploadSSHPublicKeyRequest
}

UploadSSHPublicKeyRequest is the request type for the UploadSSHPublicKey API operation.

func (UploadSSHPublicKeyRequest) Send

Send marshals and sends the UploadSSHPublicKey API request.

type UploadSSHPublicKeyResponse added in v0.9.0

type UploadSSHPublicKeyResponse struct {
	*UploadSSHPublicKeyOutput
	// contains filtered or unexported fields
}

UploadSSHPublicKeyResponse is the response type for the UploadSSHPublicKey API operation.

func (*UploadSSHPublicKeyResponse) SDKResponseMetdata added in v0.9.0

func (r *UploadSSHPublicKeyResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the UploadSSHPublicKey request.

type UploadServerCertificateInput

type UploadServerCertificateInput struct {

	// The contents of the public key certificate in PEM-encoded format.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// CertificateBody is a required field
	CertificateBody *string `min:"1" type:"string" required:"true"`

	// The contents of the certificate chain. This is typically a concatenation
	// of the PEM-encoded public key certificates of the chain.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	CertificateChain *string `min:"1" type:"string"`

	// The path for the server certificate. For more information about paths, see
	// IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/). This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	//
	// If you are uploading a server certificate specifically for use with Amazon
	// CloudFront distributions, you must specify a path using the path parameter.
	// The path must begin with /cloudfront and must include a trailing slash (for
	// example, /cloudfront/test/).
	Path *string `min:"1" type:"string"`

	// The contents of the private key in PEM-encoded format.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PrivateKey is a required field
	PrivateKey *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// The name for the server certificate. Do not include the path in this value.
	// The name of the certificate cannot contain any spaces.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UploadServerCertificateInput) String

String returns the string representation

func (*UploadServerCertificateInput) Validate

func (s *UploadServerCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UploadServerCertificateOutput

type UploadServerCertificateOutput struct {

	// The meta information of the uploaded server certificate without its certificate
	// body, certificate chain, and private key.
	ServerCertificateMetadata *ServerCertificateMetadata `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful UploadServerCertificate request.

func (UploadServerCertificateOutput) String

String returns the string representation

type UploadServerCertificateRequest

type UploadServerCertificateRequest struct {
	*aws.Request
	Input *UploadServerCertificateInput
	Copy  func(*UploadServerCertificateInput) UploadServerCertificateRequest
}

UploadServerCertificateRequest is the request type for the UploadServerCertificate API operation.

func (UploadServerCertificateRequest) Send

Send marshals and sends the UploadServerCertificate API request.

type UploadServerCertificateResponse added in v0.9.0

type UploadServerCertificateResponse struct {
	*UploadServerCertificateOutput
	// contains filtered or unexported fields
}

UploadServerCertificateResponse is the response type for the UploadServerCertificate API operation.

func (*UploadServerCertificateResponse) SDKResponseMetdata added in v0.9.0

func (r *UploadServerCertificateResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the UploadServerCertificate request.

type UploadSigningCertificateInput

type UploadSigningCertificateInput struct {

	// The contents of the signing certificate.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// CertificateBody is a required field
	CertificateBody *string `min:"1" type:"string" required:"true"`

	// The name of the user the signing certificate is for.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UploadSigningCertificateInput) String

String returns the string representation

func (*UploadSigningCertificateInput) Validate

func (s *UploadSigningCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UploadSigningCertificateOutput

type UploadSigningCertificateOutput struct {

	// Information about the certificate.
	//
	// Certificate is a required field
	Certificate *SigningCertificate `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful UploadSigningCertificate request.

func (UploadSigningCertificateOutput) String

String returns the string representation

type UploadSigningCertificateRequest

type UploadSigningCertificateRequest struct {
	*aws.Request
	Input *UploadSigningCertificateInput
	Copy  func(*UploadSigningCertificateInput) UploadSigningCertificateRequest
}

UploadSigningCertificateRequest is the request type for the UploadSigningCertificate API operation.

func (UploadSigningCertificateRequest) Send

Send marshals and sends the UploadSigningCertificate API request.

type UploadSigningCertificateResponse added in v0.9.0

type UploadSigningCertificateResponse struct {
	*UploadSigningCertificateOutput
	// contains filtered or unexported fields
}

UploadSigningCertificateResponse is the response type for the UploadSigningCertificate API operation.

func (*UploadSigningCertificateResponse) SDKResponseMetdata added in v0.9.0

func (r *UploadSigningCertificateResponse) SDKResponseMetdata() *aws.Response

SDKResponseMetdata returns the response metadata for the UploadSigningCertificate request.

type User

type User struct {

	// The Amazon Resource Name (ARN) that identifies the user. For more information
	// about ARNs and how to use ARNs in policies, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the user was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" required:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the user's password was last used to sign in to an AWS website. For
	// a list of AWS websites that capture a user's last sign-in time, see the Credential
	// Reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
	// topic in the Using IAM guide. If a password is used more than once in a five-minute
	// span, only the first use is returned in this field. If the field is null
	// (no value), then it indicates that they never signed in with a password.
	// This can be because:
	//
	//    * The user never had a password.
	//
	//    * A password exists but has not been used since IAM started tracking this
	//    information on October 20, 2014.
	//
	// A null value does not mean that the user never had a password. Also, if the
	// user does not currently have a password, but had one in the past, then this
	// field contains the date and time the most recent password was used.
	//
	// This value is returned only in the GetUser and ListUsers operations.
	PasswordLastUsed *time.Time `type:"timestamp"`

	// The path to the user. For more information about paths, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`

	// The ARN of the policy used to set the permissions boundary for the user.
	//
	// For more information about permissions boundaries, see Permissions Boundaries
	// for IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`

	// A list of tags that are associated with the specified user. For more information
	// about tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	Tags []Tag `type:"list"`

	// The stable and unique string identifying the user. For more information about
	// IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// UserId is a required field
	UserId *string `min:"16" type:"string" required:"true"`

	// The friendly name identifying the user.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an IAM user entity.

This data type is used as a response element in the following operations:

  • CreateUser

  • GetUser

  • ListUsers

func (User) String

func (s User) String() string

String returns the string representation

type UserDetail

type UserDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	Arn *string `min:"20" type:"string"`

	// A list of the managed policies attached to the user.
	AttachedManagedPolicies []AttachedPolicy `type:"list"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the user was created.
	CreateDate *time.Time `type:"timestamp"`

	// A list of IAM groups that the user is in.
	GroupList []string `type:"list"`

	// The path to the user. For more information about paths, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	Path *string `min:"1" type:"string"`

	// The ARN of the policy used to set the permissions boundary for the user.
	//
	// For more information about permissions boundaries, see Permissions Boundaries
	// for IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`

	// A list of tags that are associated with the specified user. For more information
	// about tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	Tags []Tag `type:"list"`

	// The stable and unique string identifying the user. For more information about
	// IDs, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	UserId *string `min:"16" type:"string"`

	// The friendly name identifying the user.
	UserName *string `min:"1" type:"string"`

	// A list of the inline policies embedded in the user.
	UserPolicyList []PolicyDetail `type:"list"`
	// contains filtered or unexported fields
}

Contains information about an IAM user, including all the user's policies and all the IAM groups the user is in.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

func (UserDetail) String

func (s UserDetail) String() string

String returns the string representation

type VirtualMFADevice

type VirtualMFADevice struct {

	// The base32 seed defined as specified in RFC3548 (https://tools.ietf.org/html/rfc3548.txt).
	// The Base32StringSeed is base64-encoded.
	//
	// Base32StringSeed is automatically base64 encoded/decoded by the SDK.
	Base32StringSeed []byte `type:"blob" sensitive:"true"`

	// The date and time on which the virtual MFA device was enabled.
	EnableDate *time.Time `type:"timestamp"`

	// A QR code PNG image that encodes otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String
	// where $virtualMFADeviceName is one of the create call arguments. AccountName
	// is the user name if set (otherwise, the account ID otherwise), and Base32String
	// is the seed in base32 format. The Base32String value is base64-encoded.
	//
	// QRCodePNG is automatically base64 encoded/decoded by the SDK.
	QRCodePNG []byte `type:"blob" sensitive:"true"`

	// The serial number associated with VirtualMFADevice.
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The IAM user associated with this virtual MFA device.
	User *User `type:"structure"`
	// contains filtered or unexported fields
}

Contains information about a virtual MFA device.

func (VirtualMFADevice) String

func (s VirtualMFADevice) String() string

String returns the string representation

Source Files

Directories

Path Synopsis
Package iamiface provides an interface to enable mocking the AWS Identity and Access Management service client for testing your code.
Package iamiface provides an interface to enable mocking the AWS Identity and Access Management service client for testing your code.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL