iam

package
v1.13.23 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 28, 2018 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Overview

Package iam provides the client and types for making API requests to AWS Identity and Access Management.

AWS Identity and Access Management (IAM) is a web service that you can use to manage users and user permissions under your AWS account. This guide provides descriptions of IAM actions that you can call programmatically. For general information about IAM, see AWS Identity and Access Management (IAM) (http://aws.amazon.com/iam/). For the user guide for IAM, see Using IAM (http://docs.aws.amazon.com/IAM/latest/UserGuide/).

AWS provides SDKs that consist of libraries and sample code for various programming languages and platforms (Java, Ruby, .NET, iOS, Android, etc.). The SDKs provide a convenient way to create programmatic access to IAM and AWS. For example, the SDKs take care of tasks such as cryptographically signing requests (see below), managing errors, and retrying requests automatically. For information about the AWS SDKs, including how to download and install them, see the Tools for Amazon Web Services (http://aws.amazon.com/tools/) page.

We recommend that you use the AWS SDKs to make programmatic API calls to IAM. However, you can also use the IAM Query API to make direct calls to the IAM web service. To learn more about the IAM Query API, see Making Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) in the Using IAM guide. IAM supports GET and POST requests for all actions. That is, the API does not require you to use GET for some actions and POST for others. However, GET requests are subject to the limitation size of a URL. Therefore, for operations that require larger sizes, use a POST request.

Signing Requests

Requests must be signed using an access key ID and a secret access key. We strongly recommend that you do not use your AWS account access key ID and secret access key for everyday work with IAM. You can use the access key ID and secret access key for an IAM user or you can use the AWS Security Token Service to generate temporary security credentials and use those to sign requests.

To sign requests, we recommend that you use Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). If you have an existing application that uses Signature Version 2, you do not have to update it to use Signature Version 4. However, some operations now require Signature Version 4. The documentation for operations that require version 4 indicate this requirement.

Additional Resources

For more information, see the following:

See https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08 for more information on this service.

See iam package documentation for more information. https://docs.aws.amazon.com/sdk-for-go/api/service/iam/

Using the Client

To contact AWS Identity and Access Management with the SDK use the New function to create a new service client. With that client you can make API requests to the service. These clients are safe to use concurrently.

See the SDK's documentation for more information on how to use the SDK. https://docs.aws.amazon.com/sdk-for-go/api/

See aws.Config documentation for more information on configuring SDK clients. https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config

See the AWS Identity and Access Management client IAM for more information on creating client for this service. https://docs.aws.amazon.com/sdk-for-go/api/service/iam/#New

Index

Examples

Constants

View Source
const (
	// ContextKeyTypeEnumString is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumString = "string"

	// ContextKeyTypeEnumStringList is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumStringList = "stringList"

	// ContextKeyTypeEnumNumeric is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumNumeric = "numeric"

	// ContextKeyTypeEnumNumericList is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumNumericList = "numericList"

	// ContextKeyTypeEnumBoolean is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumBoolean = "boolean"

	// ContextKeyTypeEnumBooleanList is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumBooleanList = "booleanList"

	// ContextKeyTypeEnumIp is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumIp = "ip"

	// ContextKeyTypeEnumIpList is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumIpList = "ipList"

	// ContextKeyTypeEnumBinary is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumBinary = "binary"

	// ContextKeyTypeEnumBinaryList is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumBinaryList = "binaryList"

	// ContextKeyTypeEnumDate is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumDate = "date"

	// ContextKeyTypeEnumDateList is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumDateList = "dateList"
)
View Source
const (
	// DeletionTaskStatusTypeSucceeded is a DeletionTaskStatusType enum value
	DeletionTaskStatusTypeSucceeded = "SUCCEEDED"

	// DeletionTaskStatusTypeInProgress is a DeletionTaskStatusType enum value
	DeletionTaskStatusTypeInProgress = "IN_PROGRESS"

	// DeletionTaskStatusTypeFailed is a DeletionTaskStatusType enum value
	DeletionTaskStatusTypeFailed = "FAILED"

	// DeletionTaskStatusTypeNotStarted is a DeletionTaskStatusType enum value
	DeletionTaskStatusTypeNotStarted = "NOT_STARTED"
)
View Source
const (
	// EntityTypeUser is a EntityType enum value
	EntityTypeUser = "User"

	// EntityTypeRole is a EntityType enum value
	EntityTypeRole = "Role"

	// EntityTypeGroup is a EntityType enum value
	EntityTypeGroup = "Group"

	// EntityTypeLocalManagedPolicy is a EntityType enum value
	EntityTypeLocalManagedPolicy = "LocalManagedPolicy"

	// EntityTypeAwsmanagedPolicy is a EntityType enum value
	EntityTypeAwsmanagedPolicy = "AWSManagedPolicy"
)
View Source
const (
	// PolicyEvaluationDecisionTypeAllowed is a PolicyEvaluationDecisionType enum value
	PolicyEvaluationDecisionTypeAllowed = "allowed"

	// PolicyEvaluationDecisionTypeExplicitDeny is a PolicyEvaluationDecisionType enum value
	PolicyEvaluationDecisionTypeExplicitDeny = "explicitDeny"

	// PolicyEvaluationDecisionTypeImplicitDeny is a PolicyEvaluationDecisionType enum value
	PolicyEvaluationDecisionTypeImplicitDeny = "implicitDeny"
)
View Source
const (
	// PolicySourceTypeUser is a PolicySourceType enum value
	PolicySourceTypeUser = "user"

	// PolicySourceTypeGroup is a PolicySourceType enum value
	PolicySourceTypeGroup = "group"

	// PolicySourceTypeRole is a PolicySourceType enum value
	PolicySourceTypeRole = "role"

	// PolicySourceTypeAwsManaged is a PolicySourceType enum value
	PolicySourceTypeAwsManaged = "aws-managed"

	// PolicySourceTypeUserManaged is a PolicySourceType enum value
	PolicySourceTypeUserManaged = "user-managed"

	// PolicySourceTypeResource is a PolicySourceType enum value
	PolicySourceTypeResource = "resource"

	// PolicySourceTypeNone is a PolicySourceType enum value
	PolicySourceTypeNone = "none"
)
View Source
const (
	// ReportStateTypeStarted is a ReportStateType enum value
	ReportStateTypeStarted = "STARTED"

	// ReportStateTypeInprogress is a ReportStateType enum value
	ReportStateTypeInprogress = "INPROGRESS"

	// ReportStateTypeComplete is a ReportStateType enum value
	ReportStateTypeComplete = "COMPLETE"
)
View Source
const (
	// AssignmentStatusTypeAssigned is a assignmentStatusType enum value
	AssignmentStatusTypeAssigned = "Assigned"

	// AssignmentStatusTypeUnassigned is a assignmentStatusType enum value
	AssignmentStatusTypeUnassigned = "Unassigned"

	// AssignmentStatusTypeAny is a assignmentStatusType enum value
	AssignmentStatusTypeAny = "Any"
)
View Source
const (
	// EncodingTypeSsh is a encodingType enum value
	EncodingTypeSsh = "SSH"

	// EncodingTypePem is a encodingType enum value
	EncodingTypePem = "PEM"
)
View Source
const (
	// PolicyScopeTypeAll is a policyScopeType enum value
	PolicyScopeTypeAll = "All"

	// PolicyScopeTypeAws is a policyScopeType enum value
	PolicyScopeTypeAws = "AWS"

	// PolicyScopeTypeLocal is a policyScopeType enum value
	PolicyScopeTypeLocal = "Local"
)
View Source
const (
	// StatusTypeActive is a statusType enum value
	StatusTypeActive = "Active"

	// StatusTypeInactive is a statusType enum value
	StatusTypeInactive = "Inactive"
)
View Source
const (
	// SummaryKeyTypeUsers is a summaryKeyType enum value
	SummaryKeyTypeUsers = "Users"

	// SummaryKeyTypeUsersQuota is a summaryKeyType enum value
	SummaryKeyTypeUsersQuota = "UsersQuota"

	// SummaryKeyTypeGroups is a summaryKeyType enum value
	SummaryKeyTypeGroups = "Groups"

	// SummaryKeyTypeGroupsQuota is a summaryKeyType enum value
	SummaryKeyTypeGroupsQuota = "GroupsQuota"

	// SummaryKeyTypeServerCertificates is a summaryKeyType enum value
	SummaryKeyTypeServerCertificates = "ServerCertificates"

	// SummaryKeyTypeServerCertificatesQuota is a summaryKeyType enum value
	SummaryKeyTypeServerCertificatesQuota = "ServerCertificatesQuota"

	// SummaryKeyTypeUserPolicySizeQuota is a summaryKeyType enum value
	SummaryKeyTypeUserPolicySizeQuota = "UserPolicySizeQuota"

	// SummaryKeyTypeGroupPolicySizeQuota is a summaryKeyType enum value
	SummaryKeyTypeGroupPolicySizeQuota = "GroupPolicySizeQuota"

	// SummaryKeyTypeGroupsPerUserQuota is a summaryKeyType enum value
	SummaryKeyTypeGroupsPerUserQuota = "GroupsPerUserQuota"

	// SummaryKeyTypeSigningCertificatesPerUserQuota is a summaryKeyType enum value
	SummaryKeyTypeSigningCertificatesPerUserQuota = "SigningCertificatesPerUserQuota"

	// SummaryKeyTypeAccessKeysPerUserQuota is a summaryKeyType enum value
	SummaryKeyTypeAccessKeysPerUserQuota = "AccessKeysPerUserQuota"

	// SummaryKeyTypeMfadevices is a summaryKeyType enum value
	SummaryKeyTypeMfadevices = "MFADevices"

	// SummaryKeyTypeMfadevicesInUse is a summaryKeyType enum value
	SummaryKeyTypeMfadevicesInUse = "MFADevicesInUse"

	// SummaryKeyTypeAccountMfaenabled is a summaryKeyType enum value
	SummaryKeyTypeAccountMfaenabled = "AccountMFAEnabled"

	// SummaryKeyTypeAccountAccessKeysPresent is a summaryKeyType enum value
	SummaryKeyTypeAccountAccessKeysPresent = "AccountAccessKeysPresent"

	// SummaryKeyTypeAccountSigningCertificatesPresent is a summaryKeyType enum value
	SummaryKeyTypeAccountSigningCertificatesPresent = "AccountSigningCertificatesPresent"

	// SummaryKeyTypeAttachedPoliciesPerGroupQuota is a summaryKeyType enum value
	SummaryKeyTypeAttachedPoliciesPerGroupQuota = "AttachedPoliciesPerGroupQuota"

	// SummaryKeyTypeAttachedPoliciesPerRoleQuota is a summaryKeyType enum value
	SummaryKeyTypeAttachedPoliciesPerRoleQuota = "AttachedPoliciesPerRoleQuota"

	// SummaryKeyTypeAttachedPoliciesPerUserQuota is a summaryKeyType enum value
	SummaryKeyTypeAttachedPoliciesPerUserQuota = "AttachedPoliciesPerUserQuota"

	// SummaryKeyTypePolicies is a summaryKeyType enum value
	SummaryKeyTypePolicies = "Policies"

	// SummaryKeyTypePoliciesQuota is a summaryKeyType enum value
	SummaryKeyTypePoliciesQuota = "PoliciesQuota"

	// SummaryKeyTypePolicySizeQuota is a summaryKeyType enum value
	SummaryKeyTypePolicySizeQuota = "PolicySizeQuota"

	// SummaryKeyTypePolicyVersionsInUse is a summaryKeyType enum value
	SummaryKeyTypePolicyVersionsInUse = "PolicyVersionsInUse"

	// SummaryKeyTypePolicyVersionsInUseQuota is a summaryKeyType enum value
	SummaryKeyTypePolicyVersionsInUseQuota = "PolicyVersionsInUseQuota"

	// SummaryKeyTypeVersionsPerPolicyQuota is a summaryKeyType enum value
	SummaryKeyTypeVersionsPerPolicyQuota = "VersionsPerPolicyQuota"
)
View Source
const (

	// ErrCodeCredentialReportExpiredException for service response error code
	// "ReportExpired".
	//
	// The request was rejected because the most recent credential report has expired.
	// To generate a new credential report, use GenerateCredentialReport. For more
	// information about credential report expiration, see Getting Credential Reports
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
	// in the IAM User Guide.
	ErrCodeCredentialReportExpiredException = "ReportExpired"

	// ErrCodeCredentialReportNotPresentException for service response error code
	// "ReportNotPresent".
	//
	// The request was rejected because the credential report does not exist. To
	// generate a credential report, use GenerateCredentialReport.
	ErrCodeCredentialReportNotPresentException = "ReportNotPresent"

	// ErrCodeCredentialReportNotReadyException for service response error code
	// "ReportInProgress".
	//
	// The request was rejected because the credential report is still being generated.
	ErrCodeCredentialReportNotReadyException = "ReportInProgress"

	// ErrCodeDeleteConflictException for service response error code
	// "DeleteConflict".
	//
	// The request was rejected because it attempted to delete a resource that has
	// attached subordinate entities. The error message describes these entities.
	ErrCodeDeleteConflictException = "DeleteConflict"

	// ErrCodeDuplicateCertificateException for service response error code
	// "DuplicateCertificate".
	//
	// The request was rejected because the same certificate is associated with
	// an IAM user in the account.
	ErrCodeDuplicateCertificateException = "DuplicateCertificate"

	// ErrCodeDuplicateSSHPublicKeyException for service response error code
	// "DuplicateSSHPublicKey".
	//
	// The request was rejected because the SSH public key is already associated
	// with the specified IAM user.
	ErrCodeDuplicateSSHPublicKeyException = "DuplicateSSHPublicKey"

	// ErrCodeEntityAlreadyExistsException for service response error code
	// "EntityAlreadyExists".
	//
	// The request was rejected because it attempted to create a resource that already
	// exists.
	ErrCodeEntityAlreadyExistsException = "EntityAlreadyExists"

	// ErrCodeEntityTemporarilyUnmodifiableException for service response error code
	// "EntityTemporarilyUnmodifiable".
	//
	// The request was rejected because it referenced an entity that is temporarily
	// unmodifiable, such as a user name that was deleted and then recreated. The
	// error indicates that the request is likely to succeed if you try again after
	// waiting several minutes. The error message describes the entity.
	ErrCodeEntityTemporarilyUnmodifiableException = "EntityTemporarilyUnmodifiable"

	// ErrCodeInvalidAuthenticationCodeException for service response error code
	// "InvalidAuthenticationCode".
	//
	// The request was rejected because the authentication code was not recognized.
	// The error message describes the specific error.
	ErrCodeInvalidAuthenticationCodeException = "InvalidAuthenticationCode"

	// ErrCodeInvalidCertificateException for service response error code
	// "InvalidCertificate".
	//
	// The request was rejected because the certificate is invalid.
	ErrCodeInvalidCertificateException = "InvalidCertificate"

	// ErrCodeInvalidInputException for service response error code
	// "InvalidInput".
	//
	// The request was rejected because an invalid or out-of-range value was supplied
	// for an input parameter.
	ErrCodeInvalidInputException = "InvalidInput"

	// ErrCodeInvalidPublicKeyException for service response error code
	// "InvalidPublicKey".
	//
	// The request was rejected because the public key is malformed or otherwise
	// invalid.
	ErrCodeInvalidPublicKeyException = "InvalidPublicKey"

	// ErrCodeInvalidUserTypeException for service response error code
	// "InvalidUserType".
	//
	// The request was rejected because the type of user for the transaction was
	// incorrect.
	ErrCodeInvalidUserTypeException = "InvalidUserType"

	// ErrCodeKeyPairMismatchException for service response error code
	// "KeyPairMismatch".
	//
	// The request was rejected because the public key certificate and the private
	// key do not match.
	ErrCodeKeyPairMismatchException = "KeyPairMismatch"

	// ErrCodeLimitExceededException for service response error code
	// "LimitExceeded".
	//
	// The request was rejected because it attempted to create resources beyond
	// the current AWS account limits. The error message describes the limit exceeded.
	ErrCodeLimitExceededException = "LimitExceeded"

	// ErrCodeMalformedCertificateException for service response error code
	// "MalformedCertificate".
	//
	// The request was rejected because the certificate was malformed or expired.
	// The error message describes the specific error.
	ErrCodeMalformedCertificateException = "MalformedCertificate"

	// ErrCodeMalformedPolicyDocumentException for service response error code
	// "MalformedPolicyDocument".
	//
	// The request was rejected because the policy document was malformed. The error
	// message describes the specific error.
	ErrCodeMalformedPolicyDocumentException = "MalformedPolicyDocument"

	// ErrCodeNoSuchEntityException for service response error code
	// "NoSuchEntity".
	//
	// The request was rejected because it referenced an entity that does not exist.
	// The error message describes the entity.
	ErrCodeNoSuchEntityException = "NoSuchEntity"

	// ErrCodePasswordPolicyViolationException for service response error code
	// "PasswordPolicyViolation".
	//
	// The request was rejected because the provided password did not meet the requirements
	// imposed by the account password policy.
	ErrCodePasswordPolicyViolationException = "PasswordPolicyViolation"

	// ErrCodePolicyEvaluationException for service response error code
	// "PolicyEvaluation".
	//
	// The request failed because a provided policy could not be successfully evaluated.
	// An additional detailed message indicates the source of the failure.
	ErrCodePolicyEvaluationException = "PolicyEvaluation"

	// ErrCodePolicyNotAttachableException for service response error code
	// "PolicyNotAttachable".
	//
	// The request failed because AWS service role policies can only be attached
	// to the service-linked role for that service.
	ErrCodePolicyNotAttachableException = "PolicyNotAttachable"

	// ErrCodeServiceFailureException for service response error code
	// "ServiceFailure".
	//
	// The request processing has failed because of an unknown error, exception
	// or failure.
	ErrCodeServiceFailureException = "ServiceFailure"

	// ErrCodeServiceNotSupportedException for service response error code
	// "NotSupportedService".
	//
	// The specified service does not support service-specific credentials.
	ErrCodeServiceNotSupportedException = "NotSupportedService"

	// ErrCodeUnmodifiableEntityException for service response error code
	// "UnmodifiableEntity".
	//
	// The request was rejected because only the service that depends on the service-linked
	// role can modify or delete the role on your behalf. The error message includes
	// the name of the service that depends on this service-linked role. You must
	// request the change through that service.
	ErrCodeUnmodifiableEntityException = "UnmodifiableEntity"

	// ErrCodeUnrecognizedPublicKeyEncodingException for service response error code
	// "UnrecognizedPublicKeyEncoding".
	//
	// The request was rejected because the public key encoding format is unsupported
	// or unrecognized.
	ErrCodeUnrecognizedPublicKeyEncodingException = "UnrecognizedPublicKeyEncoding"
)
View Source
const (
	ServiceName = "iam"       // Service endpoint prefix API calls made to.
	EndpointsID = ServiceName // Service ID for Regions and Endpoints metadata.
)

Service information constants

View Source
const (
	// ReportFormatTypeTextCsv is a ReportFormatType enum value
	ReportFormatTypeTextCsv = "text/csv"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessKey

type AccessKey struct {

	// The ID for this access key.
	//
	// AccessKeyId is a required field
	AccessKeyId *string `min:"16" type:"string" required:"true"`

	// The date when the access key was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The secret key used to sign requests.
	//
	// SecretAccessKey is a required field
	SecretAccessKey *string `type:"string" required:"true"`

	// The status of the access key. Active means that the key is valid for API
	// calls, while Inactive means it is not.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The name of the IAM user that the access key is associated with.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an AWS access key.

This data type is used as a response element in the CreateAccessKey and ListAccessKeys operations.

The SecretAccessKey value is returned only in response to CreateAccessKey. You can get a secret access key only when you first create an access key; you cannot recover the secret access key later. If you lose a secret access key, you must create a new access key.

func (AccessKey) GoString added in v0.6.5

func (s AccessKey) GoString() string

GoString returns the string representation

func (*AccessKey) SetAccessKeyId added in v1.5.0

func (s *AccessKey) SetAccessKeyId(v string) *AccessKey

SetAccessKeyId sets the AccessKeyId field's value.

func (*AccessKey) SetCreateDate added in v1.5.0

func (s *AccessKey) SetCreateDate(v time.Time) *AccessKey

SetCreateDate sets the CreateDate field's value.

func (*AccessKey) SetSecretAccessKey added in v1.5.0

func (s *AccessKey) SetSecretAccessKey(v string) *AccessKey

SetSecretAccessKey sets the SecretAccessKey field's value.

func (*AccessKey) SetStatus added in v1.5.0

func (s *AccessKey) SetStatus(v string) *AccessKey

SetStatus sets the Status field's value.

func (*AccessKey) SetUserName added in v1.5.0

func (s *AccessKey) SetUserName(v string) *AccessKey

SetUserName sets the UserName field's value.

func (AccessKey) String added in v0.6.5

func (s AccessKey) String() string

String returns the string representation

type AccessKeyLastUsed

type AccessKeyLastUsed struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the access key was most recently used. This field is null in the following
	// situations:
	//
	//    * The user does not have an access key.
	//
	//    * An access key exists but has never been used, at least not since IAM
	//    started tracking this information on April 22nd, 2015.
	//
	//    * There is no sign-in data associated with the user
	//
	// LastUsedDate is a required field
	LastUsedDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The AWS region where this access key was most recently used. This field is
	// displays "N/A" in the following situations:
	//
	//    * The user does not have an access key.
	//
	//    * An access key exists but has never been used, at least not since IAM
	//    started tracking this information on April 22nd, 2015.
	//
	//    * There is no sign-in data associated with the user
	//
	// For more information about AWS regions, see Regions and Endpoints (http://docs.aws.amazon.com/general/latest/gr/rande.html)
	// in the Amazon Web Services General Reference.
	//
	// Region is a required field
	Region *string `type:"string" required:"true"`

	// The name of the AWS service with which this access key was most recently
	// used. This field displays "N/A" in the following situations:
	//
	//    * The user does not have an access key.
	//
	//    * An access key exists but has never been used, at least not since IAM
	//    started tracking this information on April 22nd, 2015.
	//
	//    * There is no sign-in data associated with the user
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about the last time an AWS access key was used.

This data type is used as a response element in the GetAccessKeyLastUsed operation.

func (AccessKeyLastUsed) GoString added in v0.6.5

func (s AccessKeyLastUsed) GoString() string

GoString returns the string representation

func (*AccessKeyLastUsed) SetLastUsedDate added in v1.5.0

func (s *AccessKeyLastUsed) SetLastUsedDate(v time.Time) *AccessKeyLastUsed

SetLastUsedDate sets the LastUsedDate field's value.

func (*AccessKeyLastUsed) SetRegion added in v1.5.0

func (s *AccessKeyLastUsed) SetRegion(v string) *AccessKeyLastUsed

SetRegion sets the Region field's value.

func (*AccessKeyLastUsed) SetServiceName added in v1.5.0

func (s *AccessKeyLastUsed) SetServiceName(v string) *AccessKeyLastUsed

SetServiceName sets the ServiceName field's value.

func (AccessKeyLastUsed) String added in v0.6.5

func (s AccessKeyLastUsed) String() string

String returns the string representation

type AccessKeyMetadata

type AccessKeyMetadata struct {

	// The ID for this access key.
	AccessKeyId *string `min:"16" type:"string"`

	// The date when the access key was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The status of the access key. Active means the key is valid for API calls;
	// Inactive means it is not.
	Status *string `type:"string" enum:"statusType"`

	// The name of the IAM user that the key is associated with.
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about an AWS access key, without its secret key.

This data type is used as a response element in the ListAccessKeys operation.

func (AccessKeyMetadata) GoString added in v0.6.5

func (s AccessKeyMetadata) GoString() string

GoString returns the string representation

func (*AccessKeyMetadata) SetAccessKeyId added in v1.5.0

func (s *AccessKeyMetadata) SetAccessKeyId(v string) *AccessKeyMetadata

SetAccessKeyId sets the AccessKeyId field's value.

func (*AccessKeyMetadata) SetCreateDate added in v1.5.0

func (s *AccessKeyMetadata) SetCreateDate(v time.Time) *AccessKeyMetadata

SetCreateDate sets the CreateDate field's value.

func (*AccessKeyMetadata) SetStatus added in v1.5.0

func (s *AccessKeyMetadata) SetStatus(v string) *AccessKeyMetadata

SetStatus sets the Status field's value.

func (*AccessKeyMetadata) SetUserName added in v1.5.0

func (s *AccessKeyMetadata) SetUserName(v string) *AccessKeyMetadata

SetUserName sets the UserName field's value.

func (AccessKeyMetadata) String added in v0.6.5

func (s AccessKeyMetadata) String() string

String returns the string representation

type AddClientIDToOpenIDConnectProviderInput

type AddClientIDToOpenIDConnectProviderInput struct {

	// The client ID (also known as audience) to add to the IAM OpenID Connect provider
	// resource.
	//
	// ClientID is a required field
	ClientID *string `min:"1" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the IAM OpenID Connect (OIDC) provider
	// resource to add the client ID to. You can get a list of OIDC provider ARNs
	// by using the ListOpenIDConnectProviders operation.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AddClientIDToOpenIDConnectProviderInput) GoString added in v0.6.5

GoString returns the string representation

func (*AddClientIDToOpenIDConnectProviderInput) SetClientID added in v1.5.0

SetClientID sets the ClientID field's value.

func (*AddClientIDToOpenIDConnectProviderInput) SetOpenIDConnectProviderArn added in v1.5.0

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (AddClientIDToOpenIDConnectProviderInput) String added in v0.6.5

String returns the string representation

func (*AddClientIDToOpenIDConnectProviderInput) Validate added in v1.1.21

Validate inspects the fields of the type to determine if they are valid.

type AddClientIDToOpenIDConnectProviderOutput

type AddClientIDToOpenIDConnectProviderOutput struct {
	// contains filtered or unexported fields
}

func (AddClientIDToOpenIDConnectProviderOutput) GoString added in v0.6.5

GoString returns the string representation

func (AddClientIDToOpenIDConnectProviderOutput) String added in v0.6.5

String returns the string representation

type AddRoleToInstanceProfileInput

type AddRoleToInstanceProfileInput struct {

	// The name of the instance profile to update.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`

	// The name of the role to add.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AddRoleToInstanceProfileInput) GoString added in v0.6.5

GoString returns the string representation

func (*AddRoleToInstanceProfileInput) SetInstanceProfileName added in v1.5.0

SetInstanceProfileName sets the InstanceProfileName field's value.

func (*AddRoleToInstanceProfileInput) SetRoleName added in v1.5.0

SetRoleName sets the RoleName field's value.

func (AddRoleToInstanceProfileInput) String added in v0.6.5

String returns the string representation

func (*AddRoleToInstanceProfileInput) Validate added in v1.1.21

func (s *AddRoleToInstanceProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AddRoleToInstanceProfileOutput

type AddRoleToInstanceProfileOutput struct {
	// contains filtered or unexported fields
}

func (AddRoleToInstanceProfileOutput) GoString added in v0.6.5

GoString returns the string representation

func (AddRoleToInstanceProfileOutput) String added in v0.6.5

String returns the string representation

type AddUserToGroupInput

type AddUserToGroupInput struct {

	// The name of the group to update.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The name of the user to add.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AddUserToGroupInput) GoString added in v0.6.5

func (s AddUserToGroupInput) GoString() string

GoString returns the string representation

func (*AddUserToGroupInput) SetGroupName added in v1.5.0

func (s *AddUserToGroupInput) SetGroupName(v string) *AddUserToGroupInput

SetGroupName sets the GroupName field's value.

func (*AddUserToGroupInput) SetUserName added in v1.5.0

func (s *AddUserToGroupInput) SetUserName(v string) *AddUserToGroupInput

SetUserName sets the UserName field's value.

func (AddUserToGroupInput) String added in v0.6.5

func (s AddUserToGroupInput) String() string

String returns the string representation

func (*AddUserToGroupInput) Validate added in v1.1.21

func (s *AddUserToGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AddUserToGroupOutput

type AddUserToGroupOutput struct {
	// contains filtered or unexported fields
}

func (AddUserToGroupOutput) GoString added in v0.6.5

func (s AddUserToGroupOutput) GoString() string

GoString returns the string representation

func (AddUserToGroupOutput) String added in v0.6.5

func (s AddUserToGroupOutput) String() string

String returns the string representation

type AttachGroupPolicyInput

type AttachGroupPolicyInput struct {

	// The name (friendly name, not ARN) of the group to attach the policy to.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AttachGroupPolicyInput) GoString added in v0.6.5

func (s AttachGroupPolicyInput) GoString() string

GoString returns the string representation

func (*AttachGroupPolicyInput) SetGroupName added in v1.5.0

SetGroupName sets the GroupName field's value.

func (*AttachGroupPolicyInput) SetPolicyArn added in v1.5.0

SetPolicyArn sets the PolicyArn field's value.

func (AttachGroupPolicyInput) String added in v0.6.5

func (s AttachGroupPolicyInput) String() string

String returns the string representation

func (*AttachGroupPolicyInput) Validate added in v1.1.21

func (s *AttachGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AttachGroupPolicyOutput

type AttachGroupPolicyOutput struct {
	// contains filtered or unexported fields
}

func (AttachGroupPolicyOutput) GoString added in v0.6.5

func (s AttachGroupPolicyOutput) GoString() string

GoString returns the string representation

func (AttachGroupPolicyOutput) String added in v0.6.5

func (s AttachGroupPolicyOutput) String() string

String returns the string representation

type AttachRolePolicyInput

type AttachRolePolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the role to attach the policy to.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AttachRolePolicyInput) GoString added in v0.6.5

func (s AttachRolePolicyInput) GoString() string

GoString returns the string representation

func (*AttachRolePolicyInput) SetPolicyArn added in v1.5.0

SetPolicyArn sets the PolicyArn field's value.

func (*AttachRolePolicyInput) SetRoleName added in v1.5.0

SetRoleName sets the RoleName field's value.

func (AttachRolePolicyInput) String added in v0.6.5

func (s AttachRolePolicyInput) String() string

String returns the string representation

func (*AttachRolePolicyInput) Validate added in v1.1.21

func (s *AttachRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AttachRolePolicyOutput

type AttachRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (AttachRolePolicyOutput) GoString added in v0.6.5

func (s AttachRolePolicyOutput) GoString() string

GoString returns the string representation

func (AttachRolePolicyOutput) String added in v0.6.5

func (s AttachRolePolicyOutput) String() string

String returns the string representation

type AttachUserPolicyInput

type AttachUserPolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the IAM user to attach the policy to.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AttachUserPolicyInput) GoString added in v0.6.5

func (s AttachUserPolicyInput) GoString() string

GoString returns the string representation

func (*AttachUserPolicyInput) SetPolicyArn added in v1.5.0

SetPolicyArn sets the PolicyArn field's value.

func (*AttachUserPolicyInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (AttachUserPolicyInput) String added in v0.6.5

func (s AttachUserPolicyInput) String() string

String returns the string representation

func (*AttachUserPolicyInput) Validate added in v1.1.21

func (s *AttachUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AttachUserPolicyOutput

type AttachUserPolicyOutput struct {
	// contains filtered or unexported fields
}

func (AttachUserPolicyOutput) GoString added in v0.6.5

func (s AttachUserPolicyOutput) GoString() string

GoString returns the string representation

func (AttachUserPolicyOutput) String added in v0.6.5

func (s AttachUserPolicyOutput) String() string

String returns the string representation

type AttachedPolicy

type AttachedPolicy struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	PolicyArn *string `min:"20" type:"string"`

	// The friendly name of the attached policy.
	PolicyName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about an attached policy.

An attached policy is a managed policy that has been attached to a user, group, or role. This data type is used as a response element in the ListAttachedGroupPolicies, ListAttachedRolePolicies, ListAttachedUserPolicies, and GetAccountAuthorizationDetails operations.

For more information about managed policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (AttachedPolicy) GoString added in v0.6.5

func (s AttachedPolicy) GoString() string

GoString returns the string representation

func (*AttachedPolicy) SetPolicyArn added in v1.5.0

func (s *AttachedPolicy) SetPolicyArn(v string) *AttachedPolicy

SetPolicyArn sets the PolicyArn field's value.

func (*AttachedPolicy) SetPolicyName added in v1.5.0

func (s *AttachedPolicy) SetPolicyName(v string) *AttachedPolicy

SetPolicyName sets the PolicyName field's value.

func (AttachedPolicy) String added in v0.6.5

func (s AttachedPolicy) String() string

String returns the string representation

type ChangePasswordInput

type ChangePasswordInput struct {

	// The new password. The new password must conform to the AWS account's password
	// policy, if one exists.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
	// this parameter is a string of characters. That string can include almost
	// any printable ASCII character from the space (\u0020) through the end of
	// the ASCII character range (\u00FF). You can also include the tab (\u0009),
	// line feed (\u000A), and carriage return (\u000D) characters. Any of these
	// characters are valid in a password. However, many tools, such as the AWS
	// Management Console, might restrict the ability to type certain characters
	// because they have special meaning within that tool.
	//
	// NewPassword is a required field
	NewPassword *string `min:"1" type:"string" required:"true"`

	// The IAM user's current password.
	//
	// OldPassword is a required field
	OldPassword *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ChangePasswordInput) GoString added in v0.6.5

func (s ChangePasswordInput) GoString() string

GoString returns the string representation

func (*ChangePasswordInput) SetNewPassword added in v1.5.0

func (s *ChangePasswordInput) SetNewPassword(v string) *ChangePasswordInput

SetNewPassword sets the NewPassword field's value.

func (*ChangePasswordInput) SetOldPassword added in v1.5.0

func (s *ChangePasswordInput) SetOldPassword(v string) *ChangePasswordInput

SetOldPassword sets the OldPassword field's value.

func (ChangePasswordInput) String added in v0.6.5

func (s ChangePasswordInput) String() string

String returns the string representation

func (*ChangePasswordInput) Validate added in v1.1.21

func (s *ChangePasswordInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ChangePasswordOutput

type ChangePasswordOutput struct {
	// contains filtered or unexported fields
}

func (ChangePasswordOutput) GoString added in v0.6.5

func (s ChangePasswordOutput) GoString() string

GoString returns the string representation

func (ChangePasswordOutput) String added in v0.6.5

func (s ChangePasswordOutput) String() string

String returns the string representation

type ContextEntry added in v0.9.6

type ContextEntry struct {

	// The full name of a condition context key, including the service prefix. For
	// example, aws:SourceIp or s3:VersionId.
	ContextKeyName *string `min:"5" type:"string"`

	// The data type of the value (or values) specified in the ContextKeyValues
	// parameter.
	ContextKeyType *string `type:"string" enum:"ContextKeyTypeEnum"`

	// The value (or values, if the condition context key supports multiple values)
	// to provide to the simulation when the key is referenced by a Condition element
	// in an input policy.
	ContextKeyValues []*string `type:"list"`
	// contains filtered or unexported fields
}

Contains information about a condition context key. It includes the name of the key and specifies the value (or values, if the context key supports multiple values) to use in the simulation. This information is used when evaluating the Condition elements of the input policies.

This data type is used as an input parameter to SimulateCustomPolicy and SimulateCustomPolicy.

func (ContextEntry) GoString added in v0.9.6

func (s ContextEntry) GoString() string

GoString returns the string representation

func (*ContextEntry) SetContextKeyName added in v1.5.0

func (s *ContextEntry) SetContextKeyName(v string) *ContextEntry

SetContextKeyName sets the ContextKeyName field's value.

func (*ContextEntry) SetContextKeyType added in v1.5.0

func (s *ContextEntry) SetContextKeyType(v string) *ContextEntry

SetContextKeyType sets the ContextKeyType field's value.

func (*ContextEntry) SetContextKeyValues added in v1.5.0

func (s *ContextEntry) SetContextKeyValues(v []*string) *ContextEntry

SetContextKeyValues sets the ContextKeyValues field's value.

func (ContextEntry) String added in v0.9.6

func (s ContextEntry) String() string

String returns the string representation

func (*ContextEntry) Validate added in v1.1.21

func (s *ContextEntry) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateAccessKeyInput

type CreateAccessKeyInput struct {

	// The name of the IAM user that the new key will belong to.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (CreateAccessKeyInput) GoString added in v0.6.5

func (s CreateAccessKeyInput) GoString() string

GoString returns the string representation

func (*CreateAccessKeyInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (CreateAccessKeyInput) String added in v0.6.5

func (s CreateAccessKeyInput) String() string

String returns the string representation

func (*CreateAccessKeyInput) Validate added in v1.1.21

func (s *CreateAccessKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateAccessKeyOutput

type CreateAccessKeyOutput struct {

	// A structure with details about the access key.
	//
	// AccessKey is a required field
	AccessKey *AccessKey `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateAccessKey request.

func (CreateAccessKeyOutput) GoString added in v0.6.5

func (s CreateAccessKeyOutput) GoString() string

GoString returns the string representation

func (*CreateAccessKeyOutput) SetAccessKey added in v1.5.0

SetAccessKey sets the AccessKey field's value.

func (CreateAccessKeyOutput) String added in v0.6.5

func (s CreateAccessKeyOutput) String() string

String returns the string representation

type CreateAccountAliasInput

type CreateAccountAliasInput struct {

	// The account alias to create.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of lowercase letters, digits, and dashes.
	// You cannot start or finish with a dash, nor can you have two dashes in a
	// row.
	//
	// AccountAlias is a required field
	AccountAlias *string `min:"3" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateAccountAliasInput) GoString added in v0.6.5

func (s CreateAccountAliasInput) GoString() string

GoString returns the string representation

func (*CreateAccountAliasInput) SetAccountAlias added in v1.5.0

SetAccountAlias sets the AccountAlias field's value.

func (CreateAccountAliasInput) String added in v0.6.5

func (s CreateAccountAliasInput) String() string

String returns the string representation

func (*CreateAccountAliasInput) Validate added in v1.1.21

func (s *CreateAccountAliasInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateAccountAliasOutput

type CreateAccountAliasOutput struct {
	// contains filtered or unexported fields
}

func (CreateAccountAliasOutput) GoString added in v0.6.5

func (s CreateAccountAliasOutput) GoString() string

GoString returns the string representation

func (CreateAccountAliasOutput) String added in v0.6.5

func (s CreateAccountAliasOutput) String() string

String returns the string representation

type CreateGroupInput

type CreateGroupInput struct {

	// The name of the group to create. Do not include the path in this value.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-.
	// The group name must be unique within the account. Group names are not distinguished
	// by case. For example, you cannot create groups named both "ADMINS" and "admins".
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The path to the group. For more information about paths, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (CreateGroupInput) GoString added in v0.6.5

func (s CreateGroupInput) GoString() string

GoString returns the string representation

func (*CreateGroupInput) SetGroupName added in v1.5.0

func (s *CreateGroupInput) SetGroupName(v string) *CreateGroupInput

SetGroupName sets the GroupName field's value.

func (*CreateGroupInput) SetPath added in v1.5.0

func (s *CreateGroupInput) SetPath(v string) *CreateGroupInput

SetPath sets the Path field's value.

func (CreateGroupInput) String added in v0.6.5

func (s CreateGroupInput) String() string

String returns the string representation

func (*CreateGroupInput) Validate added in v1.1.21

func (s *CreateGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateGroupOutput

type CreateGroupOutput struct {

	// A structure containing details about the new group.
	//
	// Group is a required field
	Group *Group `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateGroup request.

func (CreateGroupOutput) GoString added in v0.6.5

func (s CreateGroupOutput) GoString() string

GoString returns the string representation

func (*CreateGroupOutput) SetGroup added in v1.5.0

func (s *CreateGroupOutput) SetGroup(v *Group) *CreateGroupOutput

SetGroup sets the Group field's value.

func (CreateGroupOutput) String added in v0.6.5

func (s CreateGroupOutput) String() string

String returns the string representation

type CreateInstanceProfileInput

type CreateInstanceProfileInput struct {

	// The name of the instance profile to create.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`

	// The path to the instance profile. For more information about paths, see IAM
	// Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (CreateInstanceProfileInput) GoString added in v0.6.5

func (s CreateInstanceProfileInput) GoString() string

GoString returns the string representation

func (*CreateInstanceProfileInput) SetInstanceProfileName added in v1.5.0

func (s *CreateInstanceProfileInput) SetInstanceProfileName(v string) *CreateInstanceProfileInput

SetInstanceProfileName sets the InstanceProfileName field's value.

func (*CreateInstanceProfileInput) SetPath added in v1.5.0

SetPath sets the Path field's value.

func (CreateInstanceProfileInput) String added in v0.6.5

String returns the string representation

func (*CreateInstanceProfileInput) Validate added in v1.1.21

func (s *CreateInstanceProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateInstanceProfileOutput

type CreateInstanceProfileOutput struct {

	// A structure containing details about the new instance profile.
	//
	// InstanceProfile is a required field
	InstanceProfile *InstanceProfile `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateInstanceProfile request.

func (CreateInstanceProfileOutput) GoString added in v0.6.5

func (s CreateInstanceProfileOutput) GoString() string

GoString returns the string representation

func (*CreateInstanceProfileOutput) SetInstanceProfile added in v1.5.0

SetInstanceProfile sets the InstanceProfile field's value.

func (CreateInstanceProfileOutput) String added in v0.6.5

String returns the string representation

type CreateLoginProfileInput

type CreateLoginProfileInput struct {

	// The new password for the user.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
	// this parameter is a string of characters. That string can include almost
	// any printable ASCII character from the space (\u0020) through the end of
	// the ASCII character range (\u00FF). You can also include the tab (\u0009),
	// line feed (\u000A), and carriage return (\u000D) characters. Any of these
	// characters are valid in a password. However, many tools, such as the AWS
	// Management Console, might restrict the ability to type certain characters
	// because they have special meaning within that tool.
	//
	// Password is a required field
	Password *string `min:"1" type:"string" required:"true"`

	// Specifies whether the user is required to set a new password on next sign-in.
	PasswordResetRequired *bool `type:"boolean"`

	// The name of the IAM user to create a password for. The user must already
	// exist.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateLoginProfileInput) GoString added in v0.6.5

func (s CreateLoginProfileInput) GoString() string

GoString returns the string representation

func (*CreateLoginProfileInput) SetPassword added in v1.5.0

SetPassword sets the Password field's value.

func (*CreateLoginProfileInput) SetPasswordResetRequired added in v1.5.0

func (s *CreateLoginProfileInput) SetPasswordResetRequired(v bool) *CreateLoginProfileInput

SetPasswordResetRequired sets the PasswordResetRequired field's value.

func (*CreateLoginProfileInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (CreateLoginProfileInput) String added in v0.6.5

func (s CreateLoginProfileInput) String() string

String returns the string representation

func (*CreateLoginProfileInput) Validate added in v1.1.21

func (s *CreateLoginProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateLoginProfileOutput

type CreateLoginProfileOutput struct {

	// A structure containing the user name and password create date.
	//
	// LoginProfile is a required field
	LoginProfile *LoginProfile `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateLoginProfile request.

func (CreateLoginProfileOutput) GoString added in v0.6.5

func (s CreateLoginProfileOutput) GoString() string

GoString returns the string representation

func (*CreateLoginProfileOutput) SetLoginProfile added in v1.5.0

SetLoginProfile sets the LoginProfile field's value.

func (CreateLoginProfileOutput) String added in v0.6.5

func (s CreateLoginProfileOutput) String() string

String returns the string representation

type CreateOpenIDConnectProviderInput

type CreateOpenIDConnectProviderInput struct {

	// A list of client IDs (also known as audiences). When a mobile or web app
	// registers with an OpenID Connect provider, they establish a value that identifies
	// the application. (This is the value that's sent as the client_id parameter
	// on OAuth requests.)
	//
	// You can register multiple client IDs with the same provider. For example,
	// you might have multiple applications that use the same OIDC provider. You
	// cannot register more than 100 client IDs with a single IAM OIDC provider.
	//
	// There is no defined format for a client ID. The CreateOpenIDConnectProviderRequest
	// operation accepts client IDs up to 255 characters long.
	ClientIDList []*string `type:"list"`

	// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity
	// provider's server certificates. Typically this list includes only one entry.
	// However, IAM lets you have up to five thumbprints for an OIDC provider. This
	// lets you maintain multiple thumbprints if the identity provider is rotating
	// certificates.
	//
	// The server certificate thumbprint is the hex-encoded SHA-1 hash value of
	// the X.509 certificate used by the domain where the OpenID Connect provider
	// makes its keys available. It is always a 40-character string.
	//
	// You must provide at least one thumbprint when creating an IAM OIDC provider.
	// For example, assume that the OIDC provider is server.example.com and the
	// provider stores its keys at https://keys.server.example.com/openid-connect.
	// In that case, the thumbprint string would be the hex-encoded SHA-1 hash value
	// of the certificate used by https://keys.server.example.com.
	//
	// For more information about obtaining the OIDC provider's thumbprint, see
	// Obtaining the Thumbprint for an OpenID Connect Provider (http://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html)
	// in the IAM User Guide.
	//
	// ThumbprintList is a required field
	ThumbprintList []*string `type:"list" required:"true"`

	// The URL of the identity provider. The URL must begin with https:// and should
	// correspond to the iss claim in the provider's OpenID Connect ID tokens. Per
	// the OIDC standard, path components are allowed but query parameters are not.
	// Typically the URL consists of only a hostname, like https://server.example.org
	// or https://example.com.
	//
	// You cannot register the same provider multiple times in a single AWS account.
	// If you try to submit a URL that has already been used for an OpenID Connect
	// provider in the AWS account, you will get an error.
	//
	// Url is a required field
	Url *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateOpenIDConnectProviderInput) GoString added in v0.6.5

GoString returns the string representation

func (*CreateOpenIDConnectProviderInput) SetClientIDList added in v1.5.0

SetClientIDList sets the ClientIDList field's value.

func (*CreateOpenIDConnectProviderInput) SetThumbprintList added in v1.5.0

SetThumbprintList sets the ThumbprintList field's value.

func (*CreateOpenIDConnectProviderInput) SetUrl added in v1.5.0

SetUrl sets the Url field's value.

func (CreateOpenIDConnectProviderInput) String added in v0.6.5

String returns the string representation

func (*CreateOpenIDConnectProviderInput) Validate added in v1.1.21

Validate inspects the fields of the type to determine if they are valid.

type CreateOpenIDConnectProviderOutput

type CreateOpenIDConnectProviderOutput struct {

	// The Amazon Resource Name (ARN) of the new IAM OpenID Connect provider that
	// is created. For more information, see OpenIDConnectProviderListEntry.
	OpenIDConnectProviderArn *string `min:"20" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateOpenIDConnectProvider request.

func (CreateOpenIDConnectProviderOutput) GoString added in v0.6.5

GoString returns the string representation

func (*CreateOpenIDConnectProviderOutput) SetOpenIDConnectProviderArn added in v1.5.0

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (CreateOpenIDConnectProviderOutput) String added in v0.6.5

String returns the string representation

type CreatePolicyInput

type CreatePolicyInput struct {

	// A friendly description of the policy.
	//
	// Typically used to store information about the permissions defined in the
	// policy. For example, "Grants access to production DynamoDB tables."
	//
	// The policy description is immutable. After a value is assigned, it cannot
	// be changed.
	Description *string `type:"string"`

	// The path for the policy.
	//
	// For more information about paths, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `type:"string"`

	// The JSON policy document that you want to use as the content for the new
	// policy.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The friendly name of the policy.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreatePolicyInput) GoString added in v0.6.5

func (s CreatePolicyInput) GoString() string

GoString returns the string representation

func (*CreatePolicyInput) SetDescription added in v1.5.0

func (s *CreatePolicyInput) SetDescription(v string) *CreatePolicyInput

SetDescription sets the Description field's value.

func (*CreatePolicyInput) SetPath added in v1.5.0

SetPath sets the Path field's value.

func (*CreatePolicyInput) SetPolicyDocument added in v1.5.0

func (s *CreatePolicyInput) SetPolicyDocument(v string) *CreatePolicyInput

SetPolicyDocument sets the PolicyDocument field's value.

func (*CreatePolicyInput) SetPolicyName added in v1.5.0

func (s *CreatePolicyInput) SetPolicyName(v string) *CreatePolicyInput

SetPolicyName sets the PolicyName field's value.

func (CreatePolicyInput) String added in v0.6.5

func (s CreatePolicyInput) String() string

String returns the string representation

func (*CreatePolicyInput) Validate added in v1.1.21

func (s *CreatePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreatePolicyOutput

type CreatePolicyOutput struct {

	// A structure containing details about the new policy.
	Policy *Policy `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreatePolicy request.

func (CreatePolicyOutput) GoString added in v0.6.5

func (s CreatePolicyOutput) GoString() string

GoString returns the string representation

func (*CreatePolicyOutput) SetPolicy added in v1.5.0

func (s *CreatePolicyOutput) SetPolicy(v *Policy) *CreatePolicyOutput

SetPolicy sets the Policy field's value.

func (CreatePolicyOutput) String added in v0.6.5

func (s CreatePolicyOutput) String() string

String returns the string representation

type CreatePolicyVersionInput

type CreatePolicyVersionInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy to which you want to add
	// a new version.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The JSON policy document that you want to use as the content for this new
	// version of the policy.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// Specifies whether to set this version as the policy's default version.
	//
	// When this parameter is true, the new policy version becomes the operative
	// version. That is, it becomes the version that is in effect for the IAM users,
	// groups, and roles that the policy is attached to.
	//
	// For more information about managed policy versions, see Versioning for Managed
	// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the IAM User Guide.
	SetAsDefault *bool `type:"boolean"`
	// contains filtered or unexported fields
}

func (CreatePolicyVersionInput) GoString added in v0.6.5

func (s CreatePolicyVersionInput) GoString() string

GoString returns the string representation

func (*CreatePolicyVersionInput) SetPolicyArn added in v1.5.0

SetPolicyArn sets the PolicyArn field's value.

func (*CreatePolicyVersionInput) SetPolicyDocument added in v1.5.0

func (s *CreatePolicyVersionInput) SetPolicyDocument(v string) *CreatePolicyVersionInput

SetPolicyDocument sets the PolicyDocument field's value.

func (*CreatePolicyVersionInput) SetSetAsDefault added in v1.5.0

SetSetAsDefault sets the SetAsDefault field's value.

func (CreatePolicyVersionInput) String added in v0.6.5

func (s CreatePolicyVersionInput) String() string

String returns the string representation

func (*CreatePolicyVersionInput) Validate added in v1.1.21

func (s *CreatePolicyVersionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreatePolicyVersionOutput

type CreatePolicyVersionOutput struct {

	// A structure containing details about the new policy version.
	PolicyVersion *PolicyVersion `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreatePolicyVersion request.

func (CreatePolicyVersionOutput) GoString added in v0.6.5

func (s CreatePolicyVersionOutput) GoString() string

GoString returns the string representation

func (*CreatePolicyVersionOutput) SetPolicyVersion added in v1.5.0

SetPolicyVersion sets the PolicyVersion field's value.

func (CreatePolicyVersionOutput) String added in v0.6.5

func (s CreatePolicyVersionOutput) String() string

String returns the string representation

type CreateRoleInput

type CreateRoleInput struct {

	// The trust relationship policy document that grants an entity permission to
	// assume the role.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// AssumeRolePolicyDocument is a required field
	AssumeRolePolicyDocument *string `min:"1" type:"string" required:"true"`

	// A description of the role.
	Description *string `type:"string"`

	// The maximum session duration (in seconds) that you want to set for the specified
	// role. If you do not specify a value for this setting, the default maximum
	// of one hour is applied. This setting can have a value from 1 hour to 12 hours.
	//
	// Anyone who assumes the role from the AWS CLI or API can use the DurationSeconds
	// API parameter or the duration-seconds CLI parameter to request a longer session.
	// The MaxSessionDuration setting determines the maximum duration that can be
	// requested using the DurationSeconds parameter. If users don't specify a value
	// for the DurationSeconds parameter, their security credentials are valid for
	// one hour by default. This applies when you use the AssumeRole* API operations
	// or the assume-role* CLI operations but does not apply when you use those
	// operations to create a console URL. For more information, see Using IAM Roles
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the
	// IAM User Guide.
	MaxSessionDuration *int64 `min:"3600" type:"integer"`

	// The path to the role. For more information about paths, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`

	// The name of the role to create.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// Role names are not distinguished by case. For example, you cannot create
	// roles named both "PRODROLE" and "prodrole".
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateRoleInput) GoString added in v0.6.5

func (s CreateRoleInput) GoString() string

GoString returns the string representation

func (*CreateRoleInput) SetAssumeRolePolicyDocument added in v1.5.0

func (s *CreateRoleInput) SetAssumeRolePolicyDocument(v string) *CreateRoleInput

SetAssumeRolePolicyDocument sets the AssumeRolePolicyDocument field's value.

func (*CreateRoleInput) SetDescription added in v1.8.14

func (s *CreateRoleInput) SetDescription(v string) *CreateRoleInput

SetDescription sets the Description field's value.

func (*CreateRoleInput) SetMaxSessionDuration added in v1.13.23

func (s *CreateRoleInput) SetMaxSessionDuration(v int64) *CreateRoleInput

SetMaxSessionDuration sets the MaxSessionDuration field's value.

func (*CreateRoleInput) SetPath added in v1.5.0

func (s *CreateRoleInput) SetPath(v string) *CreateRoleInput

SetPath sets the Path field's value.

func (*CreateRoleInput) SetRoleName added in v1.5.0

func (s *CreateRoleInput) SetRoleName(v string) *CreateRoleInput

SetRoleName sets the RoleName field's value.

func (CreateRoleInput) String added in v0.6.5

func (s CreateRoleInput) String() string

String returns the string representation

func (*CreateRoleInput) Validate added in v1.1.21

func (s *CreateRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateRoleOutput

type CreateRoleOutput struct {

	// A structure containing details about the new role.
	//
	// Role is a required field
	Role *Role `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateRole request.

func (CreateRoleOutput) GoString added in v0.6.5

func (s CreateRoleOutput) GoString() string

GoString returns the string representation

func (*CreateRoleOutput) SetRole added in v1.5.0

func (s *CreateRoleOutput) SetRole(v *Role) *CreateRoleOutput

SetRole sets the Role field's value.

func (CreateRoleOutput) String added in v0.6.5

func (s CreateRoleOutput) String() string

String returns the string representation

type CreateSAMLProviderInput

type CreateSAMLProviderInput struct {

	// The name of the provider to create.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`

	// An XML document generated by an identity provider (IdP) that supports SAML
	// 2.0. The document includes the issuer's name, expiration information, and
	// keys that can be used to validate the SAML authentication response (assertions)
	// that are received from the IdP. You must generate the metadata document using
	// the identity management software that is used as your organization's IdP.
	//
	// For more information, see About SAML 2.0-based Federation (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html)
	// in the IAM User Guide
	//
	// SAMLMetadataDocument is a required field
	SAMLMetadataDocument *string `min:"1000" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateSAMLProviderInput) GoString added in v0.6.5

func (s CreateSAMLProviderInput) GoString() string

GoString returns the string representation

func (*CreateSAMLProviderInput) SetName added in v1.5.0

SetName sets the Name field's value.

func (*CreateSAMLProviderInput) SetSAMLMetadataDocument added in v1.5.0

func (s *CreateSAMLProviderInput) SetSAMLMetadataDocument(v string) *CreateSAMLProviderInput

SetSAMLMetadataDocument sets the SAMLMetadataDocument field's value.

func (CreateSAMLProviderInput) String added in v0.6.5

func (s CreateSAMLProviderInput) String() string

String returns the string representation

func (*CreateSAMLProviderInput) Validate added in v1.1.21

func (s *CreateSAMLProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateSAMLProviderOutput

type CreateSAMLProviderOutput struct {

	// The Amazon Resource Name (ARN) of the new SAML provider resource in IAM.
	SAMLProviderArn *string `min:"20" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateSAMLProvider request.

func (CreateSAMLProviderOutput) GoString added in v0.6.5

func (s CreateSAMLProviderOutput) GoString() string

GoString returns the string representation

func (*CreateSAMLProviderOutput) SetSAMLProviderArn added in v1.5.0

func (s *CreateSAMLProviderOutput) SetSAMLProviderArn(v string) *CreateSAMLProviderOutput

SetSAMLProviderArn sets the SAMLProviderArn field's value.

func (CreateSAMLProviderOutput) String added in v0.6.5

func (s CreateSAMLProviderOutput) String() string

String returns the string representation

type CreateServiceLinkedRoleInput added in v1.8.14

type CreateServiceLinkedRoleInput struct {

	// The AWS service to which this role is attached. You use a string similar
	// to a URL but without the http:// in front. For example: elasticbeanstalk.amazonaws.com
	//
	// AWSServiceName is a required field
	AWSServiceName *string `min:"1" type:"string" required:"true"`

	// A string that you provide, which is combined with the service name to form
	// the complete role name. If you make multiple requests for the same service,
	// then you must supply a different CustomSuffix for each request. Otherwise
	// the request fails with a duplicate role name error. For example, you could
	// add -1 or -debug to the suffix.
	CustomSuffix *string `min:"1" type:"string"`

	// The description of the role.
	Description *string `type:"string"`
	// contains filtered or unexported fields
}

func (CreateServiceLinkedRoleInput) GoString added in v1.8.14

func (s CreateServiceLinkedRoleInput) GoString() string

GoString returns the string representation

func (*CreateServiceLinkedRoleInput) SetAWSServiceName added in v1.8.14

SetAWSServiceName sets the AWSServiceName field's value.

func (*CreateServiceLinkedRoleInput) SetCustomSuffix added in v1.8.14

SetCustomSuffix sets the CustomSuffix field's value.

func (*CreateServiceLinkedRoleInput) SetDescription added in v1.8.14

SetDescription sets the Description field's value.

func (CreateServiceLinkedRoleInput) String added in v1.8.14

String returns the string representation

func (*CreateServiceLinkedRoleInput) Validate added in v1.8.14

func (s *CreateServiceLinkedRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateServiceLinkedRoleOutput added in v1.8.14

type CreateServiceLinkedRoleOutput struct {

	// A Role object that contains details about the newly created role.
	Role *Role `type:"structure"`
	// contains filtered or unexported fields
}

func (CreateServiceLinkedRoleOutput) GoString added in v1.8.14

GoString returns the string representation

func (*CreateServiceLinkedRoleOutput) SetRole added in v1.8.14

SetRole sets the Role field's value.

func (CreateServiceLinkedRoleOutput) String added in v1.8.14

String returns the string representation

type CreateServiceSpecificCredentialInput added in v1.6.8

type CreateServiceSpecificCredentialInput struct {

	// The name of the AWS service that is to be associated with the credentials.
	// The service you specify here is the only service that can be accessed using
	// these credentials.
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`

	// The name of the IAM user that is to be associated with the credentials. The
	// new service-specific credentials have the same permissions as the associated
	// user except that they can be used only to access the specified service.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateServiceSpecificCredentialInput) GoString added in v1.6.8

GoString returns the string representation

func (*CreateServiceSpecificCredentialInput) SetServiceName added in v1.6.8

SetServiceName sets the ServiceName field's value.

func (*CreateServiceSpecificCredentialInput) SetUserName added in v1.6.8

SetUserName sets the UserName field's value.

func (CreateServiceSpecificCredentialInput) String added in v1.6.8

String returns the string representation

func (*CreateServiceSpecificCredentialInput) Validate added in v1.6.8

Validate inspects the fields of the type to determine if they are valid.

type CreateServiceSpecificCredentialOutput added in v1.6.8

type CreateServiceSpecificCredentialOutput struct {

	// A structure that contains information about the newly created service-specific
	// credential.
	//
	// This is the only time that the password for this credential set is available.
	// It cannot be recovered later. Instead, you will have to reset the password
	// with ResetServiceSpecificCredential.
	ServiceSpecificCredential *ServiceSpecificCredential `type:"structure"`
	// contains filtered or unexported fields
}

func (CreateServiceSpecificCredentialOutput) GoString added in v1.6.8

GoString returns the string representation

func (*CreateServiceSpecificCredentialOutput) SetServiceSpecificCredential added in v1.6.8

SetServiceSpecificCredential sets the ServiceSpecificCredential field's value.

func (CreateServiceSpecificCredentialOutput) String added in v1.6.8

String returns the string representation

type CreateUserInput

type CreateUserInput struct {

	// The path for the user name. For more information about paths, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`

	// The name of the user to create.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-.
	// User names are not distinguished by case. For example, you cannot create
	// users named both "TESTUSER" and "testuser".
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateUserInput) GoString added in v0.6.5

func (s CreateUserInput) GoString() string

GoString returns the string representation

func (*CreateUserInput) SetPath added in v1.5.0

func (s *CreateUserInput) SetPath(v string) *CreateUserInput

SetPath sets the Path field's value.

func (*CreateUserInput) SetUserName added in v1.5.0

func (s *CreateUserInput) SetUserName(v string) *CreateUserInput

SetUserName sets the UserName field's value.

func (CreateUserInput) String added in v0.6.5

func (s CreateUserInput) String() string

String returns the string representation

func (*CreateUserInput) Validate added in v1.1.21

func (s *CreateUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateUserOutput

type CreateUserOutput struct {

	// A structure with details about the new IAM user.
	User *User `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateUser request.

func (CreateUserOutput) GoString added in v0.6.5

func (s CreateUserOutput) GoString() string

GoString returns the string representation

func (*CreateUserOutput) SetUser added in v1.5.0

func (s *CreateUserOutput) SetUser(v *User) *CreateUserOutput

SetUser sets the User field's value.

func (CreateUserOutput) String added in v0.6.5

func (s CreateUserOutput) String() string

String returns the string representation

type CreateVirtualMFADeviceInput

type CreateVirtualMFADeviceInput struct {

	// The path for the virtual MFA device. For more information about paths, see
	// IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`

	// The name of the virtual MFA device. Use with path to uniquely identify a
	// virtual MFA device.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// VirtualMFADeviceName is a required field
	VirtualMFADeviceName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateVirtualMFADeviceInput) GoString added in v0.6.5

func (s CreateVirtualMFADeviceInput) GoString() string

GoString returns the string representation

func (*CreateVirtualMFADeviceInput) SetPath added in v1.5.0

SetPath sets the Path field's value.

func (*CreateVirtualMFADeviceInput) SetVirtualMFADeviceName added in v1.5.0

func (s *CreateVirtualMFADeviceInput) SetVirtualMFADeviceName(v string) *CreateVirtualMFADeviceInput

SetVirtualMFADeviceName sets the VirtualMFADeviceName field's value.

func (CreateVirtualMFADeviceInput) String added in v0.6.5

String returns the string representation

func (*CreateVirtualMFADeviceInput) Validate added in v1.1.21

func (s *CreateVirtualMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateVirtualMFADeviceOutput

type CreateVirtualMFADeviceOutput struct {

	// A structure containing details about the new virtual MFA device.
	//
	// VirtualMFADevice is a required field
	VirtualMFADevice *VirtualMFADevice `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateVirtualMFADevice request.

func (CreateVirtualMFADeviceOutput) GoString added in v0.6.5

func (s CreateVirtualMFADeviceOutput) GoString() string

GoString returns the string representation

func (*CreateVirtualMFADeviceOutput) SetVirtualMFADevice added in v1.5.0

SetVirtualMFADevice sets the VirtualMFADevice field's value.

func (CreateVirtualMFADeviceOutput) String added in v0.6.5

String returns the string representation

type DeactivateMFADeviceInput

type DeactivateMFADeviceInput struct {

	// The serial number that uniquely identifies the MFA device. For virtual MFA
	// devices, the serial number is the device ARN.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: =,.@:/-
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The name of the user whose MFA device you want to deactivate.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeactivateMFADeviceInput) GoString added in v0.6.5

func (s DeactivateMFADeviceInput) GoString() string

GoString returns the string representation

func (*DeactivateMFADeviceInput) SetSerialNumber added in v1.5.0

SetSerialNumber sets the SerialNumber field's value.

func (*DeactivateMFADeviceInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (DeactivateMFADeviceInput) String added in v0.6.5

func (s DeactivateMFADeviceInput) String() string

String returns the string representation

func (*DeactivateMFADeviceInput) Validate added in v1.1.21

func (s *DeactivateMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeactivateMFADeviceOutput

type DeactivateMFADeviceOutput struct {
	// contains filtered or unexported fields
}

func (DeactivateMFADeviceOutput) GoString added in v0.6.5

func (s DeactivateMFADeviceOutput) GoString() string

GoString returns the string representation

func (DeactivateMFADeviceOutput) String added in v0.6.5

func (s DeactivateMFADeviceOutput) String() string

String returns the string representation

type DeleteAccessKeyInput

type DeleteAccessKeyInput struct {

	// The access key ID for the access key ID and secret access key you want to
	// delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// AccessKeyId is a required field
	AccessKeyId *string `min:"16" type:"string" required:"true"`

	// The name of the user whose access key pair you want to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (DeleteAccessKeyInput) GoString added in v0.6.5

func (s DeleteAccessKeyInput) GoString() string

GoString returns the string representation

func (*DeleteAccessKeyInput) SetAccessKeyId added in v1.5.0

func (s *DeleteAccessKeyInput) SetAccessKeyId(v string) *DeleteAccessKeyInput

SetAccessKeyId sets the AccessKeyId field's value.

func (*DeleteAccessKeyInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (DeleteAccessKeyInput) String added in v0.6.5

func (s DeleteAccessKeyInput) String() string

String returns the string representation

func (*DeleteAccessKeyInput) Validate added in v1.1.21

func (s *DeleteAccessKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteAccessKeyOutput

type DeleteAccessKeyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteAccessKeyOutput) GoString added in v0.6.5

func (s DeleteAccessKeyOutput) GoString() string

GoString returns the string representation

func (DeleteAccessKeyOutput) String added in v0.6.5

func (s DeleteAccessKeyOutput) String() string

String returns the string representation

type DeleteAccountAliasInput

type DeleteAccountAliasInput struct {

	// The name of the account alias to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of lowercase letters, digits, and dashes.
	// You cannot start or finish with a dash, nor can you have two dashes in a
	// row.
	//
	// AccountAlias is a required field
	AccountAlias *string `min:"3" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteAccountAliasInput) GoString added in v0.6.5

func (s DeleteAccountAliasInput) GoString() string

GoString returns the string representation

func (*DeleteAccountAliasInput) SetAccountAlias added in v1.5.0

SetAccountAlias sets the AccountAlias field's value.

func (DeleteAccountAliasInput) String added in v0.6.5

func (s DeleteAccountAliasInput) String() string

String returns the string representation

func (*DeleteAccountAliasInput) Validate added in v1.1.21

func (s *DeleteAccountAliasInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteAccountAliasOutput

type DeleteAccountAliasOutput struct {
	// contains filtered or unexported fields
}

func (DeleteAccountAliasOutput) GoString added in v0.6.5

func (s DeleteAccountAliasOutput) GoString() string

GoString returns the string representation

func (DeleteAccountAliasOutput) String added in v0.6.5

func (s DeleteAccountAliasOutput) String() string

String returns the string representation

type DeleteAccountPasswordPolicyInput

type DeleteAccountPasswordPolicyInput struct {
	// contains filtered or unexported fields
}

func (DeleteAccountPasswordPolicyInput) GoString added in v0.6.5

GoString returns the string representation

func (DeleteAccountPasswordPolicyInput) String added in v0.6.5

String returns the string representation

type DeleteAccountPasswordPolicyOutput

type DeleteAccountPasswordPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteAccountPasswordPolicyOutput) GoString added in v0.6.5

GoString returns the string representation

func (DeleteAccountPasswordPolicyOutput) String added in v0.6.5

String returns the string representation

type DeleteGroupInput

type DeleteGroupInput struct {

	// The name of the IAM group to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteGroupInput) GoString added in v0.6.5

func (s DeleteGroupInput) GoString() string

GoString returns the string representation

func (*DeleteGroupInput) SetGroupName added in v1.5.0

func (s *DeleteGroupInput) SetGroupName(v string) *DeleteGroupInput

SetGroupName sets the GroupName field's value.

func (DeleteGroupInput) String added in v0.6.5

func (s DeleteGroupInput) String() string

String returns the string representation

func (*DeleteGroupInput) Validate added in v1.1.21

func (s *DeleteGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteGroupOutput

type DeleteGroupOutput struct {
	// contains filtered or unexported fields
}

func (DeleteGroupOutput) GoString added in v0.6.5

func (s DeleteGroupOutput) GoString() string

GoString returns the string representation

func (DeleteGroupOutput) String added in v0.6.5

func (s DeleteGroupOutput) String() string

String returns the string representation

type DeleteGroupPolicyInput

type DeleteGroupPolicyInput struct {

	// The name (friendly name, not ARN) identifying the group that the policy is
	// embedded in.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The name identifying the policy document to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteGroupPolicyInput) GoString added in v0.6.5

func (s DeleteGroupPolicyInput) GoString() string

GoString returns the string representation

func (*DeleteGroupPolicyInput) SetGroupName added in v1.5.0

SetGroupName sets the GroupName field's value.

func (*DeleteGroupPolicyInput) SetPolicyName added in v1.5.0

SetPolicyName sets the PolicyName field's value.

func (DeleteGroupPolicyInput) String added in v0.6.5

func (s DeleteGroupPolicyInput) String() string

String returns the string representation

func (*DeleteGroupPolicyInput) Validate added in v1.1.21

func (s *DeleteGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteGroupPolicyOutput

type DeleteGroupPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteGroupPolicyOutput) GoString added in v0.6.5

func (s DeleteGroupPolicyOutput) GoString() string

GoString returns the string representation

func (DeleteGroupPolicyOutput) String added in v0.6.5

func (s DeleteGroupPolicyOutput) String() string

String returns the string representation

type DeleteInstanceProfileInput

type DeleteInstanceProfileInput struct {

	// The name of the instance profile to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteInstanceProfileInput) GoString added in v0.6.5

func (s DeleteInstanceProfileInput) GoString() string

GoString returns the string representation

func (*DeleteInstanceProfileInput) SetInstanceProfileName added in v1.5.0

func (s *DeleteInstanceProfileInput) SetInstanceProfileName(v string) *DeleteInstanceProfileInput

SetInstanceProfileName sets the InstanceProfileName field's value.

func (DeleteInstanceProfileInput) String added in v0.6.5

String returns the string representation

func (*DeleteInstanceProfileInput) Validate added in v1.1.21

func (s *DeleteInstanceProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteInstanceProfileOutput

type DeleteInstanceProfileOutput struct {
	// contains filtered or unexported fields
}

func (DeleteInstanceProfileOutput) GoString added in v0.6.5

func (s DeleteInstanceProfileOutput) GoString() string

GoString returns the string representation

func (DeleteInstanceProfileOutput) String added in v0.6.5

String returns the string representation

type DeleteLoginProfileInput

type DeleteLoginProfileInput struct {

	// The name of the user whose password you want to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteLoginProfileInput) GoString added in v0.6.5

func (s DeleteLoginProfileInput) GoString() string

GoString returns the string representation

func (*DeleteLoginProfileInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (DeleteLoginProfileInput) String added in v0.6.5

func (s DeleteLoginProfileInput) String() string

String returns the string representation

func (*DeleteLoginProfileInput) Validate added in v1.1.21

func (s *DeleteLoginProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteLoginProfileOutput

type DeleteLoginProfileOutput struct {
	// contains filtered or unexported fields
}

func (DeleteLoginProfileOutput) GoString added in v0.6.5

func (s DeleteLoginProfileOutput) GoString() string

GoString returns the string representation

func (DeleteLoginProfileOutput) String added in v0.6.5

func (s DeleteLoginProfileOutput) String() string

String returns the string representation

type DeleteOpenIDConnectProviderInput

type DeleteOpenIDConnectProviderInput struct {

	// The Amazon Resource Name (ARN) of the IAM OpenID Connect provider resource
	// object to delete. You can get a list of OpenID Connect provider resource
	// ARNs by using the ListOpenIDConnectProviders operation.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteOpenIDConnectProviderInput) GoString added in v0.6.5

GoString returns the string representation

func (*DeleteOpenIDConnectProviderInput) SetOpenIDConnectProviderArn added in v1.5.0

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (DeleteOpenIDConnectProviderInput) String added in v0.6.5

String returns the string representation

func (*DeleteOpenIDConnectProviderInput) Validate added in v1.1.21

Validate inspects the fields of the type to determine if they are valid.

type DeleteOpenIDConnectProviderOutput

type DeleteOpenIDConnectProviderOutput struct {
	// contains filtered or unexported fields
}

func (DeleteOpenIDConnectProviderOutput) GoString added in v0.6.5

GoString returns the string representation

func (DeleteOpenIDConnectProviderOutput) String added in v0.6.5

String returns the string representation

type DeletePolicyInput

type DeletePolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to delete.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeletePolicyInput) GoString added in v0.6.5

func (s DeletePolicyInput) GoString() string

GoString returns the string representation

func (*DeletePolicyInput) SetPolicyArn added in v1.5.0

func (s *DeletePolicyInput) SetPolicyArn(v string) *DeletePolicyInput

SetPolicyArn sets the PolicyArn field's value.

func (DeletePolicyInput) String added in v0.6.5

func (s DeletePolicyInput) String() string

String returns the string representation

func (*DeletePolicyInput) Validate added in v1.1.21

func (s *DeletePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeletePolicyOutput

type DeletePolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeletePolicyOutput) GoString added in v0.6.5

func (s DeletePolicyOutput) GoString() string

GoString returns the string representation

func (DeletePolicyOutput) String added in v0.6.5

func (s DeletePolicyOutput) String() string

String returns the string representation

type DeletePolicyVersionInput

type DeletePolicyVersionInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy from which you want to delete
	// a version.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The policy version to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that consists of the lowercase letter 'v' followed
	// by one or two digits, and optionally followed by a period '.' and a string
	// of letters and digits.
	//
	// For more information about managed policy versions, see Versioning for Managed
	// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the IAM User Guide.
	//
	// VersionId is a required field
	VersionId *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeletePolicyVersionInput) GoString added in v0.6.5

func (s DeletePolicyVersionInput) GoString() string

GoString returns the string representation

func (*DeletePolicyVersionInput) SetPolicyArn added in v1.5.0

SetPolicyArn sets the PolicyArn field's value.

func (*DeletePolicyVersionInput) SetVersionId added in v1.5.0

SetVersionId sets the VersionId field's value.

func (DeletePolicyVersionInput) String added in v0.6.5

func (s DeletePolicyVersionInput) String() string

String returns the string representation

func (*DeletePolicyVersionInput) Validate added in v1.1.21

func (s *DeletePolicyVersionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeletePolicyVersionOutput

type DeletePolicyVersionOutput struct {
	// contains filtered or unexported fields
}

func (DeletePolicyVersionOutput) GoString added in v0.6.5

func (s DeletePolicyVersionOutput) GoString() string

GoString returns the string representation

func (DeletePolicyVersionOutput) String added in v0.6.5

func (s DeletePolicyVersionOutput) String() string

String returns the string representation

type DeleteRoleInput

type DeleteRoleInput struct {

	// The name of the role to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteRoleInput) GoString added in v0.6.5

func (s DeleteRoleInput) GoString() string

GoString returns the string representation

func (*DeleteRoleInput) SetRoleName added in v1.5.0

func (s *DeleteRoleInput) SetRoleName(v string) *DeleteRoleInput

SetRoleName sets the RoleName field's value.

func (DeleteRoleInput) String added in v0.6.5

func (s DeleteRoleInput) String() string

String returns the string representation

func (*DeleteRoleInput) Validate added in v1.1.21

func (s *DeleteRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteRoleOutput

type DeleteRoleOutput struct {
	// contains filtered or unexported fields
}

func (DeleteRoleOutput) GoString added in v0.6.5

func (s DeleteRoleOutput) GoString() string

GoString returns the string representation

func (DeleteRoleOutput) String added in v0.6.5

func (s DeleteRoleOutput) String() string

String returns the string representation

type DeleteRolePolicyInput

type DeleteRolePolicyInput struct {

	// The name of the inline policy to delete from the specified IAM role.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name (friendly name, not ARN) identifying the role that the policy is
	// embedded in.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteRolePolicyInput) GoString added in v0.6.5

func (s DeleteRolePolicyInput) GoString() string

GoString returns the string representation

func (*DeleteRolePolicyInput) SetPolicyName added in v1.5.0

func (s *DeleteRolePolicyInput) SetPolicyName(v string) *DeleteRolePolicyInput

SetPolicyName sets the PolicyName field's value.

func (*DeleteRolePolicyInput) SetRoleName added in v1.5.0

SetRoleName sets the RoleName field's value.

func (DeleteRolePolicyInput) String added in v0.6.5

func (s DeleteRolePolicyInput) String() string

String returns the string representation

func (*DeleteRolePolicyInput) Validate added in v1.1.21

func (s *DeleteRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteRolePolicyOutput

type DeleteRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteRolePolicyOutput) GoString added in v0.6.5

func (s DeleteRolePolicyOutput) GoString() string

GoString returns the string representation

func (DeleteRolePolicyOutput) String added in v0.6.5

func (s DeleteRolePolicyOutput) String() string

String returns the string representation

type DeleteSAMLProviderInput

type DeleteSAMLProviderInput struct {

	// The Amazon Resource Name (ARN) of the SAML provider to delete.
	//
	// SAMLProviderArn is a required field
	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteSAMLProviderInput) GoString added in v0.6.5

func (s DeleteSAMLProviderInput) GoString() string

GoString returns the string representation

func (*DeleteSAMLProviderInput) SetSAMLProviderArn added in v1.5.0

func (s *DeleteSAMLProviderInput) SetSAMLProviderArn(v string) *DeleteSAMLProviderInput

SetSAMLProviderArn sets the SAMLProviderArn field's value.

func (DeleteSAMLProviderInput) String added in v0.6.5

func (s DeleteSAMLProviderInput) String() string

String returns the string representation

func (*DeleteSAMLProviderInput) Validate added in v1.1.21

func (s *DeleteSAMLProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteSAMLProviderOutput

type DeleteSAMLProviderOutput struct {
	// contains filtered or unexported fields
}

func (DeleteSAMLProviderOutput) GoString added in v0.6.5

func (s DeleteSAMLProviderOutput) GoString() string

GoString returns the string representation

func (DeleteSAMLProviderOutput) String added in v0.6.5

func (s DeleteSAMLProviderOutput) String() string

String returns the string representation

type DeleteSSHPublicKeyInput added in v0.6.6

type DeleteSSHPublicKeyInput struct {

	// The unique identifier for the SSH public key.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The name of the IAM user associated with the SSH public key.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteSSHPublicKeyInput) GoString added in v0.6.6

func (s DeleteSSHPublicKeyInput) GoString() string

GoString returns the string representation

func (*DeleteSSHPublicKeyInput) SetSSHPublicKeyId added in v1.5.0

func (s *DeleteSSHPublicKeyInput) SetSSHPublicKeyId(v string) *DeleteSSHPublicKeyInput

SetSSHPublicKeyId sets the SSHPublicKeyId field's value.

func (*DeleteSSHPublicKeyInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (DeleteSSHPublicKeyInput) String added in v0.6.6

func (s DeleteSSHPublicKeyInput) String() string

String returns the string representation

func (*DeleteSSHPublicKeyInput) Validate added in v1.1.21

func (s *DeleteSSHPublicKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteSSHPublicKeyOutput added in v0.6.6

type DeleteSSHPublicKeyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteSSHPublicKeyOutput) GoString added in v0.6.6

func (s DeleteSSHPublicKeyOutput) GoString() string

GoString returns the string representation

func (DeleteSSHPublicKeyOutput) String added in v0.6.6

func (s DeleteSSHPublicKeyOutput) String() string

String returns the string representation

type DeleteServerCertificateInput

type DeleteServerCertificateInput struct {

	// The name of the server certificate you want to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteServerCertificateInput) GoString added in v0.6.5

func (s DeleteServerCertificateInput) GoString() string

GoString returns the string representation

func (*DeleteServerCertificateInput) SetServerCertificateName added in v1.5.0

func (s *DeleteServerCertificateInput) SetServerCertificateName(v string) *DeleteServerCertificateInput

SetServerCertificateName sets the ServerCertificateName field's value.

func (DeleteServerCertificateInput) String added in v0.6.5

String returns the string representation

func (*DeleteServerCertificateInput) Validate added in v1.1.21

func (s *DeleteServerCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteServerCertificateOutput

type DeleteServerCertificateOutput struct {
	// contains filtered or unexported fields
}

func (DeleteServerCertificateOutput) GoString added in v0.6.5

GoString returns the string representation

func (DeleteServerCertificateOutput) String added in v0.6.5

String returns the string representation

type DeleteServiceLinkedRoleInput added in v1.10.47

type DeleteServiceLinkedRoleInput struct {

	// The name of the service-linked role to be deleted.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteServiceLinkedRoleInput) GoString added in v1.10.47

func (s DeleteServiceLinkedRoleInput) GoString() string

GoString returns the string representation

func (*DeleteServiceLinkedRoleInput) SetRoleName added in v1.10.47

SetRoleName sets the RoleName field's value.

func (DeleteServiceLinkedRoleInput) String added in v1.10.47

String returns the string representation

func (*DeleteServiceLinkedRoleInput) Validate added in v1.10.47

func (s *DeleteServiceLinkedRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteServiceLinkedRoleOutput added in v1.10.47

type DeleteServiceLinkedRoleOutput struct {

	// The deletion task identifier that you can use to check the status of the
	// deletion. This identifier is returned in the format task/aws-service-role/<service-principal-name>/<role-name>/<task-uuid>.
	//
	// DeletionTaskId is a required field
	DeletionTaskId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteServiceLinkedRoleOutput) GoString added in v1.10.47

GoString returns the string representation

func (*DeleteServiceLinkedRoleOutput) SetDeletionTaskId added in v1.10.47

SetDeletionTaskId sets the DeletionTaskId field's value.

func (DeleteServiceLinkedRoleOutput) String added in v1.10.47

String returns the string representation

type DeleteServiceSpecificCredentialInput added in v1.6.8

type DeleteServiceSpecificCredentialInput struct {

	// The unique identifier of the service-specific credential. You can get this
	// value by calling ListServiceSpecificCredentials.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The name of the IAM user associated with the service-specific credential.
	// If this value is not specified, then the operation assumes the user whose
	// credentials are used to call the operation.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (DeleteServiceSpecificCredentialInput) GoString added in v1.6.8

GoString returns the string representation

func (*DeleteServiceSpecificCredentialInput) SetServiceSpecificCredentialId added in v1.6.8

SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.

func (*DeleteServiceSpecificCredentialInput) SetUserName added in v1.6.8

SetUserName sets the UserName field's value.

func (DeleteServiceSpecificCredentialInput) String added in v1.6.8

String returns the string representation

func (*DeleteServiceSpecificCredentialInput) Validate added in v1.6.8

Validate inspects the fields of the type to determine if they are valid.

type DeleteServiceSpecificCredentialOutput added in v1.6.8

type DeleteServiceSpecificCredentialOutput struct {
	// contains filtered or unexported fields
}

func (DeleteServiceSpecificCredentialOutput) GoString added in v1.6.8

GoString returns the string representation

func (DeleteServiceSpecificCredentialOutput) String added in v1.6.8

String returns the string representation

type DeleteSigningCertificateInput

type DeleteSigningCertificateInput struct {

	// The ID of the signing certificate to delete.
	//
	// The format of this parameter, as described by its regex (http://wikipedia.org/wiki/regex)
	// pattern, is a string of characters that can be upper- or lower-cased letters
	// or digits.
	//
	// CertificateId is a required field
	CertificateId *string `min:"24" type:"string" required:"true"`

	// The name of the user the signing certificate belongs to.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (DeleteSigningCertificateInput) GoString added in v0.6.5

GoString returns the string representation

func (*DeleteSigningCertificateInput) SetCertificateId added in v1.5.0

SetCertificateId sets the CertificateId field's value.

func (*DeleteSigningCertificateInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (DeleteSigningCertificateInput) String added in v0.6.5

String returns the string representation

func (*DeleteSigningCertificateInput) Validate added in v1.1.21

func (s *DeleteSigningCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteSigningCertificateOutput

type DeleteSigningCertificateOutput struct {
	// contains filtered or unexported fields
}

func (DeleteSigningCertificateOutput) GoString added in v0.6.5

GoString returns the string representation

func (DeleteSigningCertificateOutput) String added in v0.6.5

String returns the string representation

type DeleteUserInput

type DeleteUserInput struct {

	// The name of the user to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteUserInput) GoString added in v0.6.5

func (s DeleteUserInput) GoString() string

GoString returns the string representation

func (*DeleteUserInput) SetUserName added in v1.5.0

func (s *DeleteUserInput) SetUserName(v string) *DeleteUserInput

SetUserName sets the UserName field's value.

func (DeleteUserInput) String added in v0.6.5

func (s DeleteUserInput) String() string

String returns the string representation

func (*DeleteUserInput) Validate added in v1.1.21

func (s *DeleteUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteUserOutput

type DeleteUserOutput struct {
	// contains filtered or unexported fields
}

func (DeleteUserOutput) GoString added in v0.6.5

func (s DeleteUserOutput) GoString() string

GoString returns the string representation

func (DeleteUserOutput) String added in v0.6.5

func (s DeleteUserOutput) String() string

String returns the string representation

type DeleteUserPolicyInput

type DeleteUserPolicyInput struct {

	// The name identifying the policy document to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name (friendly name, not ARN) identifying the user that the policy is
	// embedded in.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteUserPolicyInput) GoString added in v0.6.5

func (s DeleteUserPolicyInput) GoString() string

GoString returns the string representation

func (*DeleteUserPolicyInput) SetPolicyName added in v1.5.0

func (s *DeleteUserPolicyInput) SetPolicyName(v string) *DeleteUserPolicyInput

SetPolicyName sets the PolicyName field's value.

func (*DeleteUserPolicyInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (DeleteUserPolicyInput) String added in v0.6.5

func (s DeleteUserPolicyInput) String() string

String returns the string representation

func (*DeleteUserPolicyInput) Validate added in v1.1.21

func (s *DeleteUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteUserPolicyOutput

type DeleteUserPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteUserPolicyOutput) GoString added in v0.6.5

func (s DeleteUserPolicyOutput) GoString() string

GoString returns the string representation

func (DeleteUserPolicyOutput) String added in v0.6.5

func (s DeleteUserPolicyOutput) String() string

String returns the string representation

type DeleteVirtualMFADeviceInput

type DeleteVirtualMFADeviceInput struct {

	// The serial number that uniquely identifies the MFA device. For virtual MFA
	// devices, the serial number is the same as the ARN.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: =,.@:/-
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteVirtualMFADeviceInput) GoString added in v0.6.5

func (s DeleteVirtualMFADeviceInput) GoString() string

GoString returns the string representation

func (*DeleteVirtualMFADeviceInput) SetSerialNumber added in v1.5.0

SetSerialNumber sets the SerialNumber field's value.

func (DeleteVirtualMFADeviceInput) String added in v0.6.5

String returns the string representation

func (*DeleteVirtualMFADeviceInput) Validate added in v1.1.21

func (s *DeleteVirtualMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteVirtualMFADeviceOutput

type DeleteVirtualMFADeviceOutput struct {
	// contains filtered or unexported fields
}

func (DeleteVirtualMFADeviceOutput) GoString added in v0.6.5

func (s DeleteVirtualMFADeviceOutput) GoString() string

GoString returns the string representation

func (DeleteVirtualMFADeviceOutput) String added in v0.6.5

String returns the string representation

type DeletionTaskFailureReasonType added in v1.10.47

type DeletionTaskFailureReasonType struct {

	// A short description of the reason that the service-linked role deletion failed.
	Reason *string `type:"string"`

	// A list of objects that contains details about the service-linked role deletion
	// failure, if that information is returned by the service. If the service-linked
	// role has active sessions or if any resources that were used by the role have
	// not been deleted from the linked service, the role can't be deleted. This
	// parameter includes a list of the resources that are associated with the role
	// and the region in which the resources are being used.
	RoleUsageList []*RoleUsageType `type:"list"`
	// contains filtered or unexported fields
}

The reason that the service-linked role deletion failed.

This data type is used as a response element in the GetServiceLinkedRoleDeletionStatus operation.

func (DeletionTaskFailureReasonType) GoString added in v1.10.47

GoString returns the string representation

func (*DeletionTaskFailureReasonType) SetReason added in v1.10.47

SetReason sets the Reason field's value.

func (*DeletionTaskFailureReasonType) SetRoleUsageList added in v1.10.47

SetRoleUsageList sets the RoleUsageList field's value.

func (DeletionTaskFailureReasonType) String added in v1.10.47

String returns the string representation

type DetachGroupPolicyInput

type DetachGroupPolicyInput struct {

	// The name (friendly name, not ARN) of the IAM group to detach the policy from.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DetachGroupPolicyInput) GoString added in v0.6.5

func (s DetachGroupPolicyInput) GoString() string

GoString returns the string representation

func (*DetachGroupPolicyInput) SetGroupName added in v1.5.0

SetGroupName sets the GroupName field's value.

func (*DetachGroupPolicyInput) SetPolicyArn added in v1.5.0

SetPolicyArn sets the PolicyArn field's value.

func (DetachGroupPolicyInput) String added in v0.6.5

func (s DetachGroupPolicyInput) String() string

String returns the string representation

func (*DetachGroupPolicyInput) Validate added in v1.1.21

func (s *DetachGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DetachGroupPolicyOutput

type DetachGroupPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DetachGroupPolicyOutput) GoString added in v0.6.5

func (s DetachGroupPolicyOutput) GoString() string

GoString returns the string representation

func (DetachGroupPolicyOutput) String added in v0.6.5

func (s DetachGroupPolicyOutput) String() string

String returns the string representation

type DetachRolePolicyInput

type DetachRolePolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the IAM role to detach the policy from.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DetachRolePolicyInput) GoString added in v0.6.5

func (s DetachRolePolicyInput) GoString() string

GoString returns the string representation

func (*DetachRolePolicyInput) SetPolicyArn added in v1.5.0

SetPolicyArn sets the PolicyArn field's value.

func (*DetachRolePolicyInput) SetRoleName added in v1.5.0

SetRoleName sets the RoleName field's value.

func (DetachRolePolicyInput) String added in v0.6.5

func (s DetachRolePolicyInput) String() string

String returns the string representation

func (*DetachRolePolicyInput) Validate added in v1.1.21

func (s *DetachRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DetachRolePolicyOutput

type DetachRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (DetachRolePolicyOutput) GoString added in v0.6.5

func (s DetachRolePolicyOutput) GoString() string

GoString returns the string representation

func (DetachRolePolicyOutput) String added in v0.6.5

func (s DetachRolePolicyOutput) String() string

String returns the string representation

type DetachUserPolicyInput

type DetachUserPolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the IAM user to detach the policy from.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DetachUserPolicyInput) GoString added in v0.6.5

func (s DetachUserPolicyInput) GoString() string

GoString returns the string representation

func (*DetachUserPolicyInput) SetPolicyArn added in v1.5.0

SetPolicyArn sets the PolicyArn field's value.

func (*DetachUserPolicyInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (DetachUserPolicyInput) String added in v0.6.5

func (s DetachUserPolicyInput) String() string

String returns the string representation

func (*DetachUserPolicyInput) Validate added in v1.1.21

func (s *DetachUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DetachUserPolicyOutput

type DetachUserPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DetachUserPolicyOutput) GoString added in v0.6.5

func (s DetachUserPolicyOutput) GoString() string

GoString returns the string representation

func (DetachUserPolicyOutput) String added in v0.6.5

func (s DetachUserPolicyOutput) String() string

String returns the string representation

type EnableMFADeviceInput

type EnableMFADeviceInput struct {

	// An authentication code emitted by the device.
	//
	// The format for this parameter is a string of six digits.
	//
	// Submit your request immediately after generating the authentication codes.
	// If you generate the codes and then wait too long to submit the request, the
	// MFA device successfully associates with the user but the MFA device becomes
	// out of sync. This happens because time-based one-time passwords (TOTP) expire
	// after a short period of time. If this happens, you can resync the device
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html).
	//
	// AuthenticationCode1 is a required field
	AuthenticationCode1 *string `min:"6" type:"string" required:"true"`

	// A subsequent authentication code emitted by the device.
	//
	// The format for this parameter is a string of six digits.
	//
	// Submit your request immediately after generating the authentication codes.
	// If you generate the codes and then wait too long to submit the request, the
	// MFA device successfully associates with the user but the MFA device becomes
	// out of sync. This happens because time-based one-time passwords (TOTP) expire
	// after a short period of time. If this happens, you can resync the device
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html).
	//
	// AuthenticationCode2 is a required field
	AuthenticationCode2 *string `min:"6" type:"string" required:"true"`

	// The serial number that uniquely identifies the MFA device. For virtual MFA
	// devices, the serial number is the device ARN.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: =,.@:/-
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The name of the IAM user for whom you want to enable the MFA device.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (EnableMFADeviceInput) GoString added in v0.6.5

func (s EnableMFADeviceInput) GoString() string

GoString returns the string representation

func (*EnableMFADeviceInput) SetAuthenticationCode1 added in v1.5.0

func (s *EnableMFADeviceInput) SetAuthenticationCode1(v string) *EnableMFADeviceInput

SetAuthenticationCode1 sets the AuthenticationCode1 field's value.

func (*EnableMFADeviceInput) SetAuthenticationCode2 added in v1.5.0

func (s *EnableMFADeviceInput) SetAuthenticationCode2(v string) *EnableMFADeviceInput

SetAuthenticationCode2 sets the AuthenticationCode2 field's value.

func (*EnableMFADeviceInput) SetSerialNumber added in v1.5.0

func (s *EnableMFADeviceInput) SetSerialNumber(v string) *EnableMFADeviceInput

SetSerialNumber sets the SerialNumber field's value.

func (*EnableMFADeviceInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (EnableMFADeviceInput) String added in v0.6.5

func (s EnableMFADeviceInput) String() string

String returns the string representation

func (*EnableMFADeviceInput) Validate added in v1.1.21

func (s *EnableMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type EnableMFADeviceOutput

type EnableMFADeviceOutput struct {
	// contains filtered or unexported fields
}

func (EnableMFADeviceOutput) GoString added in v0.6.5

func (s EnableMFADeviceOutput) GoString() string

GoString returns the string representation

func (EnableMFADeviceOutput) String added in v0.6.5

func (s EnableMFADeviceOutput) String() string

String returns the string representation

type EvaluationResult added in v0.9.6

type EvaluationResult struct {

	// The name of the API operation tested on the indicated resource.
	//
	// EvalActionName is a required field
	EvalActionName *string `min:"3" type:"string" required:"true"`

	// The result of the simulation.
	//
	// EvalDecision is a required field
	EvalDecision *string `type:"string" required:"true" enum:"PolicyEvaluationDecisionType"`

	// Additional details about the results of the evaluation decision. When there
	// are both IAM policies and resource policies, this parameter explains how
	// each set of policies contributes to the final evaluation decision. When simulating
	// cross-account access to a resource, both the resource-based policy and the
	// caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based
	// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_compare-resource-policies.html)
	EvalDecisionDetails map[string]*string `type:"map"`

	// The ARN of the resource that the indicated API operation was tested on.
	EvalResourceName *string `min:"1" type:"string"`

	// A list of the statements in the input policies that determine the result
	// for this scenario. Remember that even if multiple statements allow the operation
	// on the resource, if only one statement denies that operation, then the explicit
	// deny overrides any allow, and the deny statement is the only entry included
	// in the result.
	MatchedStatements []*Statement `type:"list"`

	// A list of context keys that are required by the included input policies but
	// that were not provided by one of the input parameters. This list is used
	// when the resource in a simulation is "*", either explicitly, or when the
	// ResourceArns parameter blank. If you include a list of resources, then any
	// missing context values are instead included under the ResourceSpecificResults
	// section. To discover the context keys used by a set of policies, you can
	// call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
	MissingContextValues []*string `type:"list"`

	// A structure that details how AWS Organizations and its service control policies
	// affect the results of the simulation. Only applies if the simulated user's
	// account is part of an organization.
	OrganizationsDecisionDetail *OrganizationsDecisionDetail `type:"structure"`

	// The individual results of the simulation of the API operation specified in
	// EvalActionName on each resource.
	ResourceSpecificResults []*ResourceSpecificResult `type:"list"`
	// contains filtered or unexported fields
}

Contains the results of a simulation.

This data type is used by the return parameter of SimulateCustomPolicy and SimulatePrincipalPolicy.

func (EvaluationResult) GoString added in v0.9.6

func (s EvaluationResult) GoString() string

GoString returns the string representation

func (*EvaluationResult) SetEvalActionName added in v1.5.0

func (s *EvaluationResult) SetEvalActionName(v string) *EvaluationResult

SetEvalActionName sets the EvalActionName field's value.

func (*EvaluationResult) SetEvalDecision added in v1.5.0

func (s *EvaluationResult) SetEvalDecision(v string) *EvaluationResult

SetEvalDecision sets the EvalDecision field's value.

func (*EvaluationResult) SetEvalDecisionDetails added in v1.5.0

func (s *EvaluationResult) SetEvalDecisionDetails(v map[string]*string) *EvaluationResult

SetEvalDecisionDetails sets the EvalDecisionDetails field's value.

func (*EvaluationResult) SetEvalResourceName added in v1.5.0

func (s *EvaluationResult) SetEvalResourceName(v string) *EvaluationResult

SetEvalResourceName sets the EvalResourceName field's value.

func (*EvaluationResult) SetMatchedStatements added in v1.5.0

func (s *EvaluationResult) SetMatchedStatements(v []*Statement) *EvaluationResult

SetMatchedStatements sets the MatchedStatements field's value.

func (*EvaluationResult) SetMissingContextValues added in v1.5.0

func (s *EvaluationResult) SetMissingContextValues(v []*string) *EvaluationResult

SetMissingContextValues sets the MissingContextValues field's value.

func (*EvaluationResult) SetOrganizationsDecisionDetail added in v1.7.2

func (s *EvaluationResult) SetOrganizationsDecisionDetail(v *OrganizationsDecisionDetail) *EvaluationResult

SetOrganizationsDecisionDetail sets the OrganizationsDecisionDetail field's value.

func (*EvaluationResult) SetResourceSpecificResults added in v1.5.0

func (s *EvaluationResult) SetResourceSpecificResults(v []*ResourceSpecificResult) *EvaluationResult

SetResourceSpecificResults sets the ResourceSpecificResults field's value.

func (EvaluationResult) String added in v0.9.6

func (s EvaluationResult) String() string

String returns the string representation

type GenerateCredentialReportInput

type GenerateCredentialReportInput struct {
	// contains filtered or unexported fields
}

func (GenerateCredentialReportInput) GoString added in v0.6.5

GoString returns the string representation

func (GenerateCredentialReportInput) String added in v0.6.5

String returns the string representation

type GenerateCredentialReportOutput

type GenerateCredentialReportOutput struct {

	// Information about the credential report.
	Description *string `type:"string"`

	// Information about the state of the credential report.
	State *string `type:"string" enum:"ReportStateType"`
	// contains filtered or unexported fields
}

Contains the response to a successful GenerateCredentialReport request.

func (GenerateCredentialReportOutput) GoString added in v0.6.5

GoString returns the string representation

func (*GenerateCredentialReportOutput) SetDescription added in v1.5.0

SetDescription sets the Description field's value.

func (*GenerateCredentialReportOutput) SetState added in v1.5.0

SetState sets the State field's value.

func (GenerateCredentialReportOutput) String added in v0.6.5

String returns the string representation

type GetAccessKeyLastUsedInput

type GetAccessKeyLastUsedInput struct {

	// The identifier of an access key.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// AccessKeyId is a required field
	AccessKeyId *string `min:"16" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetAccessKeyLastUsedInput) GoString added in v0.6.5

func (s GetAccessKeyLastUsedInput) GoString() string

GoString returns the string representation

func (*GetAccessKeyLastUsedInput) SetAccessKeyId added in v1.5.0

SetAccessKeyId sets the AccessKeyId field's value.

func (GetAccessKeyLastUsedInput) String added in v0.6.5

func (s GetAccessKeyLastUsedInput) String() string

String returns the string representation

func (*GetAccessKeyLastUsedInput) Validate added in v1.1.21

func (s *GetAccessKeyLastUsedInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetAccessKeyLastUsedOutput

type GetAccessKeyLastUsedOutput struct {

	// Contains information about the last time the access key was used.
	AccessKeyLastUsed *AccessKeyLastUsed `type:"structure"`

	// The name of the AWS IAM user that owns this access key.
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetAccessKeyLastUsed request. It is also returned as a member of the AccessKeyMetaData structure returned by the ListAccessKeys action.

func (GetAccessKeyLastUsedOutput) GoString added in v0.6.5

func (s GetAccessKeyLastUsedOutput) GoString() string

GoString returns the string representation

func (*GetAccessKeyLastUsedOutput) SetAccessKeyLastUsed added in v1.5.0

SetAccessKeyLastUsed sets the AccessKeyLastUsed field's value.

func (*GetAccessKeyLastUsedOutput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (GetAccessKeyLastUsedOutput) String added in v0.6.5

String returns the string representation

type GetAccountAuthorizationDetailsInput

type GetAccountAuthorizationDetailsInput struct {

	// A list of entity types used to filter the results. Only the entities that
	// match the types you specify are included in the output. Use the value LocalManagedPolicy
	// to include customer managed policies.
	//
	// The format for this parameter is a comma-separated (if more than one) list
	// of strings. Each string value in the list must be one of the valid values
	// listed below.
	Filter []*string `type:"list"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (GetAccountAuthorizationDetailsInput) GoString added in v0.6.5

GoString returns the string representation

func (*GetAccountAuthorizationDetailsInput) SetFilter added in v1.5.0

SetFilter sets the Filter field's value.

func (*GetAccountAuthorizationDetailsInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*GetAccountAuthorizationDetailsInput) SetMaxItems added in v1.5.0

SetMaxItems sets the MaxItems field's value.

func (GetAccountAuthorizationDetailsInput) String added in v0.6.5

String returns the string representation

func (*GetAccountAuthorizationDetailsInput) Validate added in v1.1.21

Validate inspects the fields of the type to determine if they are valid.

type GetAccountAuthorizationDetailsOutput

type GetAccountAuthorizationDetailsOutput struct {

	// A list containing information about IAM groups.
	GroupDetailList []*GroupDetail `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list containing information about managed policies.
	Policies []*ManagedPolicyDetail `type:"list"`

	// A list containing information about IAM roles.
	RoleDetailList []*RoleDetail `type:"list"`

	// A list containing information about IAM users.
	UserDetailList []*UserDetail `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetAccountAuthorizationDetails request.

func (GetAccountAuthorizationDetailsOutput) GoString added in v0.6.5

GoString returns the string representation

func (*GetAccountAuthorizationDetailsOutput) SetGroupDetailList added in v1.5.0

SetGroupDetailList sets the GroupDetailList field's value.

func (*GetAccountAuthorizationDetailsOutput) SetIsTruncated added in v1.5.0

SetIsTruncated sets the IsTruncated field's value.

func (*GetAccountAuthorizationDetailsOutput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*GetAccountAuthorizationDetailsOutput) SetPolicies added in v1.5.0

SetPolicies sets the Policies field's value.

func (*GetAccountAuthorizationDetailsOutput) SetRoleDetailList added in v1.5.0

SetRoleDetailList sets the RoleDetailList field's value.

func (*GetAccountAuthorizationDetailsOutput) SetUserDetailList added in v1.5.0

SetUserDetailList sets the UserDetailList field's value.

func (GetAccountAuthorizationDetailsOutput) String added in v0.6.5

String returns the string representation

type GetAccountPasswordPolicyInput

type GetAccountPasswordPolicyInput struct {
	// contains filtered or unexported fields
}

func (GetAccountPasswordPolicyInput) GoString added in v0.6.5

GoString returns the string representation

func (GetAccountPasswordPolicyInput) String added in v0.6.5

String returns the string representation

type GetAccountPasswordPolicyOutput

type GetAccountPasswordPolicyOutput struct {

	// A structure that contains details about the account's password policy.
	//
	// PasswordPolicy is a required field
	PasswordPolicy *PasswordPolicy `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetAccountPasswordPolicy request.

func (GetAccountPasswordPolicyOutput) GoString added in v0.6.5

GoString returns the string representation

func (*GetAccountPasswordPolicyOutput) SetPasswordPolicy added in v1.5.0

SetPasswordPolicy sets the PasswordPolicy field's value.

func (GetAccountPasswordPolicyOutput) String added in v0.6.5

String returns the string representation

type GetAccountSummaryInput

type GetAccountSummaryInput struct {
	// contains filtered or unexported fields
}

func (GetAccountSummaryInput) GoString added in v0.6.5

func (s GetAccountSummaryInput) GoString() string

GoString returns the string representation

func (GetAccountSummaryInput) String added in v0.6.5

func (s GetAccountSummaryInput) String() string

String returns the string representation

type GetAccountSummaryOutput

type GetAccountSummaryOutput struct {

	// A set of key value pairs containing information about IAM entity usage and
	// IAM quotas.
	SummaryMap map[string]*int64 `type:"map"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetAccountSummary request.

func (GetAccountSummaryOutput) GoString added in v0.6.5

func (s GetAccountSummaryOutput) GoString() string

GoString returns the string representation

func (*GetAccountSummaryOutput) SetSummaryMap added in v1.5.0

func (s *GetAccountSummaryOutput) SetSummaryMap(v map[string]*int64) *GetAccountSummaryOutput

SetSummaryMap sets the SummaryMap field's value.

func (GetAccountSummaryOutput) String added in v0.6.5

func (s GetAccountSummaryOutput) String() string

String returns the string representation

type GetContextKeysForCustomPolicyInput added in v0.9.6

type GetContextKeysForCustomPolicyInput struct {

	// A list of policies for which you want the list of context keys referenced
	// in those policies. Each document is specified as a string containing the
	// complete, valid JSON text of an IAM policy.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyInputList is a required field
	PolicyInputList []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (GetContextKeysForCustomPolicyInput) GoString added in v0.9.6

GoString returns the string representation

func (*GetContextKeysForCustomPolicyInput) SetPolicyInputList added in v1.5.0

SetPolicyInputList sets the PolicyInputList field's value.

func (GetContextKeysForCustomPolicyInput) String added in v0.9.6

String returns the string representation

func (*GetContextKeysForCustomPolicyInput) Validate added in v1.1.21

Validate inspects the fields of the type to determine if they are valid.

type GetContextKeysForPolicyResponse added in v0.9.6

type GetContextKeysForPolicyResponse struct {

	// The list of context keys that are referenced in the input policies.
	ContextKeyNames []*string `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetContextKeysForPrincipalPolicy or GetContextKeysForCustomPolicy request.

func (GetContextKeysForPolicyResponse) GoString added in v0.9.6

GoString returns the string representation

func (*GetContextKeysForPolicyResponse) SetContextKeyNames added in v1.5.0

SetContextKeyNames sets the ContextKeyNames field's value.

func (GetContextKeysForPolicyResponse) String added in v0.9.6

String returns the string representation

type GetContextKeysForPrincipalPolicyInput added in v0.9.6

type GetContextKeysForPrincipalPolicyInput struct {

	// An optional list of additional policies for which you want the list of context
	// keys that are referenced.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	PolicyInputList []*string `type:"list"`

	// The ARN of a user, group, or role whose policies contain the context keys
	// that you want listed. If you specify a user, the list includes context keys
	// that are found in all policies that are attached to the user. The list also
	// includes all groups that the user is a member of. If you pick a group or
	// a role, then it includes only those context keys that are found in policies
	// attached to that entity. Note that all parameters are shown in unencoded
	// form here for clarity, but must be URL encoded to be included as a part of
	// a real HTML request.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicySourceArn is a required field
	PolicySourceArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetContextKeysForPrincipalPolicyInput) GoString added in v0.9.6

GoString returns the string representation

func (*GetContextKeysForPrincipalPolicyInput) SetPolicyInputList added in v1.5.0

SetPolicyInputList sets the PolicyInputList field's value.

func (*GetContextKeysForPrincipalPolicyInput) SetPolicySourceArn added in v1.5.0

SetPolicySourceArn sets the PolicySourceArn field's value.

func (GetContextKeysForPrincipalPolicyInput) String added in v0.9.6

String returns the string representation

func (*GetContextKeysForPrincipalPolicyInput) Validate added in v1.1.21

Validate inspects the fields of the type to determine if they are valid.

type GetCredentialReportInput

type GetCredentialReportInput struct {
	// contains filtered or unexported fields
}

func (GetCredentialReportInput) GoString added in v0.6.5

func (s GetCredentialReportInput) GoString() string

GoString returns the string representation

func (GetCredentialReportInput) String added in v0.6.5

func (s GetCredentialReportInput) String() string

String returns the string representation

type GetCredentialReportOutput

type GetCredentialReportOutput struct {

	// Contains the credential report. The report is Base64-encoded.
	//
	// Content is automatically base64 encoded/decoded by the SDK.
	Content []byte `type:"blob"`

	// The date and time when the credential report was created, in ISO 8601 date-time
	// format (http://www.iso.org/iso/iso8601).
	GeneratedTime *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The format (MIME type) of the credential report.
	ReportFormat *string `type:"string" enum:"ReportFormatType"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetCredentialReport request.

func (GetCredentialReportOutput) GoString added in v0.6.5

func (s GetCredentialReportOutput) GoString() string

GoString returns the string representation

func (*GetCredentialReportOutput) SetContent added in v1.5.0

SetContent sets the Content field's value.

func (*GetCredentialReportOutput) SetGeneratedTime added in v1.5.0

SetGeneratedTime sets the GeneratedTime field's value.

func (*GetCredentialReportOutput) SetReportFormat added in v1.5.0

SetReportFormat sets the ReportFormat field's value.

func (GetCredentialReportOutput) String added in v0.6.5

func (s GetCredentialReportOutput) String() string

String returns the string representation

type GetGroupInput

type GetGroupInput struct {

	// The name of the group.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (GetGroupInput) GoString added in v0.6.5

func (s GetGroupInput) GoString() string

GoString returns the string representation

func (*GetGroupInput) SetGroupName added in v1.5.0

func (s *GetGroupInput) SetGroupName(v string) *GetGroupInput

SetGroupName sets the GroupName field's value.

func (*GetGroupInput) SetMarker added in v1.5.0

func (s *GetGroupInput) SetMarker(v string) *GetGroupInput

SetMarker sets the Marker field's value.

func (*GetGroupInput) SetMaxItems added in v1.5.0

func (s *GetGroupInput) SetMaxItems(v int64) *GetGroupInput

SetMaxItems sets the MaxItems field's value.

func (GetGroupInput) String added in v0.6.5

func (s GetGroupInput) String() string

String returns the string representation

func (*GetGroupInput) Validate added in v1.1.21

func (s *GetGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetGroupOutput

type GetGroupOutput struct {

	// A structure that contains details about the group.
	//
	// Group is a required field
	Group *Group `type:"structure" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of users in the group.
	//
	// Users is a required field
	Users []*User `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetGroup request.

func (GetGroupOutput) GoString added in v0.6.5

func (s GetGroupOutput) GoString() string

GoString returns the string representation

func (*GetGroupOutput) SetGroup added in v1.5.0

func (s *GetGroupOutput) SetGroup(v *Group) *GetGroupOutput

SetGroup sets the Group field's value.

func (*GetGroupOutput) SetIsTruncated added in v1.5.0

func (s *GetGroupOutput) SetIsTruncated(v bool) *GetGroupOutput

SetIsTruncated sets the IsTruncated field's value.

func (*GetGroupOutput) SetMarker added in v1.5.0

func (s *GetGroupOutput) SetMarker(v string) *GetGroupOutput

SetMarker sets the Marker field's value.

func (*GetGroupOutput) SetUsers added in v1.5.0

func (s *GetGroupOutput) SetUsers(v []*User) *GetGroupOutput

SetUsers sets the Users field's value.

func (GetGroupOutput) String added in v0.6.5

func (s GetGroupOutput) String() string

String returns the string representation

type GetGroupPolicyInput

type GetGroupPolicyInput struct {

	// The name of the group the policy is associated with.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The name of the policy document to get.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetGroupPolicyInput) GoString added in v0.6.5

func (s GetGroupPolicyInput) GoString() string

GoString returns the string representation

func (*GetGroupPolicyInput) SetGroupName added in v1.5.0

func (s *GetGroupPolicyInput) SetGroupName(v string) *GetGroupPolicyInput

SetGroupName sets the GroupName field's value.

func (*GetGroupPolicyInput) SetPolicyName added in v1.5.0

func (s *GetGroupPolicyInput) SetPolicyName(v string) *GetGroupPolicyInput

SetPolicyName sets the PolicyName field's value.

func (GetGroupPolicyInput) String added in v0.6.5

func (s GetGroupPolicyInput) String() string

String returns the string representation

func (*GetGroupPolicyInput) Validate added in v1.1.21

func (s *GetGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetGroupPolicyOutput

type GetGroupPolicyOutput struct {

	// The group the policy is associated with.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The policy document.
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy.
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetGroupPolicy request.

func (GetGroupPolicyOutput) GoString added in v0.6.5

func (s GetGroupPolicyOutput) GoString() string

GoString returns the string representation

func (*GetGroupPolicyOutput) SetGroupName added in v1.5.0

func (s *GetGroupPolicyOutput) SetGroupName(v string) *GetGroupPolicyOutput

SetGroupName sets the GroupName field's value.

func (*GetGroupPolicyOutput) SetPolicyDocument added in v1.5.0

func (s *GetGroupPolicyOutput) SetPolicyDocument(v string) *GetGroupPolicyOutput

SetPolicyDocument sets the PolicyDocument field's value.

func (*GetGroupPolicyOutput) SetPolicyName added in v1.5.0

func (s *GetGroupPolicyOutput) SetPolicyName(v string) *GetGroupPolicyOutput

SetPolicyName sets the PolicyName field's value.

func (GetGroupPolicyOutput) String added in v0.6.5

func (s GetGroupPolicyOutput) String() string

String returns the string representation

type GetInstanceProfileInput

type GetInstanceProfileInput struct {

	// The name of the instance profile to get information about.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetInstanceProfileInput) GoString added in v0.6.5

func (s GetInstanceProfileInput) GoString() string

GoString returns the string representation

func (*GetInstanceProfileInput) SetInstanceProfileName added in v1.5.0

func (s *GetInstanceProfileInput) SetInstanceProfileName(v string) *GetInstanceProfileInput

SetInstanceProfileName sets the InstanceProfileName field's value.

func (GetInstanceProfileInput) String added in v0.6.5

func (s GetInstanceProfileInput) String() string

String returns the string representation

func (*GetInstanceProfileInput) Validate added in v1.1.21

func (s *GetInstanceProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetInstanceProfileOutput

type GetInstanceProfileOutput struct {

	// A structure containing details about the instance profile.
	//
	// InstanceProfile is a required field
	InstanceProfile *InstanceProfile `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetInstanceProfile request.

func (GetInstanceProfileOutput) GoString added in v0.6.5

func (s GetInstanceProfileOutput) GoString() string

GoString returns the string representation

func (*GetInstanceProfileOutput) SetInstanceProfile added in v1.5.0

SetInstanceProfile sets the InstanceProfile field's value.

func (GetInstanceProfileOutput) String added in v0.6.5

func (s GetInstanceProfileOutput) String() string

String returns the string representation

type GetLoginProfileInput

type GetLoginProfileInput struct {

	// The name of the user whose login profile you want to retrieve.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetLoginProfileInput) GoString added in v0.6.5

func (s GetLoginProfileInput) GoString() string

GoString returns the string representation

func (*GetLoginProfileInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (GetLoginProfileInput) String added in v0.6.5

func (s GetLoginProfileInput) String() string

String returns the string representation

func (*GetLoginProfileInput) Validate added in v1.1.21

func (s *GetLoginProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetLoginProfileOutput

type GetLoginProfileOutput struct {

	// A structure containing the user name and password create date for the user.
	//
	// LoginProfile is a required field
	LoginProfile *LoginProfile `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetLoginProfile request.

func (GetLoginProfileOutput) GoString added in v0.6.5

func (s GetLoginProfileOutput) GoString() string

GoString returns the string representation

func (*GetLoginProfileOutput) SetLoginProfile added in v1.5.0

SetLoginProfile sets the LoginProfile field's value.

func (GetLoginProfileOutput) String added in v0.6.5

func (s GetLoginProfileOutput) String() string

String returns the string representation

type GetOpenIDConnectProviderInput

type GetOpenIDConnectProviderInput struct {

	// The Amazon Resource Name (ARN) of the OIDC provider resource object in IAM
	// to get information for. You can get a list of OIDC provider resource ARNs
	// by using the ListOpenIDConnectProviders operation.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetOpenIDConnectProviderInput) GoString added in v0.6.5

GoString returns the string representation

func (*GetOpenIDConnectProviderInput) SetOpenIDConnectProviderArn added in v1.5.0

func (s *GetOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *GetOpenIDConnectProviderInput

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (GetOpenIDConnectProviderInput) String added in v0.6.5

String returns the string representation

func (*GetOpenIDConnectProviderInput) Validate added in v1.1.21

func (s *GetOpenIDConnectProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetOpenIDConnectProviderOutput

type GetOpenIDConnectProviderOutput struct {

	// A list of client IDs (also known as audiences) that are associated with the
	// specified IAM OIDC provider resource object. For more information, see CreateOpenIDConnectProvider.
	ClientIDList []*string `type:"list"`

	// The date and time when the IAM OIDC provider resource object was created
	// in the AWS account.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// A list of certificate thumbprints that are associated with the specified
	// IAM OIDC provider resource object. For more information, see CreateOpenIDConnectProvider.
	ThumbprintList []*string `type:"list"`

	// The URL that the IAM OIDC provider resource object is associated with. For
	// more information, see CreateOpenIDConnectProvider.
	Url *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetOpenIDConnectProvider request.

func (GetOpenIDConnectProviderOutput) GoString added in v0.6.5

GoString returns the string representation

func (*GetOpenIDConnectProviderOutput) SetClientIDList added in v1.5.0

SetClientIDList sets the ClientIDList field's value.

func (*GetOpenIDConnectProviderOutput) SetCreateDate added in v1.5.0

SetCreateDate sets the CreateDate field's value.

func (*GetOpenIDConnectProviderOutput) SetThumbprintList added in v1.5.0

SetThumbprintList sets the ThumbprintList field's value.

func (*GetOpenIDConnectProviderOutput) SetUrl added in v1.5.0

SetUrl sets the Url field's value.

func (GetOpenIDConnectProviderOutput) String added in v0.6.5

String returns the string representation

type GetPolicyInput

type GetPolicyInput struct {

	// The Amazon Resource Name (ARN) of the managed policy that you want information
	// about.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetPolicyInput) GoString added in v0.6.5

func (s GetPolicyInput) GoString() string

GoString returns the string representation

func (*GetPolicyInput) SetPolicyArn added in v1.5.0

func (s *GetPolicyInput) SetPolicyArn(v string) *GetPolicyInput

SetPolicyArn sets the PolicyArn field's value.

func (GetPolicyInput) String added in v0.6.5

func (s GetPolicyInput) String() string

String returns the string representation

func (*GetPolicyInput) Validate added in v1.1.21

func (s *GetPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetPolicyOutput

type GetPolicyOutput struct {

	// A structure containing details about the policy.
	Policy *Policy `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetPolicy request.

func (GetPolicyOutput) GoString added in v0.6.5

func (s GetPolicyOutput) GoString() string

GoString returns the string representation

func (*GetPolicyOutput) SetPolicy added in v1.5.0

func (s *GetPolicyOutput) SetPolicy(v *Policy) *GetPolicyOutput

SetPolicy sets the Policy field's value.

func (GetPolicyOutput) String added in v0.6.5

func (s GetPolicyOutput) String() string

String returns the string representation

type GetPolicyVersionInput

type GetPolicyVersionInput struct {

	// The Amazon Resource Name (ARN) of the managed policy that you want information
	// about.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// Identifies the policy version to retrieve.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that consists of the lowercase letter 'v' followed
	// by one or two digits, and optionally followed by a period '.' and a string
	// of letters and digits.
	//
	// VersionId is a required field
	VersionId *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetPolicyVersionInput) GoString added in v0.6.5

func (s GetPolicyVersionInput) GoString() string

GoString returns the string representation

func (*GetPolicyVersionInput) SetPolicyArn added in v1.5.0

SetPolicyArn sets the PolicyArn field's value.

func (*GetPolicyVersionInput) SetVersionId added in v1.5.0

SetVersionId sets the VersionId field's value.

func (GetPolicyVersionInput) String added in v0.6.5

func (s GetPolicyVersionInput) String() string

String returns the string representation

func (*GetPolicyVersionInput) Validate added in v1.1.21

func (s *GetPolicyVersionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetPolicyVersionOutput

type GetPolicyVersionOutput struct {

	// A structure containing details about the policy version.
	PolicyVersion *PolicyVersion `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetPolicyVersion request.

func (GetPolicyVersionOutput) GoString added in v0.6.5

func (s GetPolicyVersionOutput) GoString() string

GoString returns the string representation

func (*GetPolicyVersionOutput) SetPolicyVersion added in v1.5.0

SetPolicyVersion sets the PolicyVersion field's value.

func (GetPolicyVersionOutput) String added in v0.6.5

func (s GetPolicyVersionOutput) String() string

String returns the string representation

type GetRoleInput

type GetRoleInput struct {

	// The name of the IAM role to get information about.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetRoleInput) GoString added in v0.6.5

func (s GetRoleInput) GoString() string

GoString returns the string representation

func (*GetRoleInput) SetRoleName added in v1.5.0

func (s *GetRoleInput) SetRoleName(v string) *GetRoleInput

SetRoleName sets the RoleName field's value.

func (GetRoleInput) String added in v0.6.5

func (s GetRoleInput) String() string

String returns the string representation

func (*GetRoleInput) Validate added in v1.1.21

func (s *GetRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetRoleOutput

type GetRoleOutput struct {

	// A structure containing details about the IAM role.
	//
	// Role is a required field
	Role *Role `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetRole request.

func (GetRoleOutput) GoString added in v0.6.5

func (s GetRoleOutput) GoString() string

GoString returns the string representation

func (*GetRoleOutput) SetRole added in v1.5.0

func (s *GetRoleOutput) SetRole(v *Role) *GetRoleOutput

SetRole sets the Role field's value.

func (GetRoleOutput) String added in v0.6.5

func (s GetRoleOutput) String() string

String returns the string representation

type GetRolePolicyInput

type GetRolePolicyInput struct {

	// The name of the policy document to get.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name of the role associated with the policy.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetRolePolicyInput) GoString added in v0.6.5

func (s GetRolePolicyInput) GoString() string

GoString returns the string representation

func (*GetRolePolicyInput) SetPolicyName added in v1.5.0

func (s *GetRolePolicyInput) SetPolicyName(v string) *GetRolePolicyInput

SetPolicyName sets the PolicyName field's value.

func (*GetRolePolicyInput) SetRoleName added in v1.5.0

func (s *GetRolePolicyInput) SetRoleName(v string) *GetRolePolicyInput

SetRoleName sets the RoleName field's value.

func (GetRolePolicyInput) String added in v0.6.5

func (s GetRolePolicyInput) String() string

String returns the string representation

func (*GetRolePolicyInput) Validate added in v1.1.21

func (s *GetRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetRolePolicyOutput

type GetRolePolicyOutput struct {

	// The policy document.
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy.
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The role the policy is associated with.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetRolePolicy request.

func (GetRolePolicyOutput) GoString added in v0.6.5

func (s GetRolePolicyOutput) GoString() string

GoString returns the string representation

func (*GetRolePolicyOutput) SetPolicyDocument added in v1.5.0

func (s *GetRolePolicyOutput) SetPolicyDocument(v string) *GetRolePolicyOutput

SetPolicyDocument sets the PolicyDocument field's value.

func (*GetRolePolicyOutput) SetPolicyName added in v1.5.0

func (s *GetRolePolicyOutput) SetPolicyName(v string) *GetRolePolicyOutput

SetPolicyName sets the PolicyName field's value.

func (*GetRolePolicyOutput) SetRoleName added in v1.5.0

func (s *GetRolePolicyOutput) SetRoleName(v string) *GetRolePolicyOutput

SetRoleName sets the RoleName field's value.

func (GetRolePolicyOutput) String added in v0.6.5

func (s GetRolePolicyOutput) String() string

String returns the string representation

type GetSAMLProviderInput

type GetSAMLProviderInput struct {

	// The Amazon Resource Name (ARN) of the SAML provider resource object in IAM
	// to get information about.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// SAMLProviderArn is a required field
	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetSAMLProviderInput) GoString added in v0.6.5

func (s GetSAMLProviderInput) GoString() string

GoString returns the string representation

func (*GetSAMLProviderInput) SetSAMLProviderArn added in v1.5.0

func (s *GetSAMLProviderInput) SetSAMLProviderArn(v string) *GetSAMLProviderInput

SetSAMLProviderArn sets the SAMLProviderArn field's value.

func (GetSAMLProviderInput) String added in v0.6.5

func (s GetSAMLProviderInput) String() string

String returns the string representation

func (*GetSAMLProviderInput) Validate added in v1.1.21

func (s *GetSAMLProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetSAMLProviderOutput

type GetSAMLProviderOutput struct {

	// The date and time when the SAML provider was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The XML metadata document that includes information about an identity provider.
	SAMLMetadataDocument *string `min:"1000" type:"string"`

	// The expiration date and time for the SAML provider.
	ValidUntil *time.Time `type:"timestamp" timestampFormat:"iso8601"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetSAMLProvider request.

func (GetSAMLProviderOutput) GoString added in v0.6.5

func (s GetSAMLProviderOutput) GoString() string

GoString returns the string representation

func (*GetSAMLProviderOutput) SetCreateDate added in v1.5.0

SetCreateDate sets the CreateDate field's value.

func (*GetSAMLProviderOutput) SetSAMLMetadataDocument added in v1.5.0

func (s *GetSAMLProviderOutput) SetSAMLMetadataDocument(v string) *GetSAMLProviderOutput

SetSAMLMetadataDocument sets the SAMLMetadataDocument field's value.

func (*GetSAMLProviderOutput) SetValidUntil added in v1.5.0

SetValidUntil sets the ValidUntil field's value.

func (GetSAMLProviderOutput) String added in v0.6.5

func (s GetSAMLProviderOutput) String() string

String returns the string representation

type GetSSHPublicKeyInput added in v0.6.6

type GetSSHPublicKeyInput struct {

	// Specifies the public key encoding format to use in the response. To retrieve
	// the public key in ssh-rsa format, use SSH. To retrieve the public key in
	// PEM format, use PEM.
	//
	// Encoding is a required field
	Encoding *string `type:"string" required:"true" enum:"encodingType"`

	// The unique identifier for the SSH public key.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The name of the IAM user associated with the SSH public key.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetSSHPublicKeyInput) GoString added in v0.6.6

func (s GetSSHPublicKeyInput) GoString() string

GoString returns the string representation

func (*GetSSHPublicKeyInput) SetEncoding added in v1.5.0

SetEncoding sets the Encoding field's value.

func (*GetSSHPublicKeyInput) SetSSHPublicKeyId added in v1.5.0

func (s *GetSSHPublicKeyInput) SetSSHPublicKeyId(v string) *GetSSHPublicKeyInput

SetSSHPublicKeyId sets the SSHPublicKeyId field's value.

func (*GetSSHPublicKeyInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (GetSSHPublicKeyInput) String added in v0.6.6

func (s GetSSHPublicKeyInput) String() string

String returns the string representation

func (*GetSSHPublicKeyInput) Validate added in v1.1.21

func (s *GetSSHPublicKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetSSHPublicKeyOutput added in v0.6.6

type GetSSHPublicKeyOutput struct {

	// A structure containing details about the SSH public key.
	SSHPublicKey *SSHPublicKey `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetSSHPublicKey request.

func (GetSSHPublicKeyOutput) GoString added in v0.6.6

func (s GetSSHPublicKeyOutput) GoString() string

GoString returns the string representation

func (*GetSSHPublicKeyOutput) SetSSHPublicKey added in v1.5.0

SetSSHPublicKey sets the SSHPublicKey field's value.

func (GetSSHPublicKeyOutput) String added in v0.6.6

func (s GetSSHPublicKeyOutput) String() string

String returns the string representation

type GetServerCertificateInput

type GetServerCertificateInput struct {

	// The name of the server certificate you want to retrieve information about.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetServerCertificateInput) GoString added in v0.6.5

func (s GetServerCertificateInput) GoString() string

GoString returns the string representation

func (*GetServerCertificateInput) SetServerCertificateName added in v1.5.0

func (s *GetServerCertificateInput) SetServerCertificateName(v string) *GetServerCertificateInput

SetServerCertificateName sets the ServerCertificateName field's value.

func (GetServerCertificateInput) String added in v0.6.5

func (s GetServerCertificateInput) String() string

String returns the string representation

func (*GetServerCertificateInput) Validate added in v1.1.21

func (s *GetServerCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetServerCertificateOutput

type GetServerCertificateOutput struct {

	// A structure containing details about the server certificate.
	//
	// ServerCertificate is a required field
	ServerCertificate *ServerCertificate `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetServerCertificate request.

func (GetServerCertificateOutput) GoString added in v0.6.5

func (s GetServerCertificateOutput) GoString() string

GoString returns the string representation

func (*GetServerCertificateOutput) SetServerCertificate added in v1.5.0

SetServerCertificate sets the ServerCertificate field's value.

func (GetServerCertificateOutput) String added in v0.6.5

String returns the string representation

type GetServiceLinkedRoleDeletionStatusInput added in v1.10.47

type GetServiceLinkedRoleDeletionStatusInput struct {

	// The deletion task identifier. This identifier is returned by the DeleteServiceLinkedRole
	// operation in the format task/aws-service-role/<service-principal-name>/<role-name>/<task-uuid>.
	//
	// DeletionTaskId is a required field
	DeletionTaskId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetServiceLinkedRoleDeletionStatusInput) GoString added in v1.10.47

GoString returns the string representation

func (*GetServiceLinkedRoleDeletionStatusInput) SetDeletionTaskId added in v1.10.47

SetDeletionTaskId sets the DeletionTaskId field's value.

func (GetServiceLinkedRoleDeletionStatusInput) String added in v1.10.47

String returns the string representation

func (*GetServiceLinkedRoleDeletionStatusInput) Validate added in v1.10.47

Validate inspects the fields of the type to determine if they are valid.

type GetServiceLinkedRoleDeletionStatusOutput added in v1.10.47

type GetServiceLinkedRoleDeletionStatusOutput struct {

	// An object that contains details about the reason the deletion failed.
	Reason *DeletionTaskFailureReasonType `type:"structure"`

	// The status of the deletion.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"DeletionTaskStatusType"`
	// contains filtered or unexported fields
}

func (GetServiceLinkedRoleDeletionStatusOutput) GoString added in v1.10.47

GoString returns the string representation

func (*GetServiceLinkedRoleDeletionStatusOutput) SetReason added in v1.10.47

SetReason sets the Reason field's value.

func (*GetServiceLinkedRoleDeletionStatusOutput) SetStatus added in v1.10.47

SetStatus sets the Status field's value.

func (GetServiceLinkedRoleDeletionStatusOutput) String added in v1.10.47

String returns the string representation

type GetUserInput

type GetUserInput struct {

	// The name of the user to get information about.
	//
	// This parameter is optional. If it is not included, it defaults to the user
	// making the request. This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (GetUserInput) GoString added in v0.6.5

func (s GetUserInput) GoString() string

GoString returns the string representation

func (*GetUserInput) SetUserName added in v1.5.0

func (s *GetUserInput) SetUserName(v string) *GetUserInput

SetUserName sets the UserName field's value.

func (GetUserInput) String added in v0.6.5

func (s GetUserInput) String() string

String returns the string representation

func (*GetUserInput) Validate added in v1.1.21

func (s *GetUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetUserOutput

type GetUserOutput struct {

	// A structure containing details about the IAM user.
	//
	// User is a required field
	User *User `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetUser request.

func (GetUserOutput) GoString added in v0.6.5

func (s GetUserOutput) GoString() string

GoString returns the string representation

func (*GetUserOutput) SetUser added in v1.5.0

func (s *GetUserOutput) SetUser(v *User) *GetUserOutput

SetUser sets the User field's value.

func (GetUserOutput) String added in v0.6.5

func (s GetUserOutput) String() string

String returns the string representation

type GetUserPolicyInput

type GetUserPolicyInput struct {

	// The name of the policy document to get.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name of the user who the policy is associated with.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetUserPolicyInput) GoString added in v0.6.5

func (s GetUserPolicyInput) GoString() string

GoString returns the string representation

func (*GetUserPolicyInput) SetPolicyName added in v1.5.0

func (s *GetUserPolicyInput) SetPolicyName(v string) *GetUserPolicyInput

SetPolicyName sets the PolicyName field's value.

func (*GetUserPolicyInput) SetUserName added in v1.5.0

func (s *GetUserPolicyInput) SetUserName(v string) *GetUserPolicyInput

SetUserName sets the UserName field's value.

func (GetUserPolicyInput) String added in v0.6.5

func (s GetUserPolicyInput) String() string

String returns the string representation

func (*GetUserPolicyInput) Validate added in v1.1.21

func (s *GetUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetUserPolicyOutput

type GetUserPolicyOutput struct {

	// The policy document.
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy.
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The user the policy is associated with.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetUserPolicy request.

func (GetUserPolicyOutput) GoString added in v0.6.5

func (s GetUserPolicyOutput) GoString() string

GoString returns the string representation

func (*GetUserPolicyOutput) SetPolicyDocument added in v1.5.0

func (s *GetUserPolicyOutput) SetPolicyDocument(v string) *GetUserPolicyOutput

SetPolicyDocument sets the PolicyDocument field's value.

func (*GetUserPolicyOutput) SetPolicyName added in v1.5.0

func (s *GetUserPolicyOutput) SetPolicyName(v string) *GetUserPolicyOutput

SetPolicyName sets the PolicyName field's value.

func (*GetUserPolicyOutput) SetUserName added in v1.5.0

func (s *GetUserPolicyOutput) SetUserName(v string) *GetUserPolicyOutput

SetUserName sets the UserName field's value.

func (GetUserPolicyOutput) String added in v0.6.5

func (s GetUserPolicyOutput) String() string

String returns the string representation

type Group

type Group struct {

	// The Amazon Resource Name (ARN) specifying the group. For more information
	// about ARNs and how to use them in policies, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the group was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The stable and unique string identifying the group. For more information
	// about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// GroupId is a required field
	GroupId *string `min:"16" type:"string" required:"true"`

	// The friendly name that identifies the group.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The path to the group. For more information about paths, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an IAM group entity.

This data type is used as a response element in the following operations:

  • CreateGroup

  • GetGroup

  • ListGroups

func (Group) GoString added in v0.6.5

func (s Group) GoString() string

GoString returns the string representation

func (*Group) SetArn added in v1.5.0

func (s *Group) SetArn(v string) *Group

SetArn sets the Arn field's value.

func (*Group) SetCreateDate added in v1.5.0

func (s *Group) SetCreateDate(v time.Time) *Group

SetCreateDate sets the CreateDate field's value.

func (*Group) SetGroupId added in v1.5.0

func (s *Group) SetGroupId(v string) *Group

SetGroupId sets the GroupId field's value.

func (*Group) SetGroupName added in v1.5.0

func (s *Group) SetGroupName(v string) *Group

SetGroupName sets the GroupName field's value.

func (*Group) SetPath added in v1.5.0

func (s *Group) SetPath(v string) *Group

SetPath sets the Path field's value.

func (Group) String added in v0.6.5

func (s Group) String() string

String returns the string representation

type GroupDetail

type GroupDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	Arn *string `min:"20" type:"string"`

	// A list of the managed policies attached to the group.
	AttachedManagedPolicies []*AttachedPolicy `type:"list"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the group was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The stable and unique string identifying the group. For more information
	// about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	GroupId *string `min:"16" type:"string"`

	// The friendly name that identifies the group.
	GroupName *string `min:"1" type:"string"`

	// A list of the inline policies embedded in the group.
	GroupPolicyList []*PolicyDetail `type:"list"`

	// The path to the group. For more information about paths, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	Path *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about an IAM group, including all of the group's policies.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

func (GroupDetail) GoString added in v0.6.5

func (s GroupDetail) GoString() string

GoString returns the string representation

func (*GroupDetail) SetArn added in v1.5.0

func (s *GroupDetail) SetArn(v string) *GroupDetail

SetArn sets the Arn field's value.

func (*GroupDetail) SetAttachedManagedPolicies added in v1.5.0

func (s *GroupDetail) SetAttachedManagedPolicies(v []*AttachedPolicy) *GroupDetail

SetAttachedManagedPolicies sets the AttachedManagedPolicies field's value.

func (*GroupDetail) SetCreateDate added in v1.5.0

func (s *GroupDetail) SetCreateDate(v time.Time) *GroupDetail

SetCreateDate sets the CreateDate field's value.

func (*GroupDetail) SetGroupId added in v1.5.0

func (s *GroupDetail) SetGroupId(v string) *GroupDetail

SetGroupId sets the GroupId field's value.

func (*GroupDetail) SetGroupName added in v1.5.0

func (s *GroupDetail) SetGroupName(v string) *GroupDetail

SetGroupName sets the GroupName field's value.

func (*GroupDetail) SetGroupPolicyList added in v1.5.0

func (s *GroupDetail) SetGroupPolicyList(v []*PolicyDetail) *GroupDetail

SetGroupPolicyList sets the GroupPolicyList field's value.

func (*GroupDetail) SetPath added in v1.5.0

func (s *GroupDetail) SetPath(v string) *GroupDetail

SetPath sets the Path field's value.

func (GroupDetail) String added in v0.6.5

func (s GroupDetail) String() string

String returns the string representation

type IAM

type IAM struct {
	*client.Client
}

IAM provides the API operation methods for making requests to AWS Identity and Access Management. See this package's package overview docs for details on the service.

IAM methods are safe to use concurrently. It is not safe to modify mutate any of the struct's properties though.

func New

func New(p client.ConfigProvider, cfgs ...*aws.Config) *IAM

New creates a new instance of the IAM client with a session. If additional configuration is needed for the client instance use the optional aws.Config parameter to add your extra config.

Example:

// Create a IAM client from just a session.
svc := iam.New(mySession)

// Create a IAM client with additional configuration
svc := iam.New(mySession, aws.NewConfig().WithRegion("us-west-2"))

func (*IAM) AddClientIDToOpenIDConnectProvider

func (c *IAM) AddClientIDToOpenIDConnectProvider(input *AddClientIDToOpenIDConnectProviderInput) (*AddClientIDToOpenIDConnectProviderOutput, error)

AddClientIDToOpenIDConnectProvider API operation for AWS Identity and Access Management.

Adds a new client ID (also known as audience) to the list of client IDs already registered for the specified IAM OpenID Connect (OIDC) provider resource.

This operation is idempotent; it does not fail or return an error if you add an existing client ID to the provider.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation AddClientIDToOpenIDConnectProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddClientIDToOpenIDConnectProvider

Example (Shared00)

To add a client ID (audience) to an Open-ID Connect (OIDC) provider

The following add-client-id-to-open-id-connect-provider command adds the client ID my-application-ID to the OIDC provider named server.example.com:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.AddClientIDToOpenIDConnectProviderInput{
		ClientID:                 aws.String("my-application-ID"),
		OpenIDConnectProviderArn: aws.String("arn:aws:iam::123456789012:oidc-provider/server.example.com"),
	}

	result, err := svc.AddClientIDToOpenIDConnectProvider(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) AddClientIDToOpenIDConnectProviderRequest

func (c *IAM) AddClientIDToOpenIDConnectProviderRequest(input *AddClientIDToOpenIDConnectProviderInput) (req *request.Request, output *AddClientIDToOpenIDConnectProviderOutput)

AddClientIDToOpenIDConnectProviderRequest generates a "aws/request.Request" representing the client's request for the AddClientIDToOpenIDConnectProvider operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AddClientIDToOpenIDConnectProvider for more information on using the AddClientIDToOpenIDConnectProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AddClientIDToOpenIDConnectProviderRequest method.
req, resp := client.AddClientIDToOpenIDConnectProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddClientIDToOpenIDConnectProvider

func (*IAM) AddClientIDToOpenIDConnectProviderWithContext added in v1.8.0

func (c *IAM) AddClientIDToOpenIDConnectProviderWithContext(ctx aws.Context, input *AddClientIDToOpenIDConnectProviderInput, opts ...request.Option) (*AddClientIDToOpenIDConnectProviderOutput, error)

AddClientIDToOpenIDConnectProviderWithContext is the same as AddClientIDToOpenIDConnectProvider with the addition of the ability to pass a context and additional request options.

See AddClientIDToOpenIDConnectProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) AddRoleToInstanceProfile

func (c *IAM) AddRoleToInstanceProfile(input *AddRoleToInstanceProfileInput) (*AddRoleToInstanceProfileOutput, error)

AddRoleToInstanceProfile API operation for AWS Identity and Access Management.

Adds the specified IAM role to the specified instance profile. An instance profile can contain only one role, and this limit cannot be increased. You can remove the existing role and then add a different role to an instance profile. You must then wait for the change to appear across all of AWS because of eventual consistency (https://en.wikipedia.org/wiki/Eventual_consistency). To force the change, you must disassociate the instance profile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateIamInstanceProfile.html) and then associate the instance profile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateIamInstanceProfile.html), or you can stop your instance and then restart it.

The caller of this API must be granted the PassRole permission on the IAM role by a permission policy.

For more information about roles, go to Working with Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). For more information about instance profiles, go to About Instance Profiles (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation AddRoleToInstanceProfile for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddRoleToInstanceProfile

Example (Shared00)

To add a role to an instance profile

The following command adds the role named S3Access to the instance profile named Webserver:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.AddRoleToInstanceProfileInput{
		InstanceProfileName: aws.String("Webserver"),
		RoleName:            aws.String("S3Access"),
	}

	result, err := svc.AddRoleToInstanceProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) AddRoleToInstanceProfileRequest

func (c *IAM) AddRoleToInstanceProfileRequest(input *AddRoleToInstanceProfileInput) (req *request.Request, output *AddRoleToInstanceProfileOutput)

AddRoleToInstanceProfileRequest generates a "aws/request.Request" representing the client's request for the AddRoleToInstanceProfile operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AddRoleToInstanceProfile for more information on using the AddRoleToInstanceProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AddRoleToInstanceProfileRequest method.
req, resp := client.AddRoleToInstanceProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddRoleToInstanceProfile

func (*IAM) AddRoleToInstanceProfileWithContext added in v1.8.0

func (c *IAM) AddRoleToInstanceProfileWithContext(ctx aws.Context, input *AddRoleToInstanceProfileInput, opts ...request.Option) (*AddRoleToInstanceProfileOutput, error)

AddRoleToInstanceProfileWithContext is the same as AddRoleToInstanceProfile with the addition of the ability to pass a context and additional request options.

See AddRoleToInstanceProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) AddUserToGroup

func (c *IAM) AddUserToGroup(input *AddUserToGroupInput) (*AddUserToGroupOutput, error)

AddUserToGroup API operation for AWS Identity and Access Management.

Adds the specified user to the specified group.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation AddUserToGroup for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddUserToGroup

Example (Shared00)

To add a user to an IAM group

The following command adds an IAM user named Bob to the IAM group named Admins:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.AddUserToGroupInput{
		GroupName: aws.String("Admins"),
		UserName:  aws.String("Bob"),
	}

	result, err := svc.AddUserToGroup(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) AddUserToGroupRequest

func (c *IAM) AddUserToGroupRequest(input *AddUserToGroupInput) (req *request.Request, output *AddUserToGroupOutput)

AddUserToGroupRequest generates a "aws/request.Request" representing the client's request for the AddUserToGroup operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AddUserToGroup for more information on using the AddUserToGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AddUserToGroupRequest method.
req, resp := client.AddUserToGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddUserToGroup

func (*IAM) AddUserToGroupWithContext added in v1.8.0

func (c *IAM) AddUserToGroupWithContext(ctx aws.Context, input *AddUserToGroupInput, opts ...request.Option) (*AddUserToGroupOutput, error)

AddUserToGroupWithContext is the same as AddUserToGroup with the addition of the ability to pass a context and additional request options.

See AddUserToGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) AttachGroupPolicy

func (c *IAM) AttachGroupPolicy(input *AttachGroupPolicyInput) (*AttachGroupPolicyOutput, error)

AttachGroupPolicy API operation for AWS Identity and Access Management.

Attaches the specified managed policy to the specified IAM group.

You use this API to attach a managed policy to a group. To embed an inline policy in a group, use PutGroupPolicy.

For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation AttachGroupPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodePolicyNotAttachableException "PolicyNotAttachable" The request failed because AWS service role policies can only be attached to the service-linked role for that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachGroupPolicy

Example (Shared00)

To attach a managed policy to an IAM group

The following command attaches the AWS managed policy named ReadOnlyAccess to the IAM group named Finance.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.AttachGroupPolicyInput{
		GroupName: aws.String("Finance"),
		PolicyArn: aws.String("arn:aws:iam::aws:policy/ReadOnlyAccess"),
	}

	result, err := svc.AttachGroupPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodePolicyNotAttachableException:
				fmt.Println(iam.ErrCodePolicyNotAttachableException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) AttachGroupPolicyRequest

func (c *IAM) AttachGroupPolicyRequest(input *AttachGroupPolicyInput) (req *request.Request, output *AttachGroupPolicyOutput)

AttachGroupPolicyRequest generates a "aws/request.Request" representing the client's request for the AttachGroupPolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AttachGroupPolicy for more information on using the AttachGroupPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AttachGroupPolicyRequest method.
req, resp := client.AttachGroupPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachGroupPolicy

func (*IAM) AttachGroupPolicyWithContext added in v1.8.0

func (c *IAM) AttachGroupPolicyWithContext(ctx aws.Context, input *AttachGroupPolicyInput, opts ...request.Option) (*AttachGroupPolicyOutput, error)

AttachGroupPolicyWithContext is the same as AttachGroupPolicy with the addition of the ability to pass a context and additional request options.

See AttachGroupPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) AttachRolePolicy

func (c *IAM) AttachRolePolicy(input *AttachRolePolicyInput) (*AttachRolePolicyOutput, error)

AttachRolePolicy API operation for AWS Identity and Access Management.

Attaches the specified managed policy to the specified IAM role. When you attach a managed policy to a role, the managed policy becomes part of the role's permission (access) policy.

You cannot use a managed policy as the role's trust policy. The role's trust policy is created at the same time as the role, using CreateRole. You can update a role's trust policy using UpdateAssumeRolePolicy.

Use this API to attach a managed policy to a role. To embed an inline policy in a role, use PutRolePolicy. For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation AttachRolePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodePolicyNotAttachableException "PolicyNotAttachable" The request failed because AWS service role policies can only be attached to the service-linked role for that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachRolePolicy

Example (Shared00)

To attach a managed policy to an IAM role

The following command attaches the AWS managed policy named ReadOnlyAccess to the IAM role named ReadOnlyRole.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.AttachRolePolicyInput{
		PolicyArn: aws.String("arn:aws:iam::aws:policy/ReadOnlyAccess"),
		RoleName:  aws.String("ReadOnlyRole"),
	}

	result, err := svc.AttachRolePolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodePolicyNotAttachableException:
				fmt.Println(iam.ErrCodePolicyNotAttachableException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) AttachRolePolicyRequest

func (c *IAM) AttachRolePolicyRequest(input *AttachRolePolicyInput) (req *request.Request, output *AttachRolePolicyOutput)

AttachRolePolicyRequest generates a "aws/request.Request" representing the client's request for the AttachRolePolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AttachRolePolicy for more information on using the AttachRolePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AttachRolePolicyRequest method.
req, resp := client.AttachRolePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachRolePolicy

func (*IAM) AttachRolePolicyWithContext added in v1.8.0

func (c *IAM) AttachRolePolicyWithContext(ctx aws.Context, input *AttachRolePolicyInput, opts ...request.Option) (*AttachRolePolicyOutput, error)

AttachRolePolicyWithContext is the same as AttachRolePolicy with the addition of the ability to pass a context and additional request options.

See AttachRolePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) AttachUserPolicy

func (c *IAM) AttachUserPolicy(input *AttachUserPolicyInput) (*AttachUserPolicyOutput, error)

AttachUserPolicy API operation for AWS Identity and Access Management.

Attaches the specified managed policy to the specified user.

You use this API to attach a managed policy to a user. To embed an inline policy in a user, use PutUserPolicy.

For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation AttachUserPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodePolicyNotAttachableException "PolicyNotAttachable" The request failed because AWS service role policies can only be attached to the service-linked role for that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachUserPolicy

Example (Shared00)

To attach a managed policy to an IAM user

The following command attaches the AWS managed policy named AdministratorAccess to the IAM user named Alice.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.AttachUserPolicyInput{
		PolicyArn: aws.String("arn:aws:iam::aws:policy/AdministratorAccess"),
		UserName:  aws.String("Alice"),
	}

	result, err := svc.AttachUserPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodePolicyNotAttachableException:
				fmt.Println(iam.ErrCodePolicyNotAttachableException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) AttachUserPolicyRequest

func (c *IAM) AttachUserPolicyRequest(input *AttachUserPolicyInput) (req *request.Request, output *AttachUserPolicyOutput)

AttachUserPolicyRequest generates a "aws/request.Request" representing the client's request for the AttachUserPolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AttachUserPolicy for more information on using the AttachUserPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AttachUserPolicyRequest method.
req, resp := client.AttachUserPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachUserPolicy

func (*IAM) AttachUserPolicyWithContext added in v1.8.0

func (c *IAM) AttachUserPolicyWithContext(ctx aws.Context, input *AttachUserPolicyInput, opts ...request.Option) (*AttachUserPolicyOutput, error)

AttachUserPolicyWithContext is the same as AttachUserPolicy with the addition of the ability to pass a context and additional request options.

See AttachUserPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ChangePassword

func (c *IAM) ChangePassword(input *ChangePasswordInput) (*ChangePasswordOutput, error)

ChangePassword API operation for AWS Identity and Access Management.

Changes the password of the IAM user who is calling this operation. The AWS account root user password is not affected by this operation.

To change the password for a different user, see UpdateLoginProfile. For more information about modifying passwords, see Managing Passwords (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ChangePassword for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidUserTypeException "InvalidUserType" The request was rejected because the type of user for the transaction was incorrect.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable" The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

  • ErrCodePasswordPolicyViolationException "PasswordPolicyViolation" The request was rejected because the provided password did not meet the requirements imposed by the account password policy.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ChangePassword

Example (Shared00)

To change the password for your IAM user

The following command changes the password for the current IAM user.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ChangePasswordInput{
		NewPassword: aws.String("]35d/{pB9Fo9wJ"),
		OldPassword: aws.String("3s0K_;xh4~8XXI"),
	}

	result, err := svc.ChangePassword(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeInvalidUserTypeException:
				fmt.Println(iam.ErrCodeInvalidUserTypeException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityTemporarilyUnmodifiableException:
				fmt.Println(iam.ErrCodeEntityTemporarilyUnmodifiableException, aerr.Error())
			case iam.ErrCodePasswordPolicyViolationException:
				fmt.Println(iam.ErrCodePasswordPolicyViolationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ChangePasswordRequest

func (c *IAM) ChangePasswordRequest(input *ChangePasswordInput) (req *request.Request, output *ChangePasswordOutput)

ChangePasswordRequest generates a "aws/request.Request" representing the client's request for the ChangePassword operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ChangePassword for more information on using the ChangePassword API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ChangePasswordRequest method.
req, resp := client.ChangePasswordRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ChangePassword

func (*IAM) ChangePasswordWithContext added in v1.8.0

func (c *IAM) ChangePasswordWithContext(ctx aws.Context, input *ChangePasswordInput, opts ...request.Option) (*ChangePasswordOutput, error)

ChangePasswordWithContext is the same as ChangePassword with the addition of the ability to pass a context and additional request options.

See ChangePassword for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateAccessKey

func (c *IAM) CreateAccessKey(input *CreateAccessKeyInput) (*CreateAccessKeyOutput, error)

CreateAccessKey API operation for AWS Identity and Access Management.

Creates a new AWS secret access key and corresponding AWS access key ID for the specified user. The default status for new keys is Active.

If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing the request. Because this operation works for access keys under the AWS account, you can use this operation to manage AWS account root user credentials. This is true even if the AWS account has no associated users.

For information about limits on the number of keys you can create, see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

To ensure the security of your AWS account, the secret access key is accessible only during key and user creation. You must save the key (for example, in a text file) if you want to be able to access it again. If a secret key is lost, you can delete the access keys for the associated user and then create new keys.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateAccessKey for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccessKey

Example (Shared00)

To create an access key for an IAM user

The following command creates an access key (access key ID and secret access key) for the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateAccessKeyInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.CreateAccessKey(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateAccessKeyRequest

func (c *IAM) CreateAccessKeyRequest(input *CreateAccessKeyInput) (req *request.Request, output *CreateAccessKeyOutput)

CreateAccessKeyRequest generates a "aws/request.Request" representing the client's request for the CreateAccessKey operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateAccessKey for more information on using the CreateAccessKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateAccessKeyRequest method.
req, resp := client.CreateAccessKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccessKey

func (*IAM) CreateAccessKeyWithContext added in v1.8.0

func (c *IAM) CreateAccessKeyWithContext(ctx aws.Context, input *CreateAccessKeyInput, opts ...request.Option) (*CreateAccessKeyOutput, error)

CreateAccessKeyWithContext is the same as CreateAccessKey with the addition of the ability to pass a context and additional request options.

See CreateAccessKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateAccountAlias

func (c *IAM) CreateAccountAlias(input *CreateAccountAliasInput) (*CreateAccountAliasOutput, error)

CreateAccountAlias API operation for AWS Identity and Access Management.

Creates an alias for your AWS account. For information about using an AWS account alias, see Using an Alias for Your AWS Account ID (http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateAccountAlias for usage and error information.

Returned Error Codes:

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccountAlias

Example (Shared00)

To create an account alias

The following command associates the alias examplecorp to your AWS account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateAccountAliasInput{
		AccountAlias: aws.String("examplecorp"),
	}

	result, err := svc.CreateAccountAlias(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateAccountAliasRequest

func (c *IAM) CreateAccountAliasRequest(input *CreateAccountAliasInput) (req *request.Request, output *CreateAccountAliasOutput)

CreateAccountAliasRequest generates a "aws/request.Request" representing the client's request for the CreateAccountAlias operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateAccountAlias for more information on using the CreateAccountAlias API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateAccountAliasRequest method.
req, resp := client.CreateAccountAliasRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccountAlias

func (*IAM) CreateAccountAliasWithContext added in v1.8.0

func (c *IAM) CreateAccountAliasWithContext(ctx aws.Context, input *CreateAccountAliasInput, opts ...request.Option) (*CreateAccountAliasOutput, error)

CreateAccountAliasWithContext is the same as CreateAccountAlias with the addition of the ability to pass a context and additional request options.

See CreateAccountAlias for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateGroup

func (c *IAM) CreateGroup(input *CreateGroupInput) (*CreateGroupOutput, error)

CreateGroup API operation for AWS Identity and Access Management.

Creates a new group.

For information about the number of groups you can create, see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateGroup for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateGroup

Example (Shared00)

To create an IAM group

The following command creates an IAM group named Admins.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateGroupInput{
		GroupName: aws.String("Admins"),
	}

	result, err := svc.CreateGroup(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateGroupRequest

func (c *IAM) CreateGroupRequest(input *CreateGroupInput) (req *request.Request, output *CreateGroupOutput)

CreateGroupRequest generates a "aws/request.Request" representing the client's request for the CreateGroup operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateGroup for more information on using the CreateGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateGroupRequest method.
req, resp := client.CreateGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateGroup

func (*IAM) CreateGroupWithContext added in v1.8.0

func (c *IAM) CreateGroupWithContext(ctx aws.Context, input *CreateGroupInput, opts ...request.Option) (*CreateGroupOutput, error)

CreateGroupWithContext is the same as CreateGroup with the addition of the ability to pass a context and additional request options.

See CreateGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateInstanceProfile

func (c *IAM) CreateInstanceProfile(input *CreateInstanceProfileInput) (*CreateInstanceProfileOutput, error)

CreateInstanceProfile API operation for AWS Identity and Access Management.

Creates a new instance profile. For information about instance profiles, go to About Instance Profiles (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).

For information about the number of instance profiles you can create, see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateInstanceProfile for usage and error information.

Returned Error Codes:

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateInstanceProfile

Example (Shared00)

To create an instance profile

The following command creates an instance profile named Webserver that is ready to have a role attached and then be associated with an EC2 instance.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateInstanceProfileInput{
		InstanceProfileName: aws.String("Webserver"),
	}

	result, err := svc.CreateInstanceProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateInstanceProfileRequest

func (c *IAM) CreateInstanceProfileRequest(input *CreateInstanceProfileInput) (req *request.Request, output *CreateInstanceProfileOutput)

CreateInstanceProfileRequest generates a "aws/request.Request" representing the client's request for the CreateInstanceProfile operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateInstanceProfile for more information on using the CreateInstanceProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateInstanceProfileRequest method.
req, resp := client.CreateInstanceProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateInstanceProfile

func (*IAM) CreateInstanceProfileWithContext added in v1.8.0

func (c *IAM) CreateInstanceProfileWithContext(ctx aws.Context, input *CreateInstanceProfileInput, opts ...request.Option) (*CreateInstanceProfileOutput, error)

CreateInstanceProfileWithContext is the same as CreateInstanceProfile with the addition of the ability to pass a context and additional request options.

See CreateInstanceProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateLoginProfile

func (c *IAM) CreateLoginProfile(input *CreateLoginProfileInput) (*CreateLoginProfileOutput, error)

CreateLoginProfile API operation for AWS Identity and Access Management.

Creates a password for the specified user, giving the user the ability to access AWS services through the AWS Management Console. For more information about managing passwords, see Managing Passwords (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateLoginProfile for usage and error information.

Returned Error Codes:

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodePasswordPolicyViolationException "PasswordPolicyViolation" The request was rejected because the provided password did not meet the requirements imposed by the account password policy.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateLoginProfile

Example (Shared00)

To create an instance profile

The following command changes IAM user Bob's password and sets the flag that required Bob to change the password the next time he signs in.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateLoginProfileInput{
		Password:              aws.String("h]6EszR}vJ*m"),
		PasswordResetRequired: aws.Bool(true),
		UserName:              aws.String("Bob"),
	}

	result, err := svc.CreateLoginProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodePasswordPolicyViolationException:
				fmt.Println(iam.ErrCodePasswordPolicyViolationException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateLoginProfileRequest

func (c *IAM) CreateLoginProfileRequest(input *CreateLoginProfileInput) (req *request.Request, output *CreateLoginProfileOutput)

CreateLoginProfileRequest generates a "aws/request.Request" representing the client's request for the CreateLoginProfile operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateLoginProfile for more information on using the CreateLoginProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateLoginProfileRequest method.
req, resp := client.CreateLoginProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateLoginProfile

func (*IAM) CreateLoginProfileWithContext added in v1.8.0

func (c *IAM) CreateLoginProfileWithContext(ctx aws.Context, input *CreateLoginProfileInput, opts ...request.Option) (*CreateLoginProfileOutput, error)

CreateLoginProfileWithContext is the same as CreateLoginProfile with the addition of the ability to pass a context and additional request options.

See CreateLoginProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateOpenIDConnectProvider

func (c *IAM) CreateOpenIDConnectProvider(input *CreateOpenIDConnectProviderInput) (*CreateOpenIDConnectProviderOutput, error)

CreateOpenIDConnectProvider API operation for AWS Identity and Access Management.

Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC) (http://openid.net/connect/).

The OIDC provider that you create with this operation can be used as a principal in a role's trust policy. Such a policy establishes a trust relationship between AWS and the OIDC provider.

When you create the IAM OIDC provider, you specify the following:

  • The URL of the OIDC identity provider (IdP) to trust

  • A list of client IDs (also known as audiences) that identify the application or applications that are allowed to authenticate using the OIDC provider

  • A list of thumbprints of the server certificate(s) that the IdP uses.

You get all of this information from the OIDC IdP that you want to use to access AWS.

Because trust for the OIDC provider is derived from the IAM provider that this operation creates, it is best to limit access to the CreateOpenIDConnectProvider operation to highly privileged users.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateOpenIDConnectProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateOpenIDConnectProvider

Example (Shared00)

To create an instance profile

The following example defines a new OIDC provider in IAM with a client ID of my-application-id and pointing at the server with a URL of https://server.example.com.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateOpenIDConnectProviderInput{
		ClientIDList: []*string{
			aws.String("my-application-id"),
		},
		ThumbprintList: []*string{
			aws.String("3768084dfb3d2b68b7897bf5f565da8efEXAMPLE"),
		},
		Url: aws.String("https://server.example.com"),
	}

	result, err := svc.CreateOpenIDConnectProvider(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateOpenIDConnectProviderRequest

func (c *IAM) CreateOpenIDConnectProviderRequest(input *CreateOpenIDConnectProviderInput) (req *request.Request, output *CreateOpenIDConnectProviderOutput)

CreateOpenIDConnectProviderRequest generates a "aws/request.Request" representing the client's request for the CreateOpenIDConnectProvider operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateOpenIDConnectProvider for more information on using the CreateOpenIDConnectProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateOpenIDConnectProviderRequest method.
req, resp := client.CreateOpenIDConnectProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateOpenIDConnectProvider

func (*IAM) CreateOpenIDConnectProviderWithContext added in v1.8.0

func (c *IAM) CreateOpenIDConnectProviderWithContext(ctx aws.Context, input *CreateOpenIDConnectProviderInput, opts ...request.Option) (*CreateOpenIDConnectProviderOutput, error)

CreateOpenIDConnectProviderWithContext is the same as CreateOpenIDConnectProvider with the addition of the ability to pass a context and additional request options.

See CreateOpenIDConnectProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreatePolicy

func (c *IAM) CreatePolicy(input *CreatePolicyInput) (*CreatePolicyOutput, error)

CreatePolicy API operation for AWS Identity and Access Management.

Creates a new managed policy for your AWS account.

This operation creates a policy version with a version identifier of v1 and sets v1 as the policy's default version. For more information about policy versions, see Versioning for Managed Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) in the IAM User Guide.

For more information about managed policies in general, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreatePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicy

func (*IAM) CreatePolicyRequest

func (c *IAM) CreatePolicyRequest(input *CreatePolicyInput) (req *request.Request, output *CreatePolicyOutput)

CreatePolicyRequest generates a "aws/request.Request" representing the client's request for the CreatePolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreatePolicy for more information on using the CreatePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreatePolicyRequest method.
req, resp := client.CreatePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicy

func (*IAM) CreatePolicyVersion

func (c *IAM) CreatePolicyVersion(input *CreatePolicyVersionInput) (*CreatePolicyVersionOutput, error)

CreatePolicyVersion API operation for AWS Identity and Access Management.

Creates a new version of the specified managed policy. To update a managed policy, you create a new policy version. A managed policy can have up to five versions. If the policy has five versions, you must delete an existing version using DeletePolicyVersion before you create a new version.

Optionally, you can set the new version as the policy's default version. The default version is the version that is in effect for the IAM users, groups, and roles to which the policy is attached.

For more information about managed policy versions, see Versioning for Managed Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreatePolicyVersion for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicyVersion

func (*IAM) CreatePolicyVersionRequest

func (c *IAM) CreatePolicyVersionRequest(input *CreatePolicyVersionInput) (req *request.Request, output *CreatePolicyVersionOutput)

CreatePolicyVersionRequest generates a "aws/request.Request" representing the client's request for the CreatePolicyVersion operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreatePolicyVersion for more information on using the CreatePolicyVersion API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreatePolicyVersionRequest method.
req, resp := client.CreatePolicyVersionRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicyVersion

func (*IAM) CreatePolicyVersionWithContext added in v1.8.0

func (c *IAM) CreatePolicyVersionWithContext(ctx aws.Context, input *CreatePolicyVersionInput, opts ...request.Option) (*CreatePolicyVersionOutput, error)

CreatePolicyVersionWithContext is the same as CreatePolicyVersion with the addition of the ability to pass a context and additional request options.

See CreatePolicyVersion for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreatePolicyWithContext added in v1.8.0

func (c *IAM) CreatePolicyWithContext(ctx aws.Context, input *CreatePolicyInput, opts ...request.Option) (*CreatePolicyOutput, error)

CreatePolicyWithContext is the same as CreatePolicy with the addition of the ability to pass a context and additional request options.

See CreatePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateRole

func (c *IAM) CreateRole(input *CreateRoleInput) (*CreateRoleOutput, error)

CreateRole API operation for AWS Identity and Access Management.

Creates a new role for your AWS account. For more information about roles, go to IAM Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). For information about limitations on role names and the number of roles you can create, go to Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateRole for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateRole

Example (Shared00)

To create an IAM role

The following command creates a role named Test-Role and attaches a trust policy to it that is provided as a URL-encoded JSON string.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateRoleInput{
		AssumeRolePolicyDocument: aws.String("<URL-encoded-JSON>"),
		Path:                     aws.String("/"),
		RoleName:                 aws.String("Test-Role"),
	}

	result, err := svc.CreateRole(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateRoleRequest

func (c *IAM) CreateRoleRequest(input *CreateRoleInput) (req *request.Request, output *CreateRoleOutput)

CreateRoleRequest generates a "aws/request.Request" representing the client's request for the CreateRole operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateRole for more information on using the CreateRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateRoleRequest method.
req, resp := client.CreateRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateRole

func (*IAM) CreateRoleWithContext added in v1.8.0

func (c *IAM) CreateRoleWithContext(ctx aws.Context, input *CreateRoleInput, opts ...request.Option) (*CreateRoleOutput, error)

CreateRoleWithContext is the same as CreateRole with the addition of the ability to pass a context and additional request options.

See CreateRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateSAMLProvider

func (c *IAM) CreateSAMLProvider(input *CreateSAMLProviderInput) (*CreateSAMLProviderOutput, error)

CreateSAMLProvider API operation for AWS Identity and Access Management.

Creates an IAM resource that describes an identity provider (IdP) that supports SAML 2.0.

The SAML provider resource that you create with this operation can be used as a principal in an IAM role's trust policy. Such a policy can enable federated users who sign-in using the SAML IdP to assume the role. You can create an IAM role that supports Web-based single sign-on (SSO) to the AWS Management Console or one that supports API access to AWS.

When you create the SAML provider resource, you upload a SAML metadata document that you get from your IdP. That document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that the IdP sends. You must generate the metadata document using the identity management software that is used as your organization's IdP.

This operation requires Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

For more information, see Enabling SAML 2.0 Federated Users to Access the AWS Management Console (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html) and About SAML 2.0-based Federation (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateSAMLProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateSAMLProvider

func (*IAM) CreateSAMLProviderRequest

func (c *IAM) CreateSAMLProviderRequest(input *CreateSAMLProviderInput) (req *request.Request, output *CreateSAMLProviderOutput)

CreateSAMLProviderRequest generates a "aws/request.Request" representing the client's request for the CreateSAMLProvider operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateSAMLProvider for more information on using the CreateSAMLProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateSAMLProviderRequest method.
req, resp := client.CreateSAMLProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateSAMLProvider

func (*IAM) CreateSAMLProviderWithContext added in v1.8.0

func (c *IAM) CreateSAMLProviderWithContext(ctx aws.Context, input *CreateSAMLProviderInput, opts ...request.Option) (*CreateSAMLProviderOutput, error)

CreateSAMLProviderWithContext is the same as CreateSAMLProvider with the addition of the ability to pass a context and additional request options.

See CreateSAMLProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateServiceLinkedRole added in v1.8.14

func (c *IAM) CreateServiceLinkedRole(input *CreateServiceLinkedRoleInput) (*CreateServiceLinkedRoleOutput, error)

CreateServiceLinkedRole API operation for AWS Identity and Access Management.

Creates an IAM role that is linked to a specific AWS service. The service controls the attached policies and when the role can be deleted. This helps ensure that the service is not broken by an unexpectedly changed or deleted role, which could put your AWS resources into an unknown state. Allowing the service to control the role helps improve service stability and proper cleanup when a service and its role are no longer needed.

The name of the role is generated by combining the string that you specify for the AWSServiceName parameter with the string that you specify for the CustomSuffix parameter. The resulting name must be unique in your account or the request fails.

To attach a policy to this service-linked role, you must make the request using the AWS service that depends on this role.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateServiceLinkedRole for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceLinkedRole

func (*IAM) CreateServiceLinkedRoleRequest added in v1.8.14

func (c *IAM) CreateServiceLinkedRoleRequest(input *CreateServiceLinkedRoleInput) (req *request.Request, output *CreateServiceLinkedRoleOutput)

CreateServiceLinkedRoleRequest generates a "aws/request.Request" representing the client's request for the CreateServiceLinkedRole operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateServiceLinkedRole for more information on using the CreateServiceLinkedRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateServiceLinkedRoleRequest method.
req, resp := client.CreateServiceLinkedRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceLinkedRole

func (*IAM) CreateServiceLinkedRoleWithContext added in v1.8.14

func (c *IAM) CreateServiceLinkedRoleWithContext(ctx aws.Context, input *CreateServiceLinkedRoleInput, opts ...request.Option) (*CreateServiceLinkedRoleOutput, error)

CreateServiceLinkedRoleWithContext is the same as CreateServiceLinkedRole with the addition of the ability to pass a context and additional request options.

See CreateServiceLinkedRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateServiceSpecificCredential added in v1.6.8

func (c *IAM) CreateServiceSpecificCredential(input *CreateServiceSpecificCredentialInput) (*CreateServiceSpecificCredentialOutput, error)

CreateServiceSpecificCredential API operation for AWS Identity and Access Management.

Generates a set of credentials consisting of a user name and password that can be used to access the service specified in the request. These credentials are generated by IAM, and can be used only for the specified service.

You can have a maximum of two sets of service-specific credentials for each supported service per user.

The only supported service at this time is AWS CodeCommit.

You can reset the password to a new service-generated value by calling ResetServiceSpecificCredential.

For more information about service-specific credentials, see Using IAM with AWS CodeCommit: Git Credentials, SSH Keys, and AWS Access Keys (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_ssh-keys.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateServiceSpecificCredential for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceNotSupportedException "NotSupportedService" The specified service does not support service-specific credentials.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceSpecificCredential

func (*IAM) CreateServiceSpecificCredentialRequest added in v1.6.8

func (c *IAM) CreateServiceSpecificCredentialRequest(input *CreateServiceSpecificCredentialInput) (req *request.Request, output *CreateServiceSpecificCredentialOutput)

CreateServiceSpecificCredentialRequest generates a "aws/request.Request" representing the client's request for the CreateServiceSpecificCredential operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateServiceSpecificCredential for more information on using the CreateServiceSpecificCredential API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateServiceSpecificCredentialRequest method.
req, resp := client.CreateServiceSpecificCredentialRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceSpecificCredential

func (*IAM) CreateServiceSpecificCredentialWithContext added in v1.8.0

func (c *IAM) CreateServiceSpecificCredentialWithContext(ctx aws.Context, input *CreateServiceSpecificCredentialInput, opts ...request.Option) (*CreateServiceSpecificCredentialOutput, error)

CreateServiceSpecificCredentialWithContext is the same as CreateServiceSpecificCredential with the addition of the ability to pass a context and additional request options.

See CreateServiceSpecificCredential for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateUser

func (c *IAM) CreateUser(input *CreateUserInput) (*CreateUserOutput, error)

CreateUser API operation for AWS Identity and Access Management.

Creates a new IAM user for your AWS account.

For information about limitations on the number of IAM users you can create, see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateUser for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateUser

Example (Shared00)

To create an IAM user

The following create-user command creates an IAM user named Bob in the current account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateUserInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.CreateUser(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateUserRequest

func (c *IAM) CreateUserRequest(input *CreateUserInput) (req *request.Request, output *CreateUserOutput)

CreateUserRequest generates a "aws/request.Request" representing the client's request for the CreateUser operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateUser for more information on using the CreateUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateUserRequest method.
req, resp := client.CreateUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateUser

func (*IAM) CreateUserWithContext added in v1.8.0

func (c *IAM) CreateUserWithContext(ctx aws.Context, input *CreateUserInput, opts ...request.Option) (*CreateUserOutput, error)

CreateUserWithContext is the same as CreateUser with the addition of the ability to pass a context and additional request options.

See CreateUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateVirtualMFADevice

func (c *IAM) CreateVirtualMFADevice(input *CreateVirtualMFADeviceInput) (*CreateVirtualMFADeviceOutput, error)

CreateVirtualMFADevice API operation for AWS Identity and Access Management.

Creates a new virtual MFA device for the AWS account. After creating the virtual MFA, use EnableMFADevice to attach the MFA device to an IAM user. For more information about creating and working with virtual MFA devices, go to Using a Virtual MFA Device (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) in the IAM User Guide.

For information about limits on the number of MFA devices you can create, see Limitations on Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

The seed information contained in the QR code and the Base32 string should be treated like any other secret access information, such as your AWS access keys or your passwords. After you provision your virtual device, you should ensure that the information is destroyed following secure procedures.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateVirtualMFADevice for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateVirtualMFADevice

func (*IAM) CreateVirtualMFADeviceRequest

func (c *IAM) CreateVirtualMFADeviceRequest(input *CreateVirtualMFADeviceInput) (req *request.Request, output *CreateVirtualMFADeviceOutput)

CreateVirtualMFADeviceRequest generates a "aws/request.Request" representing the client's request for the CreateVirtualMFADevice operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateVirtualMFADevice for more information on using the CreateVirtualMFADevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateVirtualMFADeviceRequest method.
req, resp := client.CreateVirtualMFADeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateVirtualMFADevice

func (*IAM) CreateVirtualMFADeviceWithContext added in v1.8.0

func (c *IAM) CreateVirtualMFADeviceWithContext(ctx aws.Context, input *CreateVirtualMFADeviceInput, opts ...request.Option) (*CreateVirtualMFADeviceOutput, error)

CreateVirtualMFADeviceWithContext is the same as CreateVirtualMFADevice with the addition of the ability to pass a context and additional request options.

See CreateVirtualMFADevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeactivateMFADevice

func (c *IAM) DeactivateMFADevice(input *DeactivateMFADeviceInput) (*DeactivateMFADeviceOutput, error)

DeactivateMFADevice API operation for AWS Identity and Access Management.

Deactivates the specified MFA device and removes it from association with the user name for which it was originally enabled.

For more information about creating and working with virtual MFA devices, go to Using a Virtual MFA Device (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeactivateMFADevice for usage and error information.

Returned Error Codes:

  • ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable" The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeactivateMFADevice

func (*IAM) DeactivateMFADeviceRequest

func (c *IAM) DeactivateMFADeviceRequest(input *DeactivateMFADeviceInput) (req *request.Request, output *DeactivateMFADeviceOutput)

DeactivateMFADeviceRequest generates a "aws/request.Request" representing the client's request for the DeactivateMFADevice operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeactivateMFADevice for more information on using the DeactivateMFADevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeactivateMFADeviceRequest method.
req, resp := client.DeactivateMFADeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeactivateMFADevice

func (*IAM) DeactivateMFADeviceWithContext added in v1.8.0

func (c *IAM) DeactivateMFADeviceWithContext(ctx aws.Context, input *DeactivateMFADeviceInput, opts ...request.Option) (*DeactivateMFADeviceOutput, error)

DeactivateMFADeviceWithContext is the same as DeactivateMFADevice with the addition of the ability to pass a context and additional request options.

See DeactivateMFADevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteAccessKey

func (c *IAM) DeleteAccessKey(input *DeleteAccessKeyInput) (*DeleteAccessKeyOutput, error)

DeleteAccessKey API operation for AWS Identity and Access Management.

Deletes the access key pair associated with the specified IAM user.

If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing the request. Because this operation works for access keys under the AWS account, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated users.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteAccessKey for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccessKey

Example (Shared00)

To delete an access key for an IAM user

The following command deletes one access key (access key ID and secret access key) assigned to the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteAccessKeyInput{
		AccessKeyId: aws.String("AKIDPMS9RO4H3FEXAMPLE"),
		UserName:    aws.String("Bob"),
	}

	result, err := svc.DeleteAccessKey(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteAccessKeyRequest

func (c *IAM) DeleteAccessKeyRequest(input *DeleteAccessKeyInput) (req *request.Request, output *DeleteAccessKeyOutput)

DeleteAccessKeyRequest generates a "aws/request.Request" representing the client's request for the DeleteAccessKey operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteAccessKey for more information on using the DeleteAccessKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteAccessKeyRequest method.
req, resp := client.DeleteAccessKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccessKey

func (*IAM) DeleteAccessKeyWithContext added in v1.8.0

func (c *IAM) DeleteAccessKeyWithContext(ctx aws.Context, input *DeleteAccessKeyInput, opts ...request.Option) (*DeleteAccessKeyOutput, error)

DeleteAccessKeyWithContext is the same as DeleteAccessKey with the addition of the ability to pass a context and additional request options.

See DeleteAccessKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteAccountAlias

func (c *IAM) DeleteAccountAlias(input *DeleteAccountAliasInput) (*DeleteAccountAliasOutput, error)

DeleteAccountAlias API operation for AWS Identity and Access Management.

Deletes the specified AWS account alias. For information about using an AWS account alias, see Using an Alias for Your AWS Account ID (http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteAccountAlias for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountAlias

Example (Shared00)

To delete an account alias

The following command removes the alias mycompany from the current AWS account:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteAccountAliasInput{
		AccountAlias: aws.String("mycompany"),
	}

	result, err := svc.DeleteAccountAlias(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteAccountAliasRequest

func (c *IAM) DeleteAccountAliasRequest(input *DeleteAccountAliasInput) (req *request.Request, output *DeleteAccountAliasOutput)

DeleteAccountAliasRequest generates a "aws/request.Request" representing the client's request for the DeleteAccountAlias operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteAccountAlias for more information on using the DeleteAccountAlias API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteAccountAliasRequest method.
req, resp := client.DeleteAccountAliasRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountAlias

func (*IAM) DeleteAccountAliasWithContext added in v1.8.0

func (c *IAM) DeleteAccountAliasWithContext(ctx aws.Context, input *DeleteAccountAliasInput, opts ...request.Option) (*DeleteAccountAliasOutput, error)

DeleteAccountAliasWithContext is the same as DeleteAccountAlias with the addition of the ability to pass a context and additional request options.

See DeleteAccountAlias for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteAccountPasswordPolicy

func (c *IAM) DeleteAccountPasswordPolicy(input *DeleteAccountPasswordPolicyInput) (*DeleteAccountPasswordPolicyOutput, error)

DeleteAccountPasswordPolicy API operation for AWS Identity and Access Management.

Deletes the password policy for the AWS account. There are no parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteAccountPasswordPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountPasswordPolicy

Example (Shared00)

To delete the current account password policy

The following command removes the password policy from the current AWS account:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteAccountPasswordPolicyInput{}

	result, err := svc.DeleteAccountPasswordPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteAccountPasswordPolicyRequest

func (c *IAM) DeleteAccountPasswordPolicyRequest(input *DeleteAccountPasswordPolicyInput) (req *request.Request, output *DeleteAccountPasswordPolicyOutput)

DeleteAccountPasswordPolicyRequest generates a "aws/request.Request" representing the client's request for the DeleteAccountPasswordPolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteAccountPasswordPolicy for more information on using the DeleteAccountPasswordPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteAccountPasswordPolicyRequest method.
req, resp := client.DeleteAccountPasswordPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountPasswordPolicy

func (*IAM) DeleteAccountPasswordPolicyWithContext added in v1.8.0

func (c *IAM) DeleteAccountPasswordPolicyWithContext(ctx aws.Context, input *DeleteAccountPasswordPolicyInput, opts ...request.Option) (*DeleteAccountPasswordPolicyOutput, error)

DeleteAccountPasswordPolicyWithContext is the same as DeleteAccountPasswordPolicy with the addition of the ability to pass a context and additional request options.

See DeleteAccountPasswordPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteGroup

func (c *IAM) DeleteGroup(input *DeleteGroupInput) (*DeleteGroupOutput, error)

DeleteGroup API operation for AWS Identity and Access Management.

Deletes the specified IAM group. The group must not contain any users or have any attached policies.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteGroup for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroup

func (*IAM) DeleteGroupPolicy

func (c *IAM) DeleteGroupPolicy(input *DeleteGroupPolicyInput) (*DeleteGroupPolicyOutput, error)

DeleteGroupPolicy API operation for AWS Identity and Access Management.

Deletes the specified inline policy that is embedded in the specified IAM group.

A group can also have managed policies attached to it. To detach a managed policy from a group, use DetachGroupPolicy. For more information about policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteGroupPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroupPolicy

Example (Shared00)

To delete a policy from an IAM group

The following command deletes the policy named ExamplePolicy from the group named Admins:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteGroupPolicyInput{
		GroupName:  aws.String("Admins"),
		PolicyName: aws.String("ExamplePolicy"),
	}

	result, err := svc.DeleteGroupPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteGroupPolicyRequest

func (c *IAM) DeleteGroupPolicyRequest(input *DeleteGroupPolicyInput) (req *request.Request, output *DeleteGroupPolicyOutput)

DeleteGroupPolicyRequest generates a "aws/request.Request" representing the client's request for the DeleteGroupPolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteGroupPolicy for more information on using the DeleteGroupPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteGroupPolicyRequest method.
req, resp := client.DeleteGroupPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroupPolicy

func (*IAM) DeleteGroupPolicyWithContext added in v1.8.0

func (c *IAM) DeleteGroupPolicyWithContext(ctx aws.Context, input *DeleteGroupPolicyInput, opts ...request.Option) (*DeleteGroupPolicyOutput, error)

DeleteGroupPolicyWithContext is the same as DeleteGroupPolicy with the addition of the ability to pass a context and additional request options.

See DeleteGroupPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteGroupRequest

func (c *IAM) DeleteGroupRequest(input *DeleteGroupInput) (req *request.Request, output *DeleteGroupOutput)

DeleteGroupRequest generates a "aws/request.Request" representing the client's request for the DeleteGroup operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteGroup for more information on using the DeleteGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteGroupRequest method.
req, resp := client.DeleteGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroup

func (*IAM) DeleteGroupWithContext added in v1.8.0

func (c *IAM) DeleteGroupWithContext(ctx aws.Context, input *DeleteGroupInput, opts ...request.Option) (*DeleteGroupOutput, error)

DeleteGroupWithContext is the same as DeleteGroup with the addition of the ability to pass a context and additional request options.

See DeleteGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteInstanceProfile

func (c *IAM) DeleteInstanceProfile(input *DeleteInstanceProfileInput) (*DeleteInstanceProfileOutput, error)

DeleteInstanceProfile API operation for AWS Identity and Access Management.

Deletes the specified instance profile. The instance profile must not have an associated role.

Make sure that you do not have any Amazon EC2 instances running with the instance profile you are about to delete. Deleting a role or instance profile that is associated with a running instance will break any applications running on the instance.

For more information about instance profiles, go to About Instance Profiles (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteInstanceProfile for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteInstanceProfile

Example (Shared00)

To delete an instance profile

The following command deletes the instance profile named ExampleInstanceProfile

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteInstanceProfileInput{
		InstanceProfileName: aws.String("ExampleInstanceProfile"),
	}

	result, err := svc.DeleteInstanceProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeDeleteConflictException:
				fmt.Println(iam.ErrCodeDeleteConflictException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteInstanceProfileRequest

func (c *IAM) DeleteInstanceProfileRequest(input *DeleteInstanceProfileInput) (req *request.Request, output *DeleteInstanceProfileOutput)

DeleteInstanceProfileRequest generates a "aws/request.Request" representing the client's request for the DeleteInstanceProfile operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteInstanceProfile for more information on using the DeleteInstanceProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteInstanceProfileRequest method.
req, resp := client.DeleteInstanceProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteInstanceProfile

func (*IAM) DeleteInstanceProfileWithContext added in v1.8.0

func (c *IAM) DeleteInstanceProfileWithContext(ctx aws.Context, input *DeleteInstanceProfileInput, opts ...request.Option) (*DeleteInstanceProfileOutput, error)

DeleteInstanceProfileWithContext is the same as DeleteInstanceProfile with the addition of the ability to pass a context and additional request options.

See DeleteInstanceProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteLoginProfile

func (c *IAM) DeleteLoginProfile(input *DeleteLoginProfileInput) (*DeleteLoginProfileOutput, error)

DeleteLoginProfile API operation for AWS Identity and Access Management.

Deletes the password for the specified IAM user, which terminates the user's ability to access AWS services through the AWS Management Console.

Deleting a user's password does not prevent a user from accessing AWS through the command line interface or the API. To prevent all user access you must also either make any access keys inactive or delete them. For more information about making keys inactive or deleting them, see UpdateAccessKey and DeleteAccessKey.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteLoginProfile for usage and error information.

Returned Error Codes:

  • ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable" The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteLoginProfile

Example (Shared00)

To delete a password for an IAM user

The following command deletes the password for the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteLoginProfileInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.DeleteLoginProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeEntityTemporarilyUnmodifiableException:
				fmt.Println(iam.ErrCodeEntityTemporarilyUnmodifiableException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteLoginProfileRequest

func (c *IAM) DeleteLoginProfileRequest(input *DeleteLoginProfileInput) (req *request.Request, output *DeleteLoginProfileOutput)

DeleteLoginProfileRequest generates a "aws/request.Request" representing the client's request for the DeleteLoginProfile operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteLoginProfile for more information on using the DeleteLoginProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteLoginProfileRequest method.
req, resp := client.DeleteLoginProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteLoginProfile

func (*IAM) DeleteLoginProfileWithContext added in v1.8.0

func (c *IAM) DeleteLoginProfileWithContext(ctx aws.Context, input *DeleteLoginProfileInput, opts ...request.Option) (*DeleteLoginProfileOutput, error)

DeleteLoginProfileWithContext is the same as DeleteLoginProfile with the addition of the ability to pass a context and additional request options.

See DeleteLoginProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteOpenIDConnectProvider

func (c *IAM) DeleteOpenIDConnectProvider(input *DeleteOpenIDConnectProviderInput) (*DeleteOpenIDConnectProviderOutput, error)

DeleteOpenIDConnectProvider API operation for AWS Identity and Access Management.

Deletes an OpenID Connect identity provider (IdP) resource object in IAM.

Deleting an IAM OIDC provider resource does not update any roles that reference the provider as a principal in their trust policies. Any attempt to assume a role that references a deleted provider fails.

This operation is idempotent; it does not fail or return an error if you call the operation for a provider that does not exist.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteOpenIDConnectProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteOpenIDConnectProvider

func (*IAM) DeleteOpenIDConnectProviderRequest

func (c *IAM) DeleteOpenIDConnectProviderRequest(input *DeleteOpenIDConnectProviderInput) (req *request.Request, output *DeleteOpenIDConnectProviderOutput)

DeleteOpenIDConnectProviderRequest generates a "aws/request.Request" representing the client's request for the DeleteOpenIDConnectProvider operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteOpenIDConnectProvider for more information on using the DeleteOpenIDConnectProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteOpenIDConnectProviderRequest method.
req, resp := client.DeleteOpenIDConnectProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteOpenIDConnectProvider

func (*IAM) DeleteOpenIDConnectProviderWithContext added in v1.8.0

func (c *IAM) DeleteOpenIDConnectProviderWithContext(ctx aws.Context, input *DeleteOpenIDConnectProviderInput, opts ...request.Option) (*DeleteOpenIDConnectProviderOutput, error)

DeleteOpenIDConnectProviderWithContext is the same as DeleteOpenIDConnectProvider with the addition of the ability to pass a context and additional request options.

See DeleteOpenIDConnectProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeletePolicy

func (c *IAM) DeletePolicy(input *DeletePolicyInput) (*DeletePolicyOutput, error)

DeletePolicy API operation for AWS Identity and Access Management.

Deletes the specified managed policy.

Before you can delete a managed policy, you must first detach the policy from all users, groups, and roles that it is attached to. In addition you must delete all the policy's versions. The following steps describe the process for deleting a managed policy:

  • Detach the policy from all users, groups, and roles that the policy is attached to, using the DetachUserPolicy, DetachGroupPolicy, or DetachRolePolicy API operations. To list all the users, groups, and roles that a policy is attached to, use ListEntitiesForPolicy.

  • Delete all versions of the policy using DeletePolicyVersion. To list the policy's versions, use ListPolicyVersions. You cannot use DeletePolicyVersion to delete the version that is marked as the default version. You delete the policy's default version in the next step of the process.

  • Delete the policy (this automatically deletes the policy's default version) using this API.

For information about managed policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeletePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicy

func (*IAM) DeletePolicyRequest

func (c *IAM) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Request, output *DeletePolicyOutput)

DeletePolicyRequest generates a "aws/request.Request" representing the client's request for the DeletePolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeletePolicy for more information on using the DeletePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeletePolicyRequest method.
req, resp := client.DeletePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicy

func (*IAM) DeletePolicyVersion

func (c *IAM) DeletePolicyVersion(input *DeletePolicyVersionInput) (*DeletePolicyVersionOutput, error)

DeletePolicyVersion API operation for AWS Identity and Access Management.

Deletes the specified version from the specified managed policy.

You cannot delete the default version from a policy using this API. To delete the default version from a policy, use DeletePolicy. To find out which version of a policy is marked as the default version, use ListPolicyVersions.

For information about versions for managed policies, see Versioning for Managed Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeletePolicyVersion for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicyVersion

func (*IAM) DeletePolicyVersionRequest

func (c *IAM) DeletePolicyVersionRequest(input *DeletePolicyVersionInput) (req *request.Request, output *DeletePolicyVersionOutput)

DeletePolicyVersionRequest generates a "aws/request.Request" representing the client's request for the DeletePolicyVersion operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeletePolicyVersion for more information on using the DeletePolicyVersion API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeletePolicyVersionRequest method.
req, resp := client.DeletePolicyVersionRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicyVersion

func (*IAM) DeletePolicyVersionWithContext added in v1.8.0

func (c *IAM) DeletePolicyVersionWithContext(ctx aws.Context, input *DeletePolicyVersionInput, opts ...request.Option) (*DeletePolicyVersionOutput, error)

DeletePolicyVersionWithContext is the same as DeletePolicyVersion with the addition of the ability to pass a context and additional request options.

See DeletePolicyVersion for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeletePolicyWithContext added in v1.8.0

func (c *IAM) DeletePolicyWithContext(ctx aws.Context, input *DeletePolicyInput, opts ...request.Option) (*DeletePolicyOutput, error)

DeletePolicyWithContext is the same as DeletePolicy with the addition of the ability to pass a context and additional request options.

See DeletePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteRole

func (c *IAM) DeleteRole(input *DeleteRoleInput) (*DeleteRoleOutput, error)

DeleteRole API operation for AWS Identity and Access Management.

Deletes the specified role. The role must not have any policies attached. For more information about roles, go to Working with Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).

Make sure that you do not have any Amazon EC2 instances running with the role you are about to delete. Deleting a role or instance profile that is associated with a running instance will break any applications running on the instance.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteRole for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRole

Example (Shared00)

To delete an IAM role

The following command removes the role named Test-Role.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteRoleInput{
		RoleName: aws.String("Test-Role"),
	}

	result, err := svc.DeleteRole(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeDeleteConflictException:
				fmt.Println(iam.ErrCodeDeleteConflictException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteRolePolicy

func (c *IAM) DeleteRolePolicy(input *DeleteRolePolicyInput) (*DeleteRolePolicyOutput, error)

DeleteRolePolicy API operation for AWS Identity and Access Management.

Deletes the specified inline policy that is embedded in the specified IAM role.

A role can also have managed policies attached to it. To detach a managed policy from a role, use DetachRolePolicy. For more information about policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteRolePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePolicy

Example (Shared00)

To remove a policy from an IAM role

The following command removes the policy named ExamplePolicy from the role named Test-Role.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteRolePolicyInput{
		PolicyName: aws.String("ExamplePolicy"),
		RoleName:   aws.String("Test-Role"),
	}

	result, err := svc.DeleteRolePolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteRolePolicyRequest

func (c *IAM) DeleteRolePolicyRequest(input *DeleteRolePolicyInput) (req *request.Request, output *DeleteRolePolicyOutput)

DeleteRolePolicyRequest generates a "aws/request.Request" representing the client's request for the DeleteRolePolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteRolePolicy for more information on using the DeleteRolePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteRolePolicyRequest method.
req, resp := client.DeleteRolePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePolicy

func (*IAM) DeleteRolePolicyWithContext added in v1.8.0

func (c *IAM) DeleteRolePolicyWithContext(ctx aws.Context, input *DeleteRolePolicyInput, opts ...request.Option) (*DeleteRolePolicyOutput, error)

DeleteRolePolicyWithContext is the same as DeleteRolePolicy with the addition of the ability to pass a context and additional request options.

See DeleteRolePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteRoleRequest

func (c *IAM) DeleteRoleRequest(input *DeleteRoleInput) (req *request.Request, output *DeleteRoleOutput)

DeleteRoleRequest generates a "aws/request.Request" representing the client's request for the DeleteRole operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteRole for more information on using the DeleteRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteRoleRequest method.
req, resp := client.DeleteRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRole

func (*IAM) DeleteRoleWithContext added in v1.8.0

func (c *IAM) DeleteRoleWithContext(ctx aws.Context, input *DeleteRoleInput, opts ...request.Option) (*DeleteRoleOutput, error)

DeleteRoleWithContext is the same as DeleteRole with the addition of the ability to pass a context and additional request options.

See DeleteRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteSAMLProvider

func (c *IAM) DeleteSAMLProvider(input *DeleteSAMLProviderInput) (*DeleteSAMLProviderOutput, error)

DeleteSAMLProvider API operation for AWS Identity and Access Management.

Deletes a SAML provider resource in IAM.

Deleting the provider resource from IAM does not update any roles that reference the SAML provider resource's ARN as a principal in their trust policies. Any attempt to assume a role that references a non-existent provider resource ARN fails.

This operation requires Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteSAMLProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSAMLProvider

func (*IAM) DeleteSAMLProviderRequest

func (c *IAM) DeleteSAMLProviderRequest(input *DeleteSAMLProviderInput) (req *request.Request, output *DeleteSAMLProviderOutput)

DeleteSAMLProviderRequest generates a "aws/request.Request" representing the client's request for the DeleteSAMLProvider operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteSAMLProvider for more information on using the DeleteSAMLProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteSAMLProviderRequest method.
req, resp := client.DeleteSAMLProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSAMLProvider

func (*IAM) DeleteSAMLProviderWithContext added in v1.8.0

func (c *IAM) DeleteSAMLProviderWithContext(ctx aws.Context, input *DeleteSAMLProviderInput, opts ...request.Option) (*DeleteSAMLProviderOutput, error)

DeleteSAMLProviderWithContext is the same as DeleteSAMLProvider with the addition of the ability to pass a context and additional request options.

See DeleteSAMLProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteSSHPublicKey added in v0.6.6

func (c *IAM) DeleteSSHPublicKey(input *DeleteSSHPublicKeyInput) (*DeleteSSHPublicKeyOutput, error)

DeleteSSHPublicKey API operation for AWS Identity and Access Management.

Deletes the specified SSH public key.

The SSH public key deleted by this operation is used only for authenticating the associated IAM user to an AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS CodeCommit for SSH Connections (http://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the AWS CodeCommit User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteSSHPublicKey for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSSHPublicKey

func (*IAM) DeleteSSHPublicKeyRequest added in v0.6.6

func (c *IAM) DeleteSSHPublicKeyRequest(input *DeleteSSHPublicKeyInput) (req *request.Request, output *DeleteSSHPublicKeyOutput)

DeleteSSHPublicKeyRequest generates a "aws/request.Request" representing the client's request for the DeleteSSHPublicKey operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteSSHPublicKey for more information on using the DeleteSSHPublicKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteSSHPublicKeyRequest method.
req, resp := client.DeleteSSHPublicKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSSHPublicKey

func (*IAM) DeleteSSHPublicKeyWithContext added in v1.8.0

func (c *IAM) DeleteSSHPublicKeyWithContext(ctx aws.Context, input *DeleteSSHPublicKeyInput, opts ...request.Option) (*DeleteSSHPublicKeyOutput, error)

DeleteSSHPublicKeyWithContext is the same as DeleteSSHPublicKey with the addition of the ability to pass a context and additional request options.

See DeleteSSHPublicKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteServerCertificate

func (c *IAM) DeleteServerCertificate(input *DeleteServerCertificateInput) (*DeleteServerCertificateOutput, error)

DeleteServerCertificate API operation for AWS Identity and Access Management.

Deletes the specified server certificate.

For more information about working with server certificates, see Working with Server Certificates (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic also includes a list of AWS services that can use the server certificates that you manage with IAM.

If you are using a server certificate with Elastic Load Balancing, deleting the certificate could have implications for your application. If Elastic Load Balancing doesn't detect the deletion of bound certificates, it may continue to use the certificates. This could cause Elastic Load Balancing to stop accepting traffic. We recommend that you remove the reference to the certificate from Elastic Load Balancing before using this command to delete the certificate. For more information, go to DeleteLoadBalancerListeners (http://docs.aws.amazon.com/ElasticLoadBalancing/latest/APIReference/API_DeleteLoadBalancerListeners.html) in the Elastic Load Balancing API Reference.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteServerCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServerCertificate

func (*IAM) DeleteServerCertificateRequest

func (c *IAM) DeleteServerCertificateRequest(input *DeleteServerCertificateInput) (req *request.Request, output *DeleteServerCertificateOutput)

DeleteServerCertificateRequest generates a "aws/request.Request" representing the client's request for the DeleteServerCertificate operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteServerCertificate for more information on using the DeleteServerCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteServerCertificateRequest method.
req, resp := client.DeleteServerCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServerCertificate

func (*IAM) DeleteServerCertificateWithContext added in v1.8.0

func (c *IAM) DeleteServerCertificateWithContext(ctx aws.Context, input *DeleteServerCertificateInput, opts ...request.Option) (*DeleteServerCertificateOutput, error)

DeleteServerCertificateWithContext is the same as DeleteServerCertificate with the addition of the ability to pass a context and additional request options.

See DeleteServerCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteServiceLinkedRole added in v1.10.47

func (c *IAM) DeleteServiceLinkedRole(input *DeleteServiceLinkedRoleInput) (*DeleteServiceLinkedRoleOutput, error)

DeleteServiceLinkedRole API operation for AWS Identity and Access Management.

Submits a service-linked role deletion request and returns a DeletionTaskId, which you can use to check the status of the deletion. Before you call this operation, confirm that the role has no active sessions and that any resources used by the role in the linked service are deleted. If you call this operation more than once for the same service-linked role and an earlier deletion task is not complete, then the DeletionTaskId of the earlier request is returned.

If you submit a deletion request for a service-linked role whose linked service is still accessing a resource, then the deletion task fails. If it fails, the GetServiceLinkedRoleDeletionStatus API operation returns the reason for the failure, usually including the resources that must be deleted. To delete the service-linked role, you must first remove those resources from the linked service and then submit the deletion request again. Resources are specific to the service that is linked to the role. For more information about removing resources from a service, see the AWS documentation (http://docs.aws.amazon.com/) for your service.

For more information about service-linked roles, see Roles Terms and Concepts: AWS Service-Linked Role (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#iam-term-service-linked-role) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteServiceLinkedRole for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceLinkedRole

func (*IAM) DeleteServiceLinkedRoleRequest added in v1.10.47

func (c *IAM) DeleteServiceLinkedRoleRequest(input *DeleteServiceLinkedRoleInput) (req *request.Request, output *DeleteServiceLinkedRoleOutput)

DeleteServiceLinkedRoleRequest generates a "aws/request.Request" representing the client's request for the DeleteServiceLinkedRole operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteServiceLinkedRole for more information on using the DeleteServiceLinkedRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteServiceLinkedRoleRequest method.
req, resp := client.DeleteServiceLinkedRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceLinkedRole

func (*IAM) DeleteServiceLinkedRoleWithContext added in v1.10.47

func (c *IAM) DeleteServiceLinkedRoleWithContext(ctx aws.Context, input *DeleteServiceLinkedRoleInput, opts ...request.Option) (*DeleteServiceLinkedRoleOutput, error)

DeleteServiceLinkedRoleWithContext is the same as DeleteServiceLinkedRole with the addition of the ability to pass a context and additional request options.

See DeleteServiceLinkedRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteServiceSpecificCredential added in v1.6.8

func (c *IAM) DeleteServiceSpecificCredential(input *DeleteServiceSpecificCredentialInput) (*DeleteServiceSpecificCredentialOutput, error)

DeleteServiceSpecificCredential API operation for AWS Identity and Access Management.

Deletes the specified service-specific credential.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteServiceSpecificCredential for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceSpecificCredential

func (*IAM) DeleteServiceSpecificCredentialRequest added in v1.6.8

func (c *IAM) DeleteServiceSpecificCredentialRequest(input *DeleteServiceSpecificCredentialInput) (req *request.Request, output *DeleteServiceSpecificCredentialOutput)

DeleteServiceSpecificCredentialRequest generates a "aws/request.Request" representing the client's request for the DeleteServiceSpecificCredential operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteServiceSpecificCredential for more information on using the DeleteServiceSpecificCredential API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteServiceSpecificCredentialRequest method.
req, resp := client.DeleteServiceSpecificCredentialRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceSpecificCredential

func (*IAM) DeleteServiceSpecificCredentialWithContext added in v1.8.0

func (c *IAM) DeleteServiceSpecificCredentialWithContext(ctx aws.Context, input *DeleteServiceSpecificCredentialInput, opts ...request.Option) (*DeleteServiceSpecificCredentialOutput, error)

DeleteServiceSpecificCredentialWithContext is the same as DeleteServiceSpecificCredential with the addition of the ability to pass a context and additional request options.

See DeleteServiceSpecificCredential for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteSigningCertificate

func (c *IAM) DeleteSigningCertificate(input *DeleteSigningCertificateInput) (*DeleteSigningCertificateOutput, error)

DeleteSigningCertificate API operation for AWS Identity and Access Management.

Deletes a signing certificate associated with the specified IAM user.

If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing the request. Because this operation works for access keys under the AWS account, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated IAM users.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteSigningCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSigningCertificate

Example (Shared00)

To delete a signing certificate for an IAM user

The following command deletes the specified signing certificate for the IAM user named Anika.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteSigningCertificateInput{
		CertificateId: aws.String("TA7SMP42TDN5Z26OBPJE7EXAMPLE"),
		UserName:      aws.String("Anika"),
	}

	result, err := svc.DeleteSigningCertificate(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteSigningCertificateRequest

func (c *IAM) DeleteSigningCertificateRequest(input *DeleteSigningCertificateInput) (req *request.Request, output *DeleteSigningCertificateOutput)

DeleteSigningCertificateRequest generates a "aws/request.Request" representing the client's request for the DeleteSigningCertificate operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteSigningCertificate for more information on using the DeleteSigningCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteSigningCertificateRequest method.
req, resp := client.DeleteSigningCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSigningCertificate

func (*IAM) DeleteSigningCertificateWithContext added in v1.8.0

func (c *IAM) DeleteSigningCertificateWithContext(ctx aws.Context, input *DeleteSigningCertificateInput, opts ...request.Option) (*DeleteSigningCertificateOutput, error)

DeleteSigningCertificateWithContext is the same as DeleteSigningCertificate with the addition of the ability to pass a context and additional request options.

See DeleteSigningCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteUser

func (c *IAM) DeleteUser(input *DeleteUserInput) (*DeleteUserOutput, error)

DeleteUser API operation for AWS Identity and Access Management.

Deletes the specified IAM user. The user must not belong to any groups or have any access keys, signing certificates, or attached policies.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteUser for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUser

Example (Shared00)

To delete an IAM user

The following command removes the IAM user named Bob from the current account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteUserInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.DeleteUser(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeDeleteConflictException:
				fmt.Println(iam.ErrCodeDeleteConflictException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteUserPolicy

func (c *IAM) DeleteUserPolicy(input *DeleteUserPolicyInput) (*DeleteUserPolicyOutput, error)

DeleteUserPolicy API operation for AWS Identity and Access Management.

Deletes the specified inline policy that is embedded in the specified IAM user.

A user can also have managed policies attached to it. To detach a managed policy from a user, use DetachUserPolicy. For more information about policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteUserPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPolicy

Example (Shared00)

To remove a policy from an IAM user

The following delete-user-policy command removes the specified policy from the IAM user named Juan:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteUserPolicyInput{
		PolicyName: aws.String("ExamplePolicy"),
		UserName:   aws.String("Juan"),
	}

	result, err := svc.DeleteUserPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteUserPolicyRequest

func (c *IAM) DeleteUserPolicyRequest(input *DeleteUserPolicyInput) (req *request.Request, output *DeleteUserPolicyOutput)

DeleteUserPolicyRequest generates a "aws/request.Request" representing the client's request for the DeleteUserPolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteUserPolicy for more information on using the DeleteUserPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteUserPolicyRequest method.
req, resp := client.DeleteUserPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPolicy

func (*IAM) DeleteUserPolicyWithContext added in v1.8.0

func (c *IAM) DeleteUserPolicyWithContext(ctx aws.Context, input *DeleteUserPolicyInput, opts ...request.Option) (*DeleteUserPolicyOutput, error)

DeleteUserPolicyWithContext is the same as DeleteUserPolicy with the addition of the ability to pass a context and additional request options.

See DeleteUserPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteUserRequest

func (c *IAM) DeleteUserRequest(input *DeleteUserInput) (req *request.Request, output *DeleteUserOutput)

DeleteUserRequest generates a "aws/request.Request" representing the client's request for the DeleteUser operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteUser for more information on using the DeleteUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteUserRequest method.
req, resp := client.DeleteUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUser

func (*IAM) DeleteUserWithContext added in v1.8.0

func (c *IAM) DeleteUserWithContext(ctx aws.Context, input *DeleteUserInput, opts ...request.Option) (*DeleteUserOutput, error)

DeleteUserWithContext is the same as DeleteUser with the addition of the ability to pass a context and additional request options.

See DeleteUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteVirtualMFADevice

func (c *IAM) DeleteVirtualMFADevice(input *DeleteVirtualMFADeviceInput) (*DeleteVirtualMFADeviceOutput, error)

DeleteVirtualMFADevice API operation for AWS Identity and Access Management.

Deletes a virtual MFA device.

You must deactivate a user's virtual MFA device before you can delete it. For information about deactivating MFA devices, see DeactivateMFADevice.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteVirtualMFADevice for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteVirtualMFADevice

Example (Shared00)

To remove a virtual MFA device

The following delete-virtual-mfa-device command removes the specified MFA device from the current AWS account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteVirtualMFADeviceInput{
		SerialNumber: aws.String("arn:aws:iam::123456789012:mfa/ExampleName"),
	}

	result, err := svc.DeleteVirtualMFADevice(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeDeleteConflictException:
				fmt.Println(iam.ErrCodeDeleteConflictException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteVirtualMFADeviceRequest

func (c *IAM) DeleteVirtualMFADeviceRequest(input *DeleteVirtualMFADeviceInput) (req *request.Request, output *DeleteVirtualMFADeviceOutput)

DeleteVirtualMFADeviceRequest generates a "aws/request.Request" representing the client's request for the DeleteVirtualMFADevice operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteVirtualMFADevice for more information on using the DeleteVirtualMFADevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteVirtualMFADeviceRequest method.
req, resp := client.DeleteVirtualMFADeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteVirtualMFADevice

func (*IAM) DeleteVirtualMFADeviceWithContext added in v1.8.0

func (c *IAM) DeleteVirtualMFADeviceWithContext(ctx aws.Context, input *DeleteVirtualMFADeviceInput, opts ...request.Option) (*DeleteVirtualMFADeviceOutput, error)

DeleteVirtualMFADeviceWithContext is the same as DeleteVirtualMFADevice with the addition of the ability to pass a context and additional request options.

See DeleteVirtualMFADevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DetachGroupPolicy

func (c *IAM) DetachGroupPolicy(input *DetachGroupPolicyInput) (*DetachGroupPolicyOutput, error)

DetachGroupPolicy API operation for AWS Identity and Access Management.

Removes the specified managed policy from the specified IAM group.

A group can also have inline policies embedded with it. To delete an inline policy, use the DeleteGroupPolicy API. For information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DetachGroupPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachGroupPolicy

func (*IAM) DetachGroupPolicyRequest

func (c *IAM) DetachGroupPolicyRequest(input *DetachGroupPolicyInput) (req *request.Request, output *DetachGroupPolicyOutput)

DetachGroupPolicyRequest generates a "aws/request.Request" representing the client's request for the DetachGroupPolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DetachGroupPolicy for more information on using the DetachGroupPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DetachGroupPolicyRequest method.
req, resp := client.DetachGroupPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachGroupPolicy

func (*IAM) DetachGroupPolicyWithContext added in v1.8.0

func (c *IAM) DetachGroupPolicyWithContext(ctx aws.Context, input *DetachGroupPolicyInput, opts ...request.Option) (*DetachGroupPolicyOutput, error)

DetachGroupPolicyWithContext is the same as DetachGroupPolicy with the addition of the ability to pass a context and additional request options.

See DetachGroupPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DetachRolePolicy

func (c *IAM) DetachRolePolicy(input *DetachRolePolicyInput) (*DetachRolePolicyOutput, error)

DetachRolePolicy API operation for AWS Identity and Access Management.

Removes the specified managed policy from the specified role.

A role can also have inline policies embedded with it. To delete an inline policy, use the DeleteRolePolicy API. For information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DetachRolePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachRolePolicy

func (*IAM) DetachRolePolicyRequest

func (c *IAM) DetachRolePolicyRequest(input *DetachRolePolicyInput) (req *request.Request, output *DetachRolePolicyOutput)

DetachRolePolicyRequest generates a "aws/request.Request" representing the client's request for the DetachRolePolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DetachRolePolicy for more information on using the DetachRolePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DetachRolePolicyRequest method.
req, resp := client.DetachRolePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachRolePolicy

func (*IAM) DetachRolePolicyWithContext added in v1.8.0

func (c *IAM) DetachRolePolicyWithContext(ctx aws.Context, input *DetachRolePolicyInput, opts ...request.Option) (*DetachRolePolicyOutput, error)

DetachRolePolicyWithContext is the same as DetachRolePolicy with the addition of the ability to pass a context and additional request options.

See DetachRolePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DetachUserPolicy

func (c *IAM) DetachUserPolicy(input *DetachUserPolicyInput) (*DetachUserPolicyOutput, error)

DetachUserPolicy API operation for AWS Identity and Access Management.

Removes the specified managed policy from the specified user.

A user can also have inline policies embedded with it. To delete an inline policy, use the DeleteUserPolicy API. For information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DetachUserPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachUserPolicy

func (*IAM) DetachUserPolicyRequest

func (c *IAM) DetachUserPolicyRequest(input *DetachUserPolicyInput) (req *request.Request, output *DetachUserPolicyOutput)

DetachUserPolicyRequest generates a "aws/request.Request" representing the client's request for the DetachUserPolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DetachUserPolicy for more information on using the DetachUserPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DetachUserPolicyRequest method.
req, resp := client.DetachUserPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachUserPolicy

func (*IAM) DetachUserPolicyWithContext added in v1.8.0

func (c *IAM) DetachUserPolicyWithContext(ctx aws.Context, input *DetachUserPolicyInput, opts ...request.Option) (*DetachUserPolicyOutput, error)

DetachUserPolicyWithContext is the same as DetachUserPolicy with the addition of the ability to pass a context and additional request options.

See DetachUserPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) EnableMFADevice

func (c *IAM) EnableMFADevice(input *EnableMFADeviceInput) (*EnableMFADeviceOutput, error)

EnableMFADevice API operation for AWS Identity and Access Management.

Enables the specified MFA device and associates it with the specified IAM user. When enabled, the MFA device is required for every subsequent login by the IAM user associated with the device.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation EnableMFADevice for usage and error information.

Returned Error Codes:

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable" The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

  • ErrCodeInvalidAuthenticationCodeException "InvalidAuthenticationCode" The request was rejected because the authentication code was not recognized. The error message describes the specific error.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/EnableMFADevice

func (*IAM) EnableMFADeviceRequest

func (c *IAM) EnableMFADeviceRequest(input *EnableMFADeviceInput) (req *request.Request, output *EnableMFADeviceOutput)

EnableMFADeviceRequest generates a "aws/request.Request" representing the client's request for the EnableMFADevice operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See EnableMFADevice for more information on using the EnableMFADevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the EnableMFADeviceRequest method.
req, resp := client.EnableMFADeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/EnableMFADevice

func (*IAM) EnableMFADeviceWithContext added in v1.8.0

func (c *IAM) EnableMFADeviceWithContext(ctx aws.Context, input *EnableMFADeviceInput, opts ...request.Option) (*EnableMFADeviceOutput, error)

EnableMFADeviceWithContext is the same as EnableMFADevice with the addition of the ability to pass a context and additional request options.

See EnableMFADevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GenerateCredentialReport

func (c *IAM) GenerateCredentialReport(input *GenerateCredentialReportInput) (*GenerateCredentialReportOutput, error)

GenerateCredentialReport API operation for AWS Identity and Access Management.

Generates a credential report for the AWS account. For more information about the credential report, see Getting Credential Reports (http://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GenerateCredentialReport for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateCredentialReport

func (*IAM) GenerateCredentialReportRequest

func (c *IAM) GenerateCredentialReportRequest(input *GenerateCredentialReportInput) (req *request.Request, output *GenerateCredentialReportOutput)

GenerateCredentialReportRequest generates a "aws/request.Request" representing the client's request for the GenerateCredentialReport operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GenerateCredentialReport for more information on using the GenerateCredentialReport API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GenerateCredentialReportRequest method.
req, resp := client.GenerateCredentialReportRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateCredentialReport

func (*IAM) GenerateCredentialReportWithContext added in v1.8.0

func (c *IAM) GenerateCredentialReportWithContext(ctx aws.Context, input *GenerateCredentialReportInput, opts ...request.Option) (*GenerateCredentialReportOutput, error)

GenerateCredentialReportWithContext is the same as GenerateCredentialReport with the addition of the ability to pass a context and additional request options.

See GenerateCredentialReport for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetAccessKeyLastUsed

func (c *IAM) GetAccessKeyLastUsed(input *GetAccessKeyLastUsedInput) (*GetAccessKeyLastUsedOutput, error)

GetAccessKeyLastUsed API operation for AWS Identity and Access Management.

Retrieves information about when the specified access key was last used. The information includes the date and time of last use, along with the AWS service and region that were specified in the last request made with that key.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetAccessKeyLastUsed for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccessKeyLastUsed

func (*IAM) GetAccessKeyLastUsedRequest

func (c *IAM) GetAccessKeyLastUsedRequest(input *GetAccessKeyLastUsedInput) (req *request.Request, output *GetAccessKeyLastUsedOutput)

GetAccessKeyLastUsedRequest generates a "aws/request.Request" representing the client's request for the GetAccessKeyLastUsed operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetAccessKeyLastUsed for more information on using the GetAccessKeyLastUsed API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetAccessKeyLastUsedRequest method.
req, resp := client.GetAccessKeyLastUsedRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccessKeyLastUsed

func (*IAM) GetAccessKeyLastUsedWithContext added in v1.8.0

func (c *IAM) GetAccessKeyLastUsedWithContext(ctx aws.Context, input *GetAccessKeyLastUsedInput, opts ...request.Option) (*GetAccessKeyLastUsedOutput, error)

GetAccessKeyLastUsedWithContext is the same as GetAccessKeyLastUsed with the addition of the ability to pass a context and additional request options.

See GetAccessKeyLastUsed for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetAccountAuthorizationDetails

func (c *IAM) GetAccountAuthorizationDetails(input *GetAccountAuthorizationDetailsInput) (*GetAccountAuthorizationDetailsOutput, error)

GetAccountAuthorizationDetails API operation for AWS Identity and Access Management.

Retrieves information about all IAM users, groups, roles, and policies in your AWS account, including their relationships to one another. Use this API to obtain a snapshot of the configuration of IAM permissions (users, groups, roles, and policies) in your account.

Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

You can optionally filter the results using the Filter parameter. You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetAccountAuthorizationDetails for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountAuthorizationDetails

func (*IAM) GetAccountAuthorizationDetailsPages

func (c *IAM) GetAccountAuthorizationDetailsPages(input *GetAccountAuthorizationDetailsInput, fn func(*GetAccountAuthorizationDetailsOutput, bool) bool) error

GetAccountAuthorizationDetailsPages iterates over the pages of a GetAccountAuthorizationDetails operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See GetAccountAuthorizationDetails method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a GetAccountAuthorizationDetails operation.
pageNum := 0
err := client.GetAccountAuthorizationDetailsPages(params,
    func(page *GetAccountAuthorizationDetailsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) GetAccountAuthorizationDetailsPagesWithContext added in v1.8.0

func (c *IAM) GetAccountAuthorizationDetailsPagesWithContext(ctx aws.Context, input *GetAccountAuthorizationDetailsInput, fn func(*GetAccountAuthorizationDetailsOutput, bool) bool, opts ...request.Option) error

GetAccountAuthorizationDetailsPagesWithContext same as GetAccountAuthorizationDetailsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetAccountAuthorizationDetailsRequest

func (c *IAM) GetAccountAuthorizationDetailsRequest(input *GetAccountAuthorizationDetailsInput) (req *request.Request, output *GetAccountAuthorizationDetailsOutput)

GetAccountAuthorizationDetailsRequest generates a "aws/request.Request" representing the client's request for the GetAccountAuthorizationDetails operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetAccountAuthorizationDetails for more information on using the GetAccountAuthorizationDetails API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetAccountAuthorizationDetailsRequest method.
req, resp := client.GetAccountAuthorizationDetailsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountAuthorizationDetails

func (*IAM) GetAccountAuthorizationDetailsWithContext added in v1.8.0

func (c *IAM) GetAccountAuthorizationDetailsWithContext(ctx aws.Context, input *GetAccountAuthorizationDetailsInput, opts ...request.Option) (*GetAccountAuthorizationDetailsOutput, error)

GetAccountAuthorizationDetailsWithContext is the same as GetAccountAuthorizationDetails with the addition of the ability to pass a context and additional request options.

See GetAccountAuthorizationDetails for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetAccountPasswordPolicy

func (c *IAM) GetAccountPasswordPolicy(input *GetAccountPasswordPolicyInput) (*GetAccountPasswordPolicyOutput, error)

GetAccountPasswordPolicy API operation for AWS Identity and Access Management.

Retrieves the password policy for the AWS account. For more information about using a password policy, go to Managing an IAM Password Policy (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetAccountPasswordPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountPasswordPolicy

Example (Shared00)

To see the current account password policy

The following command displays details about the password policy for the current AWS account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetAccountPasswordPolicyInput{}

	result, err := svc.GetAccountPasswordPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetAccountPasswordPolicyRequest

func (c *IAM) GetAccountPasswordPolicyRequest(input *GetAccountPasswordPolicyInput) (req *request.Request, output *GetAccountPasswordPolicyOutput)

GetAccountPasswordPolicyRequest generates a "aws/request.Request" representing the client's request for the GetAccountPasswordPolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetAccountPasswordPolicy for more information on using the GetAccountPasswordPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetAccountPasswordPolicyRequest method.
req, resp := client.GetAccountPasswordPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountPasswordPolicy

func (*IAM) GetAccountPasswordPolicyWithContext added in v1.8.0

func (c *IAM) GetAccountPasswordPolicyWithContext(ctx aws.Context, input *GetAccountPasswordPolicyInput, opts ...request.Option) (*GetAccountPasswordPolicyOutput, error)

GetAccountPasswordPolicyWithContext is the same as GetAccountPasswordPolicy with the addition of the ability to pass a context and additional request options.

See GetAccountPasswordPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetAccountSummary

func (c *IAM) GetAccountSummary(input *GetAccountSummaryInput) (*GetAccountSummaryOutput, error)

GetAccountSummary API operation for AWS Identity and Access Management.

Retrieves information about IAM entity usage and IAM quotas in the AWS account.

For information about limitations on IAM entities, see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetAccountSummary for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountSummary

Example (Shared00)

To get information about IAM entity quotas and usage in the current account

The following command returns information about the IAM entity quotas and usage in the current AWS account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetAccountSummaryInput{}

	result, err := svc.GetAccountSummary(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetAccountSummaryRequest

func (c *IAM) GetAccountSummaryRequest(input *GetAccountSummaryInput) (req *request.Request, output *GetAccountSummaryOutput)

GetAccountSummaryRequest generates a "aws/request.Request" representing the client's request for the GetAccountSummary operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetAccountSummary for more information on using the GetAccountSummary API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetAccountSummaryRequest method.
req, resp := client.GetAccountSummaryRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountSummary

func (*IAM) GetAccountSummaryWithContext added in v1.8.0

func (c *IAM) GetAccountSummaryWithContext(ctx aws.Context, input *GetAccountSummaryInput, opts ...request.Option) (*GetAccountSummaryOutput, error)

GetAccountSummaryWithContext is the same as GetAccountSummary with the addition of the ability to pass a context and additional request options.

See GetAccountSummary for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetContextKeysForCustomPolicy added in v0.9.6

func (c *IAM) GetContextKeysForCustomPolicy(input *GetContextKeysForCustomPolicyInput) (*GetContextKeysForPolicyResponse, error)

GetContextKeysForCustomPolicy API operation for AWS Identity and Access Management.

Gets a list of all of the context keys referenced in the input policies. The policies are supplied as a list of one or more strings. To get the context keys from policies associated with an IAM user, group, or role, use GetContextKeysForPrincipalPolicy.

Context keys are variables maintained by AWS and its services that provide details about the context of an API query request. Context keys can be evaluated by testing against a value specified in an IAM policy. Use GetContextKeysForCustomPolicy to understand what key names and values you must supply when you call SimulateCustomPolicy. Note that all parameters are shown in unencoded form here for clarity but must be URL encoded to be included as a part of a real HTML request.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetContextKeysForCustomPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForCustomPolicy

func (*IAM) GetContextKeysForCustomPolicyRequest added in v0.9.6

func (c *IAM) GetContextKeysForCustomPolicyRequest(input *GetContextKeysForCustomPolicyInput) (req *request.Request, output *GetContextKeysForPolicyResponse)

GetContextKeysForCustomPolicyRequest generates a "aws/request.Request" representing the client's request for the GetContextKeysForCustomPolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetContextKeysForCustomPolicy for more information on using the GetContextKeysForCustomPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetContextKeysForCustomPolicyRequest method.
req, resp := client.GetContextKeysForCustomPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForCustomPolicy

func (*IAM) GetContextKeysForCustomPolicyWithContext added in v1.8.0

func (c *IAM) GetContextKeysForCustomPolicyWithContext(ctx aws.Context, input *GetContextKeysForCustomPolicyInput, opts ...request.Option) (*GetContextKeysForPolicyResponse, error)

GetContextKeysForCustomPolicyWithContext is the same as GetContextKeysForCustomPolicy with the addition of the ability to pass a context and additional request options.

See GetContextKeysForCustomPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetContextKeysForPrincipalPolicy added in v0.9.6

func (c *IAM) GetContextKeysForPrincipalPolicy(input *GetContextKeysForPrincipalPolicyInput) (*GetContextKeysForPolicyResponse, error)

GetContextKeysForPrincipalPolicy API operation for AWS Identity and Access Management.

Gets a list of all of the context keys referenced in all the IAM policies that are attached to the specified IAM entity. The entity can be an IAM user, group, or role. If you specify a user, then the request also includes all of the policies attached to groups that the user is a member of.

You can optionally include a list of one or more additional policies, specified as strings. If you want to include only a list of policies by string, use GetContextKeysForCustomPolicy instead.

Note: This API discloses information about the permissions granted to other users. If you do not want users to see other user's permissions, then consider allowing them to use GetContextKeysForCustomPolicy instead.

Context keys are variables maintained by AWS and its services that provide details about the context of an API query request. Context keys can be evaluated by testing against a value in an IAM policy. Use GetContextKeysForPrincipalPolicy to understand what key names and values you must supply when you call SimulatePrincipalPolicy.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetContextKeysForPrincipalPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForPrincipalPolicy

func (*IAM) GetContextKeysForPrincipalPolicyRequest added in v0.9.6

func (c *IAM) GetContextKeysForPrincipalPolicyRequest(input *GetContextKeysForPrincipalPolicyInput) (req *request.Request, output *GetContextKeysForPolicyResponse)

GetContextKeysForPrincipalPolicyRequest generates a "aws/request.Request" representing the client's request for the GetContextKeysForPrincipalPolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetContextKeysForPrincipalPolicy for more information on using the GetContextKeysForPrincipalPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetContextKeysForPrincipalPolicyRequest method.
req, resp := client.GetContextKeysForPrincipalPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForPrincipalPolicy

func (*IAM) GetContextKeysForPrincipalPolicyWithContext added in v1.8.0

func (c *IAM) GetContextKeysForPrincipalPolicyWithContext(ctx aws.Context, input *GetContextKeysForPrincipalPolicyInput, opts ...request.Option) (*GetContextKeysForPolicyResponse, error)

GetContextKeysForPrincipalPolicyWithContext is the same as GetContextKeysForPrincipalPolicy with the addition of the ability to pass a context and additional request options.

See GetContextKeysForPrincipalPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetCredentialReport

func (c *IAM) GetCredentialReport(input *GetCredentialReportInput) (*GetCredentialReportOutput, error)

GetCredentialReport API operation for AWS Identity and Access Management.

Retrieves a credential report for the AWS account. For more information about the credential report, see Getting Credential Reports (http://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetCredentialReport for usage and error information.

Returned Error Codes:

  • ErrCodeCredentialReportNotPresentException "ReportNotPresent" The request was rejected because the credential report does not exist. To generate a credential report, use GenerateCredentialReport.

  • ErrCodeCredentialReportExpiredException "ReportExpired" The request was rejected because the most recent credential report has expired. To generate a new credential report, use GenerateCredentialReport. For more information about credential report expiration, see Getting Credential Reports (http://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) in the IAM User Guide.

  • ErrCodeCredentialReportNotReadyException "ReportInProgress" The request was rejected because the credential report is still being generated.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetCredentialReport

func (*IAM) GetCredentialReportRequest

func (c *IAM) GetCredentialReportRequest(input *GetCredentialReportInput) (req *request.Request, output *GetCredentialReportOutput)

GetCredentialReportRequest generates a "aws/request.Request" representing the client's request for the GetCredentialReport operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetCredentialReport for more information on using the GetCredentialReport API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetCredentialReportRequest method.
req, resp := client.GetCredentialReportRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetCredentialReport

func (*IAM) GetCredentialReportWithContext added in v1.8.0

func (c *IAM) GetCredentialReportWithContext(ctx aws.Context, input *GetCredentialReportInput, opts ...request.Option) (*GetCredentialReportOutput, error)

GetCredentialReportWithContext is the same as GetCredentialReport with the addition of the ability to pass a context and additional request options.

See GetCredentialReport for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetGroup

func (c *IAM) GetGroup(input *GetGroupInput) (*GetGroupOutput, error)

GetGroup API operation for AWS Identity and Access Management.

Returns a list of IAM users that are in the specified IAM group. You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetGroup for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroup

func (*IAM) GetGroupPages

func (c *IAM) GetGroupPages(input *GetGroupInput, fn func(*GetGroupOutput, bool) bool) error

GetGroupPages iterates over the pages of a GetGroup operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See GetGroup method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a GetGroup operation.
pageNum := 0
err := client.GetGroupPages(params,
    func(page *GetGroupOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) GetGroupPagesWithContext added in v1.8.0

func (c *IAM) GetGroupPagesWithContext(ctx aws.Context, input *GetGroupInput, fn func(*GetGroupOutput, bool) bool, opts ...request.Option) error

GetGroupPagesWithContext same as GetGroupPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetGroupPolicy

func (c *IAM) GetGroupPolicy(input *GetGroupPolicyInput) (*GetGroupPolicyOutput, error)

GetGroupPolicy API operation for AWS Identity and Access Management.

Retrieves the specified inline policy document that is embedded in the specified IAM group.

Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

An IAM group can also have managed policies attached to it. To retrieve a managed policy document that is attached to a group, use GetPolicy to determine the policy's default version, then use GetPolicyVersion to retrieve the policy document.

For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetGroupPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroupPolicy

func (*IAM) GetGroupPolicyRequest

func (c *IAM) GetGroupPolicyRequest(input *GetGroupPolicyInput) (req *request.Request, output *GetGroupPolicyOutput)

GetGroupPolicyRequest generates a "aws/request.Request" representing the client's request for the GetGroupPolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetGroupPolicy for more information on using the GetGroupPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetGroupPolicyRequest method.
req, resp := client.GetGroupPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroupPolicy

func (*IAM) GetGroupPolicyWithContext added in v1.8.0

func (c *IAM) GetGroupPolicyWithContext(ctx aws.Context, input *GetGroupPolicyInput, opts ...request.Option) (*GetGroupPolicyOutput, error)

GetGroupPolicyWithContext is the same as GetGroupPolicy with the addition of the ability to pass a context and additional request options.

See GetGroupPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetGroupRequest

func (c *IAM) GetGroupRequest(input *GetGroupInput) (req *request.Request, output *GetGroupOutput)

GetGroupRequest generates a "aws/request.Request" representing the client's request for the GetGroup operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetGroup for more information on using the GetGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetGroupRequest method.
req, resp := client.GetGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroup

func (*IAM) GetGroupWithContext added in v1.8.0

func (c *IAM) GetGroupWithContext(ctx aws.Context, input *GetGroupInput, opts ...request.Option) (*GetGroupOutput, error)

GetGroupWithContext is the same as GetGroup with the addition of the ability to pass a context and additional request options.

See GetGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetInstanceProfile

func (c *IAM) GetInstanceProfile(input *GetInstanceProfileInput) (*GetInstanceProfileOutput, error)

GetInstanceProfile API operation for AWS Identity and Access Management.

Retrieves information about the specified instance profile, including the instance profile's path, GUID, ARN, and role. For more information about instance profiles, see About Instance Profiles (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetInstanceProfile for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetInstanceProfile

Example (Shared00)

To get information about an instance profile

The following command gets information about the instance profile named ExampleInstanceProfile.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetInstanceProfileInput{
		InstanceProfileName: aws.String("ExampleInstanceProfile"),
	}

	result, err := svc.GetInstanceProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetInstanceProfileRequest

func (c *IAM) GetInstanceProfileRequest(input *GetInstanceProfileInput) (req *request.Request, output *GetInstanceProfileOutput)

GetInstanceProfileRequest generates a "aws/request.Request" representing the client's request for the GetInstanceProfile operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetInstanceProfile for more information on using the GetInstanceProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetInstanceProfileRequest method.
req, resp := client.GetInstanceProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetInstanceProfile

func (*IAM) GetInstanceProfileWithContext added in v1.8.0

func (c *IAM) GetInstanceProfileWithContext(ctx aws.Context, input *GetInstanceProfileInput, opts ...request.Option) (*GetInstanceProfileOutput, error)

GetInstanceProfileWithContext is the same as GetInstanceProfile with the addition of the ability to pass a context and additional request options.

See GetInstanceProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetLoginProfile

func (c *IAM) GetLoginProfile(input *GetLoginProfileInput) (*GetLoginProfileOutput, error)

GetLoginProfile API operation for AWS Identity and Access Management.

Retrieves the user name and password-creation date for the specified IAM user. If the user has not been assigned a password, the operation returns a 404 (NoSuchEntity) error.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetLoginProfile for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetLoginProfile

Example (Shared00)

To get password information for an IAM user

The following command gets information about the password for the IAM user named Anika.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetLoginProfileInput{
		UserName: aws.String("Anika"),
	}

	result, err := svc.GetLoginProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetLoginProfileRequest

func (c *IAM) GetLoginProfileRequest(input *GetLoginProfileInput) (req *request.Request, output *GetLoginProfileOutput)

GetLoginProfileRequest generates a "aws/request.Request" representing the client's request for the GetLoginProfile operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetLoginProfile for more information on using the GetLoginProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetLoginProfileRequest method.
req, resp := client.GetLoginProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetLoginProfile

func (*IAM) GetLoginProfileWithContext added in v1.8.0

func (c *IAM) GetLoginProfileWithContext(ctx aws.Context, input *GetLoginProfileInput, opts ...request.Option) (*GetLoginProfileOutput, error)

GetLoginProfileWithContext is the same as GetLoginProfile with the addition of the ability to pass a context and additional request options.

See GetLoginProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetOpenIDConnectProvider

func (c *IAM) GetOpenIDConnectProvider(input *GetOpenIDConnectProviderInput) (*GetOpenIDConnectProviderOutput, error)

GetOpenIDConnectProvider API operation for AWS Identity and Access Management.

Returns information about the specified OpenID Connect (OIDC) provider resource object in IAM.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetOpenIDConnectProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOpenIDConnectProvider

func (*IAM) GetOpenIDConnectProviderRequest

func (c *IAM) GetOpenIDConnectProviderRequest(input *GetOpenIDConnectProviderInput) (req *request.Request, output *GetOpenIDConnectProviderOutput)

GetOpenIDConnectProviderRequest generates a "aws/request.Request" representing the client's request for the GetOpenIDConnectProvider operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetOpenIDConnectProvider for more information on using the GetOpenIDConnectProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetOpenIDConnectProviderRequest method.
req, resp := client.GetOpenIDConnectProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOpenIDConnectProvider

func (*IAM) GetOpenIDConnectProviderWithContext added in v1.8.0

func (c *IAM) GetOpenIDConnectProviderWithContext(ctx aws.Context, input *GetOpenIDConnectProviderInput, opts ...request.Option) (*GetOpenIDConnectProviderOutput, error)

GetOpenIDConnectProviderWithContext is the same as GetOpenIDConnectProvider with the addition of the ability to pass a context and additional request options.

See GetOpenIDConnectProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetPolicy

func (c *IAM) GetPolicy(input *GetPolicyInput) (*GetPolicyOutput, error)

GetPolicy API operation for AWS Identity and Access Management.

Retrieves information about the specified managed policy, including the policy's default version and the total number of IAM users, groups, and roles to which the policy is attached. To retrieve the list of the specific users, groups, and roles that the policy is attached to, use the ListEntitiesForPolicy API. This API returns metadata about the policy. To retrieve the actual policy document for a specific version of the policy, use GetPolicyVersion.

This API retrieves information about managed policies. To retrieve information about an inline policy that is embedded with an IAM user, group, or role, use the GetUserPolicy, GetGroupPolicy, or GetRolePolicy API.

For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicy

func (*IAM) GetPolicyRequest

func (c *IAM) GetPolicyRequest(input *GetPolicyInput) (req *request.Request, output *GetPolicyOutput)

GetPolicyRequest generates a "aws/request.Request" representing the client's request for the GetPolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetPolicy for more information on using the GetPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetPolicyRequest method.
req, resp := client.GetPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicy

func (*IAM) GetPolicyVersion

func (c *IAM) GetPolicyVersion(input *GetPolicyVersionInput) (*GetPolicyVersionOutput, error)

GetPolicyVersion API operation for AWS Identity and Access Management.

Retrieves information about the specified version of the specified managed policy, including the policy document.

Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

To list the available versions for a policy, use ListPolicyVersions.

This API retrieves information about managed policies. To retrieve information about an inline policy that is embedded in a user, group, or role, use the GetUserPolicy, GetGroupPolicy, or GetRolePolicy API.

For more information about the types of policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For more information about managed policy versions, see Versioning for Managed Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetPolicyVersion for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicyVersion

func (*IAM) GetPolicyVersionRequest

func (c *IAM) GetPolicyVersionRequest(input *GetPolicyVersionInput) (req *request.Request, output *GetPolicyVersionOutput)

GetPolicyVersionRequest generates a "aws/request.Request" representing the client's request for the GetPolicyVersion operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetPolicyVersion for more information on using the GetPolicyVersion API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetPolicyVersionRequest method.
req, resp := client.GetPolicyVersionRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicyVersion

func (*IAM) GetPolicyVersionWithContext added in v1.8.0

func (c *IAM) GetPolicyVersionWithContext(ctx aws.Context, input *GetPolicyVersionInput, opts ...request.Option) (*GetPolicyVersionOutput, error)

GetPolicyVersionWithContext is the same as GetPolicyVersion with the addition of the ability to pass a context and additional request options.

See GetPolicyVersion for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetPolicyWithContext added in v1.8.0

func (c *IAM) GetPolicyWithContext(ctx aws.Context, input *GetPolicyInput, opts ...request.Option) (*GetPolicyOutput, error)

GetPolicyWithContext is the same as GetPolicy with the addition of the ability to pass a context and additional request options.

See GetPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetRole

func (c *IAM) GetRole(input *GetRoleInput) (*GetRoleOutput, error)

GetRole API operation for AWS Identity and Access Management.

Retrieves information about the specified role, including the role's path, GUID, ARN, and the role's trust policy that grants permission to assume the role. For more information about roles, see Working with Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).

Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetRole for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRole

Example (Shared00)

To get information about an IAM role

The following command gets information about the role named Test-Role.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetRoleInput{
		RoleName: aws.String("Test-Role"),
	}

	result, err := svc.GetRole(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetRolePolicy

func (c *IAM) GetRolePolicy(input *GetRolePolicyInput) (*GetRolePolicyOutput, error)

GetRolePolicy API operation for AWS Identity and Access Management.

Retrieves the specified inline policy document that is embedded with the specified IAM role.

Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

An IAM role can also have managed policies attached to it. To retrieve a managed policy document that is attached to a role, use GetPolicy to determine the policy's default version, then use GetPolicyVersion to retrieve the policy document.

For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For more information about roles, see Using Roles to Delegate Permissions and Federate Identities (http://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetRolePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRolePolicy

func (*IAM) GetRolePolicyRequest

func (c *IAM) GetRolePolicyRequest(input *GetRolePolicyInput) (req *request.Request, output *GetRolePolicyOutput)

GetRolePolicyRequest generates a "aws/request.Request" representing the client's request for the GetRolePolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetRolePolicy for more information on using the GetRolePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetRolePolicyRequest method.
req, resp := client.GetRolePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRolePolicy

func (*IAM) GetRolePolicyWithContext added in v1.8.0

func (c *IAM) GetRolePolicyWithContext(ctx aws.Context, input *GetRolePolicyInput, opts ...request.Option) (*GetRolePolicyOutput, error)

GetRolePolicyWithContext is the same as GetRolePolicy with the addition of the ability to pass a context and additional request options.

See GetRolePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetRoleRequest

func (c *IAM) GetRoleRequest(input *GetRoleInput) (req *request.Request, output *GetRoleOutput)

GetRoleRequest generates a "aws/request.Request" representing the client's request for the GetRole operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetRole for more information on using the GetRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetRoleRequest method.
req, resp := client.GetRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRole

func (*IAM) GetRoleWithContext added in v1.8.0

func (c *IAM) GetRoleWithContext(ctx aws.Context, input *GetRoleInput, opts ...request.Option) (*GetRoleOutput, error)

GetRoleWithContext is the same as GetRole with the addition of the ability to pass a context and additional request options.

See GetRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetSAMLProvider

func (c *IAM) GetSAMLProvider(input *GetSAMLProviderInput) (*GetSAMLProviderOutput, error)

GetSAMLProvider API operation for AWS Identity and Access Management.

Returns the SAML provider metadocument that was uploaded when the IAM SAML provider resource object was created or updated.

This operation requires Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetSAMLProvider for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSAMLProvider

func (*IAM) GetSAMLProviderRequest

func (c *IAM) GetSAMLProviderRequest(input *GetSAMLProviderInput) (req *request.Request, output *GetSAMLProviderOutput)

GetSAMLProviderRequest generates a "aws/request.Request" representing the client's request for the GetSAMLProvider operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetSAMLProvider for more information on using the GetSAMLProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetSAMLProviderRequest method.
req, resp := client.GetSAMLProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSAMLProvider

func (*IAM) GetSAMLProviderWithContext added in v1.8.0

func (c *IAM) GetSAMLProviderWithContext(ctx aws.Context, input *GetSAMLProviderInput, opts ...request.Option) (*GetSAMLProviderOutput, error)

GetSAMLProviderWithContext is the same as GetSAMLProvider with the addition of the ability to pass a context and additional request options.

See GetSAMLProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetSSHPublicKey added in v0.6.6

func (c *IAM) GetSSHPublicKey(input *GetSSHPublicKeyInput) (*GetSSHPublicKeyOutput, error)

GetSSHPublicKey API operation for AWS Identity and Access Management.

Retrieves the specified SSH public key, including metadata about the key.

The SSH public key retrieved by this operation is used only for authenticating the associated IAM user to an AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS CodeCommit for SSH Connections (http://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the AWS CodeCommit User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetSSHPublicKey for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeUnrecognizedPublicKeyEncodingException "UnrecognizedPublicKeyEncoding" The request was rejected because the public key encoding format is unsupported or unrecognized.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSSHPublicKey

func (*IAM) GetSSHPublicKeyRequest added in v0.6.6

func (c *IAM) GetSSHPublicKeyRequest(input *GetSSHPublicKeyInput) (req *request.Request, output *GetSSHPublicKeyOutput)

GetSSHPublicKeyRequest generates a "aws/request.Request" representing the client's request for the GetSSHPublicKey operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetSSHPublicKey for more information on using the GetSSHPublicKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetSSHPublicKeyRequest method.
req, resp := client.GetSSHPublicKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSSHPublicKey

func (*IAM) GetSSHPublicKeyWithContext added in v1.8.0

func (c *IAM) GetSSHPublicKeyWithContext(ctx aws.Context, input *GetSSHPublicKeyInput, opts ...request.Option) (*GetSSHPublicKeyOutput, error)

GetSSHPublicKeyWithContext is the same as GetSSHPublicKey with the addition of the ability to pass a context and additional request options.

See GetSSHPublicKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetServerCertificate

func (c *IAM) GetServerCertificate(input *GetServerCertificateInput) (*GetServerCertificateOutput, error)

GetServerCertificate API operation for AWS Identity and Access Management.

Retrieves information about the specified server certificate stored in IAM.

For more information about working with server certificates, see Working with Server Certificates (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic includes a list of AWS services that can use the server certificates that you manage with IAM.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetServerCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServerCertificate

func (*IAM) GetServerCertificateRequest

func (c *IAM) GetServerCertificateRequest(input *GetServerCertificateInput) (req *request.Request, output *GetServerCertificateOutput)

GetServerCertificateRequest generates a "aws/request.Request" representing the client's request for the GetServerCertificate operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetServerCertificate for more information on using the GetServerCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetServerCertificateRequest method.
req, resp := client.GetServerCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServerCertificate

func (*IAM) GetServerCertificateWithContext added in v1.8.0

func (c *IAM) GetServerCertificateWithContext(ctx aws.Context, input *GetServerCertificateInput, opts ...request.Option) (*GetServerCertificateOutput, error)

GetServerCertificateWithContext is the same as GetServerCertificate with the addition of the ability to pass a context and additional request options.

See GetServerCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetServiceLinkedRoleDeletionStatus added in v1.10.47

func (c *IAM) GetServiceLinkedRoleDeletionStatus(input *GetServiceLinkedRoleDeletionStatusInput) (*GetServiceLinkedRoleDeletionStatusOutput, error)

GetServiceLinkedRoleDeletionStatus API operation for AWS Identity and Access Management.

Retrieves the status of your service-linked role deletion. After you use the DeleteServiceLinkedRole API operation to submit a service-linked role for deletion, you can use the DeletionTaskId parameter in GetServiceLinkedRoleDeletionStatus to check the status of the deletion. If the deletion fails, this operation returns the reason that it failed, if that information is returned by the service.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetServiceLinkedRoleDeletionStatus for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLinkedRoleDeletionStatus

func (*IAM) GetServiceLinkedRoleDeletionStatusRequest added in v1.10.47

func (c *IAM) GetServiceLinkedRoleDeletionStatusRequest(input *GetServiceLinkedRoleDeletionStatusInput) (req *request.Request, output *GetServiceLinkedRoleDeletionStatusOutput)

GetServiceLinkedRoleDeletionStatusRequest generates a "aws/request.Request" representing the client's request for the GetServiceLinkedRoleDeletionStatus operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetServiceLinkedRoleDeletionStatus for more information on using the GetServiceLinkedRoleDeletionStatus API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetServiceLinkedRoleDeletionStatusRequest method.
req, resp := client.GetServiceLinkedRoleDeletionStatusRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLinkedRoleDeletionStatus

func (*IAM) GetServiceLinkedRoleDeletionStatusWithContext added in v1.10.47

func (c *IAM) GetServiceLinkedRoleDeletionStatusWithContext(ctx aws.Context, input *GetServiceLinkedRoleDeletionStatusInput, opts ...request.Option) (*GetServiceLinkedRoleDeletionStatusOutput, error)

GetServiceLinkedRoleDeletionStatusWithContext is the same as GetServiceLinkedRoleDeletionStatus with the addition of the ability to pass a context and additional request options.

See GetServiceLinkedRoleDeletionStatus for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetUser

func (c *IAM) GetUser(input *GetUserInput) (*GetUserOutput, error)

GetUser API operation for AWS Identity and Access Management.

Retrieves information about the specified IAM user, including the user's creation date, path, unique ID, and ARN.

If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID used to sign the request to this API.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetUser for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUser

Example (Shared00)

To get information about an IAM user

The following command gets information about the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetUserInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.GetUser(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetUserPolicy

func (c *IAM) GetUserPolicy(input *GetUserPolicyInput) (*GetUserPolicyOutput, error)

GetUserPolicy API operation for AWS Identity and Access Management.

Retrieves the specified inline policy document that is embedded in the specified IAM user.

Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

An IAM user can also have managed policies attached to it. To retrieve a managed policy document that is attached to a user, use GetPolicy to determine the policy's default version, then use GetPolicyVersion to retrieve the policy document.

For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetUserPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUserPolicy

func (*IAM) GetUserPolicyRequest

func (c *IAM) GetUserPolicyRequest(input *GetUserPolicyInput) (req *request.Request, output *GetUserPolicyOutput)

GetUserPolicyRequest generates a "aws/request.Request" representing the client's request for the GetUserPolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetUserPolicy for more information on using the GetUserPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetUserPolicyRequest method.
req, resp := client.GetUserPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUserPolicy

func (*IAM) GetUserPolicyWithContext added in v1.8.0

func (c *IAM) GetUserPolicyWithContext(ctx aws.Context, input *GetUserPolicyInput, opts ...request.Option) (*GetUserPolicyOutput, error)

GetUserPolicyWithContext is the same as GetUserPolicy with the addition of the ability to pass a context and additional request options.

See GetUserPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetUserRequest

func (c *IAM) GetUserRequest(input *GetUserInput) (req *request.Request, output *GetUserOutput)

GetUserRequest generates a "aws/request.Request" representing the client's request for the GetUser operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetUser for more information on using the GetUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetUserRequest method.
req, resp := client.GetUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUser

func (*IAM) GetUserWithContext added in v1.8.0

func (c *IAM) GetUserWithContext(ctx aws.Context, input *GetUserInput, opts ...request.Option) (*GetUserOutput, error)

GetUserWithContext is the same as GetUser with the addition of the ability to pass a context and additional request options.

See GetUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAccessKeys

func (c *IAM) ListAccessKeys(input *ListAccessKeysInput) (*ListAccessKeysOutput, error)

ListAccessKeys API operation for AWS Identity and Access Management.

Returns information about the access key IDs associated with the specified IAM user. If there are none, the operation returns an empty list.

Although each user is limited to a small number of keys, you can still paginate the results using the MaxItems and Marker parameters.

If the UserName field is not specified, the user name is determined implicitly based on the AWS access key ID used to sign the request. Because this operation works for access keys under the AWS account, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated users.

To ensure the security of your AWS account, the secret access key is accessible only during key and user creation.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListAccessKeys for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccessKeys

Example (Shared00)

To list the access key IDs for an IAM user

The following command lists the access keys IDs for the IAM user named Alice.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListAccessKeysInput{
		UserName: aws.String("Alice"),
	}

	result, err := svc.ListAccessKeys(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListAccessKeysPages

func (c *IAM) ListAccessKeysPages(input *ListAccessKeysInput, fn func(*ListAccessKeysOutput, bool) bool) error

ListAccessKeysPages iterates over the pages of a ListAccessKeys operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListAccessKeys method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListAccessKeys operation.
pageNum := 0
err := client.ListAccessKeysPages(params,
    func(page *ListAccessKeysOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListAccessKeysPagesWithContext added in v1.8.0

func (c *IAM) ListAccessKeysPagesWithContext(ctx aws.Context, input *ListAccessKeysInput, fn func(*ListAccessKeysOutput, bool) bool, opts ...request.Option) error

ListAccessKeysPagesWithContext same as ListAccessKeysPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAccessKeysRequest

func (c *IAM) ListAccessKeysRequest(input *ListAccessKeysInput) (req *request.Request, output *ListAccessKeysOutput)

ListAccessKeysRequest generates a "aws/request.Request" representing the client's request for the ListAccessKeys operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListAccessKeys for more information on using the ListAccessKeys API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListAccessKeysRequest method.
req, resp := client.ListAccessKeysRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccessKeys

func (*IAM) ListAccessKeysWithContext added in v1.8.0

func (c *IAM) ListAccessKeysWithContext(ctx aws.Context, input *ListAccessKeysInput, opts ...request.Option) (*ListAccessKeysOutput, error)

ListAccessKeysWithContext is the same as ListAccessKeys with the addition of the ability to pass a context and additional request options.

See ListAccessKeys for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAccountAliases

func (c *IAM) ListAccountAliases(input *ListAccountAliasesInput) (*ListAccountAliasesOutput, error)

ListAccountAliases API operation for AWS Identity and Access Management.

Lists the account alias associated with the AWS account (Note: you can have only one). For information about using an AWS account alias, see Using an Alias for Your AWS Account ID (http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListAccountAliases for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccountAliases

Example (Shared00)

To list account aliases

The following command lists the aliases for the current account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListAccountAliasesInput{}

	result, err := svc.ListAccountAliases(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListAccountAliasesPages

func (c *IAM) ListAccountAliasesPages(input *ListAccountAliasesInput, fn func(*ListAccountAliasesOutput, bool) bool) error

ListAccountAliasesPages iterates over the pages of a ListAccountAliases operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListAccountAliases method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListAccountAliases operation.
pageNum := 0
err := client.ListAccountAliasesPages(params,
    func(page *ListAccountAliasesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListAccountAliasesPagesWithContext added in v1.8.0

func (c *IAM) ListAccountAliasesPagesWithContext(ctx aws.Context, input *ListAccountAliasesInput, fn func(*ListAccountAliasesOutput, bool) bool, opts ...request.Option) error

ListAccountAliasesPagesWithContext same as ListAccountAliasesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAccountAliasesRequest

func (c *IAM) ListAccountAliasesRequest(input *ListAccountAliasesInput) (req *request.Request, output *ListAccountAliasesOutput)

ListAccountAliasesRequest generates a "aws/request.Request" representing the client's request for the ListAccountAliases operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListAccountAliases for more information on using the ListAccountAliases API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListAccountAliasesRequest method.
req, resp := client.ListAccountAliasesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccountAliases

func (*IAM) ListAccountAliasesWithContext added in v1.8.0

func (c *IAM) ListAccountAliasesWithContext(ctx aws.Context, input *ListAccountAliasesInput, opts ...request.Option) (*ListAccountAliasesOutput, error)

ListAccountAliasesWithContext is the same as ListAccountAliases with the addition of the ability to pass a context and additional request options.

See ListAccountAliases for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAttachedGroupPolicies

func (c *IAM) ListAttachedGroupPolicies(input *ListAttachedGroupPoliciesInput) (*ListAttachedGroupPoliciesOutput, error)

ListAttachedGroupPolicies API operation for AWS Identity and Access Management.

Lists all managed policies that are attached to the specified IAM group.

An IAM group can also have inline policies embedded with it. To list the inline policies for a group, use the ListGroupPolicies API. For information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. You can use the PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. If there are no policies attached to the specified group (or none that match the specified path prefix), the operation returns an empty list.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListAttachedGroupPolicies for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedGroupPolicies

func (*IAM) ListAttachedGroupPoliciesPages added in v0.6.3

func (c *IAM) ListAttachedGroupPoliciesPages(input *ListAttachedGroupPoliciesInput, fn func(*ListAttachedGroupPoliciesOutput, bool) bool) error

ListAttachedGroupPoliciesPages iterates over the pages of a ListAttachedGroupPolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListAttachedGroupPolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListAttachedGroupPolicies operation.
pageNum := 0
err := client.ListAttachedGroupPoliciesPages(params,
    func(page *ListAttachedGroupPoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListAttachedGroupPoliciesPagesWithContext added in v1.8.0

func (c *IAM) ListAttachedGroupPoliciesPagesWithContext(ctx aws.Context, input *ListAttachedGroupPoliciesInput, fn func(*ListAttachedGroupPoliciesOutput, bool) bool, opts ...request.Option) error

ListAttachedGroupPoliciesPagesWithContext same as ListAttachedGroupPoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAttachedGroupPoliciesRequest

func (c *IAM) ListAttachedGroupPoliciesRequest(input *ListAttachedGroupPoliciesInput) (req *request.Request, output *ListAttachedGroupPoliciesOutput)

ListAttachedGroupPoliciesRequest generates a "aws/request.Request" representing the client's request for the ListAttachedGroupPolicies operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListAttachedGroupPolicies for more information on using the ListAttachedGroupPolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListAttachedGroupPoliciesRequest method.
req, resp := client.ListAttachedGroupPoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedGroupPolicies

func (*IAM) ListAttachedGroupPoliciesWithContext added in v1.8.0

func (c *IAM) ListAttachedGroupPoliciesWithContext(ctx aws.Context, input *ListAttachedGroupPoliciesInput, opts ...request.Option) (*ListAttachedGroupPoliciesOutput, error)

ListAttachedGroupPoliciesWithContext is the same as ListAttachedGroupPolicies with the addition of the ability to pass a context and additional request options.

See ListAttachedGroupPolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAttachedRolePolicies

func (c *IAM) ListAttachedRolePolicies(input *ListAttachedRolePoliciesInput) (*ListAttachedRolePoliciesOutput, error)

ListAttachedRolePolicies API operation for AWS Identity and Access Management.

Lists all managed policies that are attached to the specified IAM role.

An IAM role can also have inline policies embedded with it. To list the inline policies for a role, use the ListRolePolicies API. For information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. You can use the PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. If there are no policies attached to the specified role (or none that match the specified path prefix), the operation returns an empty list.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListAttachedRolePolicies for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedRolePolicies

func (*IAM) ListAttachedRolePoliciesPages added in v0.6.3

func (c *IAM) ListAttachedRolePoliciesPages(input *ListAttachedRolePoliciesInput, fn func(*ListAttachedRolePoliciesOutput, bool) bool) error

ListAttachedRolePoliciesPages iterates over the pages of a ListAttachedRolePolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListAttachedRolePolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListAttachedRolePolicies operation.
pageNum := 0
err := client.ListAttachedRolePoliciesPages(params,
    func(page *ListAttachedRolePoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListAttachedRolePoliciesPagesWithContext added in v1.8.0

func (c *IAM) ListAttachedRolePoliciesPagesWithContext(ctx aws.Context, input *ListAttachedRolePoliciesInput, fn func(*ListAttachedRolePoliciesOutput, bool) bool, opts ...request.Option) error

ListAttachedRolePoliciesPagesWithContext same as ListAttachedRolePoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAttachedRolePoliciesRequest

func (c *IAM) ListAttachedRolePoliciesRequest(input *ListAttachedRolePoliciesInput) (req *request.Request, output *ListAttachedRolePoliciesOutput)

ListAttachedRolePoliciesRequest generates a "aws/request.Request" representing the client's request for the ListAttachedRolePolicies operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListAttachedRolePolicies for more information on using the ListAttachedRolePolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListAttachedRolePoliciesRequest method.
req, resp := client.ListAttachedRolePoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedRolePolicies

func (*IAM) ListAttachedRolePoliciesWithContext added in v1.8.0

func (c *IAM) ListAttachedRolePoliciesWithContext(ctx aws.Context, input *ListAttachedRolePoliciesInput, opts ...request.Option) (*ListAttachedRolePoliciesOutput, error)

ListAttachedRolePoliciesWithContext is the same as ListAttachedRolePolicies with the addition of the ability to pass a context and additional request options.

See ListAttachedRolePolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAttachedUserPolicies

func (c *IAM) ListAttachedUserPolicies(input *ListAttachedUserPoliciesInput) (*ListAttachedUserPoliciesOutput, error)

ListAttachedUserPolicies API operation for AWS Identity and Access Management.

Lists all managed policies that are attached to the specified IAM user.

An IAM user can also have inline policies embedded with it. To list the inline policies for a user, use the ListUserPolicies API. For information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. You can use the PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. If there are no policies attached to the specified group (or none that match the specified path prefix), the operation returns an empty list.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListAttachedUserPolicies for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedUserPolicies

func (*IAM) ListAttachedUserPoliciesPages added in v0.6.3

func (c *IAM) ListAttachedUserPoliciesPages(input *ListAttachedUserPoliciesInput, fn func(*ListAttachedUserPoliciesOutput, bool) bool) error

ListAttachedUserPoliciesPages iterates over the pages of a ListAttachedUserPolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListAttachedUserPolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListAttachedUserPolicies operation.
pageNum := 0
err := client.ListAttachedUserPoliciesPages(params,
    func(page *ListAttachedUserPoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListAttachedUserPoliciesPagesWithContext added in v1.8.0

func (c *IAM) ListAttachedUserPoliciesPagesWithContext(ctx aws.Context, input *ListAttachedUserPoliciesInput, fn func(*ListAttachedUserPoliciesOutput, bool) bool, opts ...request.Option) error

ListAttachedUserPoliciesPagesWithContext same as ListAttachedUserPoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAttachedUserPoliciesRequest

func (c *IAM) ListAttachedUserPoliciesRequest(input *ListAttachedUserPoliciesInput) (req *request.Request, output *ListAttachedUserPoliciesOutput)

ListAttachedUserPoliciesRequest generates a "aws/request.Request" representing the client's request for the ListAttachedUserPolicies operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListAttachedUserPolicies for more information on using the ListAttachedUserPolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListAttachedUserPoliciesRequest method.
req, resp := client.ListAttachedUserPoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedUserPolicies

func (*IAM) ListAttachedUserPoliciesWithContext added in v1.8.0

func (c *IAM) ListAttachedUserPoliciesWithContext(ctx aws.Context, input *ListAttachedUserPoliciesInput, opts ...request.Option) (*ListAttachedUserPoliciesOutput, error)

ListAttachedUserPoliciesWithContext is the same as ListAttachedUserPolicies with the addition of the ability to pass a context and additional request options.

See ListAttachedUserPolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListEntitiesForPolicy

func (c *IAM) ListEntitiesForPolicy(input *ListEntitiesForPolicyInput) (*ListEntitiesForPolicyOutput, error)

ListEntitiesForPolicy API operation for AWS Identity and Access Management.

Lists all IAM users, groups, and roles that the specified managed policy is attached to.

You can use the optional EntityFilter parameter to limit the results to a particular type of entity (users, groups, or roles). For example, to list only the roles that are attached to the specified policy, set EntityFilter to Role.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListEntitiesForPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListEntitiesForPolicy

func (*IAM) ListEntitiesForPolicyPages added in v0.6.3

func (c *IAM) ListEntitiesForPolicyPages(input *ListEntitiesForPolicyInput, fn func(*ListEntitiesForPolicyOutput, bool) bool) error

ListEntitiesForPolicyPages iterates over the pages of a ListEntitiesForPolicy operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListEntitiesForPolicy method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListEntitiesForPolicy operation.
pageNum := 0
err := client.ListEntitiesForPolicyPages(params,
    func(page *ListEntitiesForPolicyOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListEntitiesForPolicyPagesWithContext added in v1.8.0

func (c *IAM) ListEntitiesForPolicyPagesWithContext(ctx aws.Context, input *ListEntitiesForPolicyInput, fn func(*ListEntitiesForPolicyOutput, bool) bool, opts ...request.Option) error

ListEntitiesForPolicyPagesWithContext same as ListEntitiesForPolicyPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListEntitiesForPolicyRequest

func (c *IAM) ListEntitiesForPolicyRequest(input *ListEntitiesForPolicyInput) (req *request.Request, output *ListEntitiesForPolicyOutput)

ListEntitiesForPolicyRequest generates a "aws/request.Request" representing the client's request for the ListEntitiesForPolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListEntitiesForPolicy for more information on using the ListEntitiesForPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListEntitiesForPolicyRequest method.
req, resp := client.ListEntitiesForPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListEntitiesForPolicy

func (*IAM) ListEntitiesForPolicyWithContext added in v1.8.0

func (c *IAM) ListEntitiesForPolicyWithContext(ctx aws.Context, input *ListEntitiesForPolicyInput, opts ...request.Option) (*ListEntitiesForPolicyOutput, error)

ListEntitiesForPolicyWithContext is the same as ListEntitiesForPolicy with the addition of the ability to pass a context and additional request options.

See ListEntitiesForPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListGroupPolicies

func (c *IAM) ListGroupPolicies(input *ListGroupPoliciesInput) (*ListGroupPoliciesOutput, error)

ListGroupPolicies API operation for AWS Identity and Access Management.

Lists the names of the inline policies that are embedded in the specified IAM group.

An IAM group can also have managed policies attached to it. To list the managed policies that are attached to a group, use ListAttachedGroupPolicies. For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. If there are no inline policies embedded with the specified group, the operation returns an empty list.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListGroupPolicies for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupPolicies

Example (Shared00)

To list the in-line policies for an IAM group

The following command lists the names of in-line policies that are embedded in the IAM group named Admins.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListGroupPoliciesInput{
		GroupName: aws.String("Admins"),
	}

	result, err := svc.ListGroupPolicies(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListGroupPoliciesPages

func (c *IAM) ListGroupPoliciesPages(input *ListGroupPoliciesInput, fn func(*ListGroupPoliciesOutput, bool) bool) error

ListGroupPoliciesPages iterates over the pages of a ListGroupPolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListGroupPolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListGroupPolicies operation.
pageNum := 0
err := client.ListGroupPoliciesPages(params,
    func(page *ListGroupPoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListGroupPoliciesPagesWithContext added in v1.8.0

func (c *IAM) ListGroupPoliciesPagesWithContext(ctx aws.Context, input *ListGroupPoliciesInput, fn func(*ListGroupPoliciesOutput, bool) bool, opts ...request.Option) error

ListGroupPoliciesPagesWithContext same as ListGroupPoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListGroupPoliciesRequest

func (c *IAM) ListGroupPoliciesRequest(input *ListGroupPoliciesInput) (req *request.Request, output *ListGroupPoliciesOutput)

ListGroupPoliciesRequest generates a "aws/request.Request" representing the client's request for the ListGroupPolicies operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListGroupPolicies for more information on using the ListGroupPolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListGroupPoliciesRequest method.
req, resp := client.ListGroupPoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupPolicies

func (*IAM) ListGroupPoliciesWithContext added in v1.8.0

func (c *IAM) ListGroupPoliciesWithContext(ctx aws.Context, input *ListGroupPoliciesInput, opts ...request.Option) (*ListGroupPoliciesOutput, error)

ListGroupPoliciesWithContext is the same as ListGroupPolicies with the addition of the ability to pass a context and additional request options.

See ListGroupPolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListGroups

func (c *IAM) ListGroups(input *ListGroupsInput) (*ListGroupsOutput, error)

ListGroups API operation for AWS Identity and Access Management.

Lists the IAM groups that have the specified path prefix.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListGroups for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroups

Example (Shared00)

To list the IAM groups for the current account

The following command lists the IAM groups in the current account:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListGroupsInput{}

	result, err := svc.ListGroups(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListGroupsForUser

func (c *IAM) ListGroupsForUser(input *ListGroupsForUserInput) (*ListGroupsForUserOutput, error)

ListGroupsForUser API operation for AWS Identity and Access Management.

Lists the IAM groups that the specified IAM user belongs to.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListGroupsForUser for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupsForUser

Example (Shared00)

To list the groups that an IAM user belongs to

The following command displays the groups that the IAM user named Bob belongs to.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListGroupsForUserInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.ListGroupsForUser(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListGroupsForUserPages

func (c *IAM) ListGroupsForUserPages(input *ListGroupsForUserInput, fn func(*ListGroupsForUserOutput, bool) bool) error

ListGroupsForUserPages iterates over the pages of a ListGroupsForUser operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListGroupsForUser method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListGroupsForUser operation.
pageNum := 0
err := client.ListGroupsForUserPages(params,
    func(page *ListGroupsForUserOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListGroupsForUserPagesWithContext added in v1.8.0

func (c *IAM) ListGroupsForUserPagesWithContext(ctx aws.Context, input *ListGroupsForUserInput, fn func(*ListGroupsForUserOutput, bool) bool, opts ...request.Option) error

ListGroupsForUserPagesWithContext same as ListGroupsForUserPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListGroupsForUserRequest

func (c *IAM) ListGroupsForUserRequest(input *ListGroupsForUserInput) (req *request.Request, output *ListGroupsForUserOutput)

ListGroupsForUserRequest generates a "aws/request.Request" representing the client's request for the ListGroupsForUser operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListGroupsForUser for more information on using the ListGroupsForUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListGroupsForUserRequest method.
req, resp := client.ListGroupsForUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupsForUser

func (*IAM) ListGroupsForUserWithContext added in v1.8.0

func (c *IAM) ListGroupsForUserWithContext(ctx aws.Context, input *ListGroupsForUserInput, opts ...request.Option) (*ListGroupsForUserOutput, error)

ListGroupsForUserWithContext is the same as ListGroupsForUser with the addition of the ability to pass a context and additional request options.

See ListGroupsForUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListGroupsPages

func (c *IAM) ListGroupsPages(input *ListGroupsInput, fn func(*ListGroupsOutput, bool) bool) error

ListGroupsPages iterates over the pages of a ListGroups operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListGroups method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListGroups operation.
pageNum := 0
err := client.ListGroupsPages(params,
    func(page *ListGroupsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListGroupsPagesWithContext added in v1.8.0

func (c *IAM) ListGroupsPagesWithContext(ctx aws.Context, input *ListGroupsInput, fn func(*ListGroupsOutput, bool) bool, opts ...request.Option) error

ListGroupsPagesWithContext same as ListGroupsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListGroupsRequest

func (c *IAM) ListGroupsRequest(input *ListGroupsInput) (req *request.Request, output *ListGroupsOutput)

ListGroupsRequest generates a "aws/request.Request" representing the client's request for the ListGroups operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListGroups for more information on using the ListGroups API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListGroupsRequest method.
req, resp := client.ListGroupsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroups

func (*IAM) ListGroupsWithContext added in v1.8.0

func (c *IAM) ListGroupsWithContext(ctx aws.Context, input *ListGroupsInput, opts ...request.Option) (*ListGroupsOutput, error)

ListGroupsWithContext is the same as ListGroups with the addition of the ability to pass a context and additional request options.

See ListGroups for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListInstanceProfiles

func (c *IAM) ListInstanceProfiles(input *ListInstanceProfilesInput) (*ListInstanceProfilesOutput, error)

ListInstanceProfiles API operation for AWS Identity and Access Management.

Lists the instance profiles that have the specified path prefix. If there are none, the operation returns an empty list. For more information about instance profiles, go to About Instance Profiles (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListInstanceProfiles for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfiles

func (*IAM) ListInstanceProfilesForRole

func (c *IAM) ListInstanceProfilesForRole(input *ListInstanceProfilesForRoleInput) (*ListInstanceProfilesForRoleOutput, error)

ListInstanceProfilesForRole API operation for AWS Identity and Access Management.

Lists the instance profiles that have the specified associated IAM role. If there are none, the operation returns an empty list. For more information about instance profiles, go to About Instance Profiles (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListInstanceProfilesForRole for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfilesForRole

func (*IAM) ListInstanceProfilesForRolePages

func (c *IAM) ListInstanceProfilesForRolePages(input *ListInstanceProfilesForRoleInput, fn func(*ListInstanceProfilesForRoleOutput, bool) bool) error

ListInstanceProfilesForRolePages iterates over the pages of a ListInstanceProfilesForRole operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListInstanceProfilesForRole method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListInstanceProfilesForRole operation.
pageNum := 0
err := client.ListInstanceProfilesForRolePages(params,
    func(page *ListInstanceProfilesForRoleOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListInstanceProfilesForRolePagesWithContext added in v1.8.0

func (c *IAM) ListInstanceProfilesForRolePagesWithContext(ctx aws.Context, input *ListInstanceProfilesForRoleInput, fn func(*ListInstanceProfilesForRoleOutput, bool) bool, opts ...request.Option) error

ListInstanceProfilesForRolePagesWithContext same as ListInstanceProfilesForRolePages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListInstanceProfilesForRoleRequest

func (c *IAM) ListInstanceProfilesForRoleRequest(input *ListInstanceProfilesForRoleInput) (req *request.Request, output *ListInstanceProfilesForRoleOutput)

ListInstanceProfilesForRoleRequest generates a "aws/request.Request" representing the client's request for the ListInstanceProfilesForRole operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListInstanceProfilesForRole for more information on using the ListInstanceProfilesForRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListInstanceProfilesForRoleRequest method.
req, resp := client.ListInstanceProfilesForRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfilesForRole

func (*IAM) ListInstanceProfilesForRoleWithContext added in v1.8.0

func (c *IAM) ListInstanceProfilesForRoleWithContext(ctx aws.Context, input *ListInstanceProfilesForRoleInput, opts ...request.Option) (*ListInstanceProfilesForRoleOutput, error)

ListInstanceProfilesForRoleWithContext is the same as ListInstanceProfilesForRole with the addition of the ability to pass a context and additional request options.

See ListInstanceProfilesForRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListInstanceProfilesPages

func (c *IAM) ListInstanceProfilesPages(input *ListInstanceProfilesInput, fn func(*ListInstanceProfilesOutput, bool) bool) error

ListInstanceProfilesPages iterates over the pages of a ListInstanceProfiles operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListInstanceProfiles method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListInstanceProfiles operation.
pageNum := 0
err := client.ListInstanceProfilesPages(params,
    func(page *ListInstanceProfilesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListInstanceProfilesPagesWithContext added in v1.8.0

func (c *IAM) ListInstanceProfilesPagesWithContext(ctx aws.Context, input *ListInstanceProfilesInput, fn func(*ListInstanceProfilesOutput, bool) bool, opts ...request.Option) error

ListInstanceProfilesPagesWithContext same as ListInstanceProfilesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListInstanceProfilesRequest

func (c *IAM) ListInstanceProfilesRequest(input *ListInstanceProfilesInput) (req *request.Request, output *ListInstanceProfilesOutput)

ListInstanceProfilesRequest generates a "aws/request.Request" representing the client's request for the ListInstanceProfiles operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListInstanceProfiles for more information on using the ListInstanceProfiles API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListInstanceProfilesRequest method.
req, resp := client.ListInstanceProfilesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfiles

func (*IAM) ListInstanceProfilesWithContext added in v1.8.0

func (c *IAM) ListInstanceProfilesWithContext(ctx aws.Context, input *ListInstanceProfilesInput, opts ...request.Option) (*ListInstanceProfilesOutput, error)

ListInstanceProfilesWithContext is the same as ListInstanceProfiles with the addition of the ability to pass a context and additional request options.

See ListInstanceProfiles for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListMFADevices

func (c *IAM) ListMFADevices(input *ListMFADevicesInput) (*ListMFADevicesOutput, error)

ListMFADevices API operation for AWS Identity and Access Management.

Lists the MFA devices for an IAM user. If the request includes a IAM user name, then this operation lists all the MFA devices associated with the specified user. If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing the request for this API.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListMFADevices for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADevices

func (*IAM) ListMFADevicesPages

func (c *IAM) ListMFADevicesPages(input *ListMFADevicesInput, fn func(*ListMFADevicesOutput, bool) bool) error

ListMFADevicesPages iterates over the pages of a ListMFADevices operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListMFADevices method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListMFADevices operation.
pageNum := 0
err := client.ListMFADevicesPages(params,
    func(page *ListMFADevicesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListMFADevicesPagesWithContext added in v1.8.0

func (c *IAM) ListMFADevicesPagesWithContext(ctx aws.Context, input *ListMFADevicesInput, fn func(*ListMFADevicesOutput, bool) bool, opts ...request.Option) error

ListMFADevicesPagesWithContext same as ListMFADevicesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListMFADevicesRequest

func (c *IAM) ListMFADevicesRequest(input *ListMFADevicesInput) (req *request.Request, output *ListMFADevicesOutput)

ListMFADevicesRequest generates a "aws/request.Request" representing the client's request for the ListMFADevices operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListMFADevices for more information on using the ListMFADevices API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListMFADevicesRequest method.
req, resp := client.ListMFADevicesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADevices

func (*IAM) ListMFADevicesWithContext added in v1.8.0

func (c *IAM) ListMFADevicesWithContext(ctx aws.Context, input *ListMFADevicesInput, opts ...request.Option) (*ListMFADevicesOutput, error)

ListMFADevicesWithContext is the same as ListMFADevices with the addition of the ability to pass a context and additional request options.

See ListMFADevices for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListOpenIDConnectProviders

func (c *IAM) ListOpenIDConnectProviders(input *ListOpenIDConnectProvidersInput) (*ListOpenIDConnectProvidersOutput, error)

ListOpenIDConnectProviders API operation for AWS Identity and Access Management.

Lists information about the IAM OpenID Connect (OIDC) provider resource objects defined in the AWS account.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListOpenIDConnectProviders for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviders

func (*IAM) ListOpenIDConnectProvidersRequest

func (c *IAM) ListOpenIDConnectProvidersRequest(input *ListOpenIDConnectProvidersInput) (req *request.Request, output *ListOpenIDConnectProvidersOutput)

ListOpenIDConnectProvidersRequest generates a "aws/request.Request" representing the client's request for the ListOpenIDConnectProviders operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListOpenIDConnectProviders for more information on using the ListOpenIDConnectProviders API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListOpenIDConnectProvidersRequest method.
req, resp := client.ListOpenIDConnectProvidersRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviders

func (*IAM) ListOpenIDConnectProvidersWithContext added in v1.8.0

func (c *IAM) ListOpenIDConnectProvidersWithContext(ctx aws.Context, input *ListOpenIDConnectProvidersInput, opts ...request.Option) (*ListOpenIDConnectProvidersOutput, error)

ListOpenIDConnectProvidersWithContext is the same as ListOpenIDConnectProviders with the addition of the ability to pass a context and additional request options.

See ListOpenIDConnectProviders for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListPolicies

func (c *IAM) ListPolicies(input *ListPoliciesInput) (*ListPoliciesOutput, error)

ListPolicies API operation for AWS Identity and Access Management.

Lists all the managed policies that are available in your AWS account, including your own customer-defined managed policies and all AWS managed policies.

You can filter the list of policies that is returned using the optional OnlyAttached, Scope, and PathPrefix parameters. For example, to list only the customer managed policies in your AWS account, set Scope to Local. To list only AWS managed policies, set Scope to AWS.

You can paginate the results using the MaxItems and Marker parameters.

For more information about managed policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListPolicies for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicies

func (*IAM) ListPoliciesPages added in v0.6.3

func (c *IAM) ListPoliciesPages(input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool) error

ListPoliciesPages iterates over the pages of a ListPolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListPolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListPolicies operation.
pageNum := 0
err := client.ListPoliciesPages(params,
    func(page *ListPoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListPoliciesPagesWithContext added in v1.8.0

func (c *IAM) ListPoliciesPagesWithContext(ctx aws.Context, input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool, opts ...request.Option) error

ListPoliciesPagesWithContext same as ListPoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListPoliciesRequest

func (c *IAM) ListPoliciesRequest(input *ListPoliciesInput) (req *request.Request, output *ListPoliciesOutput)

ListPoliciesRequest generates a "aws/request.Request" representing the client's request for the ListPolicies operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListPolicies for more information on using the ListPolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListPoliciesRequest method.
req, resp := client.ListPoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicies

func (*IAM) ListPoliciesWithContext added in v1.8.0

func (c *IAM) ListPoliciesWithContext(ctx aws.Context, input *ListPoliciesInput, opts ...request.Option) (*ListPoliciesOutput, error)

ListPoliciesWithContext is the same as ListPolicies with the addition of the ability to pass a context and additional request options.

See ListPolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListPolicyVersions

func (c *IAM) ListPolicyVersions(input *ListPolicyVersionsInput) (*ListPolicyVersionsOutput, error)

ListPolicyVersions API operation for AWS Identity and Access Management.

Lists information about the versions of the specified managed policy, including the version that is currently set as the policy's default version.

For more information about managed policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListPolicyVersions for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyVersions

func (*IAM) ListPolicyVersionsPages added in v1.1.10

func (c *IAM) ListPolicyVersionsPages(input *ListPolicyVersionsInput, fn func(*ListPolicyVersionsOutput, bool) bool) error

ListPolicyVersionsPages iterates over the pages of a ListPolicyVersions operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListPolicyVersions method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListPolicyVersions operation.
pageNum := 0
err := client.ListPolicyVersionsPages(params,
    func(page *ListPolicyVersionsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListPolicyVersionsPagesWithContext added in v1.8.0

func (c *IAM) ListPolicyVersionsPagesWithContext(ctx aws.Context, input *ListPolicyVersionsInput, fn func(*ListPolicyVersionsOutput, bool) bool, opts ...request.Option) error

ListPolicyVersionsPagesWithContext same as ListPolicyVersionsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListPolicyVersionsRequest

func (c *IAM) ListPolicyVersionsRequest(input *ListPolicyVersionsInput) (req *request.Request, output *ListPolicyVersionsOutput)

ListPolicyVersionsRequest generates a "aws/request.Request" representing the client's request for the ListPolicyVersions operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListPolicyVersions for more information on using the ListPolicyVersions API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListPolicyVersionsRequest method.
req, resp := client.ListPolicyVersionsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyVersions

func (*IAM) ListPolicyVersionsWithContext added in v1.8.0

func (c *IAM) ListPolicyVersionsWithContext(ctx aws.Context, input *ListPolicyVersionsInput, opts ...request.Option) (*ListPolicyVersionsOutput, error)

ListPolicyVersionsWithContext is the same as ListPolicyVersions with the addition of the ability to pass a context and additional request options.

See ListPolicyVersions for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListRolePolicies

func (c *IAM) ListRolePolicies(input *ListRolePoliciesInput) (*ListRolePoliciesOutput, error)

ListRolePolicies API operation for AWS Identity and Access Management.

Lists the names of the inline policies that are embedded in the specified IAM role.

An IAM role can also have managed policies attached to it. To list the managed policies that are attached to a role, use ListAttachedRolePolicies. For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. If there are no inline policies embedded with the specified role, the operation returns an empty list.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListRolePolicies for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRolePolicies

func (*IAM) ListRolePoliciesPages

func (c *IAM) ListRolePoliciesPages(input *ListRolePoliciesInput, fn func(*ListRolePoliciesOutput, bool) bool) error

ListRolePoliciesPages iterates over the pages of a ListRolePolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListRolePolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListRolePolicies operation.
pageNum := 0
err := client.ListRolePoliciesPages(params,
    func(page *ListRolePoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListRolePoliciesPagesWithContext added in v1.8.0

func (c *IAM) ListRolePoliciesPagesWithContext(ctx aws.Context, input *ListRolePoliciesInput, fn func(*ListRolePoliciesOutput, bool) bool, opts ...request.Option) error

ListRolePoliciesPagesWithContext same as ListRolePoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListRolePoliciesRequest

func (c *IAM) ListRolePoliciesRequest(input *ListRolePoliciesInput) (req *request.Request, output *ListRolePoliciesOutput)

ListRolePoliciesRequest generates a "aws/request.Request" representing the client's request for the ListRolePolicies operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListRolePolicies for more information on using the ListRolePolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListRolePoliciesRequest method.
req, resp := client.ListRolePoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRolePolicies

func (*IAM) ListRolePoliciesWithContext added in v1.8.0

func (c *IAM) ListRolePoliciesWithContext(ctx aws.Context, input *ListRolePoliciesInput, opts ...request.Option) (*ListRolePoliciesOutput, error)

ListRolePoliciesWithContext is the same as ListRolePolicies with the addition of the ability to pass a context and additional request options.

See ListRolePolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListRoles

func (c *IAM) ListRoles(input *ListRolesInput) (*ListRolesOutput, error)

ListRoles API operation for AWS Identity and Access Management.

Lists the IAM roles that have the specified path prefix. If there are none, the operation returns an empty list. For more information about roles, go to Working with Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListRoles for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoles

func (*IAM) ListRolesPages

func (c *IAM) ListRolesPages(input *ListRolesInput, fn func(*ListRolesOutput, bool) bool) error

ListRolesPages iterates over the pages of a ListRoles operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListRoles method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListRoles operation.
pageNum := 0
err := client.ListRolesPages(params,
    func(page *ListRolesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListRolesPagesWithContext added in v1.8.0

func (c *IAM) ListRolesPagesWithContext(ctx aws.Context, input *ListRolesInput, fn func(*ListRolesOutput, bool) bool, opts ...request.Option) error

ListRolesPagesWithContext same as ListRolesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListRolesRequest

func (c *IAM) ListRolesRequest(input *ListRolesInput) (req *request.Request, output *ListRolesOutput)

ListRolesRequest generates a "aws/request.Request" representing the client's request for the ListRoles operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListRoles for more information on using the ListRoles API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListRolesRequest method.
req, resp := client.ListRolesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoles

func (*IAM) ListRolesWithContext added in v1.8.0

func (c *IAM) ListRolesWithContext(ctx aws.Context, input *ListRolesInput, opts ...request.Option) (*ListRolesOutput, error)

ListRolesWithContext is the same as ListRoles with the addition of the ability to pass a context and additional request options.

See ListRoles for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListSAMLProviders

func (c *IAM) ListSAMLProviders(input *ListSAMLProvidersInput) (*ListSAMLProvidersOutput, error)

ListSAMLProviders API operation for AWS Identity and Access Management.

Lists the SAML provider resource objects defined in IAM in the account.

This operation requires Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListSAMLProviders for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviders

func (*IAM) ListSAMLProvidersRequest

func (c *IAM) ListSAMLProvidersRequest(input *ListSAMLProvidersInput) (req *request.Request, output *ListSAMLProvidersOutput)

ListSAMLProvidersRequest generates a "aws/request.Request" representing the client's request for the ListSAMLProviders operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListSAMLProviders for more information on using the ListSAMLProviders API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListSAMLProvidersRequest method.
req, resp := client.ListSAMLProvidersRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviders

func (*IAM) ListSAMLProvidersWithContext added in v1.8.0

func (c *IAM) ListSAMLProvidersWithContext(ctx aws.Context, input *ListSAMLProvidersInput, opts ...request.Option) (*ListSAMLProvidersOutput, error)

ListSAMLProvidersWithContext is the same as ListSAMLProviders with the addition of the ability to pass a context and additional request options.

See ListSAMLProviders for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListSSHPublicKeys added in v0.6.6

func (c *IAM) ListSSHPublicKeys(input *ListSSHPublicKeysInput) (*ListSSHPublicKeysOutput, error)

ListSSHPublicKeys API operation for AWS Identity and Access Management.

Returns information about the SSH public keys associated with the specified IAM user. If there are none, the operation returns an empty list.

The SSH public keys returned by this operation are used only for authenticating the IAM user to an AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS CodeCommit for SSH Connections (http://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the AWS CodeCommit User Guide.

Although each user is limited to a small number of keys, you can still paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListSSHPublicKeys for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSSHPublicKeys

func (*IAM) ListSSHPublicKeysPages added in v1.2.3

func (c *IAM) ListSSHPublicKeysPages(input *ListSSHPublicKeysInput, fn func(*ListSSHPublicKeysOutput, bool) bool) error

ListSSHPublicKeysPages iterates over the pages of a ListSSHPublicKeys operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListSSHPublicKeys method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListSSHPublicKeys operation.
pageNum := 0
err := client.ListSSHPublicKeysPages(params,
    func(page *ListSSHPublicKeysOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListSSHPublicKeysPagesWithContext added in v1.8.0

func (c *IAM) ListSSHPublicKeysPagesWithContext(ctx aws.Context, input *ListSSHPublicKeysInput, fn func(*ListSSHPublicKeysOutput, bool) bool, opts ...request.Option) error

ListSSHPublicKeysPagesWithContext same as ListSSHPublicKeysPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListSSHPublicKeysRequest added in v0.6.6

func (c *IAM) ListSSHPublicKeysRequest(input *ListSSHPublicKeysInput) (req *request.Request, output *ListSSHPublicKeysOutput)

ListSSHPublicKeysRequest generates a "aws/request.Request" representing the client's request for the ListSSHPublicKeys operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListSSHPublicKeys for more information on using the ListSSHPublicKeys API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListSSHPublicKeysRequest method.
req, resp := client.ListSSHPublicKeysRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSSHPublicKeys

func (*IAM) ListSSHPublicKeysWithContext added in v1.8.0

func (c *IAM) ListSSHPublicKeysWithContext(ctx aws.Context, input *ListSSHPublicKeysInput, opts ...request.Option) (*ListSSHPublicKeysOutput, error)

ListSSHPublicKeysWithContext is the same as ListSSHPublicKeys with the addition of the ability to pass a context and additional request options.

See ListSSHPublicKeys for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListServerCertificates

func (c *IAM) ListServerCertificates(input *ListServerCertificatesInput) (*ListServerCertificatesOutput, error)

ListServerCertificates API operation for AWS Identity and Access Management.

Lists the server certificates stored in IAM that have the specified path prefix. If none exist, the operation returns an empty list.

You can paginate the results using the MaxItems and Marker parameters.

For more information about working with server certificates, see Working with Server Certificates (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic also includes a list of AWS services that can use the server certificates that you manage with IAM.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListServerCertificates for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificates

func (*IAM) ListServerCertificatesPages

func (c *IAM) ListServerCertificatesPages(input *ListServerCertificatesInput, fn func(*ListServerCertificatesOutput, bool) bool) error

ListServerCertificatesPages iterates over the pages of a ListServerCertificates operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListServerCertificates method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListServerCertificates operation.
pageNum := 0
err := client.ListServerCertificatesPages(params,
    func(page *ListServerCertificatesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListServerCertificatesPagesWithContext added in v1.8.0

func (c *IAM) ListServerCertificatesPagesWithContext(ctx aws.Context, input *ListServerCertificatesInput, fn func(*ListServerCertificatesOutput, bool) bool, opts ...request.Option) error

ListServerCertificatesPagesWithContext same as ListServerCertificatesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListServerCertificatesRequest

func (c *IAM) ListServerCertificatesRequest(input *ListServerCertificatesInput) (req *request.Request, output *ListServerCertificatesOutput)

ListServerCertificatesRequest generates a "aws/request.Request" representing the client's request for the ListServerCertificates operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListServerCertificates for more information on using the ListServerCertificates API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListServerCertificatesRequest method.
req, resp := client.ListServerCertificatesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificates

func (*IAM) ListServerCertificatesWithContext added in v1.8.0

func (c *IAM) ListServerCertificatesWithContext(ctx aws.Context, input *ListServerCertificatesInput, opts ...request.Option) (*ListServerCertificatesOutput, error)

ListServerCertificatesWithContext is the same as ListServerCertificates with the addition of the ability to pass a context and additional request options.

See ListServerCertificates for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListServiceSpecificCredentials added in v1.6.8

func (c *IAM) ListServiceSpecificCredentials(input *ListServiceSpecificCredentialsInput) (*ListServiceSpecificCredentialsOutput, error)

ListServiceSpecificCredentials API operation for AWS Identity and Access Management.

Returns information about the service-specific credentials associated with the specified IAM user. If there are none, the operation returns an empty list. The service-specific credentials returned by this operation are used only for authenticating the IAM user to a specific service. For more information about using service-specific credentials to authenticate to an AWS service, see Set Up service-specific credentials (http://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html) in the AWS CodeCommit User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListServiceSpecificCredentials for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceNotSupportedException "NotSupportedService" The specified service does not support service-specific credentials.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServiceSpecificCredentials

func (*IAM) ListServiceSpecificCredentialsRequest added in v1.6.8

func (c *IAM) ListServiceSpecificCredentialsRequest(input *ListServiceSpecificCredentialsInput) (req *request.Request, output *ListServiceSpecificCredentialsOutput)

ListServiceSpecificCredentialsRequest generates a "aws/request.Request" representing the client's request for the ListServiceSpecificCredentials operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListServiceSpecificCredentials for more information on using the ListServiceSpecificCredentials API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListServiceSpecificCredentialsRequest method.
req, resp := client.ListServiceSpecificCredentialsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServiceSpecificCredentials

func (*IAM) ListServiceSpecificCredentialsWithContext added in v1.8.0

func (c *IAM) ListServiceSpecificCredentialsWithContext(ctx aws.Context, input *ListServiceSpecificCredentialsInput, opts ...request.Option) (*ListServiceSpecificCredentialsOutput, error)

ListServiceSpecificCredentialsWithContext is the same as ListServiceSpecificCredentials with the addition of the ability to pass a context and additional request options.

See ListServiceSpecificCredentials for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListSigningCertificates

func (c *IAM) ListSigningCertificates(input *ListSigningCertificatesInput) (*ListSigningCertificatesOutput, error)

ListSigningCertificates API operation for AWS Identity and Access Management.

Returns information about the signing certificates associated with the specified IAM user. If there are none, the operation returns an empty list.

Although each user is limited to a small number of signing certificates, you can still paginate the results using the MaxItems and Marker parameters.

If the UserName field is not specified, the user name is determined implicitly based on the AWS access key ID used to sign the request for this API. Because this operation works for access keys under the AWS account, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated users.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListSigningCertificates for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSigningCertificates

Example (Shared00)

To list the signing certificates for an IAM user

The following command lists the signing certificates for the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListSigningCertificatesInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.ListSigningCertificates(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListSigningCertificatesPages

func (c *IAM) ListSigningCertificatesPages(input *ListSigningCertificatesInput, fn func(*ListSigningCertificatesOutput, bool) bool) error

ListSigningCertificatesPages iterates over the pages of a ListSigningCertificates operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListSigningCertificates method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListSigningCertificates operation.
pageNum := 0
err := client.ListSigningCertificatesPages(params,
    func(page *ListSigningCertificatesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListSigningCertificatesPagesWithContext added in v1.8.0

func (c *IAM) ListSigningCertificatesPagesWithContext(ctx aws.Context, input *ListSigningCertificatesInput, fn func(*ListSigningCertificatesOutput, bool) bool, opts ...request.Option) error

ListSigningCertificatesPagesWithContext same as ListSigningCertificatesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListSigningCertificatesRequest

func (c *IAM) ListSigningCertificatesRequest(input *ListSigningCertificatesInput) (req *request.Request, output *ListSigningCertificatesOutput)

ListSigningCertificatesRequest generates a "aws/request.Request" representing the client's request for the ListSigningCertificates operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListSigningCertificates for more information on using the ListSigningCertificates API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListSigningCertificatesRequest method.
req, resp := client.ListSigningCertificatesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSigningCertificates

func (*IAM) ListSigningCertificatesWithContext added in v1.8.0

func (c *IAM) ListSigningCertificatesWithContext(ctx aws.Context, input *ListSigningCertificatesInput, opts ...request.Option) (*ListSigningCertificatesOutput, error)

ListSigningCertificatesWithContext is the same as ListSigningCertificates with the addition of the ability to pass a context and additional request options.

See ListSigningCertificates for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListUserPolicies

func (c *IAM) ListUserPolicies(input *ListUserPoliciesInput) (*ListUserPoliciesOutput, error)

ListUserPolicies API operation for AWS Identity and Access Management.

Lists the names of the inline policies embedded in the specified IAM user.

An IAM user can also have managed policies attached to it. To list the managed policies that are attached to a user, use ListAttachedUserPolicies. For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. If there are no inline policies embedded with the specified user, the operation returns an empty list.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListUserPolicies for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserPolicies

func (*IAM) ListUserPoliciesPages

func (c *IAM) ListUserPoliciesPages(input *ListUserPoliciesInput, fn func(*ListUserPoliciesOutput, bool) bool) error

ListUserPoliciesPages iterates over the pages of a ListUserPolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListUserPolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListUserPolicies operation.
pageNum := 0
err := client.ListUserPoliciesPages(params,
    func(page *ListUserPoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListUserPoliciesPagesWithContext added in v1.8.0

func (c *IAM) ListUserPoliciesPagesWithContext(ctx aws.Context, input *ListUserPoliciesInput, fn func(*ListUserPoliciesOutput, bool) bool, opts ...request.Option) error

ListUserPoliciesPagesWithContext same as ListUserPoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListUserPoliciesRequest

func (c *IAM) ListUserPoliciesRequest(input *ListUserPoliciesInput) (req *request.Request, output *ListUserPoliciesOutput)

ListUserPoliciesRequest generates a "aws/request.Request" representing the client's request for the ListUserPolicies operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListUserPolicies for more information on using the ListUserPolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListUserPoliciesRequest method.
req, resp := client.ListUserPoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserPolicies

func (*IAM) ListUserPoliciesWithContext added in v1.8.0

func (c *IAM) ListUserPoliciesWithContext(ctx aws.Context, input *ListUserPoliciesInput, opts ...request.Option) (*ListUserPoliciesOutput, error)

ListUserPoliciesWithContext is the same as ListUserPolicies with the addition of the ability to pass a context and additional request options.

See ListUserPolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListUsers

func (c *IAM) ListUsers(input *ListUsersInput) (*ListUsersOutput, error)

ListUsers API operation for AWS Identity and Access Management.

Lists the IAM users that have the specified path prefix. If no path prefix is specified, the operation returns all users in the AWS account. If there are none, the operation returns an empty list.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListUsers for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUsers

Example (Shared00)

To list IAM users

The following command lists the IAM users in the current account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListUsersInput{}

	result, err := svc.ListUsers(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListUsersPages

func (c *IAM) ListUsersPages(input *ListUsersInput, fn func(*ListUsersOutput, bool) bool) error

ListUsersPages iterates over the pages of a ListUsers operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListUsers method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListUsers operation.
pageNum := 0
err := client.ListUsersPages(params,
    func(page *ListUsersOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListUsersPagesWithContext added in v1.8.0

func (c *IAM) ListUsersPagesWithContext(ctx aws.Context, input *ListUsersInput, fn func(*ListUsersOutput, bool) bool, opts ...request.Option) error

ListUsersPagesWithContext same as ListUsersPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListUsersRequest

func (c *IAM) ListUsersRequest(input *ListUsersInput) (req *request.Request, output *ListUsersOutput)

ListUsersRequest generates a "aws/request.Request" representing the client's request for the ListUsers operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListUsers for more information on using the ListUsers API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListUsersRequest method.
req, resp := client.ListUsersRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUsers

func (*IAM) ListUsersWithContext added in v1.8.0

func (c *IAM) ListUsersWithContext(ctx aws.Context, input *ListUsersInput, opts ...request.Option) (*ListUsersOutput, error)

ListUsersWithContext is the same as ListUsers with the addition of the ability to pass a context and additional request options.

See ListUsers for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListVirtualMFADevices

func (c *IAM) ListVirtualMFADevices(input *ListVirtualMFADevicesInput) (*ListVirtualMFADevicesOutput, error)

ListVirtualMFADevices API operation for AWS Identity and Access Management.

Lists the virtual MFA devices defined in the AWS account by assignment status. If you do not specify an assignment status, the operation returns a list of all virtual MFA devices. Assignment status can be Assigned, Unassigned, or Any.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListVirtualMFADevices for usage and error information. See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListVirtualMFADevices

Example (Shared00)

To list virtual MFA devices

The following command lists the virtual MFA devices that have been configured for the current account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListVirtualMFADevicesInput{}

	result, err := svc.ListVirtualMFADevices(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListVirtualMFADevicesPages

func (c *IAM) ListVirtualMFADevicesPages(input *ListVirtualMFADevicesInput, fn func(*ListVirtualMFADevicesOutput, bool) bool) error

ListVirtualMFADevicesPages iterates over the pages of a ListVirtualMFADevices operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListVirtualMFADevices method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListVirtualMFADevices operation.
pageNum := 0
err := client.ListVirtualMFADevicesPages(params,
    func(page *ListVirtualMFADevicesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListVirtualMFADevicesPagesWithContext added in v1.8.0

func (c *IAM) ListVirtualMFADevicesPagesWithContext(ctx aws.Context, input *ListVirtualMFADevicesInput, fn func(*ListVirtualMFADevicesOutput, bool) bool, opts ...request.Option) error

ListVirtualMFADevicesPagesWithContext same as ListVirtualMFADevicesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListVirtualMFADevicesRequest

func (c *IAM) ListVirtualMFADevicesRequest(input *ListVirtualMFADevicesInput) (req *request.Request, output *ListVirtualMFADevicesOutput)

ListVirtualMFADevicesRequest generates a "aws/request.Request" representing the client's request for the ListVirtualMFADevices operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListVirtualMFADevices for more information on using the ListVirtualMFADevices API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListVirtualMFADevicesRequest method.
req, resp := client.ListVirtualMFADevicesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListVirtualMFADevices

func (*IAM) ListVirtualMFADevicesWithContext added in v1.8.0

func (c *IAM) ListVirtualMFADevicesWithContext(ctx aws.Context, input *ListVirtualMFADevicesInput, opts ...request.Option) (*ListVirtualMFADevicesOutput, error)

ListVirtualMFADevicesWithContext is the same as ListVirtualMFADevices with the addition of the ability to pass a context and additional request options.

See ListVirtualMFADevices for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) PutGroupPolicy

func (c *IAM) PutGroupPolicy(input *PutGroupPolicyInput) (*PutGroupPolicyOutput, error)

PutGroupPolicy API operation for AWS Identity and Access Management.

Adds or updates an inline policy document that is embedded in the specified IAM group.

A user can also have managed policies attached to it. To attach a managed policy to a group, use AttachGroupPolicy. To create a new managed policy, use CreatePolicy. For information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For information about limits on the number of inline policies that you can embed in a group, see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutGroupPolicy. For general information about using the Query API with IAM, go to Making Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation PutGroupPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutGroupPolicy

Example (Shared00)

To add a policy to a group

The following command adds a policy named AllPerms to the IAM group named Admins.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.PutGroupPolicyInput{
		GroupName:      aws.String("Admins"),
		PolicyDocument: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"),
		PolicyName:     aws.String("AllPerms"),
	}

	result, err := svc.PutGroupPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) PutGroupPolicyRequest

func (c *IAM) PutGroupPolicyRequest(input *PutGroupPolicyInput) (req *request.Request, output *PutGroupPolicyOutput)

PutGroupPolicyRequest generates a "aws/request.Request" representing the client's request for the PutGroupPolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See PutGroupPolicy for more information on using the PutGroupPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the PutGroupPolicyRequest method.
req, resp := client.PutGroupPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutGroupPolicy

func (*IAM) PutGroupPolicyWithContext added in v1.8.0

func (c *IAM) PutGroupPolicyWithContext(ctx aws.Context, input *PutGroupPolicyInput, opts ...request.Option) (*PutGroupPolicyOutput, error)

PutGroupPolicyWithContext is the same as PutGroupPolicy with the addition of the ability to pass a context and additional request options.

See PutGroupPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) PutRolePolicy

func (c *IAM) PutRolePolicy(input *PutRolePolicyInput) (*PutRolePolicyOutput, error)

PutRolePolicy API operation for AWS Identity and Access Management.

Adds or updates an inline policy document that is embedded in the specified IAM role.

When you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role, using CreateRole. You can update a role's trust policy using UpdateAssumeRolePolicy. For more information about IAM roles, go to Using Roles to Delegate Permissions and Federate Identities (http://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html).

A role can also have a managed policy attached to it. To attach a managed policy to a role, use AttachRolePolicy. To create a new managed policy, use CreatePolicy. For information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For information about limits on the number of inline policies that you can embed with a role, see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutRolePolicy. For general information about using the Query API with IAM, go to Making Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation PutRolePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePolicy

Example (Shared00)

To attach a permissions policy to an IAM role

The following command adds a permissions policy to the role named Test-Role.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.PutRolePolicyInput{
		PolicyDocument: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"s3:*\",\"Resource\":\"*\"}}"),
		PolicyName:     aws.String("S3AccessPolicy"),
		RoleName:       aws.String("S3Access"),
	}

	result, err := svc.PutRolePolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) PutRolePolicyRequest

func (c *IAM) PutRolePolicyRequest(input *PutRolePolicyInput) (req *request.Request, output *PutRolePolicyOutput)

PutRolePolicyRequest generates a "aws/request.Request" representing the client's request for the PutRolePolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See PutRolePolicy for more information on using the PutRolePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the PutRolePolicyRequest method.
req, resp := client.PutRolePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePolicy

func (*IAM) PutRolePolicyWithContext added in v1.8.0

func (c *IAM) PutRolePolicyWithContext(ctx aws.Context, input *PutRolePolicyInput, opts ...request.Option) (*PutRolePolicyOutput, error)

PutRolePolicyWithContext is the same as PutRolePolicy with the addition of the ability to pass a context and additional request options.

See PutRolePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) PutUserPolicy

func (c *IAM) PutUserPolicy(input *PutUserPolicyInput) (*PutUserPolicyOutput, error)

PutUserPolicy API operation for AWS Identity and Access Management.

Adds or updates an inline policy document that is embedded in the specified IAM user.

An IAM user can also have a managed policy attached to it. To attach a managed policy to a user, use AttachUserPolicy. To create a new managed policy, use CreatePolicy. For information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For information about limits on the number of inline policies that you can embed in a user, see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutUserPolicy. For general information about using the Query API with IAM, go to Making Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation PutUserPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPolicy

Example (Shared00)

To attach a policy to an IAM user

The following command attaches a policy to the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.PutUserPolicyInput{
		PolicyDocument: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"),
		PolicyName:     aws.String("AllAccessPolicy"),
		UserName:       aws.String("Bob"),
	}

	result, err := svc.PutUserPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) PutUserPolicyRequest

func (c *IAM) PutUserPolicyRequest(input *PutUserPolicyInput) (req *request.Request, output *PutUserPolicyOutput)

PutUserPolicyRequest generates a "aws/request.Request" representing the client's request for the PutUserPolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See PutUserPolicy for more information on using the PutUserPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the PutUserPolicyRequest method.
req, resp := client.PutUserPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPolicy

func (*IAM) PutUserPolicyWithContext added in v1.8.0

func (c *IAM) PutUserPolicyWithContext(ctx aws.Context, input *PutUserPolicyInput, opts ...request.Option) (*PutUserPolicyOutput, error)

PutUserPolicyWithContext is the same as PutUserPolicy with the addition of the ability to pass a context and additional request options.

See PutUserPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) RemoveClientIDFromOpenIDConnectProvider

func (c *IAM) RemoveClientIDFromOpenIDConnectProvider(input *RemoveClientIDFromOpenIDConnectProviderInput) (*RemoveClientIDFromOpenIDConnectProviderOutput, error)

RemoveClientIDFromOpenIDConnectProvider API operation for AWS Identity and Access Management.

Removes the specified client ID (also known as audience) from the list of client IDs registered for the specified IAM OpenID Connect (OIDC) provider resource object.

This operation is idempotent; it does not fail or return an error if you try to remove a client ID that does not exist.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation RemoveClientIDFromOpenIDConnectProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveClientIDFromOpenIDConnectProvider

func (*IAM) RemoveClientIDFromOpenIDConnectProviderRequest

func (c *IAM) RemoveClientIDFromOpenIDConnectProviderRequest(input *RemoveClientIDFromOpenIDConnectProviderInput) (req *request.Request, output *RemoveClientIDFromOpenIDConnectProviderOutput)

RemoveClientIDFromOpenIDConnectProviderRequest generates a "aws/request.Request" representing the client's request for the RemoveClientIDFromOpenIDConnectProvider operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See RemoveClientIDFromOpenIDConnectProvider for more information on using the RemoveClientIDFromOpenIDConnectProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the RemoveClientIDFromOpenIDConnectProviderRequest method.
req, resp := client.RemoveClientIDFromOpenIDConnectProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveClientIDFromOpenIDConnectProvider

func (*IAM) RemoveClientIDFromOpenIDConnectProviderWithContext added in v1.8.0

func (c *IAM) RemoveClientIDFromOpenIDConnectProviderWithContext(ctx aws.Context, input *RemoveClientIDFromOpenIDConnectProviderInput, opts ...request.Option) (*RemoveClientIDFromOpenIDConnectProviderOutput, error)

RemoveClientIDFromOpenIDConnectProviderWithContext is the same as RemoveClientIDFromOpenIDConnectProvider with the addition of the ability to pass a context and additional request options.

See RemoveClientIDFromOpenIDConnectProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) RemoveRoleFromInstanceProfile

func (c *IAM) RemoveRoleFromInstanceProfile(input *RemoveRoleFromInstanceProfileInput) (*RemoveRoleFromInstanceProfileOutput, error)

RemoveRoleFromInstanceProfile API operation for AWS Identity and Access Management.

Removes the specified IAM role from the specified EC2 instance profile.

Make sure that you do not have any Amazon EC2 instances running with the role you are about to remove from the instance profile. Removing a role from an instance profile that is associated with a running instance might break any applications running on the instance.

For more information about IAM roles, go to Working with Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). For more information about instance profiles, go to About Instance Profiles (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation RemoveRoleFromInstanceProfile for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveRoleFromInstanceProfile

Example (Shared00)

To remove a role from an instance profile

The following command removes the role named Test-Role from the instance profile named ExampleInstanceProfile.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.RemoveRoleFromInstanceProfileInput{
		InstanceProfileName: aws.String("ExampleInstanceProfile"),
		RoleName:            aws.String("Test-Role"),
	}

	result, err := svc.RemoveRoleFromInstanceProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) RemoveRoleFromInstanceProfileRequest

func (c *IAM) RemoveRoleFromInstanceProfileRequest(input *RemoveRoleFromInstanceProfileInput) (req *request.Request, output *RemoveRoleFromInstanceProfileOutput)

RemoveRoleFromInstanceProfileRequest generates a "aws/request.Request" representing the client's request for the RemoveRoleFromInstanceProfile operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See RemoveRoleFromInstanceProfile for more information on using the RemoveRoleFromInstanceProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the RemoveRoleFromInstanceProfileRequest method.
req, resp := client.RemoveRoleFromInstanceProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveRoleFromInstanceProfile

func (*IAM) RemoveRoleFromInstanceProfileWithContext added in v1.8.0

func (c *IAM) RemoveRoleFromInstanceProfileWithContext(ctx aws.Context, input *RemoveRoleFromInstanceProfileInput, opts ...request.Option) (*RemoveRoleFromInstanceProfileOutput, error)

RemoveRoleFromInstanceProfileWithContext is the same as RemoveRoleFromInstanceProfile with the addition of the ability to pass a context and additional request options.

See RemoveRoleFromInstanceProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) RemoveUserFromGroup

func (c *IAM) RemoveUserFromGroup(input *RemoveUserFromGroupInput) (*RemoveUserFromGroupOutput, error)

RemoveUserFromGroup API operation for AWS Identity and Access Management.

Removes the specified user from the specified group.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation RemoveUserFromGroup for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveUserFromGroup

Example (Shared00)

To remove a user from an IAM group

The following command removes the user named Bob from the IAM group named Admins.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.RemoveUserFromGroupInput{
		GroupName: aws.String("Admins"),
		UserName:  aws.String("Bob"),
	}

	result, err := svc.RemoveUserFromGroup(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) RemoveUserFromGroupRequest

func (c *IAM) RemoveUserFromGroupRequest(input *RemoveUserFromGroupInput) (req *request.Request, output *RemoveUserFromGroupOutput)

RemoveUserFromGroupRequest generates a "aws/request.Request" representing the client's request for the RemoveUserFromGroup operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See RemoveUserFromGroup for more information on using the RemoveUserFromGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the RemoveUserFromGroupRequest method.
req, resp := client.RemoveUserFromGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveUserFromGroup

func (*IAM) RemoveUserFromGroupWithContext added in v1.8.0

func (c *IAM) RemoveUserFromGroupWithContext(ctx aws.Context, input *RemoveUserFromGroupInput, opts ...request.Option) (*RemoveUserFromGroupOutput, error)

RemoveUserFromGroupWithContext is the same as RemoveUserFromGroup with the addition of the ability to pass a context and additional request options.

See RemoveUserFromGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ResetServiceSpecificCredential added in v1.6.8

func (c *IAM) ResetServiceSpecificCredential(input *ResetServiceSpecificCredentialInput) (*ResetServiceSpecificCredentialOutput, error)

ResetServiceSpecificCredential API operation for AWS Identity and Access Management.

Resets the password for a service-specific credential. The new password is AWS generated and cryptographically strong. It cannot be configured by the user. Resetting the password immediately invalidates the previous password associated with this user.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ResetServiceSpecificCredential for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResetServiceSpecificCredential

func (*IAM) ResetServiceSpecificCredentialRequest added in v1.6.8

func (c *IAM) ResetServiceSpecificCredentialRequest(input *ResetServiceSpecificCredentialInput) (req *request.Request, output *ResetServiceSpecificCredentialOutput)

ResetServiceSpecificCredentialRequest generates a "aws/request.Request" representing the client's request for the ResetServiceSpecificCredential operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ResetServiceSpecificCredential for more information on using the ResetServiceSpecificCredential API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ResetServiceSpecificCredentialRequest method.
req, resp := client.ResetServiceSpecificCredentialRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResetServiceSpecificCredential

func (*IAM) ResetServiceSpecificCredentialWithContext added in v1.8.0

func (c *IAM) ResetServiceSpecificCredentialWithContext(ctx aws.Context, input *ResetServiceSpecificCredentialInput, opts ...request.Option) (*ResetServiceSpecificCredentialOutput, error)

ResetServiceSpecificCredentialWithContext is the same as ResetServiceSpecificCredential with the addition of the ability to pass a context and additional request options.

See ResetServiceSpecificCredential for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ResyncMFADevice

func (c *IAM) ResyncMFADevice(input *ResyncMFADeviceInput) (*ResyncMFADeviceOutput, error)

ResyncMFADevice API operation for AWS Identity and Access Management.

Synchronizes the specified MFA device with its IAM resource object on the AWS servers.

For more information about creating and working with virtual MFA devices, go to Using a Virtual MFA Device (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ResyncMFADevice for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidAuthenticationCodeException "InvalidAuthenticationCode" The request was rejected because the authentication code was not recognized. The error message describes the specific error.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResyncMFADevice

func (*IAM) ResyncMFADeviceRequest

func (c *IAM) ResyncMFADeviceRequest(input *ResyncMFADeviceInput) (req *request.Request, output *ResyncMFADeviceOutput)

ResyncMFADeviceRequest generates a "aws/request.Request" representing the client's request for the ResyncMFADevice operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ResyncMFADevice for more information on using the ResyncMFADevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ResyncMFADeviceRequest method.
req, resp := client.ResyncMFADeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResyncMFADevice

func (*IAM) ResyncMFADeviceWithContext added in v1.8.0

func (c *IAM) ResyncMFADeviceWithContext(ctx aws.Context, input *ResyncMFADeviceInput, opts ...request.Option) (*ResyncMFADeviceOutput, error)

ResyncMFADeviceWithContext is the same as ResyncMFADevice with the addition of the ability to pass a context and additional request options.

See ResyncMFADevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) SetDefaultPolicyVersion

func (c *IAM) SetDefaultPolicyVersion(input *SetDefaultPolicyVersionInput) (*SetDefaultPolicyVersionOutput, error)

SetDefaultPolicyVersion API operation for AWS Identity and Access Management.

Sets the specified version of the specified policy as the policy's default (operative) version.

This operation affects all users, groups, and roles that the policy is attached to. To list the users, groups, and roles that the policy is attached to, use the ListEntitiesForPolicy API.

For information about managed policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation SetDefaultPolicyVersion for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetDefaultPolicyVersion

func (*IAM) SetDefaultPolicyVersionRequest

func (c *IAM) SetDefaultPolicyVersionRequest(input *SetDefaultPolicyVersionInput) (req *request.Request, output *SetDefaultPolicyVersionOutput)

SetDefaultPolicyVersionRequest generates a "aws/request.Request" representing the client's request for the SetDefaultPolicyVersion operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See SetDefaultPolicyVersion for more information on using the SetDefaultPolicyVersion API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the SetDefaultPolicyVersionRequest method.
req, resp := client.SetDefaultPolicyVersionRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetDefaultPolicyVersion

func (*IAM) SetDefaultPolicyVersionWithContext added in v1.8.0

func (c *IAM) SetDefaultPolicyVersionWithContext(ctx aws.Context, input *SetDefaultPolicyVersionInput, opts ...request.Option) (*SetDefaultPolicyVersionOutput, error)

SetDefaultPolicyVersionWithContext is the same as SetDefaultPolicyVersion with the addition of the ability to pass a context and additional request options.

See SetDefaultPolicyVersion for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) SimulateCustomPolicy added in v0.9.6

func (c *IAM) SimulateCustomPolicy(input *SimulateCustomPolicyInput) (*SimulatePolicyResponse, error)

SimulateCustomPolicy API operation for AWS Identity and Access Management.

Simulate how a set of IAM policies and optionally a resource-based policy works with a list of API operations and AWS resources to determine the policies' effective permissions. The policies are provided as strings.

The simulation does not perform the API operations; it only checks the authorization to determine if the simulated policies allow or deny the operations.

If you want to simulate existing policies attached to an IAM user, group, or role, use SimulatePrincipalPolicy instead.

Context keys are variables maintained by AWS and its services that provide details about the context of an API query request. You can use the Condition element of an IAM policy to evaluate context keys. To get the list of context keys that the policies require for correct simulation, use GetContextKeysForCustomPolicy.

If the output is long, you can use MaxItems and Marker parameters to paginate the results.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation SimulateCustomPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodePolicyEvaluationException "PolicyEvaluation" The request failed because a provided policy could not be successfully evaluated. An additional detailed message indicates the source of the failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulateCustomPolicy

func (*IAM) SimulateCustomPolicyPages added in v1.2.3

func (c *IAM) SimulateCustomPolicyPages(input *SimulateCustomPolicyInput, fn func(*SimulatePolicyResponse, bool) bool) error

SimulateCustomPolicyPages iterates over the pages of a SimulateCustomPolicy operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See SimulateCustomPolicy method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a SimulateCustomPolicy operation.
pageNum := 0
err := client.SimulateCustomPolicyPages(params,
    func(page *SimulatePolicyResponse, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) SimulateCustomPolicyPagesWithContext added in v1.8.0

func (c *IAM) SimulateCustomPolicyPagesWithContext(ctx aws.Context, input *SimulateCustomPolicyInput, fn func(*SimulatePolicyResponse, bool) bool, opts ...request.Option) error

SimulateCustomPolicyPagesWithContext same as SimulateCustomPolicyPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) SimulateCustomPolicyRequest added in v0.9.6

func (c *IAM) SimulateCustomPolicyRequest(input *SimulateCustomPolicyInput) (req *request.Request, output *SimulatePolicyResponse)

SimulateCustomPolicyRequest generates a "aws/request.Request" representing the client's request for the SimulateCustomPolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See SimulateCustomPolicy for more information on using the SimulateCustomPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the SimulateCustomPolicyRequest method.
req, resp := client.SimulateCustomPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulateCustomPolicy

func (*IAM) SimulateCustomPolicyWithContext added in v1.8.0

func (c *IAM) SimulateCustomPolicyWithContext(ctx aws.Context, input *SimulateCustomPolicyInput, opts ...request.Option) (*SimulatePolicyResponse, error)

SimulateCustomPolicyWithContext is the same as SimulateCustomPolicy with the addition of the ability to pass a context and additional request options.

See SimulateCustomPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) SimulatePrincipalPolicy added in v0.9.6

func (c *IAM) SimulatePrincipalPolicy(input *SimulatePrincipalPolicyInput) (*SimulatePolicyResponse, error)

SimulatePrincipalPolicy API operation for AWS Identity and Access Management.

Simulate how a set of IAM policies attached to an IAM entity works with a list of API operations and AWS resources to determine the policies' effective permissions. The entity can be an IAM user, group, or role. If you specify a user, then the simulation also includes all of the policies that are attached to groups that the user belongs to.

You can optionally include a list of one or more additional policies specified as strings to include in the simulation. If you want to simulate only policies specified as strings, use SimulateCustomPolicy instead.

You can also optionally include one resource-based policy to be evaluated with each of the resources included in the simulation.

The simulation does not perform the API operations, it only checks the authorization to determine if the simulated policies allow or deny the operations.

Note: This API discloses information about the permissions granted to other users. If you do not want users to see other user's permissions, then consider allowing them to use SimulateCustomPolicy instead.

Context keys are variables maintained by AWS and its services that provide details about the context of an API query request. You can use the Condition element of an IAM policy to evaluate context keys. To get the list of context keys that the policies require for correct simulation, use GetContextKeysForPrincipalPolicy.

If the output is long, you can use the MaxItems and Marker parameters to paginate the results.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation SimulatePrincipalPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodePolicyEvaluationException "PolicyEvaluation" The request failed because a provided policy could not be successfully evaluated. An additional detailed message indicates the source of the failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulatePrincipalPolicy

func (*IAM) SimulatePrincipalPolicyPages added in v1.2.3

func (c *IAM) SimulatePrincipalPolicyPages(input *SimulatePrincipalPolicyInput, fn func(*SimulatePolicyResponse, bool) bool) error

SimulatePrincipalPolicyPages iterates over the pages of a SimulatePrincipalPolicy operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See SimulatePrincipalPolicy method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a SimulatePrincipalPolicy operation.
pageNum := 0
err := client.SimulatePrincipalPolicyPages(params,
    func(page *SimulatePolicyResponse, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) SimulatePrincipalPolicyPagesWithContext added in v1.8.0

func (c *IAM) SimulatePrincipalPolicyPagesWithContext(ctx aws.Context, input *SimulatePrincipalPolicyInput, fn func(*SimulatePolicyResponse, bool) bool, opts ...request.Option) error

SimulatePrincipalPolicyPagesWithContext same as SimulatePrincipalPolicyPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) SimulatePrincipalPolicyRequest added in v0.9.6

func (c *IAM) SimulatePrincipalPolicyRequest(input *SimulatePrincipalPolicyInput) (req *request.Request, output *SimulatePolicyResponse)

SimulatePrincipalPolicyRequest generates a "aws/request.Request" representing the client's request for the SimulatePrincipalPolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See SimulatePrincipalPolicy for more information on using the SimulatePrincipalPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the SimulatePrincipalPolicyRequest method.
req, resp := client.SimulatePrincipalPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulatePrincipalPolicy

func (*IAM) SimulatePrincipalPolicyWithContext added in v1.8.0

func (c *IAM) SimulatePrincipalPolicyWithContext(ctx aws.Context, input *SimulatePrincipalPolicyInput, opts ...request.Option) (*SimulatePolicyResponse, error)

SimulatePrincipalPolicyWithContext is the same as SimulatePrincipalPolicy with the addition of the ability to pass a context and additional request options.

See SimulatePrincipalPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateAccessKey

func (c *IAM) UpdateAccessKey(input *UpdateAccessKeyInput) (*UpdateAccessKeyOutput, error)

UpdateAccessKey API operation for AWS Identity and Access Management.

Changes the status of the specified access key from Active to Inactive, or vice versa. This operation can be used to disable a user's key as part of a key rotation workflow.

If the UserName field is not specified, the user name is determined implicitly based on the AWS access key ID used to sign the request. Because this operation works for access keys under the AWS account, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated users.

For information about rotating keys, see Managing Keys and Certificates (http://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingCredentials.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateAccessKey for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccessKey

Example (Shared00)

To activate or deactivate an access key for an IAM user

The following command deactivates the specified access key (access key ID and secret access key) for the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateAccessKeyInput{
		AccessKeyId: aws.String("AKIAIOSFODNN7EXAMPLE"),
		Status:      aws.String("Inactive"),
		UserName:    aws.String("Bob"),
	}

	result, err := svc.UpdateAccessKey(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateAccessKeyRequest

func (c *IAM) UpdateAccessKeyRequest(input *UpdateAccessKeyInput) (req *request.Request, output *UpdateAccessKeyOutput)

UpdateAccessKeyRequest generates a "aws/request.Request" representing the client's request for the UpdateAccessKey operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateAccessKey for more information on using the UpdateAccessKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateAccessKeyRequest method.
req, resp := client.UpdateAccessKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccessKey

func (*IAM) UpdateAccessKeyWithContext added in v1.8.0

func (c *IAM) UpdateAccessKeyWithContext(ctx aws.Context, input *UpdateAccessKeyInput, opts ...request.Option) (*UpdateAccessKeyOutput, error)

UpdateAccessKeyWithContext is the same as UpdateAccessKey with the addition of the ability to pass a context and additional request options.

See UpdateAccessKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateAccountPasswordPolicy

func (c *IAM) UpdateAccountPasswordPolicy(input *UpdateAccountPasswordPolicyInput) (*UpdateAccountPasswordPolicyOutput, error)

UpdateAccountPasswordPolicy API operation for AWS Identity and Access Management.

Updates the password policy settings for the AWS account.

This operation does not support partial updates. No parameters are required, but if you do not specify a parameter, that parameter's value reverts to its default value. See the Request Parameters section for each parameter's default value. Also note that some parameters do not allow the default parameter to be explicitly set. Instead, to invoke the default value, do not include that parameter when you invoke the operation.

For more information about using a password policy, see Managing an IAM Password Policy (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateAccountPasswordPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccountPasswordPolicy

Example (Shared00)

To set or change the current account password policy

The following command sets the password policy to require a minimum length of eight characters and to require one or more numbers in the password:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateAccountPasswordPolicyInput{
		MinimumPasswordLength: aws.Int64(8),
		RequireNumbers:        aws.Bool(true),
	}

	result, err := svc.UpdateAccountPasswordPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateAccountPasswordPolicyRequest

func (c *IAM) UpdateAccountPasswordPolicyRequest(input *UpdateAccountPasswordPolicyInput) (req *request.Request, output *UpdateAccountPasswordPolicyOutput)

UpdateAccountPasswordPolicyRequest generates a "aws/request.Request" representing the client's request for the UpdateAccountPasswordPolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateAccountPasswordPolicy for more information on using the UpdateAccountPasswordPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateAccountPasswordPolicyRequest method.
req, resp := client.UpdateAccountPasswordPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccountPasswordPolicy

func (*IAM) UpdateAccountPasswordPolicyWithContext added in v1.8.0

func (c *IAM) UpdateAccountPasswordPolicyWithContext(ctx aws.Context, input *UpdateAccountPasswordPolicyInput, opts ...request.Option) (*UpdateAccountPasswordPolicyOutput, error)

UpdateAccountPasswordPolicyWithContext is the same as UpdateAccountPasswordPolicy with the addition of the ability to pass a context and additional request options.

See UpdateAccountPasswordPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateAssumeRolePolicy

func (c *IAM) UpdateAssumeRolePolicy(input *UpdateAssumeRolePolicyInput) (*UpdateAssumeRolePolicyOutput, error)

UpdateAssumeRolePolicy API operation for AWS Identity and Access Management.

Updates the policy that grants an IAM entity permission to assume a role. This is typically referred to as the "role trust policy". For more information about roles, go to Using Roles to Delegate Permissions and Federate Identities (http://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateAssumeRolePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAssumeRolePolicy

Example (Shared00)

To update the trust policy for an IAM role

The following command updates the role trust policy for the role named Test-Role:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateAssumeRolePolicyInput{
		PolicyDocument: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}"),
		RoleName:       aws.String("S3AccessForEC2Instances"),
	}

	result, err := svc.UpdateAssumeRolePolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateAssumeRolePolicyRequest

func (c *IAM) UpdateAssumeRolePolicyRequest(input *UpdateAssumeRolePolicyInput) (req *request.Request, output *UpdateAssumeRolePolicyOutput)

UpdateAssumeRolePolicyRequest generates a "aws/request.Request" representing the client's request for the UpdateAssumeRolePolicy operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateAssumeRolePolicy for more information on using the UpdateAssumeRolePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateAssumeRolePolicyRequest method.
req, resp := client.UpdateAssumeRolePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAssumeRolePolicy

func (*IAM) UpdateAssumeRolePolicyWithContext added in v1.8.0

func (c *IAM) UpdateAssumeRolePolicyWithContext(ctx aws.Context, input *UpdateAssumeRolePolicyInput, opts ...request.Option) (*UpdateAssumeRolePolicyOutput, error)

UpdateAssumeRolePolicyWithContext is the same as UpdateAssumeRolePolicy with the addition of the ability to pass a context and additional request options.

See UpdateAssumeRolePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateGroup

func (c *IAM) UpdateGroup(input *UpdateGroupInput) (*UpdateGroupOutput, error)

UpdateGroup API operation for AWS Identity and Access Management.

Updates the name and/or the path of the specified IAM group.

You should understand the implications of changing a group's path or name. For more information, see Renaming Users and Groups (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_WorkingWithGroupsAndUsers.html) in the IAM User Guide.

The person making the request (the principal), must have permission to change the role group with the old name and the new name. For example, to change the group named Managers to MGRs, the principal must have a policy that allows them to update both groups. If the principal has permission to update the Managers group, but not the MGRs group, then the update fails. For more information about permissions, see Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateGroup for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateGroup

Example (Shared00)

To rename an IAM group

The following command changes the name of the IAM group Test to Test-1.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateGroupInput{
		GroupName:    aws.String("Test"),
		NewGroupName: aws.String("Test-1"),
	}

	result, err := svc.UpdateGroup(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateGroupRequest

func (c *IAM) UpdateGroupRequest(input *UpdateGroupInput) (req *request.Request, output *UpdateGroupOutput)

UpdateGroupRequest generates a "aws/request.Request" representing the client's request for the UpdateGroup operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateGroup for more information on using the UpdateGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateGroupRequest method.
req, resp := client.UpdateGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateGroup

func (*IAM) UpdateGroupWithContext added in v1.8.0

func (c *IAM) UpdateGroupWithContext(ctx aws.Context, input *UpdateGroupInput, opts ...request.Option) (*UpdateGroupOutput, error)

UpdateGroupWithContext is the same as UpdateGroup with the addition of the ability to pass a context and additional request options.

See UpdateGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateLoginProfile

func (c *IAM) UpdateLoginProfile(input *UpdateLoginProfileInput) (*UpdateLoginProfileOutput, error)

UpdateLoginProfile API operation for AWS Identity and Access Management.

Changes the password for the specified IAM user.

IAM users can change their own passwords by calling ChangePassword. For more information about modifying passwords, see Managing Passwords (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateLoginProfile for usage and error information.

Returned Error Codes:

  • ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable" The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodePasswordPolicyViolationException "PasswordPolicyViolation" The request was rejected because the provided password did not meet the requirements imposed by the account password policy.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateLoginProfile

Example (Shared00)

To change the password for an IAM user

The following command creates or changes the password for the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateLoginProfileInput{
		Password: aws.String("SomeKindOfPassword123!@#"),
		UserName: aws.String("Bob"),
	}

	result, err := svc.UpdateLoginProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeEntityTemporarilyUnmodifiableException:
				fmt.Println(iam.ErrCodeEntityTemporarilyUnmodifiableException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodePasswordPolicyViolationException:
				fmt.Println(iam.ErrCodePasswordPolicyViolationException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateLoginProfileRequest

func (c *IAM) UpdateLoginProfileRequest(input *UpdateLoginProfileInput) (req *request.Request, output *UpdateLoginProfileOutput)

UpdateLoginProfileRequest generates a "aws/request.Request" representing the client's request for the UpdateLoginProfile operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateLoginProfile for more information on using the UpdateLoginProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateLoginProfileRequest method.
req, resp := client.UpdateLoginProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateLoginProfile

func (*IAM) UpdateLoginProfileWithContext added in v1.8.0

func (c *IAM) UpdateLoginProfileWithContext(ctx aws.Context, input *UpdateLoginProfileInput, opts ...request.Option) (*UpdateLoginProfileOutput, error)

UpdateLoginProfileWithContext is the same as UpdateLoginProfile with the addition of the ability to pass a context and additional request options.

See UpdateLoginProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateOpenIDConnectProviderThumbprint

func (c *IAM) UpdateOpenIDConnectProviderThumbprint(input *UpdateOpenIDConnectProviderThumbprintInput) (*UpdateOpenIDConnectProviderThumbprintOutput, error)

UpdateOpenIDConnectProviderThumbprint API operation for AWS Identity and Access Management.

Replaces the existing list of server certificate thumbprints associated with an OpenID Connect (OIDC) provider resource object with a new list of thumbprints.

The list that you pass with this operation completely replaces the existing list of thumbprints. (The lists are not merged.)

Typically, you need to update a thumbprint only when the identity provider's certificate changes, which occurs rarely. However, if the provider's certificate does change, any attempt to assume an IAM role that specifies the OIDC provider as a principal fails until the certificate thumbprint is updated.

Because trust for the OIDC provider is derived from the provider's certificate and is validated by the thumbprint, it is best to limit access to the UpdateOpenIDConnectProviderThumbprint operation to highly privileged users.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateOpenIDConnectProviderThumbprint for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateOpenIDConnectProviderThumbprint

func (*IAM) UpdateOpenIDConnectProviderThumbprintRequest

func (c *IAM) UpdateOpenIDConnectProviderThumbprintRequest(input *UpdateOpenIDConnectProviderThumbprintInput) (req *request.Request, output *UpdateOpenIDConnectProviderThumbprintOutput)

UpdateOpenIDConnectProviderThumbprintRequest generates a "aws/request.Request" representing the client's request for the UpdateOpenIDConnectProviderThumbprint operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateOpenIDConnectProviderThumbprint for more information on using the UpdateOpenIDConnectProviderThumbprint API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateOpenIDConnectProviderThumbprintRequest method.
req, resp := client.UpdateOpenIDConnectProviderThumbprintRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateOpenIDConnectProviderThumbprint

func (*IAM) UpdateOpenIDConnectProviderThumbprintWithContext added in v1.8.0

func (c *IAM) UpdateOpenIDConnectProviderThumbprintWithContext(ctx aws.Context, input *UpdateOpenIDConnectProviderThumbprintInput, opts ...request.Option) (*UpdateOpenIDConnectProviderThumbprintOutput, error)

UpdateOpenIDConnectProviderThumbprintWithContext is the same as UpdateOpenIDConnectProviderThumbprint with the addition of the ability to pass a context and additional request options.

See UpdateOpenIDConnectProviderThumbprint for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateRole added in v1.13.23

func (c *IAM) UpdateRole(input *UpdateRoleInput) (*UpdateRoleOutput, error)

UpdateRole API operation for AWS Identity and Access Management.

Updates the description or maximum session duration setting of a role.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateRole for usage and error information.

Returned Error Codes:

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRole

func (*IAM) UpdateRoleDescription added in v1.8.14

func (c *IAM) UpdateRoleDescription(input *UpdateRoleDescriptionInput) (*UpdateRoleDescriptionOutput, error)

UpdateRoleDescription API operation for AWS Identity and Access Management.

Use instead.

Modifies only the description of a role. This operation performs the same function as the Description parameter in the UpdateRole operation.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateRoleDescription for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRoleDescription

func (*IAM) UpdateRoleDescriptionRequest added in v1.8.14

func (c *IAM) UpdateRoleDescriptionRequest(input *UpdateRoleDescriptionInput) (req *request.Request, output *UpdateRoleDescriptionOutput)

UpdateRoleDescriptionRequest generates a "aws/request.Request" representing the client's request for the UpdateRoleDescription operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateRoleDescription for more information on using the UpdateRoleDescription API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateRoleDescriptionRequest method.
req, resp := client.UpdateRoleDescriptionRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRoleDescription

func (*IAM) UpdateRoleDescriptionWithContext added in v1.8.14

func (c *IAM) UpdateRoleDescriptionWithContext(ctx aws.Context, input *UpdateRoleDescriptionInput, opts ...request.Option) (*UpdateRoleDescriptionOutput, error)

UpdateRoleDescriptionWithContext is the same as UpdateRoleDescription with the addition of the ability to pass a context and additional request options.

See UpdateRoleDescription for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateRoleRequest added in v1.13.23

func (c *IAM) UpdateRoleRequest(input *UpdateRoleInput) (req *request.Request, output *UpdateRoleOutput)

UpdateRoleRequest generates a "aws/request.Request" representing the client's request for the UpdateRole operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateRole for more information on using the UpdateRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateRoleRequest method.
req, resp := client.UpdateRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRole

func (*IAM) UpdateRoleWithContext added in v1.13.23

func (c *IAM) UpdateRoleWithContext(ctx aws.Context, input *UpdateRoleInput, opts ...request.Option) (*UpdateRoleOutput, error)

UpdateRoleWithContext is the same as UpdateRole with the addition of the ability to pass a context and additional request options.

See UpdateRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateSAMLProvider

func (c *IAM) UpdateSAMLProvider(input *UpdateSAMLProviderInput) (*UpdateSAMLProviderOutput, error)

UpdateSAMLProvider API operation for AWS Identity and Access Management.

Updates the metadata document for an existing SAML provider resource object.

This operation requires Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateSAMLProvider for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSAMLProvider

func (*IAM) UpdateSAMLProviderRequest

func (c *IAM) UpdateSAMLProviderRequest(input *UpdateSAMLProviderInput) (req *request.Request, output *UpdateSAMLProviderOutput)

UpdateSAMLProviderRequest generates a "aws/request.Request" representing the client's request for the UpdateSAMLProvider operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateSAMLProvider for more information on using the UpdateSAMLProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateSAMLProviderRequest method.
req, resp := client.UpdateSAMLProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSAMLProvider

func (*IAM) UpdateSAMLProviderWithContext added in v1.8.0

func (c *IAM) UpdateSAMLProviderWithContext(ctx aws.Context, input *UpdateSAMLProviderInput, opts ...request.Option) (*UpdateSAMLProviderOutput, error)

UpdateSAMLProviderWithContext is the same as UpdateSAMLProvider with the addition of the ability to pass a context and additional request options.

See UpdateSAMLProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateSSHPublicKey added in v0.6.6

func (c *IAM) UpdateSSHPublicKey(input *UpdateSSHPublicKeyInput) (*UpdateSSHPublicKeyOutput, error)

UpdateSSHPublicKey API operation for AWS Identity and Access Management.

Sets the status of an IAM user's SSH public key to active or inactive. SSH public keys that are inactive cannot be used for authentication. This operation can be used to disable a user's SSH public key as part of a key rotation work flow.

The SSH public key affected by this operation is used only for authenticating the associated IAM user to an AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS CodeCommit for SSH Connections (http://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the AWS CodeCommit User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateSSHPublicKey for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSSHPublicKey

func (*IAM) UpdateSSHPublicKeyRequest added in v0.6.6

func (c *IAM) UpdateSSHPublicKeyRequest(input *UpdateSSHPublicKeyInput) (req *request.Request, output *UpdateSSHPublicKeyOutput)

UpdateSSHPublicKeyRequest generates a "aws/request.Request" representing the client's request for the UpdateSSHPublicKey operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateSSHPublicKey for more information on using the UpdateSSHPublicKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateSSHPublicKeyRequest method.
req, resp := client.UpdateSSHPublicKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSSHPublicKey

func (*IAM) UpdateSSHPublicKeyWithContext added in v1.8.0

func (c *IAM) UpdateSSHPublicKeyWithContext(ctx aws.Context, input *UpdateSSHPublicKeyInput, opts ...request.Option) (*UpdateSSHPublicKeyOutput, error)

UpdateSSHPublicKeyWithContext is the same as UpdateSSHPublicKey with the addition of the ability to pass a context and additional request options.

See UpdateSSHPublicKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateServerCertificate

func (c *IAM) UpdateServerCertificate(input *UpdateServerCertificateInput) (*UpdateServerCertificateOutput, error)

UpdateServerCertificate API operation for AWS Identity and Access Management.

Updates the name and/or the path of the specified server certificate stored in IAM.

For more information about working with server certificates, see Working with Server Certificates (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic also includes a list of AWS services that can use the server certificates that you manage with IAM.

You should understand the implications of changing a server certificate's path or name. For more information, see Renaming a Server Certificate (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs_manage.html#RenamingServerCerts) in the IAM User Guide.

The person making the request (the principal), must have permission to change the server certificate with the old name and the new name. For example, to change the certificate named ProductionCert to ProdCert, the principal must have a policy that allows them to update both certificates. If the principal has permission to update the ProductionCert group, but not the ProdCert certificate, then the update fails. For more information about permissions, see Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateServerCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServerCertificate

func (*IAM) UpdateServerCertificateRequest

func (c *IAM) UpdateServerCertificateRequest(input *UpdateServerCertificateInput) (req *request.Request, output *UpdateServerCertificateOutput)

UpdateServerCertificateRequest generates a "aws/request.Request" representing the client's request for the UpdateServerCertificate operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateServerCertificate for more information on using the UpdateServerCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateServerCertificateRequest method.
req, resp := client.UpdateServerCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServerCertificate

func (*IAM) UpdateServerCertificateWithContext added in v1.8.0

func (c *IAM) UpdateServerCertificateWithContext(ctx aws.Context, input *UpdateServerCertificateInput, opts ...request.Option) (*UpdateServerCertificateOutput, error)

UpdateServerCertificateWithContext is the same as UpdateServerCertificate with the addition of the ability to pass a context and additional request options.

See UpdateServerCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateServiceSpecificCredential added in v1.6.8

func (c *IAM) UpdateServiceSpecificCredential(input *UpdateServiceSpecificCredentialInput) (*UpdateServiceSpecificCredentialOutput, error)

UpdateServiceSpecificCredential API operation for AWS Identity and Access Management.

Sets the status of a service-specific credential to Active or Inactive. Service-specific credentials that are inactive cannot be used for authentication to the service. This operation can be used to disable a user’s service-specific credential as part of a credential rotation work flow.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateServiceSpecificCredential for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServiceSpecificCredential

func (*IAM) UpdateServiceSpecificCredentialRequest added in v1.6.8

func (c *IAM) UpdateServiceSpecificCredentialRequest(input *UpdateServiceSpecificCredentialInput) (req *request.Request, output *UpdateServiceSpecificCredentialOutput)

UpdateServiceSpecificCredentialRequest generates a "aws/request.Request" representing the client's request for the UpdateServiceSpecificCredential operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateServiceSpecificCredential for more information on using the UpdateServiceSpecificCredential API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateServiceSpecificCredentialRequest method.
req, resp := client.UpdateServiceSpecificCredentialRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServiceSpecificCredential

func (*IAM) UpdateServiceSpecificCredentialWithContext added in v1.8.0

func (c *IAM) UpdateServiceSpecificCredentialWithContext(ctx aws.Context, input *UpdateServiceSpecificCredentialInput, opts ...request.Option) (*UpdateServiceSpecificCredentialOutput, error)

UpdateServiceSpecificCredentialWithContext is the same as UpdateServiceSpecificCredential with the addition of the ability to pass a context and additional request options.

See UpdateServiceSpecificCredential for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateSigningCertificate

func (c *IAM) UpdateSigningCertificate(input *UpdateSigningCertificateInput) (*UpdateSigningCertificateOutput, error)

UpdateSigningCertificate API operation for AWS Identity and Access Management.

Changes the status of the specified user signing certificate from active to disabled, or vice versa. This operation can be used to disable an IAM user's signing certificate as part of a certificate rotation work flow.

If the UserName field is not specified, the user name is determined implicitly based on the AWS access key ID used to sign the request. Because this operation works for access keys under the AWS account, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated users.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateSigningCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSigningCertificate

Example (Shared00)

To change the active status of a signing certificate for an IAM user

The following command changes the status of a signing certificate for a user named Bob to Inactive.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateSigningCertificateInput{
		CertificateId: aws.String("TA7SMP42TDN5Z26OBPJE7EXAMPLE"),
		Status:        aws.String("Inactive"),
		UserName:      aws.String("Bob"),
	}

	result, err := svc.UpdateSigningCertificate(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateSigningCertificateRequest

func (c *IAM) UpdateSigningCertificateRequest(input *UpdateSigningCertificateInput) (req *request.Request, output *UpdateSigningCertificateOutput)

UpdateSigningCertificateRequest generates a "aws/request.Request" representing the client's request for the UpdateSigningCertificate operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateSigningCertificate for more information on using the UpdateSigningCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateSigningCertificateRequest method.
req, resp := client.UpdateSigningCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSigningCertificate

func (*IAM) UpdateSigningCertificateWithContext added in v1.8.0

func (c *IAM) UpdateSigningCertificateWithContext(ctx aws.Context, input *UpdateSigningCertificateInput, opts ...request.Option) (*UpdateSigningCertificateOutput, error)

UpdateSigningCertificateWithContext is the same as UpdateSigningCertificate with the addition of the ability to pass a context and additional request options.

See UpdateSigningCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateUser

func (c *IAM) UpdateUser(input *UpdateUserInput) (*UpdateUserOutput, error)

UpdateUser API operation for AWS Identity and Access Management.

Updates the name and/or the path of the specified IAM user.

You should understand the implications of changing an IAM user's path or name. For more information, see Renaming an IAM User (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_manage.html#id_users_renaming) and Renaming an IAM Group (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_groups_manage_rename.html) in the IAM User Guide.

To change a user name, the requester must have appropriate permissions on both the source object and the target object. For example, to change Bob to Robert, the entity making the request must have permission on Bob and Robert, or must have permission on all (*). For more information about permissions, see Permissions and Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/PermissionsAndPolicies.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateUser for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable" The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateUser

Example (Shared00)

To change an IAM user's name

The following command changes the name of the IAM user Bob to Robert. It does not change the user's path.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateUserInput{
		NewUserName: aws.String("Robert"),
		UserName:    aws.String("Bob"),
	}

	result, err := svc.UpdateUser(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeEntityTemporarilyUnmodifiableException:
				fmt.Println(iam.ErrCodeEntityTemporarilyUnmodifiableException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateUserRequest

func (c *IAM) UpdateUserRequest(input *UpdateUserInput) (req *request.Request, output *UpdateUserOutput)

UpdateUserRequest generates a "aws/request.Request" representing the client's request for the UpdateUser operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateUser for more information on using the UpdateUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateUserRequest method.
req, resp := client.UpdateUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateUser

func (*IAM) UpdateUserWithContext added in v1.8.0

func (c *IAM) UpdateUserWithContext(ctx aws.Context, input *UpdateUserInput, opts ...request.Option) (*UpdateUserOutput, error)

UpdateUserWithContext is the same as UpdateUser with the addition of the ability to pass a context and additional request options.

See UpdateUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UploadSSHPublicKey added in v0.6.6

func (c *IAM) UploadSSHPublicKey(input *UploadSSHPublicKeyInput) (*UploadSSHPublicKeyOutput, error)

UploadSSHPublicKey API operation for AWS Identity and Access Management.

Uploads an SSH public key and associates it with the specified IAM user.

The SSH public key uploaded by this operation can be used only for authenticating the associated IAM user to an AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS CodeCommit for SSH Connections (http://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the AWS CodeCommit User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UploadSSHPublicKey for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidPublicKeyException "InvalidPublicKey" The request was rejected because the public key is malformed or otherwise invalid.

  • ErrCodeDuplicateSSHPublicKeyException "DuplicateSSHPublicKey" The request was rejected because the SSH public key is already associated with the specified IAM user.

  • ErrCodeUnrecognizedPublicKeyEncodingException "UnrecognizedPublicKeyEncoding" The request was rejected because the public key encoding format is unsupported or unrecognized.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSSHPublicKey

func (*IAM) UploadSSHPublicKeyRequest added in v0.6.6

func (c *IAM) UploadSSHPublicKeyRequest(input *UploadSSHPublicKeyInput) (req *request.Request, output *UploadSSHPublicKeyOutput)

UploadSSHPublicKeyRequest generates a "aws/request.Request" representing the client's request for the UploadSSHPublicKey operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UploadSSHPublicKey for more information on using the UploadSSHPublicKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UploadSSHPublicKeyRequest method.
req, resp := client.UploadSSHPublicKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSSHPublicKey

func (*IAM) UploadSSHPublicKeyWithContext added in v1.8.0

func (c *IAM) UploadSSHPublicKeyWithContext(ctx aws.Context, input *UploadSSHPublicKeyInput, opts ...request.Option) (*UploadSSHPublicKeyOutput, error)

UploadSSHPublicKeyWithContext is the same as UploadSSHPublicKey with the addition of the ability to pass a context and additional request options.

See UploadSSHPublicKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UploadServerCertificate

func (c *IAM) UploadServerCertificate(input *UploadServerCertificateInput) (*UploadServerCertificateOutput, error)

UploadServerCertificate API operation for AWS Identity and Access Management.

Uploads a server certificate entity for the AWS account. The server certificate entity includes a public key certificate, a private key, and an optional certificate chain, which should all be PEM-encoded.

We recommend that you use AWS Certificate Manager (https://aws.amazon.com/certificate-manager/) to provision, manage, and deploy your server certificates. With ACM you can request a certificate, deploy it to AWS resources, and let ACM handle certificate renewals for you. Certificates provided by ACM are free. For more information about using ACM, see the AWS Certificate Manager User Guide (http://docs.aws.amazon.com/acm/latest/userguide/).

For more information about working with server certificates, see Working with Server Certificates (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic includes a list of AWS services that can use the server certificates that you manage with IAM.

For information about the number of server certificates you can upload, see Limitations on IAM Entities and Objects (http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html) in the IAM User Guide.

Because the body of the public key certificate, private key, and the certificate chain can be large, you should use POST rather than GET when calling UploadServerCertificate. For information about setting up signatures and authorization through the API, go to Signing AWS API Requests (http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html) in the AWS General Reference. For general information about using the Query API with IAM, go to Calling the API by Making HTTP Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/programming.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UploadServerCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeMalformedCertificateException "MalformedCertificate" The request was rejected because the certificate was malformed or expired. The error message describes the specific error.

  • ErrCodeKeyPairMismatchException "KeyPairMismatch" The request was rejected because the public key certificate and the private key do not match.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadServerCertificate

Example (Shared00)

To upload a server certificate to your AWS account

The following upload-server-certificate command uploads a server certificate to your AWS account:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UploadServerCertificateInput{
		CertificateBody:       aws.String("-----BEGIN CERTIFICATE-----<a very long certificate text string>-----END CERTIFICATE-----"),
		Path:                  aws.String("/company/servercerts/"),
		PrivateKey:            aws.String("-----BEGIN DSA PRIVATE KEY-----<a very long private key string>-----END DSA PRIVATE KEY-----"),
		ServerCertificateName: aws.String("ProdServerCert"),
	}

	result, err := svc.UploadServerCertificate(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeMalformedCertificateException:
				fmt.Println(iam.ErrCodeMalformedCertificateException, aerr.Error())
			case iam.ErrCodeKeyPairMismatchException:
				fmt.Println(iam.ErrCodeKeyPairMismatchException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UploadServerCertificateRequest

func (c *IAM) UploadServerCertificateRequest(input *UploadServerCertificateInput) (req *request.Request, output *UploadServerCertificateOutput)

UploadServerCertificateRequest generates a "aws/request.Request" representing the client's request for the UploadServerCertificate operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UploadServerCertificate for more information on using the UploadServerCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UploadServerCertificateRequest method.
req, resp := client.UploadServerCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadServerCertificate

func (*IAM) UploadServerCertificateWithContext added in v1.8.0

func (c *IAM) UploadServerCertificateWithContext(ctx aws.Context, input *UploadServerCertificateInput, opts ...request.Option) (*UploadServerCertificateOutput, error)

UploadServerCertificateWithContext is the same as UploadServerCertificate with the addition of the ability to pass a context and additional request options.

See UploadServerCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UploadSigningCertificate

func (c *IAM) UploadSigningCertificate(input *UploadSigningCertificateInput) (*UploadSigningCertificateOutput, error)

UploadSigningCertificate API operation for AWS Identity and Access Management.

Uploads an X.509 signing certificate and associates it with the specified IAM user. Some AWS services use X.509 signing certificates to validate requests that are signed with a corresponding private key. When you upload the certificate, its default status is Active.

If the UserName field is not specified, the IAM user name is determined implicitly based on the AWS access key ID used to sign the request. Because this operation works for access keys under the AWS account, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated users.

Because the body of an X.509 certificate can be large, you should use POST rather than GET when calling UploadSigningCertificate. For information about setting up signatures and authorization through the API, go to Signing AWS API Requests (http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html) in the AWS General Reference. For general information about using the Query API with IAM, go to Making Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UploadSigningCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeMalformedCertificateException "MalformedCertificate" The request was rejected because the certificate was malformed or expired. The error message describes the specific error.

  • ErrCodeInvalidCertificateException "InvalidCertificate" The request was rejected because the certificate is invalid.

  • ErrCodeDuplicateCertificateException "DuplicateCertificate" The request was rejected because the same certificate is associated with an IAM user in the account.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSigningCertificate

Example (Shared00)

To upload a signing certificate for an IAM user

The following command uploads a signing certificate for the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UploadSigningCertificateInput{
		CertificateBody: aws.String("-----BEGIN CERTIFICATE-----<certificate-body>-----END CERTIFICATE-----"),
		UserName:        aws.String("Bob"),
	}

	result, err := svc.UploadSigningCertificate(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeMalformedCertificateException:
				fmt.Println(iam.ErrCodeMalformedCertificateException, aerr.Error())
			case iam.ErrCodeInvalidCertificateException:
				fmt.Println(iam.ErrCodeInvalidCertificateException, aerr.Error())
			case iam.ErrCodeDuplicateCertificateException:
				fmt.Println(iam.ErrCodeDuplicateCertificateException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UploadSigningCertificateRequest

func (c *IAM) UploadSigningCertificateRequest(input *UploadSigningCertificateInput) (req *request.Request, output *UploadSigningCertificateOutput)

UploadSigningCertificateRequest generates a "aws/request.Request" representing the client's request for the UploadSigningCertificate operation. The "output" return value will be populated with the request's response once the request complets successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UploadSigningCertificate for more information on using the UploadSigningCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UploadSigningCertificateRequest method.
req, resp := client.UploadSigningCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSigningCertificate

func (*IAM) UploadSigningCertificateWithContext added in v1.8.0

func (c *IAM) UploadSigningCertificateWithContext(ctx aws.Context, input *UploadSigningCertificateInput, opts ...request.Option) (*UploadSigningCertificateOutput, error)

UploadSigningCertificateWithContext is the same as UploadSigningCertificate with the addition of the ability to pass a context and additional request options.

See UploadSigningCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) WaitUntilInstanceProfileExists added in v0.10.3

func (c *IAM) WaitUntilInstanceProfileExists(input *GetInstanceProfileInput) error

WaitUntilInstanceProfileExists uses the IAM API operation GetInstanceProfile to wait for a condition to be met before returning. If the condition is not met within the max attempt window, an error will be returned.

func (*IAM) WaitUntilInstanceProfileExistsWithContext added in v1.8.0

func (c *IAM) WaitUntilInstanceProfileExistsWithContext(ctx aws.Context, input *GetInstanceProfileInput, opts ...request.WaiterOption) error

WaitUntilInstanceProfileExistsWithContext is an extended version of WaitUntilInstanceProfileExists. With the support for passing in a context and options to configure the Waiter and the underlying request options.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) WaitUntilUserExists added in v0.10.3

func (c *IAM) WaitUntilUserExists(input *GetUserInput) error

WaitUntilUserExists uses the IAM API operation GetUser to wait for a condition to be met before returning. If the condition is not met within the max attempt window, an error will be returned.

func (*IAM) WaitUntilUserExistsWithContext added in v1.8.0

func (c *IAM) WaitUntilUserExistsWithContext(ctx aws.Context, input *GetUserInput, opts ...request.WaiterOption) error

WaitUntilUserExistsWithContext is an extended version of WaitUntilUserExists. With the support for passing in a context and options to configure the Waiter and the underlying request options.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

type InstanceProfile

type InstanceProfile struct {

	// The Amazon Resource Name (ARN) specifying the instance profile. For more
	// information about ARNs and how to use them in policies, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The date when the instance profile was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The stable and unique string identifying the instance profile. For more information
	// about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// InstanceProfileId is a required field
	InstanceProfileId *string `min:"16" type:"string" required:"true"`

	// The name identifying the instance profile.
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`

	// The path to the instance profile. For more information about paths, see IAM
	// Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`

	// The role associated with the instance profile.
	//
	// Roles is a required field
	Roles []*Role `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an instance profile.

This data type is used as a response element in the following operations:

  • CreateInstanceProfile

  • GetInstanceProfile

  • ListInstanceProfiles

  • ListInstanceProfilesForRole

func (InstanceProfile) GoString added in v0.6.5

func (s InstanceProfile) GoString() string

GoString returns the string representation

func (*InstanceProfile) SetArn added in v1.5.0

func (s *InstanceProfile) SetArn(v string) *InstanceProfile

SetArn sets the Arn field's value.

func (*InstanceProfile) SetCreateDate added in v1.5.0

func (s *InstanceProfile) SetCreateDate(v time.Time) *InstanceProfile

SetCreateDate sets the CreateDate field's value.

func (*InstanceProfile) SetInstanceProfileId added in v1.5.0

func (s *InstanceProfile) SetInstanceProfileId(v string) *InstanceProfile

SetInstanceProfileId sets the InstanceProfileId field's value.

func (*InstanceProfile) SetInstanceProfileName added in v1.5.0

func (s *InstanceProfile) SetInstanceProfileName(v string) *InstanceProfile

SetInstanceProfileName sets the InstanceProfileName field's value.

func (*InstanceProfile) SetPath added in v1.5.0

func (s *InstanceProfile) SetPath(v string) *InstanceProfile

SetPath sets the Path field's value.

func (*InstanceProfile) SetRoles added in v1.5.0

func (s *InstanceProfile) SetRoles(v []*Role) *InstanceProfile

SetRoles sets the Roles field's value.

func (InstanceProfile) String added in v0.6.5

func (s InstanceProfile) String() string

String returns the string representation

type ListAccessKeysInput

type ListAccessKeysInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the user.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListAccessKeysInput) GoString added in v0.6.5

func (s ListAccessKeysInput) GoString() string

GoString returns the string representation

func (*ListAccessKeysInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListAccessKeysInput) SetMaxItems added in v1.5.0

func (s *ListAccessKeysInput) SetMaxItems(v int64) *ListAccessKeysInput

SetMaxItems sets the MaxItems field's value.

func (*ListAccessKeysInput) SetUserName added in v1.5.0

func (s *ListAccessKeysInput) SetUserName(v string) *ListAccessKeysInput

SetUserName sets the UserName field's value.

func (ListAccessKeysInput) String added in v0.6.5

func (s ListAccessKeysInput) String() string

String returns the string representation

func (*ListAccessKeysInput) Validate added in v1.1.21

func (s *ListAccessKeysInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAccessKeysOutput

type ListAccessKeysOutput struct {

	// A list of objects containing metadata about the access keys.
	//
	// AccessKeyMetadata is a required field
	AccessKeyMetadata []*AccessKeyMetadata `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAccessKeys request.

func (ListAccessKeysOutput) GoString added in v0.6.5

func (s ListAccessKeysOutput) GoString() string

GoString returns the string representation

func (*ListAccessKeysOutput) SetAccessKeyMetadata added in v1.5.0

func (s *ListAccessKeysOutput) SetAccessKeyMetadata(v []*AccessKeyMetadata) *ListAccessKeysOutput

SetAccessKeyMetadata sets the AccessKeyMetadata field's value.

func (*ListAccessKeysOutput) SetIsTruncated added in v1.5.0

func (s *ListAccessKeysOutput) SetIsTruncated(v bool) *ListAccessKeysOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListAccessKeysOutput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (ListAccessKeysOutput) String added in v0.6.5

func (s ListAccessKeysOutput) String() string

String returns the string representation

type ListAccountAliasesInput

type ListAccountAliasesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (ListAccountAliasesInput) GoString added in v0.6.5

func (s ListAccountAliasesInput) GoString() string

GoString returns the string representation

func (*ListAccountAliasesInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListAccountAliasesInput) SetMaxItems added in v1.5.0

SetMaxItems sets the MaxItems field's value.

func (ListAccountAliasesInput) String added in v0.6.5

func (s ListAccountAliasesInput) String() string

String returns the string representation

func (*ListAccountAliasesInput) Validate added in v1.1.21

func (s *ListAccountAliasesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAccountAliasesOutput

type ListAccountAliasesOutput struct {

	// A list of aliases associated with the account. AWS supports only one alias
	// per account.
	//
	// AccountAliases is a required field
	AccountAliases []*string `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAccountAliases request.

func (ListAccountAliasesOutput) GoString added in v0.6.5

func (s ListAccountAliasesOutput) GoString() string

GoString returns the string representation

func (*ListAccountAliasesOutput) SetAccountAliases added in v1.5.0

func (s *ListAccountAliasesOutput) SetAccountAliases(v []*string) *ListAccountAliasesOutput

SetAccountAliases sets the AccountAliases field's value.

func (*ListAccountAliasesOutput) SetIsTruncated added in v1.5.0

SetIsTruncated sets the IsTruncated field's value.

func (*ListAccountAliasesOutput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (ListAccountAliasesOutput) String added in v0.6.5

func (s ListAccountAliasesOutput) String() string

String returns the string representation

type ListAttachedGroupPoliciesInput

type ListAttachedGroupPoliciesInput struct {

	// The name (friendly name, not ARN) of the group to list attached policies
	// for.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all policies.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `type:"string"`
	// contains filtered or unexported fields
}

func (ListAttachedGroupPoliciesInput) GoString added in v0.6.5

GoString returns the string representation

func (*ListAttachedGroupPoliciesInput) SetGroupName added in v1.5.0

SetGroupName sets the GroupName field's value.

func (*ListAttachedGroupPoliciesInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListAttachedGroupPoliciesInput) SetMaxItems added in v1.5.0

SetMaxItems sets the MaxItems field's value.

func (*ListAttachedGroupPoliciesInput) SetPathPrefix added in v1.5.0

SetPathPrefix sets the PathPrefix field's value.

func (ListAttachedGroupPoliciesInput) String added in v0.6.5

String returns the string representation

func (*ListAttachedGroupPoliciesInput) Validate added in v1.1.21

func (s *ListAttachedGroupPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAttachedGroupPoliciesOutput

type ListAttachedGroupPoliciesOutput struct {

	// A list of the attached policies.
	AttachedPolicies []*AttachedPolicy `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAttachedGroupPolicies request.

func (ListAttachedGroupPoliciesOutput) GoString added in v0.6.5

GoString returns the string representation

func (*ListAttachedGroupPoliciesOutput) SetAttachedPolicies added in v1.5.0

SetAttachedPolicies sets the AttachedPolicies field's value.

func (*ListAttachedGroupPoliciesOutput) SetIsTruncated added in v1.5.0

SetIsTruncated sets the IsTruncated field's value.

func (*ListAttachedGroupPoliciesOutput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (ListAttachedGroupPoliciesOutput) String added in v0.6.5

String returns the string representation

type ListAttachedRolePoliciesInput

type ListAttachedRolePoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all policies.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `type:"string"`

	// The name (friendly name, not ARN) of the role to list attached policies for.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListAttachedRolePoliciesInput) GoString added in v0.6.5

GoString returns the string representation

func (*ListAttachedRolePoliciesInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListAttachedRolePoliciesInput) SetMaxItems added in v1.5.0

SetMaxItems sets the MaxItems field's value.

func (*ListAttachedRolePoliciesInput) SetPathPrefix added in v1.5.0

SetPathPrefix sets the PathPrefix field's value.

func (*ListAttachedRolePoliciesInput) SetRoleName added in v1.5.0

SetRoleName sets the RoleName field's value.

func (ListAttachedRolePoliciesInput) String added in v0.6.5

String returns the string representation

func (*ListAttachedRolePoliciesInput) Validate added in v1.1.21

func (s *ListAttachedRolePoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAttachedRolePoliciesOutput

type ListAttachedRolePoliciesOutput struct {

	// A list of the attached policies.
	AttachedPolicies []*AttachedPolicy `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAttachedRolePolicies request.

func (ListAttachedRolePoliciesOutput) GoString added in v0.6.5

GoString returns the string representation

func (*ListAttachedRolePoliciesOutput) SetAttachedPolicies added in v1.5.0

SetAttachedPolicies sets the AttachedPolicies field's value.

func (*ListAttachedRolePoliciesOutput) SetIsTruncated added in v1.5.0

SetIsTruncated sets the IsTruncated field's value.

func (*ListAttachedRolePoliciesOutput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (ListAttachedRolePoliciesOutput) String added in v0.6.5

String returns the string representation

type ListAttachedUserPoliciesInput

type ListAttachedUserPoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all policies.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `type:"string"`

	// The name (friendly name, not ARN) of the user to list attached policies for.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListAttachedUserPoliciesInput) GoString added in v0.6.5

GoString returns the string representation

func (*ListAttachedUserPoliciesInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListAttachedUserPoliciesInput) SetMaxItems added in v1.5.0

SetMaxItems sets the MaxItems field's value.

func (*ListAttachedUserPoliciesInput) SetPathPrefix added in v1.5.0

SetPathPrefix sets the PathPrefix field's value.

func (*ListAttachedUserPoliciesInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (ListAttachedUserPoliciesInput) String added in v0.6.5

String returns the string representation

func (*ListAttachedUserPoliciesInput) Validate added in v1.1.21

func (s *ListAttachedUserPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAttachedUserPoliciesOutput

type ListAttachedUserPoliciesOutput struct {

	// A list of the attached policies.
	AttachedPolicies []*AttachedPolicy `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAttachedUserPolicies request.

func (ListAttachedUserPoliciesOutput) GoString added in v0.6.5

GoString returns the string representation

func (*ListAttachedUserPoliciesOutput) SetAttachedPolicies added in v1.5.0

SetAttachedPolicies sets the AttachedPolicies field's value.

func (*ListAttachedUserPoliciesOutput) SetIsTruncated added in v1.5.0

SetIsTruncated sets the IsTruncated field's value.

func (*ListAttachedUserPoliciesOutput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (ListAttachedUserPoliciesOutput) String added in v0.6.5

String returns the string representation

type ListEntitiesForPolicyInput

type ListEntitiesForPolicyInput struct {

	// The entity type to use for filtering the results.
	//
	// For example, when EntityFilter is Role, only the roles that are attached
	// to the specified policy are returned. This parameter is optional. If it is
	// not included, all attached entities (users, groups, and roles) are returned.
	// The argument for this parameter must be one of the valid values listed below.
	EntityFilter *string `type:"string" enum:"EntityType"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all entities.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `min:"1" type:"string"`

	// The Amazon Resource Name (ARN) of the IAM policy for which you want the versions.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListEntitiesForPolicyInput) GoString added in v0.6.5

func (s ListEntitiesForPolicyInput) GoString() string

GoString returns the string representation

func (*ListEntitiesForPolicyInput) SetEntityFilter added in v1.5.0

SetEntityFilter sets the EntityFilter field's value.

func (*ListEntitiesForPolicyInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListEntitiesForPolicyInput) SetMaxItems added in v1.5.0

SetMaxItems sets the MaxItems field's value.

func (*ListEntitiesForPolicyInput) SetPathPrefix added in v1.5.0

SetPathPrefix sets the PathPrefix field's value.

func (*ListEntitiesForPolicyInput) SetPolicyArn added in v1.5.0

SetPolicyArn sets the PolicyArn field's value.

func (ListEntitiesForPolicyInput) String added in v0.6.5

String returns the string representation

func (*ListEntitiesForPolicyInput) Validate added in v1.1.21

func (s *ListEntitiesForPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListEntitiesForPolicyOutput

type ListEntitiesForPolicyOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of IAM groups that the policy is attached to.
	PolicyGroups []*PolicyGroup `type:"list"`

	// A list of IAM roles that the policy is attached to.
	PolicyRoles []*PolicyRole `type:"list"`

	// A list of IAM users that the policy is attached to.
	PolicyUsers []*PolicyUser `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListEntitiesForPolicy request.

func (ListEntitiesForPolicyOutput) GoString added in v0.6.5

func (s ListEntitiesForPolicyOutput) GoString() string

GoString returns the string representation

func (*ListEntitiesForPolicyOutput) SetIsTruncated added in v1.5.0

SetIsTruncated sets the IsTruncated field's value.

func (*ListEntitiesForPolicyOutput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListEntitiesForPolicyOutput) SetPolicyGroups added in v1.5.0

SetPolicyGroups sets the PolicyGroups field's value.

func (*ListEntitiesForPolicyOutput) SetPolicyRoles added in v1.5.0

SetPolicyRoles sets the PolicyRoles field's value.

func (*ListEntitiesForPolicyOutput) SetPolicyUsers added in v1.5.0

SetPolicyUsers sets the PolicyUsers field's value.

func (ListEntitiesForPolicyOutput) String added in v0.6.5

String returns the string representation

type ListGroupPoliciesInput

type ListGroupPoliciesInput struct {

	// The name of the group to list policies for.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (ListGroupPoliciesInput) GoString added in v0.6.5

func (s ListGroupPoliciesInput) GoString() string

GoString returns the string representation

func (*ListGroupPoliciesInput) SetGroupName added in v1.5.0

SetGroupName sets the GroupName field's value.

func (*ListGroupPoliciesInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListGroupPoliciesInput) SetMaxItems added in v1.5.0

SetMaxItems sets the MaxItems field's value.

func (ListGroupPoliciesInput) String added in v0.6.5

func (s ListGroupPoliciesInput) String() string

String returns the string representation

func (*ListGroupPoliciesInput) Validate added in v1.1.21

func (s *ListGroupPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListGroupPoliciesOutput

type ListGroupPoliciesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of policy names.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyNames is a required field
	PolicyNames []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListGroupPolicies request.

func (ListGroupPoliciesOutput) GoString added in v0.6.5

func (s ListGroupPoliciesOutput) GoString() string

GoString returns the string representation

func (*ListGroupPoliciesOutput) SetIsTruncated added in v1.5.0

SetIsTruncated sets the IsTruncated field's value.

func (*ListGroupPoliciesOutput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListGroupPoliciesOutput) SetPolicyNames added in v1.5.0

func (s *ListGroupPoliciesOutput) SetPolicyNames(v []*string) *ListGroupPoliciesOutput

SetPolicyNames sets the PolicyNames field's value.

func (ListGroupPoliciesOutput) String added in v0.6.5

func (s ListGroupPoliciesOutput) String() string

String returns the string representation

type ListGroupsForUserInput

type ListGroupsForUserInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the user to list groups for.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListGroupsForUserInput) GoString added in v0.6.5

func (s ListGroupsForUserInput) GoString() string

GoString returns the string representation

func (*ListGroupsForUserInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListGroupsForUserInput) SetMaxItems added in v1.5.0

SetMaxItems sets the MaxItems field's value.

func (*ListGroupsForUserInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (ListGroupsForUserInput) String added in v0.6.5

func (s ListGroupsForUserInput) String() string

String returns the string representation

func (*ListGroupsForUserInput) Validate added in v1.1.21

func (s *ListGroupsForUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListGroupsForUserOutput

type ListGroupsForUserOutput struct {

	// A list of groups.
	//
	// Groups is a required field
	Groups []*Group `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListGroupsForUser request.

func (ListGroupsForUserOutput) GoString added in v0.6.5

func (s ListGroupsForUserOutput) GoString() string

GoString returns the string representation

func (*ListGroupsForUserOutput) SetGroups added in v1.5.0

SetGroups sets the Groups field's value.

func (*ListGroupsForUserOutput) SetIsTruncated added in v1.5.0

SetIsTruncated sets the IsTruncated field's value.

func (*ListGroupsForUserOutput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (ListGroupsForUserOutput) String added in v0.6.5

func (s ListGroupsForUserOutput) String() string

String returns the string representation

type ListGroupsInput

type ListGroupsInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example, the prefix /division_abc/subdivision_xyz/
	// gets all groups whose path starts with /division_abc/subdivision_xyz/.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all groups. This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListGroupsInput) GoString added in v0.6.5

func (s ListGroupsInput) GoString() string

GoString returns the string representation

func (*ListGroupsInput) SetMarker added in v1.5.0

func (s *ListGroupsInput) SetMarker(v string) *ListGroupsInput

SetMarker sets the Marker field's value.

func (*ListGroupsInput) SetMaxItems added in v1.5.0

func (s *ListGroupsInput) SetMaxItems(v int64) *ListGroupsInput

SetMaxItems sets the MaxItems field's value.

func (*ListGroupsInput) SetPathPrefix added in v1.5.0

func (s *ListGroupsInput) SetPathPrefix(v string) *ListGroupsInput

SetPathPrefix sets the PathPrefix field's value.

func (ListGroupsInput) String added in v0.6.5

func (s ListGroupsInput) String() string

String returns the string representation

func (*ListGroupsInput) Validate added in v1.1.21

func (s *ListGroupsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListGroupsOutput

type ListGroupsOutput struct {

	// A list of groups.
	//
	// Groups is a required field
	Groups []*Group `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListGroups request.

func (ListGroupsOutput) GoString added in v0.6.5

func (s ListGroupsOutput) GoString() string

GoString returns the string representation

func (*ListGroupsOutput) SetGroups added in v1.5.0

func (s *ListGroupsOutput) SetGroups(v []*Group) *ListGroupsOutput

SetGroups sets the Groups field's value.

func (*ListGroupsOutput) SetIsTruncated added in v1.5.0

func (s *ListGroupsOutput) SetIsTruncated(v bool) *ListGroupsOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListGroupsOutput) SetMarker added in v1.5.0

func (s *ListGroupsOutput) SetMarker(v string) *ListGroupsOutput

SetMarker sets the Marker field's value.

func (ListGroupsOutput) String added in v0.6.5

func (s ListGroupsOutput) String() string

String returns the string representation

type ListInstanceProfilesForRoleInput

type ListInstanceProfilesForRoleInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the role to list instance profiles for.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListInstanceProfilesForRoleInput) GoString added in v0.6.5

GoString returns the string representation

func (*ListInstanceProfilesForRoleInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListInstanceProfilesForRoleInput) SetMaxItems added in v1.5.0

SetMaxItems sets the MaxItems field's value.

func (*ListInstanceProfilesForRoleInput) SetRoleName added in v1.5.0

SetRoleName sets the RoleName field's value.

func (ListInstanceProfilesForRoleInput) String added in v0.6.5

String returns the string representation

func (*ListInstanceProfilesForRoleInput) Validate added in v1.1.21

Validate inspects the fields of the type to determine if they are valid.

type ListInstanceProfilesForRoleOutput

type ListInstanceProfilesForRoleOutput struct {

	// A list of instance profiles.
	//
	// InstanceProfiles is a required field
	InstanceProfiles []*InstanceProfile `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListInstanceProfilesForRole request.

func (ListInstanceProfilesForRoleOutput) GoString added in v0.6.5

GoString returns the string representation

func (*ListInstanceProfilesForRoleOutput) SetInstanceProfiles added in v1.5.0

SetInstanceProfiles sets the InstanceProfiles field's value.

func (*ListInstanceProfilesForRoleOutput) SetIsTruncated added in v1.5.0

SetIsTruncated sets the IsTruncated field's value.

func (*ListInstanceProfilesForRoleOutput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (ListInstanceProfilesForRoleOutput) String added in v0.6.5

String returns the string representation

type ListInstanceProfilesInput

type ListInstanceProfilesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example, the prefix /application_abc/component_xyz/
	// gets all instance profiles whose path starts with /application_abc/component_xyz/.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all instance profiles. This parameter allows (per its regex
	// pattern (http://wikipedia.org/wiki/regex)) a string of characters consisting
	// of either a forward slash (/) by itself or a string that must begin and end
	// with forward slashes. In addition, it can contain any ASCII character from
	// the ! (\u0021) through the DEL character (\u007F), including most punctuation
	// characters, digits, and upper and lowercased letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListInstanceProfilesInput) GoString added in v0.6.5

func (s ListInstanceProfilesInput) GoString() string

GoString returns the string representation

func (*ListInstanceProfilesInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListInstanceProfilesInput) SetMaxItems added in v1.5.0

SetMaxItems sets the MaxItems field's value.

func (*ListInstanceProfilesInput) SetPathPrefix added in v1.5.0

SetPathPrefix sets the PathPrefix field's value.

func (ListInstanceProfilesInput) String added in v0.6.5

func (s ListInstanceProfilesInput) String() string

String returns the string representation

func (*ListInstanceProfilesInput) Validate added in v1.1.21

func (s *ListInstanceProfilesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListInstanceProfilesOutput

type ListInstanceProfilesOutput struct {

	// A list of instance profiles.
	//
	// InstanceProfiles is a required field
	InstanceProfiles []*InstanceProfile `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListInstanceProfiles request.

func (ListInstanceProfilesOutput) GoString added in v0.6.5

func (s ListInstanceProfilesOutput) GoString() string

GoString returns the string representation

func (*ListInstanceProfilesOutput) SetInstanceProfiles added in v1.5.0

SetInstanceProfiles sets the InstanceProfiles field's value.

func (*ListInstanceProfilesOutput) SetIsTruncated added in v1.5.0

SetIsTruncated sets the IsTruncated field's value.

func (*ListInstanceProfilesOutput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (ListInstanceProfilesOutput) String added in v0.6.5

String returns the string representation

type ListMFADevicesInput

type ListMFADevicesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the user whose MFA devices you want to list.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListMFADevicesInput) GoString added in v0.6.5

func (s ListMFADevicesInput) GoString() string

GoString returns the string representation

func (*ListMFADevicesInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListMFADevicesInput) SetMaxItems added in v1.5.0

func (s *ListMFADevicesInput) SetMaxItems(v int64) *ListMFADevicesInput

SetMaxItems sets the MaxItems field's value.

func (*ListMFADevicesInput) SetUserName added in v1.5.0

func (s *ListMFADevicesInput) SetUserName(v string) *ListMFADevicesInput

SetUserName sets the UserName field's value.

func (ListMFADevicesInput) String added in v0.6.5

func (s ListMFADevicesInput) String() string

String returns the string representation

func (*ListMFADevicesInput) Validate added in v1.1.21

func (s *ListMFADevicesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListMFADevicesOutput

type ListMFADevicesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// A list of MFA devices.
	//
	// MFADevices is a required field
	MFADevices []*MFADevice `type:"list" required:"true"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListMFADevices request.

func (ListMFADevicesOutput) GoString added in v0.6.5

func (s ListMFADevicesOutput) GoString() string

GoString returns the string representation

func (*ListMFADevicesOutput) SetIsTruncated added in v1.5.0

func (s *ListMFADevicesOutput) SetIsTruncated(v bool) *ListMFADevicesOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListMFADevicesOutput) SetMFADevices added in v1.5.0

func (s *ListMFADevicesOutput) SetMFADevices(v []*MFADevice) *ListMFADevicesOutput

SetMFADevices sets the MFADevices field's value.

func (*ListMFADevicesOutput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (ListMFADevicesOutput) String added in v0.6.5

func (s ListMFADevicesOutput) String() string

String returns the string representation

type ListOpenIDConnectProvidersInput

type ListOpenIDConnectProvidersInput struct {
	// contains filtered or unexported fields
}

func (ListOpenIDConnectProvidersInput) GoString added in v0.6.5

GoString returns the string representation

func (ListOpenIDConnectProvidersInput) String added in v0.6.5

String returns the string representation

type ListOpenIDConnectProvidersOutput

type ListOpenIDConnectProvidersOutput struct {

	// The list of IAM OIDC provider resource objects defined in the AWS account.
	OpenIDConnectProviderList []*OpenIDConnectProviderListEntry `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListOpenIDConnectProviders request.

func (ListOpenIDConnectProvidersOutput) GoString added in v0.6.5

GoString returns the string representation

func (*ListOpenIDConnectProvidersOutput) SetOpenIDConnectProviderList added in v1.5.0

SetOpenIDConnectProviderList sets the OpenIDConnectProviderList field's value.

func (ListOpenIDConnectProvidersOutput) String added in v0.6.5

String returns the string representation

type ListPoliciesInput

type ListPoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// A flag to filter the results to only the attached policies.
	//
	// When OnlyAttached is true, the returned list contains only the policies that
	// are attached to an IAM user, group, or role. When OnlyAttached is false,
	// or when the parameter is not included, all policies are returned.
	OnlyAttached *bool `type:"boolean"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all policies. This
	// parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `type:"string"`

	// The scope to use for filtering the results.
	//
	// To list only AWS managed policies, set Scope to AWS. To list only the customer
	// managed policies in your AWS account, set Scope to Local.
	//
	// This parameter is optional. If it is not included, or if it is set to All,
	// all policies are returned.
	Scope *string `type:"string" enum:"policyScopeType"`
	// contains filtered or unexported fields
}

func (ListPoliciesInput) GoString added in v0.6.5

func (s ListPoliciesInput) GoString() string

GoString returns the string representation

func (*ListPoliciesInput) SetMarker added in v1.5.0

func (s *ListPoliciesInput) SetMarker(v string) *ListPoliciesInput

SetMarker sets the Marker field's value.

func (*ListPoliciesInput) SetMaxItems added in v1.5.0

func (s *ListPoliciesInput) SetMaxItems(v int64) *ListPoliciesInput

SetMaxItems sets the MaxItems field's value.

func (*ListPoliciesInput) SetOnlyAttached added in v1.5.0

func (s *ListPoliciesInput) SetOnlyAttached(v bool) *ListPoliciesInput

SetOnlyAttached sets the OnlyAttached field's value.

func (*ListPoliciesInput) SetPathPrefix added in v1.5.0

func (s *ListPoliciesInput) SetPathPrefix(v string) *ListPoliciesInput

SetPathPrefix sets the PathPrefix field's value.

func (*ListPoliciesInput) SetScope added in v1.5.0

func (s *ListPoliciesInput) SetScope(v string) *ListPoliciesInput

SetScope sets the Scope field's value.

func (ListPoliciesInput) String added in v0.6.5

func (s ListPoliciesInput) String() string

String returns the string representation

func (*ListPoliciesInput) Validate added in v1.1.21

func (s *ListPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListPoliciesOutput

type ListPoliciesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of policies.
	Policies []*Policy `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListPolicies request.

func (ListPoliciesOutput) GoString added in v0.6.5

func (s ListPoliciesOutput) GoString() string

GoString returns the string representation

func (*ListPoliciesOutput) SetIsTruncated added in v1.5.0

func (s *ListPoliciesOutput) SetIsTruncated(v bool) *ListPoliciesOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListPoliciesOutput) SetMarker added in v1.5.0

func (s *ListPoliciesOutput) SetMarker(v string) *ListPoliciesOutput

SetMarker sets the Marker field's value.

func (*ListPoliciesOutput) SetPolicies added in v1.5.0

func (s *ListPoliciesOutput) SetPolicies(v []*Policy) *ListPoliciesOutput

SetPolicies sets the Policies field's value.

func (ListPoliciesOutput) String added in v0.6.5

func (s ListPoliciesOutput) String() string

String returns the string representation

type ListPolicyVersionsInput

type ListPolicyVersionsInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The Amazon Resource Name (ARN) of the IAM policy for which you want the versions.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListPolicyVersionsInput) GoString added in v0.6.5

func (s ListPolicyVersionsInput) GoString() string

GoString returns the string representation

func (*ListPolicyVersionsInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListPolicyVersionsInput) SetMaxItems added in v1.5.0

SetMaxItems sets the MaxItems field's value.

func (*ListPolicyVersionsInput) SetPolicyArn added in v1.5.0

SetPolicyArn sets the PolicyArn field's value.

func (ListPolicyVersionsInput) String added in v0.6.5

func (s ListPolicyVersionsInput) String() string

String returns the string representation

func (*ListPolicyVersionsInput) Validate added in v1.1.21

func (s *ListPolicyVersionsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListPolicyVersionsOutput

type ListPolicyVersionsOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of policy versions.
	//
	// For more information about managed policy versions, see Versioning for Managed
	// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the IAM User Guide.
	Versions []*PolicyVersion `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListPolicyVersions request.

func (ListPolicyVersionsOutput) GoString added in v0.6.5

func (s ListPolicyVersionsOutput) GoString() string

GoString returns the string representation

func (*ListPolicyVersionsOutput) SetIsTruncated added in v1.5.0

SetIsTruncated sets the IsTruncated field's value.

func (*ListPolicyVersionsOutput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListPolicyVersionsOutput) SetVersions added in v1.5.0

SetVersions sets the Versions field's value.

func (ListPolicyVersionsOutput) String added in v0.6.5

func (s ListPolicyVersionsOutput) String() string

String returns the string representation

type ListRolePoliciesInput

type ListRolePoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the role to list policies for.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListRolePoliciesInput) GoString added in v0.6.5

func (s ListRolePoliciesInput) GoString() string

GoString returns the string representation

func (*ListRolePoliciesInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListRolePoliciesInput) SetMaxItems added in v1.5.0

SetMaxItems sets the MaxItems field's value.

func (*ListRolePoliciesInput) SetRoleName added in v1.5.0

SetRoleName sets the RoleName field's value.

func (ListRolePoliciesInput) String added in v0.6.5

func (s ListRolePoliciesInput) String() string

String returns the string representation

func (*ListRolePoliciesInput) Validate added in v1.1.21

func (s *ListRolePoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListRolePoliciesOutput

type ListRolePoliciesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of policy names.
	//
	// PolicyNames is a required field
	PolicyNames []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListRolePolicies request.

func (ListRolePoliciesOutput) GoString added in v0.6.5

func (s ListRolePoliciesOutput) GoString() string

GoString returns the string representation

func (*ListRolePoliciesOutput) SetIsTruncated added in v1.5.0

func (s *ListRolePoliciesOutput) SetIsTruncated(v bool) *ListRolePoliciesOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListRolePoliciesOutput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListRolePoliciesOutput) SetPolicyNames added in v1.5.0

func (s *ListRolePoliciesOutput) SetPolicyNames(v []*string) *ListRolePoliciesOutput

SetPolicyNames sets the PolicyNames field's value.

func (ListRolePoliciesOutput) String added in v0.6.5

func (s ListRolePoliciesOutput) String() string

String returns the string representation

type ListRolesInput

type ListRolesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example, the prefix /application_abc/component_xyz/
	// gets all roles whose path starts with /application_abc/component_xyz/.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all roles. This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListRolesInput) GoString added in v0.6.5

func (s ListRolesInput) GoString() string

GoString returns the string representation

func (*ListRolesInput) SetMarker added in v1.5.0

func (s *ListRolesInput) SetMarker(v string) *ListRolesInput

SetMarker sets the Marker field's value.

func (*ListRolesInput) SetMaxItems added in v1.5.0

func (s *ListRolesInput) SetMaxItems(v int64) *ListRolesInput

SetMaxItems sets the MaxItems field's value.

func (*ListRolesInput) SetPathPrefix added in v1.5.0

func (s *ListRolesInput) SetPathPrefix(v string) *ListRolesInput

SetPathPrefix sets the PathPrefix field's value.

func (ListRolesInput) String added in v0.6.5

func (s ListRolesInput) String() string

String returns the string representation

func (*ListRolesInput) Validate added in v1.1.21

func (s *ListRolesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListRolesOutput

type ListRolesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of roles.
	//
	// Roles is a required field
	Roles []*Role `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListRoles request.

func (ListRolesOutput) GoString added in v0.6.5

func (s ListRolesOutput) GoString() string

GoString returns the string representation

func (*ListRolesOutput) SetIsTruncated added in v1.5.0

func (s *ListRolesOutput) SetIsTruncated(v bool) *ListRolesOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListRolesOutput) SetMarker added in v1.5.0

func (s *ListRolesOutput) SetMarker(v string) *ListRolesOutput

SetMarker sets the Marker field's value.

func (*ListRolesOutput) SetRoles added in v1.5.0

func (s *ListRolesOutput) SetRoles(v []*Role) *ListRolesOutput

SetRoles sets the Roles field's value.

func (ListRolesOutput) String added in v0.6.5

func (s ListRolesOutput) String() string

String returns the string representation

type ListSAMLProvidersInput

type ListSAMLProvidersInput struct {
	// contains filtered or unexported fields
}

func (ListSAMLProvidersInput) GoString added in v0.6.5

func (s ListSAMLProvidersInput) GoString() string

GoString returns the string representation

func (ListSAMLProvidersInput) String added in v0.6.5

func (s ListSAMLProvidersInput) String() string

String returns the string representation

type ListSAMLProvidersOutput

type ListSAMLProvidersOutput struct {

	// The list of SAML provider resource objects defined in IAM for this AWS account.
	SAMLProviderList []*SAMLProviderListEntry `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListSAMLProviders request.

func (ListSAMLProvidersOutput) GoString added in v0.6.5

func (s ListSAMLProvidersOutput) GoString() string

GoString returns the string representation

func (*ListSAMLProvidersOutput) SetSAMLProviderList added in v1.5.0

SetSAMLProviderList sets the SAMLProviderList field's value.

func (ListSAMLProvidersOutput) String added in v0.6.5

func (s ListSAMLProvidersOutput) String() string

String returns the string representation

type ListSSHPublicKeysInput added in v0.6.6

type ListSSHPublicKeysInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the IAM user to list SSH public keys for. If none is specified,
	// the UserName field is determined implicitly based on the AWS access key used
	// to sign the request.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListSSHPublicKeysInput) GoString added in v0.6.6

func (s ListSSHPublicKeysInput) GoString() string

GoString returns the string representation

func (*ListSSHPublicKeysInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListSSHPublicKeysInput) SetMaxItems added in v1.5.0

SetMaxItems sets the MaxItems field's value.

func (*ListSSHPublicKeysInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (ListSSHPublicKeysInput) String added in v0.6.6

func (s ListSSHPublicKeysInput) String() string

String returns the string representation

func (*ListSSHPublicKeysInput) Validate added in v1.1.21

func (s *ListSSHPublicKeysInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListSSHPublicKeysOutput added in v0.6.6

type ListSSHPublicKeysOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of the SSH public keys assigned to IAM user.
	SSHPublicKeys []*SSHPublicKeyMetadata `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListSSHPublicKeys request.

func (ListSSHPublicKeysOutput) GoString added in v0.6.6

func (s ListSSHPublicKeysOutput) GoString() string

GoString returns the string representation

func (*ListSSHPublicKeysOutput) SetIsTruncated added in v1.5.0

SetIsTruncated sets the IsTruncated field's value.

func (*ListSSHPublicKeysOutput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListSSHPublicKeysOutput) SetSSHPublicKeys added in v1.5.0

SetSSHPublicKeys sets the SSHPublicKeys field's value.

func (ListSSHPublicKeysOutput) String added in v0.6.6

func (s ListSSHPublicKeysOutput) String() string

String returns the string representation

type ListServerCertificatesInput

type ListServerCertificatesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example: /company/servercerts
	// would get all server certificates for which the path starts with /company/servercerts.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all server certificates. This parameter allows (per its regex
	// pattern (http://wikipedia.org/wiki/regex)) a string of characters consisting
	// of either a forward slash (/) by itself or a string that must begin and end
	// with forward slashes. In addition, it can contain any ASCII character from
	// the ! (\u0021) through the DEL character (\u007F), including most punctuation
	// characters, digits, and upper and lowercased letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListServerCertificatesInput) GoString added in v0.6.5

func (s ListServerCertificatesInput) GoString() string

GoString returns the string representation

func (*ListServerCertificatesInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListServerCertificatesInput) SetMaxItems added in v1.5.0

SetMaxItems sets the MaxItems field's value.

func (*ListServerCertificatesInput) SetPathPrefix added in v1.5.0

SetPathPrefix sets the PathPrefix field's value.

func (ListServerCertificatesInput) String added in v0.6.5

String returns the string representation

func (*ListServerCertificatesInput) Validate added in v1.1.21

func (s *ListServerCertificatesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListServerCertificatesOutput

type ListServerCertificatesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of server certificates.
	//
	// ServerCertificateMetadataList is a required field
	ServerCertificateMetadataList []*ServerCertificateMetadata `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListServerCertificates request.

func (ListServerCertificatesOutput) GoString added in v0.6.5

func (s ListServerCertificatesOutput) GoString() string

GoString returns the string representation

func (*ListServerCertificatesOutput) SetIsTruncated added in v1.5.0

SetIsTruncated sets the IsTruncated field's value.

func (*ListServerCertificatesOutput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListServerCertificatesOutput) SetServerCertificateMetadataList added in v1.5.0

func (s *ListServerCertificatesOutput) SetServerCertificateMetadataList(v []*ServerCertificateMetadata) *ListServerCertificatesOutput

SetServerCertificateMetadataList sets the ServerCertificateMetadataList field's value.

func (ListServerCertificatesOutput) String added in v0.6.5

String returns the string representation

type ListServiceSpecificCredentialsInput added in v1.6.8

type ListServiceSpecificCredentialsInput struct {

	// Filters the returned results to only those for the specified AWS service.
	// If not specified, then AWS returns service-specific credentials for all services.
	ServiceName *string `type:"string"`

	// The name of the user whose service-specific credentials you want information
	// about. If this value is not specified, then the operation assumes the user
	// whose credentials are used to call the operation.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListServiceSpecificCredentialsInput) GoString added in v1.6.8

GoString returns the string representation

func (*ListServiceSpecificCredentialsInput) SetServiceName added in v1.6.8

SetServiceName sets the ServiceName field's value.

func (*ListServiceSpecificCredentialsInput) SetUserName added in v1.6.8

SetUserName sets the UserName field's value.

func (ListServiceSpecificCredentialsInput) String added in v1.6.8

String returns the string representation

func (*ListServiceSpecificCredentialsInput) Validate added in v1.6.8

Validate inspects the fields of the type to determine if they are valid.

type ListServiceSpecificCredentialsOutput added in v1.6.8

type ListServiceSpecificCredentialsOutput struct {

	// A list of structures that each contain details about a service-specific credential.
	ServiceSpecificCredentials []*ServiceSpecificCredentialMetadata `type:"list"`
	// contains filtered or unexported fields
}

func (ListServiceSpecificCredentialsOutput) GoString added in v1.6.8

GoString returns the string representation

func (*ListServiceSpecificCredentialsOutput) SetServiceSpecificCredentials added in v1.6.8

SetServiceSpecificCredentials sets the ServiceSpecificCredentials field's value.

func (ListServiceSpecificCredentialsOutput) String added in v1.6.8

String returns the string representation

type ListSigningCertificatesInput

type ListSigningCertificatesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the IAM user whose signing certificates you want to examine.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListSigningCertificatesInput) GoString added in v0.6.5

func (s ListSigningCertificatesInput) GoString() string

GoString returns the string representation

func (*ListSigningCertificatesInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListSigningCertificatesInput) SetMaxItems added in v1.5.0

SetMaxItems sets the MaxItems field's value.

func (*ListSigningCertificatesInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (ListSigningCertificatesInput) String added in v0.6.5

String returns the string representation

func (*ListSigningCertificatesInput) Validate added in v1.1.21

func (s *ListSigningCertificatesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListSigningCertificatesOutput

type ListSigningCertificatesOutput struct {

	// A list of the user's signing certificate information.
	//
	// Certificates is a required field
	Certificates []*SigningCertificate `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListSigningCertificates request.

func (ListSigningCertificatesOutput) GoString added in v0.6.5

GoString returns the string representation

func (*ListSigningCertificatesOutput) SetCertificates added in v1.5.0

SetCertificates sets the Certificates field's value.

func (*ListSigningCertificatesOutput) SetIsTruncated added in v1.5.0

SetIsTruncated sets the IsTruncated field's value.

func (*ListSigningCertificatesOutput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (ListSigningCertificatesOutput) String added in v0.6.5

String returns the string representation

type ListUserPoliciesInput

type ListUserPoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the user to list policies for.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListUserPoliciesInput) GoString added in v0.6.5

func (s ListUserPoliciesInput) GoString() string

GoString returns the string representation

func (*ListUserPoliciesInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListUserPoliciesInput) SetMaxItems added in v1.5.0

SetMaxItems sets the MaxItems field's value.

func (*ListUserPoliciesInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (ListUserPoliciesInput) String added in v0.6.5

func (s ListUserPoliciesInput) String() string

String returns the string representation

func (*ListUserPoliciesInput) Validate added in v1.1.21

func (s *ListUserPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListUserPoliciesOutput

type ListUserPoliciesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of policy names.
	//
	// PolicyNames is a required field
	PolicyNames []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListUserPolicies request.

func (ListUserPoliciesOutput) GoString added in v0.6.5

func (s ListUserPoliciesOutput) GoString() string

GoString returns the string representation

func (*ListUserPoliciesOutput) SetIsTruncated added in v1.5.0

func (s *ListUserPoliciesOutput) SetIsTruncated(v bool) *ListUserPoliciesOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListUserPoliciesOutput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListUserPoliciesOutput) SetPolicyNames added in v1.5.0

func (s *ListUserPoliciesOutput) SetPolicyNames(v []*string) *ListUserPoliciesOutput

SetPolicyNames sets the PolicyNames field's value.

func (ListUserPoliciesOutput) String added in v0.6.5

func (s ListUserPoliciesOutput) String() string

String returns the string representation

type ListUsersInput

type ListUsersInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example: /division_abc/subdivision_xyz/,
	// which would get all user names whose path starts with /division_abc/subdivision_xyz/.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all user names. This parameter allows (per its regex pattern
	// (http://wikipedia.org/wiki/regex)) a string of characters consisting of either
	// a forward slash (/) by itself or a string that must begin and end with forward
	// slashes. In addition, it can contain any ASCII character from the ! (\u0021)
	// through the DEL character (\u007F), including most punctuation characters,
	// digits, and upper and lowercased letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListUsersInput) GoString added in v0.6.5

func (s ListUsersInput) GoString() string

GoString returns the string representation

func (*ListUsersInput) SetMarker added in v1.5.0

func (s *ListUsersInput) SetMarker(v string) *ListUsersInput

SetMarker sets the Marker field's value.

func (*ListUsersInput) SetMaxItems added in v1.5.0

func (s *ListUsersInput) SetMaxItems(v int64) *ListUsersInput

SetMaxItems sets the MaxItems field's value.

func (*ListUsersInput) SetPathPrefix added in v1.5.0

func (s *ListUsersInput) SetPathPrefix(v string) *ListUsersInput

SetPathPrefix sets the PathPrefix field's value.

func (ListUsersInput) String added in v0.6.5

func (s ListUsersInput) String() string

String returns the string representation

func (*ListUsersInput) Validate added in v1.1.21

func (s *ListUsersInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListUsersOutput

type ListUsersOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of users.
	//
	// Users is a required field
	Users []*User `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListUsers request.

func (ListUsersOutput) GoString added in v0.6.5

func (s ListUsersOutput) GoString() string

GoString returns the string representation

func (*ListUsersOutput) SetIsTruncated added in v1.5.0

func (s *ListUsersOutput) SetIsTruncated(v bool) *ListUsersOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListUsersOutput) SetMarker added in v1.5.0

func (s *ListUsersOutput) SetMarker(v string) *ListUsersOutput

SetMarker sets the Marker field's value.

func (*ListUsersOutput) SetUsers added in v1.5.0

func (s *ListUsersOutput) SetUsers(v []*User) *ListUsersOutput

SetUsers sets the Users field's value.

func (ListUsersOutput) String added in v0.6.5

func (s ListUsersOutput) String() string

String returns the string representation

type ListVirtualMFADevicesInput

type ListVirtualMFADevicesInput struct {

	// The status (Unassigned or Assigned) of the devices to list. If you do not
	// specify an AssignmentStatus, the operation defaults to Any which lists both
	// assigned and unassigned virtual MFA devices.
	AssignmentStatus *string `type:"string" enum:"assignmentStatusType"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (ListVirtualMFADevicesInput) GoString added in v0.6.5

func (s ListVirtualMFADevicesInput) GoString() string

GoString returns the string representation

func (*ListVirtualMFADevicesInput) SetAssignmentStatus added in v1.5.0

SetAssignmentStatus sets the AssignmentStatus field's value.

func (*ListVirtualMFADevicesInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListVirtualMFADevicesInput) SetMaxItems added in v1.5.0

SetMaxItems sets the MaxItems field's value.

func (ListVirtualMFADevicesInput) String added in v0.6.5

String returns the string representation

func (*ListVirtualMFADevicesInput) Validate added in v1.1.21

func (s *ListVirtualMFADevicesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListVirtualMFADevicesOutput

type ListVirtualMFADevicesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// The list of virtual MFA devices in the current account that match the AssignmentStatus
	// value that was passed in the request.
	//
	// VirtualMFADevices is a required field
	VirtualMFADevices []*VirtualMFADevice `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListVirtualMFADevices request.

func (ListVirtualMFADevicesOutput) GoString added in v0.6.5

func (s ListVirtualMFADevicesOutput) GoString() string

GoString returns the string representation

func (*ListVirtualMFADevicesOutput) SetIsTruncated added in v1.5.0

SetIsTruncated sets the IsTruncated field's value.

func (*ListVirtualMFADevicesOutput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*ListVirtualMFADevicesOutput) SetVirtualMFADevices added in v1.5.0

SetVirtualMFADevices sets the VirtualMFADevices field's value.

func (ListVirtualMFADevicesOutput) String added in v0.6.5

String returns the string representation

type LoginProfile

type LoginProfile struct {

	// The date when the password for the user was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// Specifies whether the user is required to set a new password on next sign-in.
	PasswordResetRequired *bool `type:"boolean"`

	// The name of the user, which can be used for signing in to the AWS Management
	// Console.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the user name and password create date for a user.

This data type is used as a response element in the CreateLoginProfile and GetLoginProfile operations.

func (LoginProfile) GoString added in v0.6.5

func (s LoginProfile) GoString() string

GoString returns the string representation

func (*LoginProfile) SetCreateDate added in v1.5.0

func (s *LoginProfile) SetCreateDate(v time.Time) *LoginProfile

SetCreateDate sets the CreateDate field's value.

func (*LoginProfile) SetPasswordResetRequired added in v1.5.0

func (s *LoginProfile) SetPasswordResetRequired(v bool) *LoginProfile

SetPasswordResetRequired sets the PasswordResetRequired field's value.

func (*LoginProfile) SetUserName added in v1.5.0

func (s *LoginProfile) SetUserName(v string) *LoginProfile

SetUserName sets the UserName field's value.

func (LoginProfile) String added in v0.6.5

func (s LoginProfile) String() string

String returns the string representation

type MFADevice

type MFADevice struct {

	// The date when the MFA device was enabled for the user.
	//
	// EnableDate is a required field
	EnableDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The serial number that uniquely identifies the MFA device. For virtual MFA
	// devices, the serial number is the device ARN.
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The user with whom the MFA device is associated.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an MFA device.

This data type is used as a response element in the ListMFADevices operation.

func (MFADevice) GoString added in v0.6.5

func (s MFADevice) GoString() string

GoString returns the string representation

func (*MFADevice) SetEnableDate added in v1.5.0

func (s *MFADevice) SetEnableDate(v time.Time) *MFADevice

SetEnableDate sets the EnableDate field's value.

func (*MFADevice) SetSerialNumber added in v1.5.0

func (s *MFADevice) SetSerialNumber(v string) *MFADevice

SetSerialNumber sets the SerialNumber field's value.

func (*MFADevice) SetUserName added in v1.5.0

func (s *MFADevice) SetUserName(v string) *MFADevice

SetUserName sets the UserName field's value.

func (MFADevice) String added in v0.6.5

func (s MFADevice) String() string

String returns the string representation

type ManagedPolicyDetail

type ManagedPolicyDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	Arn *string `min:"20" type:"string"`

	// The number of principal entities (users, groups, and roles) that the policy
	// is attached to.
	AttachmentCount *int64 `type:"integer"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The identifier for the version of the policy that is set as the default (operative)
	// version.
	//
	// For more information about policy versions, see Versioning for Managed Policies
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the Using IAM guide.
	DefaultVersionId *string `type:"string"`

	// A friendly description of the policy.
	Description *string `type:"string"`

	// Specifies whether the policy can be attached to an IAM user, group, or role.
	IsAttachable *bool `type:"boolean"`

	// The path to the policy.
	//
	// For more information about paths, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	Path *string `type:"string"`

	// The stable and unique string identifying the policy.
	//
	// For more information about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	PolicyId *string `min:"16" type:"string"`

	// The friendly name (not ARN) identifying the policy.
	PolicyName *string `min:"1" type:"string"`

	// A list containing information about the versions of the policy.
	PolicyVersionList []*PolicyVersion `type:"list"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy was last updated.
	//
	// When a policy has only one version, this field contains the date and time
	// when the policy was created. When a policy has more than one version, this
	// field contains the date and time when the most recent policy version was
	// created.
	UpdateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`
	// contains filtered or unexported fields
}

Contains information about a managed policy, including the policy's ARN, versions, and the number of principal entities (users, groups, and roles) that the policy is attached to.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

For more information about managed policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (ManagedPolicyDetail) GoString added in v0.6.5

func (s ManagedPolicyDetail) GoString() string

GoString returns the string representation

func (*ManagedPolicyDetail) SetArn added in v1.5.0

SetArn sets the Arn field's value.

func (*ManagedPolicyDetail) SetAttachmentCount added in v1.5.0

func (s *ManagedPolicyDetail) SetAttachmentCount(v int64) *ManagedPolicyDetail

SetAttachmentCount sets the AttachmentCount field's value.

func (*ManagedPolicyDetail) SetCreateDate added in v1.5.0

func (s *ManagedPolicyDetail) SetCreateDate(v time.Time) *ManagedPolicyDetail

SetCreateDate sets the CreateDate field's value.

func (*ManagedPolicyDetail) SetDefaultVersionId added in v1.5.0

func (s *ManagedPolicyDetail) SetDefaultVersionId(v string) *ManagedPolicyDetail

SetDefaultVersionId sets the DefaultVersionId field's value.

func (*ManagedPolicyDetail) SetDescription added in v1.5.0

func (s *ManagedPolicyDetail) SetDescription(v string) *ManagedPolicyDetail

SetDescription sets the Description field's value.

func (*ManagedPolicyDetail) SetIsAttachable added in v1.5.0

func (s *ManagedPolicyDetail) SetIsAttachable(v bool) *ManagedPolicyDetail

SetIsAttachable sets the IsAttachable field's value.

func (*ManagedPolicyDetail) SetPath added in v1.5.0

SetPath sets the Path field's value.

func (*ManagedPolicyDetail) SetPolicyId added in v1.5.0

func (s *ManagedPolicyDetail) SetPolicyId(v string) *ManagedPolicyDetail

SetPolicyId sets the PolicyId field's value.

func (*ManagedPolicyDetail) SetPolicyName added in v1.5.0

func (s *ManagedPolicyDetail) SetPolicyName(v string) *ManagedPolicyDetail

SetPolicyName sets the PolicyName field's value.

func (*ManagedPolicyDetail) SetPolicyVersionList added in v1.5.0

func (s *ManagedPolicyDetail) SetPolicyVersionList(v []*PolicyVersion) *ManagedPolicyDetail

SetPolicyVersionList sets the PolicyVersionList field's value.

func (*ManagedPolicyDetail) SetUpdateDate added in v1.5.0

func (s *ManagedPolicyDetail) SetUpdateDate(v time.Time) *ManagedPolicyDetail

SetUpdateDate sets the UpdateDate field's value.

func (ManagedPolicyDetail) String added in v0.6.5

func (s ManagedPolicyDetail) String() string

String returns the string representation

type OpenIDConnectProviderListEntry

type OpenIDConnectProviderListEntry struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	Arn *string `min:"20" type:"string"`
	// contains filtered or unexported fields
}

Contains the Amazon Resource Name (ARN) for an IAM OpenID Connect provider.

func (OpenIDConnectProviderListEntry) GoString added in v0.6.5

GoString returns the string representation

func (*OpenIDConnectProviderListEntry) SetArn added in v1.5.0

SetArn sets the Arn field's value.

func (OpenIDConnectProviderListEntry) String added in v0.6.5

String returns the string representation

type OrganizationsDecisionDetail added in v1.7.2

type OrganizationsDecisionDetail struct {

	// Specifies whether the simulated operation is allowed by the AWS Organizations
	// service control policies that impact the simulated user's account.
	AllowedByOrganizations *bool `type:"boolean"`
	// contains filtered or unexported fields
}

Contains information about AWS Organizations's effect on a policy simulation.

func (OrganizationsDecisionDetail) GoString added in v1.7.2

func (s OrganizationsDecisionDetail) GoString() string

GoString returns the string representation

func (*OrganizationsDecisionDetail) SetAllowedByOrganizations added in v1.7.2

func (s *OrganizationsDecisionDetail) SetAllowedByOrganizations(v bool) *OrganizationsDecisionDetail

SetAllowedByOrganizations sets the AllowedByOrganizations field's value.

func (OrganizationsDecisionDetail) String added in v1.7.2

String returns the string representation

type PasswordPolicy

type PasswordPolicy struct {

	// Specifies whether IAM users are allowed to change their own password.
	AllowUsersToChangePassword *bool `type:"boolean"`

	// Indicates whether passwords in the account expire. Returns true if MaxPasswordAge
	// contains a value greater than 0. Returns false if MaxPasswordAge is 0 or
	// not present.
	ExpirePasswords *bool `type:"boolean"`

	// Specifies whether IAM users are prevented from setting a new password after
	// their password has expired.
	HardExpiry *bool `type:"boolean"`

	// The number of days that an IAM user password is valid.
	MaxPasswordAge *int64 `min:"1" type:"integer"`

	// Minimum length to require for IAM user passwords.
	MinimumPasswordLength *int64 `min:"6" type:"integer"`

	// Specifies the number of previous passwords that IAM users are prevented from
	// reusing.
	PasswordReusePrevention *int64 `min:"1" type:"integer"`

	// Specifies whether to require lowercase characters for IAM user passwords.
	RequireLowercaseCharacters *bool `type:"boolean"`

	// Specifies whether to require numbers for IAM user passwords.
	RequireNumbers *bool `type:"boolean"`

	// Specifies whether to require symbols for IAM user passwords.
	RequireSymbols *bool `type:"boolean"`

	// Specifies whether to require uppercase characters for IAM user passwords.
	RequireUppercaseCharacters *bool `type:"boolean"`
	// contains filtered or unexported fields
}

Contains information about the account password policy.

This data type is used as a response element in the GetAccountPasswordPolicy operation.

func (PasswordPolicy) GoString added in v0.6.5

func (s PasswordPolicy) GoString() string

GoString returns the string representation

func (*PasswordPolicy) SetAllowUsersToChangePassword added in v1.5.0

func (s *PasswordPolicy) SetAllowUsersToChangePassword(v bool) *PasswordPolicy

SetAllowUsersToChangePassword sets the AllowUsersToChangePassword field's value.

func (*PasswordPolicy) SetExpirePasswords added in v1.5.0

func (s *PasswordPolicy) SetExpirePasswords(v bool) *PasswordPolicy

SetExpirePasswords sets the ExpirePasswords field's value.

func (*PasswordPolicy) SetHardExpiry added in v1.5.0

func (s *PasswordPolicy) SetHardExpiry(v bool) *PasswordPolicy

SetHardExpiry sets the HardExpiry field's value.

func (*PasswordPolicy) SetMaxPasswordAge added in v1.5.0

func (s *PasswordPolicy) SetMaxPasswordAge(v int64) *PasswordPolicy

SetMaxPasswordAge sets the MaxPasswordAge field's value.

func (*PasswordPolicy) SetMinimumPasswordLength added in v1.5.0

func (s *PasswordPolicy) SetMinimumPasswordLength(v int64) *PasswordPolicy

SetMinimumPasswordLength sets the MinimumPasswordLength field's value.

func (*PasswordPolicy) SetPasswordReusePrevention added in v1.5.0

func (s *PasswordPolicy) SetPasswordReusePrevention(v int64) *PasswordPolicy

SetPasswordReusePrevention sets the PasswordReusePrevention field's value.

func (*PasswordPolicy) SetRequireLowercaseCharacters added in v1.5.0

func (s *PasswordPolicy) SetRequireLowercaseCharacters(v bool) *PasswordPolicy

SetRequireLowercaseCharacters sets the RequireLowercaseCharacters field's value.

func (*PasswordPolicy) SetRequireNumbers added in v1.5.0

func (s *PasswordPolicy) SetRequireNumbers(v bool) *PasswordPolicy

SetRequireNumbers sets the RequireNumbers field's value.

func (*PasswordPolicy) SetRequireSymbols added in v1.5.0

func (s *PasswordPolicy) SetRequireSymbols(v bool) *PasswordPolicy

SetRequireSymbols sets the RequireSymbols field's value.

func (*PasswordPolicy) SetRequireUppercaseCharacters added in v1.5.0

func (s *PasswordPolicy) SetRequireUppercaseCharacters(v bool) *PasswordPolicy

SetRequireUppercaseCharacters sets the RequireUppercaseCharacters field's value.

func (PasswordPolicy) String added in v0.6.5

func (s PasswordPolicy) String() string

String returns the string representation

type Policy

type Policy struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	Arn *string `min:"20" type:"string"`

	// The number of entities (users, groups, and roles) that the policy is attached
	// to.
	AttachmentCount *int64 `type:"integer"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The identifier for the version of the policy that is set as the default version.
	DefaultVersionId *string `type:"string"`

	// A friendly description of the policy.
	//
	// This element is included in the response to the GetPolicy operation. It is
	// not included in the response to the ListPolicies operation.
	Description *string `type:"string"`

	// Specifies whether the policy can be attached to an IAM user, group, or role.
	IsAttachable *bool `type:"boolean"`

	// The path to the policy.
	//
	// For more information about paths, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	Path *string `type:"string"`

	// The stable and unique string identifying the policy.
	//
	// For more information about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	PolicyId *string `min:"16" type:"string"`

	// The friendly name (not ARN) identifying the policy.
	PolicyName *string `min:"1" type:"string"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy was last updated.
	//
	// When a policy has only one version, this field contains the date and time
	// when the policy was created. When a policy has more than one version, this
	// field contains the date and time when the most recent policy version was
	// created.
	UpdateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`
	// contains filtered or unexported fields
}

Contains information about a managed policy.

This data type is used as a response element in the CreatePolicy, GetPolicy, and ListPolicies operations.

For more information about managed policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (Policy) GoString added in v0.6.5

func (s Policy) GoString() string

GoString returns the string representation

func (*Policy) SetArn added in v1.5.0

func (s *Policy) SetArn(v string) *Policy

SetArn sets the Arn field's value.

func (*Policy) SetAttachmentCount added in v1.5.0

func (s *Policy) SetAttachmentCount(v int64) *Policy

SetAttachmentCount sets the AttachmentCount field's value.

func (*Policy) SetCreateDate added in v1.5.0

func (s *Policy) SetCreateDate(v time.Time) *Policy

SetCreateDate sets the CreateDate field's value.

func (*Policy) SetDefaultVersionId added in v1.5.0

func (s *Policy) SetDefaultVersionId(v string) *Policy

SetDefaultVersionId sets the DefaultVersionId field's value.

func (*Policy) SetDescription added in v1.5.0

func (s *Policy) SetDescription(v string) *Policy

SetDescription sets the Description field's value.

func (*Policy) SetIsAttachable added in v1.5.0

func (s *Policy) SetIsAttachable(v bool) *Policy

SetIsAttachable sets the IsAttachable field's value.

func (*Policy) SetPath added in v1.5.0

func (s *Policy) SetPath(v string) *Policy

SetPath sets the Path field's value.

func (*Policy) SetPolicyId added in v1.5.0

func (s *Policy) SetPolicyId(v string) *Policy

SetPolicyId sets the PolicyId field's value.

func (*Policy) SetPolicyName added in v1.5.0

func (s *Policy) SetPolicyName(v string) *Policy

SetPolicyName sets the PolicyName field's value.

func (*Policy) SetUpdateDate added in v1.5.0

func (s *Policy) SetUpdateDate(v time.Time) *Policy

SetUpdateDate sets the UpdateDate field's value.

func (Policy) String added in v0.6.5

func (s Policy) String() string

String returns the string representation

type PolicyDetail

type PolicyDetail struct {

	// The policy document.
	PolicyDocument *string `min:"1" type:"string"`

	// The name of the policy.
	PolicyName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about an IAM policy, including the policy document.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

func (PolicyDetail) GoString added in v0.6.5

func (s PolicyDetail) GoString() string

GoString returns the string representation

func (*PolicyDetail) SetPolicyDocument added in v1.5.0

func (s *PolicyDetail) SetPolicyDocument(v string) *PolicyDetail

SetPolicyDocument sets the PolicyDocument field's value.

func (*PolicyDetail) SetPolicyName added in v1.5.0

func (s *PolicyDetail) SetPolicyName(v string) *PolicyDetail

SetPolicyName sets the PolicyName field's value.

func (PolicyDetail) String added in v0.6.5

func (s PolicyDetail) String() string

String returns the string representation

type PolicyGroup

type PolicyGroup struct {

	// The stable and unique string identifying the group. For more information
	// about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
	// in the IAM User Guide.
	GroupId *string `min:"16" type:"string"`

	// The name (friendly name, not ARN) identifying the group.
	GroupName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about a group that a managed policy is attached to.

This data type is used as a response element in the ListEntitiesForPolicy operation.

For more information about managed policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (PolicyGroup) GoString added in v0.6.5

func (s PolicyGroup) GoString() string

GoString returns the string representation

func (*PolicyGroup) SetGroupId added in v1.5.0

func (s *PolicyGroup) SetGroupId(v string) *PolicyGroup

SetGroupId sets the GroupId field's value.

func (*PolicyGroup) SetGroupName added in v1.5.0

func (s *PolicyGroup) SetGroupName(v string) *PolicyGroup

SetGroupName sets the GroupName field's value.

func (PolicyGroup) String added in v0.6.5

func (s PolicyGroup) String() string

String returns the string representation

type PolicyRole

type PolicyRole struct {

	// The stable and unique string identifying the role. For more information about
	// IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
	// in the IAM User Guide.
	RoleId *string `min:"16" type:"string"`

	// The name (friendly name, not ARN) identifying the role.
	RoleName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about a role that a managed policy is attached to.

This data type is used as a response element in the ListEntitiesForPolicy operation.

For more information about managed policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (PolicyRole) GoString added in v0.6.5

func (s PolicyRole) GoString() string

GoString returns the string representation

func (*PolicyRole) SetRoleId added in v1.5.0

func (s *PolicyRole) SetRoleId(v string) *PolicyRole

SetRoleId sets the RoleId field's value.

func (*PolicyRole) SetRoleName added in v1.5.0

func (s *PolicyRole) SetRoleName(v string) *PolicyRole

SetRoleName sets the RoleName field's value.

func (PolicyRole) String added in v0.6.5

func (s PolicyRole) String() string

String returns the string representation

type PolicyUser

type PolicyUser struct {

	// The stable and unique string identifying the user. For more information about
	// IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
	// in the IAM User Guide.
	UserId *string `min:"16" type:"string"`

	// The name (friendly name, not ARN) identifying the user.
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about a user that a managed policy is attached to.

This data type is used as a response element in the ListEntitiesForPolicy operation.

For more information about managed policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (PolicyUser) GoString added in v0.6.5

func (s PolicyUser) GoString() string

GoString returns the string representation

func (*PolicyUser) SetUserId added in v1.5.0

func (s *PolicyUser) SetUserId(v string) *PolicyUser

SetUserId sets the UserId field's value.

func (*PolicyUser) SetUserName added in v1.5.0

func (s *PolicyUser) SetUserName(v string) *PolicyUser

SetUserName sets the UserName field's value.

func (PolicyUser) String added in v0.6.5

func (s PolicyUser) String() string

String returns the string representation

type PolicyVersion

type PolicyVersion struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy version was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The policy document.
	//
	// The policy document is returned in the response to the GetPolicyVersion and
	// GetAccountAuthorizationDetails operations. It is not returned in the response
	// to the CreatePolicyVersion or ListPolicyVersions operations.
	//
	// The policy document returned in this structure is URL-encoded compliant with
	// RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding
	// method to convert the policy back to plain JSON text. For example, if you
	// use Java, you can use the decode method of the java.net.URLDecoder utility
	// class in the Java SDK. Other languages and SDKs provide similar functionality.
	Document *string `min:"1" type:"string"`

	// Specifies whether the policy version is set as the policy's default version.
	IsDefaultVersion *bool `type:"boolean"`

	// The identifier for the policy version.
	//
	// Policy version identifiers always begin with v (always lowercase). When a
	// policy is created, the first policy version is v1.
	VersionId *string `type:"string"`
	// contains filtered or unexported fields
}

Contains information about a version of a managed policy.

This data type is used as a response element in the CreatePolicyVersion, GetPolicyVersion, ListPolicyVersions, and GetAccountAuthorizationDetails operations.

For more information about managed policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (PolicyVersion) GoString added in v0.6.5

func (s PolicyVersion) GoString() string

GoString returns the string representation

func (*PolicyVersion) SetCreateDate added in v1.5.0

func (s *PolicyVersion) SetCreateDate(v time.Time) *PolicyVersion

SetCreateDate sets the CreateDate field's value.

func (*PolicyVersion) SetDocument added in v1.5.0

func (s *PolicyVersion) SetDocument(v string) *PolicyVersion

SetDocument sets the Document field's value.

func (*PolicyVersion) SetIsDefaultVersion added in v1.5.0

func (s *PolicyVersion) SetIsDefaultVersion(v bool) *PolicyVersion

SetIsDefaultVersion sets the IsDefaultVersion field's value.

func (*PolicyVersion) SetVersionId added in v1.5.0

func (s *PolicyVersion) SetVersionId(v string) *PolicyVersion

SetVersionId sets the VersionId field's value.

func (PolicyVersion) String added in v0.6.5

func (s PolicyVersion) String() string

String returns the string representation

type Position added in v0.9.6

type Position struct {

	// The column in the line containing the specified position in the document.
	Column *int64 `type:"integer"`

	// The line containing the specified position in the document.
	Line *int64 `type:"integer"`
	// contains filtered or unexported fields
}

Contains the row and column of a location of a Statement element in a policy document.

This data type is used as a member of the Statement type.

func (Position) GoString added in v0.9.6

func (s Position) GoString() string

GoString returns the string representation

func (*Position) SetColumn added in v1.5.0

func (s *Position) SetColumn(v int64) *Position

SetColumn sets the Column field's value.

func (*Position) SetLine added in v1.5.0

func (s *Position) SetLine(v int64) *Position

SetLine sets the Line field's value.

func (Position) String added in v0.9.6

func (s Position) String() string

String returns the string representation

type PutGroupPolicyInput

type PutGroupPolicyInput struct {

	// The name of the group to associate the policy with.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The policy document.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy document.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutGroupPolicyInput) GoString added in v0.6.5

func (s PutGroupPolicyInput) GoString() string

GoString returns the string representation

func (*PutGroupPolicyInput) SetGroupName added in v1.5.0

func (s *PutGroupPolicyInput) SetGroupName(v string) *PutGroupPolicyInput

SetGroupName sets the GroupName field's value.

func (*PutGroupPolicyInput) SetPolicyDocument added in v1.5.0

func (s *PutGroupPolicyInput) SetPolicyDocument(v string) *PutGroupPolicyInput

SetPolicyDocument sets the PolicyDocument field's value.

func (*PutGroupPolicyInput) SetPolicyName added in v1.5.0

func (s *PutGroupPolicyInput) SetPolicyName(v string) *PutGroupPolicyInput

SetPolicyName sets the PolicyName field's value.

func (PutGroupPolicyInput) String added in v0.6.5

func (s PutGroupPolicyInput) String() string

String returns the string representation

func (*PutGroupPolicyInput) Validate added in v1.1.21

func (s *PutGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PutGroupPolicyOutput

type PutGroupPolicyOutput struct {
	// contains filtered or unexported fields
}

func (PutGroupPolicyOutput) GoString added in v0.6.5

func (s PutGroupPolicyOutput) GoString() string

GoString returns the string representation

func (PutGroupPolicyOutput) String added in v0.6.5

func (s PutGroupPolicyOutput) String() string

String returns the string representation

type PutRolePolicyInput

type PutRolePolicyInput struct {

	// The policy document.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy document.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name of the role to associate the policy with.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutRolePolicyInput) GoString added in v0.6.5

func (s PutRolePolicyInput) GoString() string

GoString returns the string representation

func (*PutRolePolicyInput) SetPolicyDocument added in v1.5.0

func (s *PutRolePolicyInput) SetPolicyDocument(v string) *PutRolePolicyInput

SetPolicyDocument sets the PolicyDocument field's value.

func (*PutRolePolicyInput) SetPolicyName added in v1.5.0

func (s *PutRolePolicyInput) SetPolicyName(v string) *PutRolePolicyInput

SetPolicyName sets the PolicyName field's value.

func (*PutRolePolicyInput) SetRoleName added in v1.5.0

func (s *PutRolePolicyInput) SetRoleName(v string) *PutRolePolicyInput

SetRoleName sets the RoleName field's value.

func (PutRolePolicyInput) String added in v0.6.5

func (s PutRolePolicyInput) String() string

String returns the string representation

func (*PutRolePolicyInput) Validate added in v1.1.21

func (s *PutRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PutRolePolicyOutput

type PutRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (PutRolePolicyOutput) GoString added in v0.6.5

func (s PutRolePolicyOutput) GoString() string

GoString returns the string representation

func (PutRolePolicyOutput) String added in v0.6.5

func (s PutRolePolicyOutput) String() string

String returns the string representation

type PutUserPolicyInput

type PutUserPolicyInput struct {

	// The policy document.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy document.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name of the user to associate the policy with.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutUserPolicyInput) GoString added in v0.6.5

func (s PutUserPolicyInput) GoString() string

GoString returns the string representation

func (*PutUserPolicyInput) SetPolicyDocument added in v1.5.0

func (s *PutUserPolicyInput) SetPolicyDocument(v string) *PutUserPolicyInput

SetPolicyDocument sets the PolicyDocument field's value.

func (*PutUserPolicyInput) SetPolicyName added in v1.5.0

func (s *PutUserPolicyInput) SetPolicyName(v string) *PutUserPolicyInput

SetPolicyName sets the PolicyName field's value.

func (*PutUserPolicyInput) SetUserName added in v1.5.0

func (s *PutUserPolicyInput) SetUserName(v string) *PutUserPolicyInput

SetUserName sets the UserName field's value.

func (PutUserPolicyInput) String added in v0.6.5

func (s PutUserPolicyInput) String() string

String returns the string representation

func (*PutUserPolicyInput) Validate added in v1.1.21

func (s *PutUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PutUserPolicyOutput

type PutUserPolicyOutput struct {
	// contains filtered or unexported fields
}

func (PutUserPolicyOutput) GoString added in v0.6.5

func (s PutUserPolicyOutput) GoString() string

GoString returns the string representation

func (PutUserPolicyOutput) String added in v0.6.5

func (s PutUserPolicyOutput) String() string

String returns the string representation

type RemoveClientIDFromOpenIDConnectProviderInput

type RemoveClientIDFromOpenIDConnectProviderInput struct {

	// The client ID (also known as audience) to remove from the IAM OIDC provider
	// resource. For more information about client IDs, see CreateOpenIDConnectProvider.
	//
	// ClientID is a required field
	ClientID *string `min:"1" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the IAM OIDC provider resource to remove
	// the client ID from. You can get a list of OIDC provider ARNs by using the
	// ListOpenIDConnectProviders operation.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (RemoveClientIDFromOpenIDConnectProviderInput) GoString added in v0.6.5

GoString returns the string representation

func (*RemoveClientIDFromOpenIDConnectProviderInput) SetClientID added in v1.5.0

SetClientID sets the ClientID field's value.

func (*RemoveClientIDFromOpenIDConnectProviderInput) SetOpenIDConnectProviderArn added in v1.5.0

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (RemoveClientIDFromOpenIDConnectProviderInput) String added in v0.6.5

String returns the string representation

func (*RemoveClientIDFromOpenIDConnectProviderInput) Validate added in v1.1.21

Validate inspects the fields of the type to determine if they are valid.

type RemoveClientIDFromOpenIDConnectProviderOutput

type RemoveClientIDFromOpenIDConnectProviderOutput struct {
	// contains filtered or unexported fields
}

func (RemoveClientIDFromOpenIDConnectProviderOutput) GoString added in v0.6.5

GoString returns the string representation

func (RemoveClientIDFromOpenIDConnectProviderOutput) String added in v0.6.5

String returns the string representation

type RemoveRoleFromInstanceProfileInput

type RemoveRoleFromInstanceProfileInput struct {

	// The name of the instance profile to update.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`

	// The name of the role to remove.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (RemoveRoleFromInstanceProfileInput) GoString added in v0.6.5

GoString returns the string representation

func (*RemoveRoleFromInstanceProfileInput) SetInstanceProfileName added in v1.5.0

SetInstanceProfileName sets the InstanceProfileName field's value.

func (*RemoveRoleFromInstanceProfileInput) SetRoleName added in v1.5.0

SetRoleName sets the RoleName field's value.

func (RemoveRoleFromInstanceProfileInput) String added in v0.6.5

String returns the string representation

func (*RemoveRoleFromInstanceProfileInput) Validate added in v1.1.21

Validate inspects the fields of the type to determine if they are valid.

type RemoveRoleFromInstanceProfileOutput

type RemoveRoleFromInstanceProfileOutput struct {
	// contains filtered or unexported fields
}

func (RemoveRoleFromInstanceProfileOutput) GoString added in v0.6.5

GoString returns the string representation

func (RemoveRoleFromInstanceProfileOutput) String added in v0.6.5

String returns the string representation

type RemoveUserFromGroupInput

type RemoveUserFromGroupInput struct {

	// The name of the group to update.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The name of the user to remove.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (RemoveUserFromGroupInput) GoString added in v0.6.5

func (s RemoveUserFromGroupInput) GoString() string

GoString returns the string representation

func (*RemoveUserFromGroupInput) SetGroupName added in v1.5.0

SetGroupName sets the GroupName field's value.

func (*RemoveUserFromGroupInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (RemoveUserFromGroupInput) String added in v0.6.5

func (s RemoveUserFromGroupInput) String() string

String returns the string representation

func (*RemoveUserFromGroupInput) Validate added in v1.1.21

func (s *RemoveUserFromGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type RemoveUserFromGroupOutput

type RemoveUserFromGroupOutput struct {
	// contains filtered or unexported fields
}

func (RemoveUserFromGroupOutput) GoString added in v0.6.5

func (s RemoveUserFromGroupOutput) GoString() string

GoString returns the string representation

func (RemoveUserFromGroupOutput) String added in v0.6.5

func (s RemoveUserFromGroupOutput) String() string

String returns the string representation

type ResetServiceSpecificCredentialInput added in v1.6.8

type ResetServiceSpecificCredentialInput struct {

	// The unique identifier of the service-specific credential.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The name of the IAM user associated with the service-specific credential.
	// If this value is not specified, then the operation assumes the user whose
	// credentials are used to call the operation.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ResetServiceSpecificCredentialInput) GoString added in v1.6.8

GoString returns the string representation

func (*ResetServiceSpecificCredentialInput) SetServiceSpecificCredentialId added in v1.6.8

SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.

func (*ResetServiceSpecificCredentialInput) SetUserName added in v1.6.8

SetUserName sets the UserName field's value.

func (ResetServiceSpecificCredentialInput) String added in v1.6.8

String returns the string representation

func (*ResetServiceSpecificCredentialInput) Validate added in v1.6.8

Validate inspects the fields of the type to determine if they are valid.

type ResetServiceSpecificCredentialOutput added in v1.6.8

type ResetServiceSpecificCredentialOutput struct {

	// A structure with details about the updated service-specific credential, including
	// the new password.
	//
	// This is the only time that you can access the password. You cannot recover
	// the password later, but you can reset it again.
	ServiceSpecificCredential *ServiceSpecificCredential `type:"structure"`
	// contains filtered or unexported fields
}

func (ResetServiceSpecificCredentialOutput) GoString added in v1.6.8

GoString returns the string representation

func (*ResetServiceSpecificCredentialOutput) SetServiceSpecificCredential added in v1.6.8

SetServiceSpecificCredential sets the ServiceSpecificCredential field's value.

func (ResetServiceSpecificCredentialOutput) String added in v1.6.8

String returns the string representation

type ResourceSpecificResult added in v0.10.1

type ResourceSpecificResult struct {

	// Additional details about the results of the evaluation decision. When there
	// are both IAM policies and resource policies, this parameter explains how
	// each set of policies contributes to the final evaluation decision. When simulating
	// cross-account access to a resource, both the resource-based policy and the
	// caller's IAM policy must grant access.
	EvalDecisionDetails map[string]*string `type:"map"`

	// The result of the simulation of the simulated API operation on the resource
	// specified in EvalResourceName.
	//
	// EvalResourceDecision is a required field
	EvalResourceDecision *string `type:"string" required:"true" enum:"PolicyEvaluationDecisionType"`

	// The name of the simulated resource, in Amazon Resource Name (ARN) format.
	//
	// EvalResourceName is a required field
	EvalResourceName *string `min:"1" type:"string" required:"true"`

	// A list of the statements in the input policies that determine the result
	// for this part of the simulation. Remember that even if multiple statements
	// allow the operation on the resource, if any statement denies that operation,
	// then the explicit deny overrides any allow, and the deny statement is the
	// only entry included in the result.
	MatchedStatements []*Statement `type:"list"`

	// A list of context keys that are required by the included input policies but
	// that were not provided by one of the input parameters. This list is used
	// when a list of ARNs is included in the ResourceArns parameter instead of
	// "*". If you do not specify individual resources, by setting ResourceArns
	// to "*" or by not including the ResourceArns parameter, then any missing context
	// values are instead included under the EvaluationResults section. To discover
	// the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy
	// or GetContextKeysForPrincipalPolicy.
	MissingContextValues []*string `type:"list"`
	// contains filtered or unexported fields
}

Contains the result of the simulation of a single API operation call on a single resource.

This data type is used by a member of the EvaluationResult data type.

func (ResourceSpecificResult) GoString added in v0.10.1

func (s ResourceSpecificResult) GoString() string

GoString returns the string representation

func (*ResourceSpecificResult) SetEvalDecisionDetails added in v1.5.0

func (s *ResourceSpecificResult) SetEvalDecisionDetails(v map[string]*string) *ResourceSpecificResult

SetEvalDecisionDetails sets the EvalDecisionDetails field's value.

func (*ResourceSpecificResult) SetEvalResourceDecision added in v1.5.0

func (s *ResourceSpecificResult) SetEvalResourceDecision(v string) *ResourceSpecificResult

SetEvalResourceDecision sets the EvalResourceDecision field's value.

func (*ResourceSpecificResult) SetEvalResourceName added in v1.5.0

func (s *ResourceSpecificResult) SetEvalResourceName(v string) *ResourceSpecificResult

SetEvalResourceName sets the EvalResourceName field's value.

func (*ResourceSpecificResult) SetMatchedStatements added in v1.5.0

func (s *ResourceSpecificResult) SetMatchedStatements(v []*Statement) *ResourceSpecificResult

SetMatchedStatements sets the MatchedStatements field's value.

func (*ResourceSpecificResult) SetMissingContextValues added in v1.5.0

func (s *ResourceSpecificResult) SetMissingContextValues(v []*string) *ResourceSpecificResult

SetMissingContextValues sets the MissingContextValues field's value.

func (ResourceSpecificResult) String added in v0.10.1

func (s ResourceSpecificResult) String() string

String returns the string representation

type ResyncMFADeviceInput

type ResyncMFADeviceInput struct {

	// An authentication code emitted by the device.
	//
	// The format for this parameter is a sequence of six digits.
	//
	// AuthenticationCode1 is a required field
	AuthenticationCode1 *string `min:"6" type:"string" required:"true"`

	// A subsequent authentication code emitted by the device.
	//
	// The format for this parameter is a sequence of six digits.
	//
	// AuthenticationCode2 is a required field
	AuthenticationCode2 *string `min:"6" type:"string" required:"true"`

	// Serial number that uniquely identifies the MFA device.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The name of the user whose MFA device you want to resynchronize.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ResyncMFADeviceInput) GoString added in v0.6.5

func (s ResyncMFADeviceInput) GoString() string

GoString returns the string representation

func (*ResyncMFADeviceInput) SetAuthenticationCode1 added in v1.5.0

func (s *ResyncMFADeviceInput) SetAuthenticationCode1(v string) *ResyncMFADeviceInput

SetAuthenticationCode1 sets the AuthenticationCode1 field's value.

func (*ResyncMFADeviceInput) SetAuthenticationCode2 added in v1.5.0

func (s *ResyncMFADeviceInput) SetAuthenticationCode2(v string) *ResyncMFADeviceInput

SetAuthenticationCode2 sets the AuthenticationCode2 field's value.

func (*ResyncMFADeviceInput) SetSerialNumber added in v1.5.0

func (s *ResyncMFADeviceInput) SetSerialNumber(v string) *ResyncMFADeviceInput

SetSerialNumber sets the SerialNumber field's value.

func (*ResyncMFADeviceInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (ResyncMFADeviceInput) String added in v0.6.5

func (s ResyncMFADeviceInput) String() string

String returns the string representation

func (*ResyncMFADeviceInput) Validate added in v1.1.21

func (s *ResyncMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ResyncMFADeviceOutput

type ResyncMFADeviceOutput struct {
	// contains filtered or unexported fields
}

func (ResyncMFADeviceOutput) GoString added in v0.6.5

func (s ResyncMFADeviceOutput) GoString() string

GoString returns the string representation

func (ResyncMFADeviceOutput) String added in v0.6.5

func (s ResyncMFADeviceOutput) String() string

String returns the string representation

type Role

type Role struct {

	// The Amazon Resource Name (ARN) specifying the role. For more information
	// about ARNs and how to use them in policies, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The policy that grants an entity permission to assume the role.
	AssumeRolePolicyDocument *string `min:"1" type:"string"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the role was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// A description of the role that you provide.
	Description *string `type:"string"`

	// The maximum session duration (in seconds) for the specified role. Anyone
	// who uses the AWS CLI or API to assume the role can specify the duration using
	// the optional DurationSeconds API parameter or duration-seconds CLI parameter.
	MaxSessionDuration *int64 `min:"3600" type:"integer"`

	// The path to the role. For more information about paths, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`

	// The stable and unique string identifying the role. For more information about
	// IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// RoleId is a required field
	RoleId *string `min:"16" type:"string" required:"true"`

	// The friendly name that identifies the role.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an IAM role. This structure is returned as a response element in several API operations that interact with roles.

func (Role) GoString added in v0.6.5

func (s Role) GoString() string

GoString returns the string representation

func (*Role) SetArn added in v1.5.0

func (s *Role) SetArn(v string) *Role

SetArn sets the Arn field's value.

func (*Role) SetAssumeRolePolicyDocument added in v1.5.0

func (s *Role) SetAssumeRolePolicyDocument(v string) *Role

SetAssumeRolePolicyDocument sets the AssumeRolePolicyDocument field's value.

func (*Role) SetCreateDate added in v1.5.0

func (s *Role) SetCreateDate(v time.Time) *Role

SetCreateDate sets the CreateDate field's value.

func (*Role) SetDescription added in v1.8.14

func (s *Role) SetDescription(v string) *Role

SetDescription sets the Description field's value.

func (*Role) SetMaxSessionDuration added in v1.13.23

func (s *Role) SetMaxSessionDuration(v int64) *Role

SetMaxSessionDuration sets the MaxSessionDuration field's value.

func (*Role) SetPath added in v1.5.0

func (s *Role) SetPath(v string) *Role

SetPath sets the Path field's value.

func (*Role) SetRoleId added in v1.5.0

func (s *Role) SetRoleId(v string) *Role

SetRoleId sets the RoleId field's value.

func (*Role) SetRoleName added in v1.5.0

func (s *Role) SetRoleName(v string) *Role

SetRoleName sets the RoleName field's value.

func (Role) String added in v0.6.5

func (s Role) String() string

String returns the string representation

type RoleDetail

type RoleDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	Arn *string `min:"20" type:"string"`

	// The trust policy that grants permission to assume the role.
	AssumeRolePolicyDocument *string `min:"1" type:"string"`

	// A list of managed policies attached to the role. These policies are the role's
	// access (permissions) policies.
	AttachedManagedPolicies []*AttachedPolicy `type:"list"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the role was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// A list of instance profiles that contain this role.
	InstanceProfileList []*InstanceProfile `type:"list"`

	// The path to the role. For more information about paths, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	Path *string `min:"1" type:"string"`

	// The stable and unique string identifying the role. For more information about
	// IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	RoleId *string `min:"16" type:"string"`

	// The friendly name that identifies the role.
	RoleName *string `min:"1" type:"string"`

	// A list of inline policies embedded in the role. These policies are the role's
	// access (permissions) policies.
	RolePolicyList []*PolicyDetail `type:"list"`
	// contains filtered or unexported fields
}

Contains information about an IAM role, including all of the role's policies.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

func (RoleDetail) GoString added in v0.6.5

func (s RoleDetail) GoString() string

GoString returns the string representation

func (*RoleDetail) SetArn added in v1.5.0

func (s *RoleDetail) SetArn(v string) *RoleDetail

SetArn sets the Arn field's value.

func (*RoleDetail) SetAssumeRolePolicyDocument added in v1.5.0

func (s *RoleDetail) SetAssumeRolePolicyDocument(v string) *RoleDetail

SetAssumeRolePolicyDocument sets the AssumeRolePolicyDocument field's value.

func (*RoleDetail) SetAttachedManagedPolicies added in v1.5.0

func (s *RoleDetail) SetAttachedManagedPolicies(v []*AttachedPolicy) *RoleDetail

SetAttachedManagedPolicies sets the AttachedManagedPolicies field's value.

func (*RoleDetail) SetCreateDate added in v1.5.0

func (s *RoleDetail) SetCreateDate(v time.Time) *RoleDetail

SetCreateDate sets the CreateDate field's value.

func (*RoleDetail) SetInstanceProfileList added in v1.5.0

func (s *RoleDetail) SetInstanceProfileList(v []*InstanceProfile) *RoleDetail

SetInstanceProfileList sets the InstanceProfileList field's value.

func (*RoleDetail) SetPath added in v1.5.0

func (s *RoleDetail) SetPath(v string) *RoleDetail

SetPath sets the Path field's value.

func (*RoleDetail) SetRoleId added in v1.5.0

func (s *RoleDetail) SetRoleId(v string) *RoleDetail

SetRoleId sets the RoleId field's value.

func (*RoleDetail) SetRoleName added in v1.5.0

func (s *RoleDetail) SetRoleName(v string) *RoleDetail

SetRoleName sets the RoleName field's value.

func (*RoleDetail) SetRolePolicyList added in v1.5.0

func (s *RoleDetail) SetRolePolicyList(v []*PolicyDetail) *RoleDetail

SetRolePolicyList sets the RolePolicyList field's value.

func (RoleDetail) String added in v0.6.5

func (s RoleDetail) String() string

String returns the string representation

type RoleUsageType added in v1.10.47

type RoleUsageType struct {

	// The name of the region where the service-linked role is being used.
	Region *string `min:"1" type:"string"`

	// The name of the resource that is using the service-linked role.
	Resources []*string `type:"list"`
	// contains filtered or unexported fields
}

An object that contains details about how a service-linked role is used, if that information is returned by the service.

This data type is used as a response element in the GetServiceLinkedRoleDeletionStatus operation.

func (RoleUsageType) GoString added in v1.10.47

func (s RoleUsageType) GoString() string

GoString returns the string representation

func (*RoleUsageType) SetRegion added in v1.10.47

func (s *RoleUsageType) SetRegion(v string) *RoleUsageType

SetRegion sets the Region field's value.

func (*RoleUsageType) SetResources added in v1.10.47

func (s *RoleUsageType) SetResources(v []*string) *RoleUsageType

SetResources sets the Resources field's value.

func (RoleUsageType) String added in v1.10.47

func (s RoleUsageType) String() string

String returns the string representation

type SAMLProviderListEntry

type SAMLProviderListEntry struct {

	// The Amazon Resource Name (ARN) of the SAML provider.
	Arn *string `min:"20" type:"string"`

	// The date and time when the SAML provider was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The expiration date and time for the SAML provider.
	ValidUntil *time.Time `type:"timestamp" timestampFormat:"iso8601"`
	// contains filtered or unexported fields
}

Contains the list of SAML providers for this account.

func (SAMLProviderListEntry) GoString added in v0.6.5

func (s SAMLProviderListEntry) GoString() string

GoString returns the string representation

func (*SAMLProviderListEntry) SetArn added in v1.5.0

SetArn sets the Arn field's value.

func (*SAMLProviderListEntry) SetCreateDate added in v1.5.0

SetCreateDate sets the CreateDate field's value.

func (*SAMLProviderListEntry) SetValidUntil added in v1.5.0

SetValidUntil sets the ValidUntil field's value.

func (SAMLProviderListEntry) String added in v0.6.5

func (s SAMLProviderListEntry) String() string

String returns the string representation

type SSHPublicKey added in v0.6.6

type SSHPublicKey struct {

	// The MD5 message digest of the SSH public key.
	//
	// Fingerprint is a required field
	Fingerprint *string `min:"48" type:"string" required:"true"`

	// The SSH public key.
	//
	// SSHPublicKeyBody is a required field
	SSHPublicKeyBody *string `min:"1" type:"string" required:"true"`

	// The unique identifier for the SSH public key.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The status of the SSH public key. Active means that the key can be used for
	// authentication with an AWS CodeCommit repository. Inactive means that the
	// key cannot be used.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the SSH public key was uploaded.
	UploadDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The name of the IAM user associated with the SSH public key.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an SSH public key.

This data type is used as a response element in the GetSSHPublicKey and UploadSSHPublicKey operations.

func (SSHPublicKey) GoString added in v0.6.6

func (s SSHPublicKey) GoString() string

GoString returns the string representation

func (*SSHPublicKey) SetFingerprint added in v1.5.0

func (s *SSHPublicKey) SetFingerprint(v string) *SSHPublicKey

SetFingerprint sets the Fingerprint field's value.

func (*SSHPublicKey) SetSSHPublicKeyBody added in v1.5.0

func (s *SSHPublicKey) SetSSHPublicKeyBody(v string) *SSHPublicKey

SetSSHPublicKeyBody sets the SSHPublicKeyBody field's value.

func (*SSHPublicKey) SetSSHPublicKeyId added in v1.5.0

func (s *SSHPublicKey) SetSSHPublicKeyId(v string) *SSHPublicKey

SetSSHPublicKeyId sets the SSHPublicKeyId field's value.

func (*SSHPublicKey) SetStatus added in v1.5.0

func (s *SSHPublicKey) SetStatus(v string) *SSHPublicKey

SetStatus sets the Status field's value.

func (*SSHPublicKey) SetUploadDate added in v1.5.0

func (s *SSHPublicKey) SetUploadDate(v time.Time) *SSHPublicKey

SetUploadDate sets the UploadDate field's value.

func (*SSHPublicKey) SetUserName added in v1.5.0

func (s *SSHPublicKey) SetUserName(v string) *SSHPublicKey

SetUserName sets the UserName field's value.

func (SSHPublicKey) String added in v0.6.6

func (s SSHPublicKey) String() string

String returns the string representation

type SSHPublicKeyMetadata added in v0.6.6

type SSHPublicKeyMetadata struct {

	// The unique identifier for the SSH public key.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The status of the SSH public key. Active means that the key can be used for
	// authentication with an AWS CodeCommit repository. Inactive means that the
	// key cannot be used.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the SSH public key was uploaded.
	//
	// UploadDate is a required field
	UploadDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The name of the IAM user associated with the SSH public key.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an SSH public key, without the key's body or fingerprint.

This data type is used as a response element in the ListSSHPublicKeys operation.

func (SSHPublicKeyMetadata) GoString added in v0.6.6

func (s SSHPublicKeyMetadata) GoString() string

GoString returns the string representation

func (*SSHPublicKeyMetadata) SetSSHPublicKeyId added in v1.5.0

func (s *SSHPublicKeyMetadata) SetSSHPublicKeyId(v string) *SSHPublicKeyMetadata

SetSSHPublicKeyId sets the SSHPublicKeyId field's value.

func (*SSHPublicKeyMetadata) SetStatus added in v1.5.0

SetStatus sets the Status field's value.

func (*SSHPublicKeyMetadata) SetUploadDate added in v1.5.0

func (s *SSHPublicKeyMetadata) SetUploadDate(v time.Time) *SSHPublicKeyMetadata

SetUploadDate sets the UploadDate field's value.

func (*SSHPublicKeyMetadata) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (SSHPublicKeyMetadata) String added in v0.6.6

func (s SSHPublicKeyMetadata) String() string

String returns the string representation

type ServerCertificate

type ServerCertificate struct {

	// The contents of the public key certificate.
	//
	// CertificateBody is a required field
	CertificateBody *string `min:"1" type:"string" required:"true"`

	// The contents of the public key certificate chain.
	CertificateChain *string `min:"1" type:"string"`

	// The meta information of the server certificate, such as its name, path, ID,
	// and ARN.
	//
	// ServerCertificateMetadata is a required field
	ServerCertificateMetadata *ServerCertificateMetadata `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains information about a server certificate.

This data type is used as a response element in the GetServerCertificate operation.

func (ServerCertificate) GoString added in v0.6.5

func (s ServerCertificate) GoString() string

GoString returns the string representation

func (*ServerCertificate) SetCertificateBody added in v1.5.0

func (s *ServerCertificate) SetCertificateBody(v string) *ServerCertificate

SetCertificateBody sets the CertificateBody field's value.

func (*ServerCertificate) SetCertificateChain added in v1.5.0

func (s *ServerCertificate) SetCertificateChain(v string) *ServerCertificate

SetCertificateChain sets the CertificateChain field's value.

func (*ServerCertificate) SetServerCertificateMetadata added in v1.5.0

func (s *ServerCertificate) SetServerCertificateMetadata(v *ServerCertificateMetadata) *ServerCertificate

SetServerCertificateMetadata sets the ServerCertificateMetadata field's value.

func (ServerCertificate) String added in v0.6.5

func (s ServerCertificate) String() string

String returns the string representation

type ServerCertificateMetadata

type ServerCertificateMetadata struct {

	// The Amazon Resource Name (ARN) specifying the server certificate. For more
	// information about ARNs and how to use them in policies, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The date on which the certificate is set to expire.
	Expiration *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The path to the server certificate. For more information about paths, see
	// IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`

	// The stable and unique string identifying the server certificate. For more
	// information about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// ServerCertificateId is a required field
	ServerCertificateId *string `min:"16" type:"string" required:"true"`

	// The name that identifies the server certificate.
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`

	// The date when the server certificate was uploaded.
	UploadDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`
	// contains filtered or unexported fields
}

Contains information about a server certificate without its certificate body, certificate chain, and private key.

This data type is used as a response element in the UploadServerCertificate and ListServerCertificates operations.

func (ServerCertificateMetadata) GoString added in v0.6.5

func (s ServerCertificateMetadata) GoString() string

GoString returns the string representation

func (*ServerCertificateMetadata) SetArn added in v1.5.0

SetArn sets the Arn field's value.

func (*ServerCertificateMetadata) SetExpiration added in v1.5.0

SetExpiration sets the Expiration field's value.

func (*ServerCertificateMetadata) SetPath added in v1.5.0

SetPath sets the Path field's value.

func (*ServerCertificateMetadata) SetServerCertificateId added in v1.5.0

func (s *ServerCertificateMetadata) SetServerCertificateId(v string) *ServerCertificateMetadata

SetServerCertificateId sets the ServerCertificateId field's value.

func (*ServerCertificateMetadata) SetServerCertificateName added in v1.5.0

func (s *ServerCertificateMetadata) SetServerCertificateName(v string) *ServerCertificateMetadata

SetServerCertificateName sets the ServerCertificateName field's value.

func (*ServerCertificateMetadata) SetUploadDate added in v1.5.0

SetUploadDate sets the UploadDate field's value.

func (ServerCertificateMetadata) String added in v0.6.5

func (s ServerCertificateMetadata) String() string

String returns the string representation

type ServiceSpecificCredential added in v1.6.8

type ServiceSpecificCredential struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the service-specific credential were created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The name of the service associated with the service-specific credential.
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`

	// The generated password for the service-specific credential.
	//
	// ServicePassword is a required field
	ServicePassword *string `type:"string" required:"true"`

	// The unique identifier for the service-specific credential.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The generated user name for the service-specific credential. This value is
	// generated by combining the IAM user's name combined with the ID number of
	// the AWS account, as in jane-at-123456789012, for example. This value cannot
	// be configured by the user.
	//
	// ServiceUserName is a required field
	ServiceUserName *string `min:"17" type:"string" required:"true"`

	// The status of the service-specific credential. Active means that the key
	// is valid for API calls, while Inactive means it is not.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The name of the IAM user associated with the service-specific credential.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the details of a service-specific credential.

func (ServiceSpecificCredential) GoString added in v1.6.8

func (s ServiceSpecificCredential) GoString() string

GoString returns the string representation

func (*ServiceSpecificCredential) SetCreateDate added in v1.6.8

SetCreateDate sets the CreateDate field's value.

func (*ServiceSpecificCredential) SetServiceName added in v1.6.8

SetServiceName sets the ServiceName field's value.

func (*ServiceSpecificCredential) SetServicePassword added in v1.6.8

SetServicePassword sets the ServicePassword field's value.

func (*ServiceSpecificCredential) SetServiceSpecificCredentialId added in v1.6.8

func (s *ServiceSpecificCredential) SetServiceSpecificCredentialId(v string) *ServiceSpecificCredential

SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.

func (*ServiceSpecificCredential) SetServiceUserName added in v1.6.8

SetServiceUserName sets the ServiceUserName field's value.

func (*ServiceSpecificCredential) SetStatus added in v1.6.8

SetStatus sets the Status field's value.

func (*ServiceSpecificCredential) SetUserName added in v1.6.8

SetUserName sets the UserName field's value.

func (ServiceSpecificCredential) String added in v1.6.8

func (s ServiceSpecificCredential) String() string

String returns the string representation

type ServiceSpecificCredentialMetadata added in v1.6.8

type ServiceSpecificCredentialMetadata struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the service-specific credential were created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The name of the service associated with the service-specific credential.
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`

	// The unique identifier for the service-specific credential.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The generated user name for the service-specific credential.
	//
	// ServiceUserName is a required field
	ServiceUserName *string `min:"17" type:"string" required:"true"`

	// The status of the service-specific credential. Active means that the key
	// is valid for API calls, while Inactive means it is not.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The name of the IAM user associated with the service-specific credential.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains additional details about a service-specific credential.

func (ServiceSpecificCredentialMetadata) GoString added in v1.6.8

GoString returns the string representation

func (*ServiceSpecificCredentialMetadata) SetCreateDate added in v1.6.8

SetCreateDate sets the CreateDate field's value.

func (*ServiceSpecificCredentialMetadata) SetServiceName added in v1.6.8

SetServiceName sets the ServiceName field's value.

func (*ServiceSpecificCredentialMetadata) SetServiceSpecificCredentialId added in v1.6.8

func (s *ServiceSpecificCredentialMetadata) SetServiceSpecificCredentialId(v string) *ServiceSpecificCredentialMetadata

SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.

func (*ServiceSpecificCredentialMetadata) SetServiceUserName added in v1.6.8

SetServiceUserName sets the ServiceUserName field's value.

func (*ServiceSpecificCredentialMetadata) SetStatus added in v1.6.8

SetStatus sets the Status field's value.

func (*ServiceSpecificCredentialMetadata) SetUserName added in v1.6.8

SetUserName sets the UserName field's value.

func (ServiceSpecificCredentialMetadata) String added in v1.6.8

String returns the string representation

type SetDefaultPolicyVersionInput

type SetDefaultPolicyVersionInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy whose default version you
	// want to set.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The version of the policy to set as the default (operative) version.
	//
	// For more information about managed policy versions, see Versioning for Managed
	// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the IAM User Guide.
	//
	// VersionId is a required field
	VersionId *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (SetDefaultPolicyVersionInput) GoString added in v0.6.5

func (s SetDefaultPolicyVersionInput) GoString() string

GoString returns the string representation

func (*SetDefaultPolicyVersionInput) SetPolicyArn added in v1.5.0

SetPolicyArn sets the PolicyArn field's value.

func (*SetDefaultPolicyVersionInput) SetVersionId added in v1.5.0

SetVersionId sets the VersionId field's value.

func (SetDefaultPolicyVersionInput) String added in v0.6.5

String returns the string representation

func (*SetDefaultPolicyVersionInput) Validate added in v1.1.21

func (s *SetDefaultPolicyVersionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type SetDefaultPolicyVersionOutput

type SetDefaultPolicyVersionOutput struct {
	// contains filtered or unexported fields
}

func (SetDefaultPolicyVersionOutput) GoString added in v0.6.5

GoString returns the string representation

func (SetDefaultPolicyVersionOutput) String added in v0.6.5

String returns the string representation

type SigningCertificate

type SigningCertificate struct {

	// The contents of the signing certificate.
	//
	// CertificateBody is a required field
	CertificateBody *string `min:"1" type:"string" required:"true"`

	// The ID for the signing certificate.
	//
	// CertificateId is a required field
	CertificateId *string `min:"24" type:"string" required:"true"`

	// The status of the signing certificate. Active means that the key is valid
	// for API calls, while Inactive means it is not.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The date when the signing certificate was uploaded.
	UploadDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The name of the user the signing certificate is associated with.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an X.509 signing certificate.

This data type is used as a response element in the UploadSigningCertificate and ListSigningCertificates operations.

func (SigningCertificate) GoString added in v0.6.5

func (s SigningCertificate) GoString() string

GoString returns the string representation

func (*SigningCertificate) SetCertificateBody added in v1.5.0

func (s *SigningCertificate) SetCertificateBody(v string) *SigningCertificate

SetCertificateBody sets the CertificateBody field's value.

func (*SigningCertificate) SetCertificateId added in v1.5.0

func (s *SigningCertificate) SetCertificateId(v string) *SigningCertificate

SetCertificateId sets the CertificateId field's value.

func (*SigningCertificate) SetStatus added in v1.5.0

func (s *SigningCertificate) SetStatus(v string) *SigningCertificate

SetStatus sets the Status field's value.

func (*SigningCertificate) SetUploadDate added in v1.5.0

func (s *SigningCertificate) SetUploadDate(v time.Time) *SigningCertificate

SetUploadDate sets the UploadDate field's value.

func (*SigningCertificate) SetUserName added in v1.5.0

func (s *SigningCertificate) SetUserName(v string) *SigningCertificate

SetUserName sets the UserName field's value.

func (SigningCertificate) String added in v0.6.5

func (s SigningCertificate) String() string

String returns the string representation

type SimulateCustomPolicyInput added in v0.9.6

type SimulateCustomPolicyInput struct {

	// A list of names of API operations to evaluate in the simulation. Each operation
	// is evaluated against each resource. Each operation must include the service
	// identifier, such as iam:CreateUser.
	//
	// ActionNames is a required field
	ActionNames []*string `type:"list" required:"true"`

	// The ARN of the IAM user that you want to use as the simulated caller of the
	// API operations. CallerArn is required if you include a ResourcePolicy so
	// that the policy's Principal element has a value to use in evaluating the
	// policy.
	//
	// You can specify only the ARN of an IAM user. You cannot specify the ARN of
	// an assumed role, federated user, or a service principal.
	CallerArn *string `min:"1" type:"string"`

	// A list of context keys and corresponding values for the simulation to use.
	// Whenever a context key is evaluated in one of the simulated IAM permission
	// policies, the corresponding value is supplied.
	ContextEntries []*ContextEntry `type:"list"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// A list of policy documents to include in the simulation. Each document is
	// specified as a string containing the complete, valid JSON text of an IAM
	// policy. Do not include any resource-based policies in this parameter. Any
	// resource-based policy must be submitted with the ResourcePolicy parameter.
	// The policies cannot be "scope-down" policies, such as you could include in
	// a call to GetFederationToken (http://docs.aws.amazon.com/IAM/latest/APIReference/API_GetFederationToken.html)
	// or one of the AssumeRole (http://docs.aws.amazon.com/IAM/latest/APIReference/API_AssumeRole.html)
	// API operations. In other words, do not use policies designed to restrict
	// what a user can do while using the temporary credentials.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyInputList is a required field
	PolicyInputList []*string `type:"list" required:"true"`

	// A list of ARNs of AWS resources to include in the simulation. If this parameter
	// is not provided then the value defaults to * (all resources). Each API in
	// the ActionNames parameter is evaluated for each resource in this list. The
	// simulation determines the access result (allowed or denied) of each combination
	// and reports it in the response.
	//
	// The simulation does not automatically retrieve policies for the specified
	// resources. If you want to include a resource policy in the simulation, then
	// you must include the policy as a string in the ResourcePolicy parameter.
	//
	// If you include a ResourcePolicy, then it must be applicable to all of the
	// resources included in the simulation or you receive an invalid input error.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	ResourceArns []*string `type:"list"`

	// Specifies the type of simulation to run. Different API operations that support
	// resource-based policies require different combinations of resources. By specifying
	// the type of simulation to run, you enable the policy simulator to enforce
	// the presence of the required resources to ensure reliable simulation results.
	// If your simulation does not match one of the following scenarios, then you
	// can omit this parameter. The following list shows each of the supported scenario
	// values and the resources that you must define to run the simulation.
	//
	// Each of the EC2 scenarios requires that you specify instance, image, and
	// security-group resources. If your scenario includes an EBS volume, then you
	// must specify that volume as a resource. If the EC2 scenario includes VPC,
	// then you must supply the network-interface resource. If it includes an IP
	// subnet, then you must specify the subnet resource. For more information on
	// the EC2 scenario options, see Supported Platforms (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html)
	// in the Amazon EC2 User Guide.
	//
	//    * EC2-Classic-InstanceStore
	//
	// instance, image, security-group
	//
	//    * EC2-Classic-EBS
	//
	// instance, image, security-group, volume
	//
	//    * EC2-VPC-InstanceStore
	//
	// instance, image, security-group, network-interface
	//
	//    * EC2-VPC-InstanceStore-Subnet
	//
	// instance, image, security-group, network-interface, subnet
	//
	//    * EC2-VPC-EBS
	//
	// instance, image, security-group, network-interface, volume
	//
	//    * EC2-VPC-EBS-Subnet
	//
	// instance, image, security-group, network-interface, subnet, volume
	ResourceHandlingOption *string `min:"1" type:"string"`

	// An AWS account ID that specifies the owner of any simulated resource that
	// does not identify its owner in the resource ARN, such as an S3 bucket or
	// object. If ResourceOwner is specified, it is also used as the account owner
	// of any ResourcePolicy included in the simulation. If the ResourceOwner parameter
	// is not specified, then the owner of the resources and the resource policy
	// defaults to the account of the identity provided in CallerArn. This parameter
	// is required only if you specify a resource-based policy and account that
	// owns the resource is different from the account that owns the simulated calling
	// user CallerArn.
	ResourceOwner *string `min:"1" type:"string"`

	// A resource-based policy to include in the simulation provided as a string.
	// Each resource in the simulation is treated as if it had this policy attached.
	// You can include only one resource-based policy in a simulation.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	ResourcePolicy *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (SimulateCustomPolicyInput) GoString added in v0.9.6

func (s SimulateCustomPolicyInput) GoString() string

GoString returns the string representation

func (*SimulateCustomPolicyInput) SetActionNames added in v1.5.0

SetActionNames sets the ActionNames field's value.

func (*SimulateCustomPolicyInput) SetCallerArn added in v1.5.0

SetCallerArn sets the CallerArn field's value.

func (*SimulateCustomPolicyInput) SetContextEntries added in v1.5.0

SetContextEntries sets the ContextEntries field's value.

func (*SimulateCustomPolicyInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*SimulateCustomPolicyInput) SetMaxItems added in v1.5.0

SetMaxItems sets the MaxItems field's value.

func (*SimulateCustomPolicyInput) SetPolicyInputList added in v1.5.0

func (s *SimulateCustomPolicyInput) SetPolicyInputList(v []*string) *SimulateCustomPolicyInput

SetPolicyInputList sets the PolicyInputList field's value.

func (*SimulateCustomPolicyInput) SetResourceArns added in v1.5.0

SetResourceArns sets the ResourceArns field's value.

func (*SimulateCustomPolicyInput) SetResourceHandlingOption added in v1.5.0

func (s *SimulateCustomPolicyInput) SetResourceHandlingOption(v string) *SimulateCustomPolicyInput

SetResourceHandlingOption sets the ResourceHandlingOption field's value.

func (*SimulateCustomPolicyInput) SetResourceOwner added in v1.5.0

SetResourceOwner sets the ResourceOwner field's value.

func (*SimulateCustomPolicyInput) SetResourcePolicy added in v1.5.0

SetResourcePolicy sets the ResourcePolicy field's value.

func (SimulateCustomPolicyInput) String added in v0.9.6

func (s SimulateCustomPolicyInput) String() string

String returns the string representation

func (*SimulateCustomPolicyInput) Validate added in v1.1.21

func (s *SimulateCustomPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type SimulatePolicyResponse added in v0.9.6

type SimulatePolicyResponse struct {

	// The results of the simulation.
	EvaluationResults []*EvaluationResult `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful SimulatePrincipalPolicy or SimulateCustomPolicy request.

func (SimulatePolicyResponse) GoString added in v0.9.6

func (s SimulatePolicyResponse) GoString() string

GoString returns the string representation

func (*SimulatePolicyResponse) SetEvaluationResults added in v1.5.0

func (s *SimulatePolicyResponse) SetEvaluationResults(v []*EvaluationResult) *SimulatePolicyResponse

SetEvaluationResults sets the EvaluationResults field's value.

func (*SimulatePolicyResponse) SetIsTruncated added in v1.5.0

func (s *SimulatePolicyResponse) SetIsTruncated(v bool) *SimulatePolicyResponse

SetIsTruncated sets the IsTruncated field's value.

func (*SimulatePolicyResponse) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (SimulatePolicyResponse) String added in v0.9.6

func (s SimulatePolicyResponse) String() string

String returns the string representation

type SimulatePrincipalPolicyInput added in v0.9.6

type SimulatePrincipalPolicyInput struct {

	// A list of names of API operations to evaluate in the simulation. Each operation
	// is evaluated for each resource. Each operation must include the service identifier,
	// such as iam:CreateUser.
	//
	// ActionNames is a required field
	ActionNames []*string `type:"list" required:"true"`

	// The ARN of the IAM user that you want to specify as the simulated caller
	// of the API operations. If you do not specify a CallerArn, it defaults to
	// the ARN of the user that you specify in PolicySourceArn, if you specified
	// a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David)
	// and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result
	// is that you simulate calling the API operations as Bob, as if Bob had David's
	// policies.
	//
	// You can specify only the ARN of an IAM user. You cannot specify the ARN of
	// an assumed role, federated user, or a service principal.
	//
	// CallerArn is required if you include a ResourcePolicy and the PolicySourceArn
	// is not the ARN for an IAM user. This is required so that the resource-based
	// policy's Principal element has a value to use in evaluating the policy.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	CallerArn *string `min:"1" type:"string"`

	// A list of context keys and corresponding values for the simulation to use.
	// Whenever a context key is evaluated in one of the simulated IAM permission
	// policies, the corresponding value is supplied.
	ContextEntries []*ContextEntry `type:"list"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// An optional list of additional policy documents to include in the simulation.
	// Each document is specified as a string containing the complete, valid JSON
	// text of an IAM policy.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	PolicyInputList []*string `type:"list"`

	// The Amazon Resource Name (ARN) of a user, group, or role whose policies you
	// want to include in the simulation. If you specify a user, group, or role,
	// the simulation includes all policies that are associated with that entity.
	// If you specify a user, the simulation also includes all policies that are
	// attached to any groups the user belongs to.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicySourceArn is a required field
	PolicySourceArn *string `min:"20" type:"string" required:"true"`

	// A list of ARNs of AWS resources to include in the simulation. If this parameter
	// is not provided, then the value defaults to * (all resources). Each API in
	// the ActionNames parameter is evaluated for each resource in this list. The
	// simulation determines the access result (allowed or denied) of each combination
	// and reports it in the response.
	//
	// The simulation does not automatically retrieve policies for the specified
	// resources. If you want to include a resource policy in the simulation, then
	// you must include the policy as a string in the ResourcePolicy parameter.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	ResourceArns []*string `type:"list"`

	// Specifies the type of simulation to run. Different API operations that support
	// resource-based policies require different combinations of resources. By specifying
	// the type of simulation to run, you enable the policy simulator to enforce
	// the presence of the required resources to ensure reliable simulation results.
	// If your simulation does not match one of the following scenarios, then you
	// can omit this parameter. The following list shows each of the supported scenario
	// values and the resources that you must define to run the simulation.
	//
	// Each of the EC2 scenarios requires that you specify instance, image, and
	// security-group resources. If your scenario includes an EBS volume, then you
	// must specify that volume as a resource. If the EC2 scenario includes VPC,
	// then you must supply the network-interface resource. If it includes an IP
	// subnet, then you must specify the subnet resource. For more information on
	// the EC2 scenario options, see Supported Platforms (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html)
	// in the Amazon EC2 User Guide.
	//
	//    * EC2-Classic-InstanceStore
	//
	// instance, image, security-group
	//
	//    * EC2-Classic-EBS
	//
	// instance, image, security-group, volume
	//
	//    * EC2-VPC-InstanceStore
	//
	// instance, image, security-group, network-interface
	//
	//    * EC2-VPC-InstanceStore-Subnet
	//
	// instance, image, security-group, network-interface, subnet
	//
	//    * EC2-VPC-EBS
	//
	// instance, image, security-group, network-interface, volume
	//
	//    * EC2-VPC-EBS-Subnet
	//
	// instance, image, security-group, network-interface, subnet, volume
	ResourceHandlingOption *string `min:"1" type:"string"`

	// An AWS account ID that specifies the owner of any simulated resource that
	// does not identify its owner in the resource ARN, such as an S3 bucket or
	// object. If ResourceOwner is specified, it is also used as the account owner
	// of any ResourcePolicy included in the simulation. If the ResourceOwner parameter
	// is not specified, then the owner of the resources and the resource policy
	// defaults to the account of the identity provided in CallerArn. This parameter
	// is required only if you specify a resource-based policy and account that
	// owns the resource is different from the account that owns the simulated calling
	// user CallerArn.
	ResourceOwner *string `min:"1" type:"string"`

	// A resource-based policy to include in the simulation provided as a string.
	// Each resource in the simulation is treated as if it had this policy attached.
	// You can include only one resource-based policy in a simulation.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	ResourcePolicy *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (SimulatePrincipalPolicyInput) GoString added in v0.9.6

func (s SimulatePrincipalPolicyInput) GoString() string

GoString returns the string representation

func (*SimulatePrincipalPolicyInput) SetActionNames added in v1.5.0

SetActionNames sets the ActionNames field's value.

func (*SimulatePrincipalPolicyInput) SetCallerArn added in v1.5.0

SetCallerArn sets the CallerArn field's value.

func (*SimulatePrincipalPolicyInput) SetContextEntries added in v1.5.0

SetContextEntries sets the ContextEntries field's value.

func (*SimulatePrincipalPolicyInput) SetMarker added in v1.5.0

SetMarker sets the Marker field's value.

func (*SimulatePrincipalPolicyInput) SetMaxItems added in v1.5.0

SetMaxItems sets the MaxItems field's value.

func (*SimulatePrincipalPolicyInput) SetPolicyInputList added in v1.5.0

SetPolicyInputList sets the PolicyInputList field's value.

func (*SimulatePrincipalPolicyInput) SetPolicySourceArn added in v1.5.0

SetPolicySourceArn sets the PolicySourceArn field's value.

func (*SimulatePrincipalPolicyInput) SetResourceArns added in v1.5.0

SetResourceArns sets the ResourceArns field's value.

func (*SimulatePrincipalPolicyInput) SetResourceHandlingOption added in v1.5.0

func (s *SimulatePrincipalPolicyInput) SetResourceHandlingOption(v string) *SimulatePrincipalPolicyInput

SetResourceHandlingOption sets the ResourceHandlingOption field's value.

func (*SimulatePrincipalPolicyInput) SetResourceOwner added in v1.5.0

SetResourceOwner sets the ResourceOwner field's value.

func (*SimulatePrincipalPolicyInput) SetResourcePolicy added in v1.5.0

SetResourcePolicy sets the ResourcePolicy field's value.

func (SimulatePrincipalPolicyInput) String added in v0.9.6

String returns the string representation

func (*SimulatePrincipalPolicyInput) Validate added in v1.1.21

func (s *SimulatePrincipalPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type Statement added in v0.9.6

type Statement struct {

	// The row and column of the end of a Statement in an IAM policy.
	EndPosition *Position `type:"structure"`

	// The identifier of the policy that was provided as an input.
	SourcePolicyId *string `type:"string"`

	// The type of the policy.
	SourcePolicyType *string `type:"string" enum:"PolicySourceType"`

	// The row and column of the beginning of the Statement in an IAM policy.
	StartPosition *Position `type:"structure"`
	// contains filtered or unexported fields
}

Contains a reference to a Statement element in a policy document that determines the result of the simulation.

This data type is used by the MatchedStatements member of the EvaluationResult type.

func (Statement) GoString added in v0.9.6

func (s Statement) GoString() string

GoString returns the string representation

func (*Statement) SetEndPosition added in v1.5.0

func (s *Statement) SetEndPosition(v *Position) *Statement

SetEndPosition sets the EndPosition field's value.

func (*Statement) SetSourcePolicyId added in v1.5.0

func (s *Statement) SetSourcePolicyId(v string) *Statement

SetSourcePolicyId sets the SourcePolicyId field's value.

func (*Statement) SetSourcePolicyType added in v1.5.0

func (s *Statement) SetSourcePolicyType(v string) *Statement

SetSourcePolicyType sets the SourcePolicyType field's value.

func (*Statement) SetStartPosition added in v1.5.0

func (s *Statement) SetStartPosition(v *Position) *Statement

SetStartPosition sets the StartPosition field's value.

func (Statement) String added in v0.9.6

func (s Statement) String() string

String returns the string representation

type UpdateAccessKeyInput

type UpdateAccessKeyInput struct {

	// The access key ID of the secret access key you want to update.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// AccessKeyId is a required field
	AccessKeyId *string `min:"16" type:"string" required:"true"`

	// The status you want to assign to the secret access key. Active means that
	// the key can be used for API calls to AWS, while Inactive means that the key
	// cannot be used.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The name of the user whose key you want to update.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UpdateAccessKeyInput) GoString added in v0.6.5

func (s UpdateAccessKeyInput) GoString() string

GoString returns the string representation

func (*UpdateAccessKeyInput) SetAccessKeyId added in v1.5.0

func (s *UpdateAccessKeyInput) SetAccessKeyId(v string) *UpdateAccessKeyInput

SetAccessKeyId sets the AccessKeyId field's value.

func (*UpdateAccessKeyInput) SetStatus added in v1.5.0

SetStatus sets the Status field's value.

func (*UpdateAccessKeyInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (UpdateAccessKeyInput) String added in v0.6.5

func (s UpdateAccessKeyInput) String() string

String returns the string representation

func (*UpdateAccessKeyInput) Validate added in v1.1.21

func (s *UpdateAccessKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateAccessKeyOutput

type UpdateAccessKeyOutput struct {
	// contains filtered or unexported fields
}

func (UpdateAccessKeyOutput) GoString added in v0.6.5

func (s UpdateAccessKeyOutput) GoString() string

GoString returns the string representation

func (UpdateAccessKeyOutput) String added in v0.6.5

func (s UpdateAccessKeyOutput) String() string

String returns the string representation

type UpdateAccountPasswordPolicyInput

type UpdateAccountPasswordPolicyInput struct {

	// Allows all IAM users in your account to use the AWS Management Console to
	// change their own passwords. For more information, see Letting IAM Users Change
	// Their Own Passwords (http://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html)
	// in the IAM User Guide.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that IAM users in the account do
	// not automatically have permissions to change their own password.
	AllowUsersToChangePassword *bool `type:"boolean"`

	// Prevents IAM users from setting a new password after their password has expired.
	// The IAM user cannot be accessed until an administrator resets the password.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that IAM users can change their
	// passwords after they expire and continue to sign in as the user.
	HardExpiry *bool `type:"boolean"`

	// The number of days that an IAM user password is valid.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of 0. The result is that IAM user passwords never expire.
	MaxPasswordAge *int64 `min:"1" type:"integer"`

	// The minimum number of characters allowed in an IAM user password.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of 6.
	MinimumPasswordLength *int64 `min:"6" type:"integer"`

	// Specifies the number of previous passwords that IAM users are prevented from
	// reusing.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of 0. The result is that IAM users are not prevented from
	// reusing previous passwords.
	PasswordReusePrevention *int64 `min:"1" type:"integer"`

	// Specifies whether IAM user passwords must contain at least one lowercase
	// character from the ISO basic Latin alphabet (a to z).
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that passwords do not require at
	// least one lowercase character.
	RequireLowercaseCharacters *bool `type:"boolean"`

	// Specifies whether IAM user passwords must contain at least one numeric character
	// (0 to 9).
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that passwords do not require at
	// least one numeric character.
	RequireNumbers *bool `type:"boolean"`

	// Specifies whether IAM user passwords must contain at least one of the following
	// non-alphanumeric characters:
	//
	// ! @ # $ % ^ & * ( ) _ + - = [ ] { } | '
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that passwords do not require at
	// least one symbol character.
	RequireSymbols *bool `type:"boolean"`

	// Specifies whether IAM user passwords must contain at least one uppercase
	// character from the ISO basic Latin alphabet (A to Z).
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that passwords do not require at
	// least one uppercase character.
	RequireUppercaseCharacters *bool `type:"boolean"`
	// contains filtered or unexported fields
}

func (UpdateAccountPasswordPolicyInput) GoString added in v0.6.5

GoString returns the string representation

func (*UpdateAccountPasswordPolicyInput) SetAllowUsersToChangePassword added in v1.5.0

func (s *UpdateAccountPasswordPolicyInput) SetAllowUsersToChangePassword(v bool) *UpdateAccountPasswordPolicyInput

SetAllowUsersToChangePassword sets the AllowUsersToChangePassword field's value.

func (*UpdateAccountPasswordPolicyInput) SetHardExpiry added in v1.5.0

SetHardExpiry sets the HardExpiry field's value.

func (*UpdateAccountPasswordPolicyInput) SetMaxPasswordAge added in v1.5.0

SetMaxPasswordAge sets the MaxPasswordAge field's value.

func (*UpdateAccountPasswordPolicyInput) SetMinimumPasswordLength added in v1.5.0

SetMinimumPasswordLength sets the MinimumPasswordLength field's value.

func (*UpdateAccountPasswordPolicyInput) SetPasswordReusePrevention added in v1.5.0

SetPasswordReusePrevention sets the PasswordReusePrevention field's value.

func (*UpdateAccountPasswordPolicyInput) SetRequireLowercaseCharacters added in v1.5.0

func (s *UpdateAccountPasswordPolicyInput) SetRequireLowercaseCharacters(v bool) *UpdateAccountPasswordPolicyInput

SetRequireLowercaseCharacters sets the RequireLowercaseCharacters field's value.

func (*UpdateAccountPasswordPolicyInput) SetRequireNumbers added in v1.5.0

SetRequireNumbers sets the RequireNumbers field's value.

func (*UpdateAccountPasswordPolicyInput) SetRequireSymbols added in v1.5.0

SetRequireSymbols sets the RequireSymbols field's value.

func (*UpdateAccountPasswordPolicyInput) SetRequireUppercaseCharacters added in v1.5.0

func (s *UpdateAccountPasswordPolicyInput) SetRequireUppercaseCharacters(v bool) *UpdateAccountPasswordPolicyInput

SetRequireUppercaseCharacters sets the RequireUppercaseCharacters field's value.

func (UpdateAccountPasswordPolicyInput) String added in v0.6.5

String returns the string representation

func (*UpdateAccountPasswordPolicyInput) Validate added in v1.1.21

Validate inspects the fields of the type to determine if they are valid.

type UpdateAccountPasswordPolicyOutput

type UpdateAccountPasswordPolicyOutput struct {
	// contains filtered or unexported fields
}

func (UpdateAccountPasswordPolicyOutput) GoString added in v0.6.5

GoString returns the string representation

func (UpdateAccountPasswordPolicyOutput) String added in v0.6.5

String returns the string representation

type UpdateAssumeRolePolicyInput

type UpdateAssumeRolePolicyInput struct {

	// The policy that grants an entity permission to assume the role.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the role to update with the new policy.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateAssumeRolePolicyInput) GoString added in v0.6.5

func (s UpdateAssumeRolePolicyInput) GoString() string

GoString returns the string representation

func (*UpdateAssumeRolePolicyInput) SetPolicyDocument added in v1.5.0

SetPolicyDocument sets the PolicyDocument field's value.

func (*UpdateAssumeRolePolicyInput) SetRoleName added in v1.5.0

SetRoleName sets the RoleName field's value.

func (UpdateAssumeRolePolicyInput) String added in v0.6.5

String returns the string representation

func (*UpdateAssumeRolePolicyInput) Validate added in v1.1.21

func (s *UpdateAssumeRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateAssumeRolePolicyOutput

type UpdateAssumeRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (UpdateAssumeRolePolicyOutput) GoString added in v0.6.5

func (s UpdateAssumeRolePolicyOutput) GoString() string

GoString returns the string representation

func (UpdateAssumeRolePolicyOutput) String added in v0.6.5

String returns the string representation

type UpdateGroupInput

type UpdateGroupInput struct {

	// Name of the IAM group to update. If you're changing the name of the group,
	// this is the original name.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// New name for the IAM group. Only include this if changing the group's name.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	NewGroupName *string `min:"1" type:"string"`

	// New path for the IAM group. Only include this if changing the group's path.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	NewPath *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UpdateGroupInput) GoString added in v0.6.5

func (s UpdateGroupInput) GoString() string

GoString returns the string representation

func (*UpdateGroupInput) SetGroupName added in v1.5.0

func (s *UpdateGroupInput) SetGroupName(v string) *UpdateGroupInput

SetGroupName sets the GroupName field's value.

func (*UpdateGroupInput) SetNewGroupName added in v1.5.0

func (s *UpdateGroupInput) SetNewGroupName(v string) *UpdateGroupInput

SetNewGroupName sets the NewGroupName field's value.

func (*UpdateGroupInput) SetNewPath added in v1.5.0

func (s *UpdateGroupInput) SetNewPath(v string) *UpdateGroupInput

SetNewPath sets the NewPath field's value.

func (UpdateGroupInput) String added in v0.6.5

func (s UpdateGroupInput) String() string

String returns the string representation

func (*UpdateGroupInput) Validate added in v1.1.21

func (s *UpdateGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateGroupOutput

type UpdateGroupOutput struct {
	// contains filtered or unexported fields
}

func (UpdateGroupOutput) GoString added in v0.6.5

func (s UpdateGroupOutput) GoString() string

GoString returns the string representation

func (UpdateGroupOutput) String added in v0.6.5

func (s UpdateGroupOutput) String() string

String returns the string representation

type UpdateLoginProfileInput

type UpdateLoginProfileInput struct {

	// The new password for the specified IAM user.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// However, the format can be further restricted by the account administrator
	// by setting a password policy on the AWS account. For more information, see
	// UpdateAccountPasswordPolicy.
	Password *string `min:"1" type:"string"`

	// Allows this new password to be used only once by requiring the specified
	// IAM user to set a new password on next sign-in.
	PasswordResetRequired *bool `type:"boolean"`

	// The name of the user whose password you want to update.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateLoginProfileInput) GoString added in v0.6.5

func (s UpdateLoginProfileInput) GoString() string

GoString returns the string representation

func (*UpdateLoginProfileInput) SetPassword added in v1.5.0

SetPassword sets the Password field's value.

func (*UpdateLoginProfileInput) SetPasswordResetRequired added in v1.5.0

func (s *UpdateLoginProfileInput) SetPasswordResetRequired(v bool) *UpdateLoginProfileInput

SetPasswordResetRequired sets the PasswordResetRequired field's value.

func (*UpdateLoginProfileInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (UpdateLoginProfileInput) String added in v0.6.5

func (s UpdateLoginProfileInput) String() string

String returns the string representation

func (*UpdateLoginProfileInput) Validate added in v1.1.21

func (s *UpdateLoginProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateLoginProfileOutput

type UpdateLoginProfileOutput struct {
	// contains filtered or unexported fields
}

func (UpdateLoginProfileOutput) GoString added in v0.6.5

func (s UpdateLoginProfileOutput) GoString() string

GoString returns the string representation

func (UpdateLoginProfileOutput) String added in v0.6.5

func (s UpdateLoginProfileOutput) String() string

String returns the string representation

type UpdateOpenIDConnectProviderThumbprintInput

type UpdateOpenIDConnectProviderThumbprintInput struct {

	// The Amazon Resource Name (ARN) of the IAM OIDC provider resource object for
	// which you want to update the thumbprint. You can get a list of OIDC provider
	// ARNs by using the ListOpenIDConnectProviders operation.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`

	// A list of certificate thumbprints that are associated with the specified
	// IAM OpenID Connect provider. For more information, see CreateOpenIDConnectProvider.
	//
	// ThumbprintList is a required field
	ThumbprintList []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateOpenIDConnectProviderThumbprintInput) GoString added in v0.6.5

GoString returns the string representation

func (*UpdateOpenIDConnectProviderThumbprintInput) SetOpenIDConnectProviderArn added in v1.5.0

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (*UpdateOpenIDConnectProviderThumbprintInput) SetThumbprintList added in v1.5.0

SetThumbprintList sets the ThumbprintList field's value.

func (UpdateOpenIDConnectProviderThumbprintInput) String added in v0.6.5

String returns the string representation

func (*UpdateOpenIDConnectProviderThumbprintInput) Validate added in v1.1.21

Validate inspects the fields of the type to determine if they are valid.

type UpdateOpenIDConnectProviderThumbprintOutput

type UpdateOpenIDConnectProviderThumbprintOutput struct {
	// contains filtered or unexported fields
}

func (UpdateOpenIDConnectProviderThumbprintOutput) GoString added in v0.6.5

GoString returns the string representation

func (UpdateOpenIDConnectProviderThumbprintOutput) String added in v0.6.5

String returns the string representation

type UpdateRoleDescriptionInput added in v1.8.14

type UpdateRoleDescriptionInput struct {

	// The new description that you want to apply to the specified role.
	//
	// Description is a required field
	Description *string `type:"string" required:"true"`

	// The name of the role that you want to modify.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateRoleDescriptionInput) GoString added in v1.8.14

func (s UpdateRoleDescriptionInput) GoString() string

GoString returns the string representation

func (*UpdateRoleDescriptionInput) SetDescription added in v1.8.14

SetDescription sets the Description field's value.

func (*UpdateRoleDescriptionInput) SetRoleName added in v1.8.14

SetRoleName sets the RoleName field's value.

func (UpdateRoleDescriptionInput) String added in v1.8.14

String returns the string representation

func (*UpdateRoleDescriptionInput) Validate added in v1.8.14

func (s *UpdateRoleDescriptionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateRoleDescriptionOutput added in v1.8.14

type UpdateRoleDescriptionOutput struct {

	// A structure that contains details about the modified role.
	Role *Role `type:"structure"`
	// contains filtered or unexported fields
}

func (UpdateRoleDescriptionOutput) GoString added in v1.8.14

func (s UpdateRoleDescriptionOutput) GoString() string

GoString returns the string representation

func (*UpdateRoleDescriptionOutput) SetRole added in v1.8.14

SetRole sets the Role field's value.

func (UpdateRoleDescriptionOutput) String added in v1.8.14

String returns the string representation

type UpdateRoleInput added in v1.13.23

type UpdateRoleInput struct {

	// The new description that you want to apply to the specified role.
	Description *string `type:"string"`

	// The maximum session duration (in seconds) that you want to set for the specified
	// role. If you do not specify a value for this setting, the default maximum
	// of one hour is applied. This setting can have a value from 1 hour to 12 hours.
	//
	// Anyone who assumes the role from the AWS CLI or API can use the DurationSeconds
	// API parameter or the duration-seconds CLI parameter to request a longer session.
	// The MaxSessionDuration setting determines the maximum duration that can be
	// requested using the DurationSeconds parameter. If users don't specify a value
	// for the DurationSeconds parameter, their security credentials are valid for
	// one hour by default. This applies when you use the AssumeRole* API operations
	// or the assume-role* CLI operations but does not apply when you use those
	// operations to create a console URL. For more information, see Using IAM Roles
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the
	// IAM User Guide.
	MaxSessionDuration *int64 `min:"3600" type:"integer"`

	// The name of the role that you want to modify.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateRoleInput) GoString added in v1.13.23

func (s UpdateRoleInput) GoString() string

GoString returns the string representation

func (*UpdateRoleInput) SetDescription added in v1.13.23

func (s *UpdateRoleInput) SetDescription(v string) *UpdateRoleInput

SetDescription sets the Description field's value.

func (*UpdateRoleInput) SetMaxSessionDuration added in v1.13.23

func (s *UpdateRoleInput) SetMaxSessionDuration(v int64) *UpdateRoleInput

SetMaxSessionDuration sets the MaxSessionDuration field's value.

func (*UpdateRoleInput) SetRoleName added in v1.13.23

func (s *UpdateRoleInput) SetRoleName(v string) *UpdateRoleInput

SetRoleName sets the RoleName field's value.

func (UpdateRoleInput) String added in v1.13.23

func (s UpdateRoleInput) String() string

String returns the string representation

func (*UpdateRoleInput) Validate added in v1.13.23

func (s *UpdateRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateRoleOutput added in v1.13.23

type UpdateRoleOutput struct {
	// contains filtered or unexported fields
}

func (UpdateRoleOutput) GoString added in v1.13.23

func (s UpdateRoleOutput) GoString() string

GoString returns the string representation

func (UpdateRoleOutput) String added in v1.13.23

func (s UpdateRoleOutput) String() string

String returns the string representation

type UpdateSAMLProviderInput

type UpdateSAMLProviderInput struct {

	// An XML document generated by an identity provider (IdP) that supports SAML
	// 2.0. The document includes the issuer's name, expiration information, and
	// keys that can be used to validate the SAML authentication response (assertions)
	// that are received from the IdP. You must generate the metadata document using
	// the identity management software that is used as your organization's IdP.
	//
	// SAMLMetadataDocument is a required field
	SAMLMetadataDocument *string `min:"1000" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the SAML provider to update.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// SAMLProviderArn is a required field
	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateSAMLProviderInput) GoString added in v0.6.5

func (s UpdateSAMLProviderInput) GoString() string

GoString returns the string representation

func (*UpdateSAMLProviderInput) SetSAMLMetadataDocument added in v1.5.0

func (s *UpdateSAMLProviderInput) SetSAMLMetadataDocument(v string) *UpdateSAMLProviderInput

SetSAMLMetadataDocument sets the SAMLMetadataDocument field's value.

func (*UpdateSAMLProviderInput) SetSAMLProviderArn added in v1.5.0

func (s *UpdateSAMLProviderInput) SetSAMLProviderArn(v string) *UpdateSAMLProviderInput

SetSAMLProviderArn sets the SAMLProviderArn field's value.

func (UpdateSAMLProviderInput) String added in v0.6.5

func (s UpdateSAMLProviderInput) String() string

String returns the string representation

func (*UpdateSAMLProviderInput) Validate added in v1.1.21

func (s *UpdateSAMLProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateSAMLProviderOutput

type UpdateSAMLProviderOutput struct {

	// The Amazon Resource Name (ARN) of the SAML provider that was updated.
	SAMLProviderArn *string `min:"20" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful UpdateSAMLProvider request.

func (UpdateSAMLProviderOutput) GoString added in v0.6.5

func (s UpdateSAMLProviderOutput) GoString() string

GoString returns the string representation

func (*UpdateSAMLProviderOutput) SetSAMLProviderArn added in v1.5.0

func (s *UpdateSAMLProviderOutput) SetSAMLProviderArn(v string) *UpdateSAMLProviderOutput

SetSAMLProviderArn sets the SAMLProviderArn field's value.

func (UpdateSAMLProviderOutput) String added in v0.6.5

func (s UpdateSAMLProviderOutput) String() string

String returns the string representation

type UpdateSSHPublicKeyInput added in v0.6.6

type UpdateSSHPublicKeyInput struct {

	// The unique identifier for the SSH public key.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The status to assign to the SSH public key. Active means that the key can
	// be used for authentication with an AWS CodeCommit repository. Inactive means
	// that the key cannot be used.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The name of the IAM user associated with the SSH public key.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateSSHPublicKeyInput) GoString added in v0.6.6

func (s UpdateSSHPublicKeyInput) GoString() string

GoString returns the string representation

func (*UpdateSSHPublicKeyInput) SetSSHPublicKeyId added in v1.5.0

func (s *UpdateSSHPublicKeyInput) SetSSHPublicKeyId(v string) *UpdateSSHPublicKeyInput

SetSSHPublicKeyId sets the SSHPublicKeyId field's value.

func (*UpdateSSHPublicKeyInput) SetStatus added in v1.5.0

SetStatus sets the Status field's value.

func (*UpdateSSHPublicKeyInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (UpdateSSHPublicKeyInput) String added in v0.6.6

func (s UpdateSSHPublicKeyInput) String() string

String returns the string representation

func (*UpdateSSHPublicKeyInput) Validate added in v1.1.21

func (s *UpdateSSHPublicKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateSSHPublicKeyOutput added in v0.6.6

type UpdateSSHPublicKeyOutput struct {
	// contains filtered or unexported fields
}

func (UpdateSSHPublicKeyOutput) GoString added in v0.6.6

func (s UpdateSSHPublicKeyOutput) GoString() string

GoString returns the string representation

func (UpdateSSHPublicKeyOutput) String added in v0.6.6

func (s UpdateSSHPublicKeyOutput) String() string

String returns the string representation

type UpdateServerCertificateInput

type UpdateServerCertificateInput struct {

	// The new path for the server certificate. Include this only if you are updating
	// the server certificate's path.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	NewPath *string `min:"1" type:"string"`

	// The new name for the server certificate. Include this only if you are updating
	// the server certificate's name. The name of the certificate cannot contain
	// any spaces.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	NewServerCertificateName *string `min:"1" type:"string"`

	// The name of the server certificate that you want to update.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateServerCertificateInput) GoString added in v0.6.5

func (s UpdateServerCertificateInput) GoString() string

GoString returns the string representation

func (*UpdateServerCertificateInput) SetNewPath added in v1.5.0

SetNewPath sets the NewPath field's value.

func (*UpdateServerCertificateInput) SetNewServerCertificateName added in v1.5.0

func (s *UpdateServerCertificateInput) SetNewServerCertificateName(v string) *UpdateServerCertificateInput

SetNewServerCertificateName sets the NewServerCertificateName field's value.

func (*UpdateServerCertificateInput) SetServerCertificateName added in v1.5.0

func (s *UpdateServerCertificateInput) SetServerCertificateName(v string) *UpdateServerCertificateInput

SetServerCertificateName sets the ServerCertificateName field's value.

func (UpdateServerCertificateInput) String added in v0.6.5

String returns the string representation

func (*UpdateServerCertificateInput) Validate added in v1.1.21

func (s *UpdateServerCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateServerCertificateOutput

type UpdateServerCertificateOutput struct {
	// contains filtered or unexported fields
}

func (UpdateServerCertificateOutput) GoString added in v0.6.5

GoString returns the string representation

func (UpdateServerCertificateOutput) String added in v0.6.5

String returns the string representation

type UpdateServiceSpecificCredentialInput added in v1.6.8

type UpdateServiceSpecificCredentialInput struct {

	// The unique identifier of the service-specific credential.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The status to be assigned to the service-specific credential.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The name of the IAM user associated with the service-specific credential.
	// If you do not specify this value, then the operation assumes the user whose
	// credentials are used to call the operation.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UpdateServiceSpecificCredentialInput) GoString added in v1.6.8

GoString returns the string representation

func (*UpdateServiceSpecificCredentialInput) SetServiceSpecificCredentialId added in v1.6.8

SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.

func (*UpdateServiceSpecificCredentialInput) SetStatus added in v1.6.8

SetStatus sets the Status field's value.

func (*UpdateServiceSpecificCredentialInput) SetUserName added in v1.6.8

SetUserName sets the UserName field's value.

func (UpdateServiceSpecificCredentialInput) String added in v1.6.8

String returns the string representation

func (*UpdateServiceSpecificCredentialInput) Validate added in v1.6.8

Validate inspects the fields of the type to determine if they are valid.

type UpdateServiceSpecificCredentialOutput added in v1.6.8

type UpdateServiceSpecificCredentialOutput struct {
	// contains filtered or unexported fields
}

func (UpdateServiceSpecificCredentialOutput) GoString added in v1.6.8

GoString returns the string representation

func (UpdateServiceSpecificCredentialOutput) String added in v1.6.8

String returns the string representation

type UpdateSigningCertificateInput

type UpdateSigningCertificateInput struct {

	// The ID of the signing certificate you want to update.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// CertificateId is a required field
	CertificateId *string `min:"24" type:"string" required:"true"`

	// The status you want to assign to the certificate. Active means that the certificate
	// can be used for API calls to AWS Inactive means that the certificate cannot
	// be used.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The name of the IAM user the signing certificate belongs to.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UpdateSigningCertificateInput) GoString added in v0.6.5

GoString returns the string representation

func (*UpdateSigningCertificateInput) SetCertificateId added in v1.5.0

SetCertificateId sets the CertificateId field's value.

func (*UpdateSigningCertificateInput) SetStatus added in v1.5.0

SetStatus sets the Status field's value.

func (*UpdateSigningCertificateInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (UpdateSigningCertificateInput) String added in v0.6.5

String returns the string representation

func (*UpdateSigningCertificateInput) Validate added in v1.1.21

func (s *UpdateSigningCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateSigningCertificateOutput

type UpdateSigningCertificateOutput struct {
	// contains filtered or unexported fields
}

func (UpdateSigningCertificateOutput) GoString added in v0.6.5

GoString returns the string representation

func (UpdateSigningCertificateOutput) String added in v0.6.5

String returns the string representation

type UpdateUserInput

type UpdateUserInput struct {

	// New path for the IAM user. Include this parameter only if you're changing
	// the user's path.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	NewPath *string `min:"1" type:"string"`

	// New name for the user. Include this parameter only if you're changing the
	// user's name.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	NewUserName *string `min:"1" type:"string"`

	// Name of the user to update. If you're changing the name of the user, this
	// is the original user name.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateUserInput) GoString added in v0.6.5

func (s UpdateUserInput) GoString() string

GoString returns the string representation

func (*UpdateUserInput) SetNewPath added in v1.5.0

func (s *UpdateUserInput) SetNewPath(v string) *UpdateUserInput

SetNewPath sets the NewPath field's value.

func (*UpdateUserInput) SetNewUserName added in v1.5.0

func (s *UpdateUserInput) SetNewUserName(v string) *UpdateUserInput

SetNewUserName sets the NewUserName field's value.

func (*UpdateUserInput) SetUserName added in v1.5.0

func (s *UpdateUserInput) SetUserName(v string) *UpdateUserInput

SetUserName sets the UserName field's value.

func (UpdateUserInput) String added in v0.6.5

func (s UpdateUserInput) String() string

String returns the string representation

func (*UpdateUserInput) Validate added in v1.1.21

func (s *UpdateUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateUserOutput

type UpdateUserOutput struct {
	// contains filtered or unexported fields
}

func (UpdateUserOutput) GoString added in v0.6.5

func (s UpdateUserOutput) GoString() string

GoString returns the string representation

func (UpdateUserOutput) String added in v0.6.5

func (s UpdateUserOutput) String() string

String returns the string representation

type UploadSSHPublicKeyInput added in v0.6.6

type UploadSSHPublicKeyInput struct {

	// The SSH public key. The public key must be encoded in ssh-rsa format or PEM
	// format.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// SSHPublicKeyBody is a required field
	SSHPublicKeyBody *string `min:"1" type:"string" required:"true"`

	// The name of the IAM user to associate the SSH public key with.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UploadSSHPublicKeyInput) GoString added in v0.6.6

func (s UploadSSHPublicKeyInput) GoString() string

GoString returns the string representation

func (*UploadSSHPublicKeyInput) SetSSHPublicKeyBody added in v1.5.0

func (s *UploadSSHPublicKeyInput) SetSSHPublicKeyBody(v string) *UploadSSHPublicKeyInput

SetSSHPublicKeyBody sets the SSHPublicKeyBody field's value.

func (*UploadSSHPublicKeyInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (UploadSSHPublicKeyInput) String added in v0.6.6

func (s UploadSSHPublicKeyInput) String() string

String returns the string representation

func (*UploadSSHPublicKeyInput) Validate added in v1.1.21

func (s *UploadSSHPublicKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UploadSSHPublicKeyOutput added in v0.6.6

type UploadSSHPublicKeyOutput struct {

	// Contains information about the SSH public key.
	SSHPublicKey *SSHPublicKey `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful UploadSSHPublicKey request.

func (UploadSSHPublicKeyOutput) GoString added in v0.6.6

func (s UploadSSHPublicKeyOutput) GoString() string

GoString returns the string representation

func (*UploadSSHPublicKeyOutput) SetSSHPublicKey added in v1.5.0

SetSSHPublicKey sets the SSHPublicKey field's value.

func (UploadSSHPublicKeyOutput) String added in v0.6.6

func (s UploadSSHPublicKeyOutput) String() string

String returns the string representation

type UploadServerCertificateInput

type UploadServerCertificateInput struct {

	// The contents of the public key certificate in PEM-encoded format.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// CertificateBody is a required field
	CertificateBody *string `min:"1" type:"string" required:"true"`

	// The contents of the certificate chain. This is typically a concatenation
	// of the PEM-encoded public key certificates of the chain.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	CertificateChain *string `min:"1" type:"string"`

	// The path for the server certificate. For more information about paths, see
	// IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/). This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	//
	// If you are uploading a server certificate specifically for use with Amazon
	// CloudFront distributions, you must specify a path using the path parameter.
	// The path must begin with /cloudfront and must include a trailing slash (for
	// example, /cloudfront/test/).
	Path *string `min:"1" type:"string"`

	// The contents of the private key in PEM-encoded format.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PrivateKey is a required field
	PrivateKey *string `min:"1" type:"string" required:"true"`

	// The name for the server certificate. Do not include the path in this value.
	// The name of the certificate cannot contain any spaces.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UploadServerCertificateInput) GoString added in v0.6.5

func (s UploadServerCertificateInput) GoString() string

GoString returns the string representation

func (*UploadServerCertificateInput) SetCertificateBody added in v1.5.0

SetCertificateBody sets the CertificateBody field's value.

func (*UploadServerCertificateInput) SetCertificateChain added in v1.5.0

SetCertificateChain sets the CertificateChain field's value.

func (*UploadServerCertificateInput) SetPath added in v1.5.0

SetPath sets the Path field's value.

func (*UploadServerCertificateInput) SetPrivateKey added in v1.5.0

SetPrivateKey sets the PrivateKey field's value.

func (*UploadServerCertificateInput) SetServerCertificateName added in v1.5.0

func (s *UploadServerCertificateInput) SetServerCertificateName(v string) *UploadServerCertificateInput

SetServerCertificateName sets the ServerCertificateName field's value.

func (UploadServerCertificateInput) String added in v0.6.5

String returns the string representation

func (*UploadServerCertificateInput) Validate added in v1.1.21

func (s *UploadServerCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UploadServerCertificateOutput

type UploadServerCertificateOutput struct {

	// The meta information of the uploaded server certificate without its certificate
	// body, certificate chain, and private key.
	ServerCertificateMetadata *ServerCertificateMetadata `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful UploadServerCertificate request.

func (UploadServerCertificateOutput) GoString added in v0.6.5

GoString returns the string representation

func (*UploadServerCertificateOutput) SetServerCertificateMetadata added in v1.5.0

SetServerCertificateMetadata sets the ServerCertificateMetadata field's value.

func (UploadServerCertificateOutput) String added in v0.6.5

String returns the string representation

type UploadSigningCertificateInput

type UploadSigningCertificateInput struct {

	// The contents of the signing certificate.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// CertificateBody is a required field
	CertificateBody *string `min:"1" type:"string" required:"true"`

	// The name of the user the signing certificate is for.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UploadSigningCertificateInput) GoString added in v0.6.5

GoString returns the string representation

func (*UploadSigningCertificateInput) SetCertificateBody added in v1.5.0

SetCertificateBody sets the CertificateBody field's value.

func (*UploadSigningCertificateInput) SetUserName added in v1.5.0

SetUserName sets the UserName field's value.

func (UploadSigningCertificateInput) String added in v0.6.5

String returns the string representation

func (*UploadSigningCertificateInput) Validate added in v1.1.21

func (s *UploadSigningCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UploadSigningCertificateOutput

type UploadSigningCertificateOutput struct {

	// Information about the certificate.
	//
	// Certificate is a required field
	Certificate *SigningCertificate `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful UploadSigningCertificate request.

func (UploadSigningCertificateOutput) GoString added in v0.6.5

GoString returns the string representation

func (*UploadSigningCertificateOutput) SetCertificate added in v1.5.0

SetCertificate sets the Certificate field's value.

func (UploadSigningCertificateOutput) String added in v0.6.5

String returns the string representation

type User

type User struct {

	// The Amazon Resource Name (ARN) that identifies the user. For more information
	// about ARNs and how to use ARNs in policies, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the user was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the user's password was last used to sign in to an AWS website. For
	// a list of AWS websites that capture a user's last sign-in time, see the Credential
	// Reports (http://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
	// topic in the Using IAM guide. If a password is used more than once in a five-minute
	// span, only the first use is returned in this field. If the field is null
	// (no value) then it indicates that they never signed in with a password. This
	// can be because:
	//
	//    * The user never had a password.
	//
	//    * A password exists but has not been used since IAM started tracking this
	//    information on October 20th, 2014.
	//
	// A null does not mean that the user never had a password. Also, if the user
	// does not currently have a password, but had one in the past, then this field
	// contains the date and time the most recent password was used.
	//
	// This value is returned only in the GetUser and ListUsers operations.
	PasswordLastUsed *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The path to the user. For more information about paths, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`

	// The stable and unique string identifying the user. For more information about
	// IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// UserId is a required field
	UserId *string `min:"16" type:"string" required:"true"`

	// The friendly name identifying the user.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an IAM user entity.

This data type is used as a response element in the following operations:

  • CreateUser

  • GetUser

  • ListUsers

func (User) GoString added in v0.6.5

func (s User) GoString() string

GoString returns the string representation

func (*User) SetArn added in v1.5.0

func (s *User) SetArn(v string) *User

SetArn sets the Arn field's value.

func (*User) SetCreateDate added in v1.5.0

func (s *User) SetCreateDate(v time.Time) *User

SetCreateDate sets the CreateDate field's value.

func (*User) SetPasswordLastUsed added in v1.5.0

func (s *User) SetPasswordLastUsed(v time.Time) *User

SetPasswordLastUsed sets the PasswordLastUsed field's value.

func (*User) SetPath added in v1.5.0

func (s *User) SetPath(v string) *User

SetPath sets the Path field's value.

func (*User) SetUserId added in v1.5.0

func (s *User) SetUserId(v string) *User

SetUserId sets the UserId field's value.

func (*User) SetUserName added in v1.5.0

func (s *User) SetUserName(v string) *User

SetUserName sets the UserName field's value.

func (User) String added in v0.6.5

func (s User) String() string

String returns the string representation

type UserDetail

type UserDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	Arn *string `min:"20" type:"string"`

	// A list of the managed policies attached to the user.
	AttachedManagedPolicies []*AttachedPolicy `type:"list"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the user was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// A list of IAM groups that the user is in.
	GroupList []*string `type:"list"`

	// The path to the user. For more information about paths, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	Path *string `min:"1" type:"string"`

	// The stable and unique string identifying the user. For more information about
	// IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	UserId *string `min:"16" type:"string"`

	// The friendly name identifying the user.
	UserName *string `min:"1" type:"string"`

	// A list of the inline policies embedded in the user.
	UserPolicyList []*PolicyDetail `type:"list"`
	// contains filtered or unexported fields
}

Contains information about an IAM user, including all the user's policies and all the IAM groups the user is in.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

func (UserDetail) GoString added in v0.6.5

func (s UserDetail) GoString() string

GoString returns the string representation

func (*UserDetail) SetArn added in v1.5.0

func (s *UserDetail) SetArn(v string) *UserDetail

SetArn sets the Arn field's value.

func (*UserDetail) SetAttachedManagedPolicies added in v1.5.0

func (s *UserDetail) SetAttachedManagedPolicies(v []*AttachedPolicy) *UserDetail

SetAttachedManagedPolicies sets the AttachedManagedPolicies field's value.

func (*UserDetail) SetCreateDate added in v1.5.0

func (s *UserDetail) SetCreateDate(v time.Time) *UserDetail

SetCreateDate sets the CreateDate field's value.

func (*UserDetail) SetGroupList added in v1.5.0

func (s *UserDetail) SetGroupList(v []*string) *UserDetail

SetGroupList sets the GroupList field's value.

func (*UserDetail) SetPath added in v1.5.0

func (s *UserDetail) SetPath(v string) *UserDetail

SetPath sets the Path field's value.

func (*UserDetail) SetUserId added in v1.5.0

func (s *UserDetail) SetUserId(v string) *UserDetail

SetUserId sets the UserId field's value.

func (*UserDetail) SetUserName added in v1.5.0

func (s *UserDetail) SetUserName(v string) *UserDetail

SetUserName sets the UserName field's value.

func (*UserDetail) SetUserPolicyList added in v1.5.0

func (s *UserDetail) SetUserPolicyList(v []*PolicyDetail) *UserDetail

SetUserPolicyList sets the UserPolicyList field's value.

func (UserDetail) String added in v0.6.5

func (s UserDetail) String() string

String returns the string representation

type VirtualMFADevice

type VirtualMFADevice struct {

	// The Base32 seed defined as specified in RFC3548 (https://tools.ietf.org/html/rfc3548.txt).
	// The Base32StringSeed is Base64-encoded.
	//
	// Base32StringSeed is automatically base64 encoded/decoded by the SDK.
	Base32StringSeed []byte `type:"blob"`

	// The date and time on which the virtual MFA device was enabled.
	EnableDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// A QR code PNG image that encodes otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String
	// where $virtualMFADeviceName is one of the create call arguments, AccountName
	// is the user name if set (otherwise, the account ID otherwise), and Base32String
	// is the seed in Base32 format. The Base32String value is Base64-encoded.
	//
	// QRCodePNG is automatically base64 encoded/decoded by the SDK.
	QRCodePNG []byte `type:"blob"`

	// The serial number associated with VirtualMFADevice.
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The IAM user associated with this virtual MFA device.
	User *User `type:"structure"`
	// contains filtered or unexported fields
}

Contains information about a virtual MFA device.

func (VirtualMFADevice) GoString added in v0.6.5

func (s VirtualMFADevice) GoString() string

GoString returns the string representation

func (*VirtualMFADevice) SetBase32StringSeed added in v1.5.0

func (s *VirtualMFADevice) SetBase32StringSeed(v []byte) *VirtualMFADevice

SetBase32StringSeed sets the Base32StringSeed field's value.

func (*VirtualMFADevice) SetEnableDate added in v1.5.0

func (s *VirtualMFADevice) SetEnableDate(v time.Time) *VirtualMFADevice

SetEnableDate sets the EnableDate field's value.

func (*VirtualMFADevice) SetQRCodePNG added in v1.5.0

func (s *VirtualMFADevice) SetQRCodePNG(v []byte) *VirtualMFADevice

SetQRCodePNG sets the QRCodePNG field's value.

func (*VirtualMFADevice) SetSerialNumber added in v1.5.0

func (s *VirtualMFADevice) SetSerialNumber(v string) *VirtualMFADevice

SetSerialNumber sets the SerialNumber field's value.

func (*VirtualMFADevice) SetUser added in v1.5.0

func (s *VirtualMFADevice) SetUser(v *User) *VirtualMFADevice

SetUser sets the User field's value.

func (VirtualMFADevice) String added in v0.6.5

func (s VirtualMFADevice) String() string

String returns the string representation

Directories

Path Synopsis
Package iamiface provides an interface to enable mocking the AWS Identity and Access Management service client for testing your code.
Package iamiface provides an interface to enable mocking the AWS Identity and Access Management service client for testing your code.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL