iam

package
v1.42.9 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 3, 2023 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Overview

Package iam provides the client and types for making API requests to AWS Identity and Access Management.

Identity and Access Management (IAM) is a web service for securely controlling access to Amazon Web Services services. With IAM, you can centrally manage users, security credentials such as access keys, and permissions that control which Amazon Web Services resources users and applications can access. For more information about IAM, see Identity and Access Management (IAM) (http://aws.amazon.com/iam/) and the Identity and Access Management User Guide (https://docs.aws.amazon.com/IAM/latest/UserGuide/).

See https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08 for more information on this service.

See iam package documentation for more information. https://docs.aws.amazon.com/sdk-for-go/api/service/iam/

Using the Client

To contact AWS Identity and Access Management with the SDK use the New function to create a new service client. With that client you can make API requests to the service. These clients are safe to use concurrently.

See the SDK's documentation for more information on how to use the SDK. https://docs.aws.amazon.com/sdk-for-go/api/

See aws.Config documentation for more information on configuring SDK clients. https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config

See the AWS Identity and Access Management client IAM for more information on creating client for this service. https://docs.aws.amazon.com/sdk-for-go/api/service/iam/#New

Index

Examples

Constants

View Source
const (
	// AccessAdvisorUsageGranularityTypeServiceLevel is a AccessAdvisorUsageGranularityType enum value
	AccessAdvisorUsageGranularityTypeServiceLevel = "SERVICE_LEVEL"

	// AccessAdvisorUsageGranularityTypeActionLevel is a AccessAdvisorUsageGranularityType enum value
	AccessAdvisorUsageGranularityTypeActionLevel = "ACTION_LEVEL"
)
View Source
const (
	// AssignmentStatusTypeAssigned is a AssignmentStatusType enum value
	AssignmentStatusTypeAssigned = "Assigned"

	// AssignmentStatusTypeUnassigned is a AssignmentStatusType enum value
	AssignmentStatusTypeUnassigned = "Unassigned"

	// AssignmentStatusTypeAny is a AssignmentStatusType enum value
	AssignmentStatusTypeAny = "Any"
)
View Source
const (
	// ContextKeyTypeEnumString is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumString = "string"

	// ContextKeyTypeEnumStringList is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumStringList = "stringList"

	// ContextKeyTypeEnumNumeric is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumNumeric = "numeric"

	// ContextKeyTypeEnumNumericList is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumNumericList = "numericList"

	// ContextKeyTypeEnumBoolean is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumBoolean = "boolean"

	// ContextKeyTypeEnumBooleanList is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumBooleanList = "booleanList"

	// ContextKeyTypeEnumIp is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumIp = "ip"

	// ContextKeyTypeEnumIpList is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumIpList = "ipList"

	// ContextKeyTypeEnumBinary is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumBinary = "binary"

	// ContextKeyTypeEnumBinaryList is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumBinaryList = "binaryList"

	// ContextKeyTypeEnumDate is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumDate = "date"

	// ContextKeyTypeEnumDateList is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumDateList = "dateList"
)
View Source
const (
	// DeletionTaskStatusTypeSucceeded is a DeletionTaskStatusType enum value
	DeletionTaskStatusTypeSucceeded = "SUCCEEDED"

	// DeletionTaskStatusTypeInProgress is a DeletionTaskStatusType enum value
	DeletionTaskStatusTypeInProgress = "IN_PROGRESS"

	// DeletionTaskStatusTypeFailed is a DeletionTaskStatusType enum value
	DeletionTaskStatusTypeFailed = "FAILED"

	// DeletionTaskStatusTypeNotStarted is a DeletionTaskStatusType enum value
	DeletionTaskStatusTypeNotStarted = "NOT_STARTED"
)
View Source
const (
	// EncodingTypeSsh is a EncodingType enum value
	EncodingTypeSsh = "SSH"

	// EncodingTypePem is a EncodingType enum value
	EncodingTypePem = "PEM"
)
View Source
const (
	// EntityTypeUser is a EntityType enum value
	EntityTypeUser = "User"

	// EntityTypeRole is a EntityType enum value
	EntityTypeRole = "Role"

	// EntityTypeGroup is a EntityType enum value
	EntityTypeGroup = "Group"

	// EntityTypeLocalManagedPolicy is a EntityType enum value
	EntityTypeLocalManagedPolicy = "LocalManagedPolicy"

	// EntityTypeAwsmanagedPolicy is a EntityType enum value
	EntityTypeAwsmanagedPolicy = "AWSManagedPolicy"
)
View Source
const (
	// GlobalEndpointTokenVersionV1token is a GlobalEndpointTokenVersion enum value
	GlobalEndpointTokenVersionV1token = "v1Token"

	// GlobalEndpointTokenVersionV2token is a GlobalEndpointTokenVersion enum value
	GlobalEndpointTokenVersionV2token = "v2Token"
)
View Source
const (
	// JobStatusTypeInProgress is a JobStatusType enum value
	JobStatusTypeInProgress = "IN_PROGRESS"

	// JobStatusTypeCompleted is a JobStatusType enum value
	JobStatusTypeCompleted = "COMPLETED"

	// JobStatusTypeFailed is a JobStatusType enum value
	JobStatusTypeFailed = "FAILED"
)
View Source
const (
	// PolicyEvaluationDecisionTypeAllowed is a PolicyEvaluationDecisionType enum value
	PolicyEvaluationDecisionTypeAllowed = "allowed"

	// PolicyEvaluationDecisionTypeExplicitDeny is a PolicyEvaluationDecisionType enum value
	PolicyEvaluationDecisionTypeExplicitDeny = "explicitDeny"

	// PolicyEvaluationDecisionTypeImplicitDeny is a PolicyEvaluationDecisionType enum value
	PolicyEvaluationDecisionTypeImplicitDeny = "implicitDeny"
)
View Source
const (
	// PolicyOwnerEntityTypeUser is a PolicyOwnerEntityType enum value
	PolicyOwnerEntityTypeUser = "USER"

	// PolicyOwnerEntityTypeRole is a PolicyOwnerEntityType enum value
	PolicyOwnerEntityTypeRole = "ROLE"

	// PolicyOwnerEntityTypeGroup is a PolicyOwnerEntityType enum value
	PolicyOwnerEntityTypeGroup = "GROUP"
)
View Source
const (
	// PolicyScopeTypeAll is a PolicyScopeType enum value
	PolicyScopeTypeAll = "All"

	// PolicyScopeTypeAws is a PolicyScopeType enum value
	PolicyScopeTypeAws = "AWS"

	// PolicyScopeTypeLocal is a PolicyScopeType enum value
	PolicyScopeTypeLocal = "Local"
)
View Source
const (
	// PolicySourceTypeUser is a PolicySourceType enum value
	PolicySourceTypeUser = "user"

	// PolicySourceTypeGroup is a PolicySourceType enum value
	PolicySourceTypeGroup = "group"

	// PolicySourceTypeRole is a PolicySourceType enum value
	PolicySourceTypeRole = "role"

	// PolicySourceTypeAwsManaged is a PolicySourceType enum value
	PolicySourceTypeAwsManaged = "aws-managed"

	// PolicySourceTypeUserManaged is a PolicySourceType enum value
	PolicySourceTypeUserManaged = "user-managed"

	// PolicySourceTypeResource is a PolicySourceType enum value
	PolicySourceTypeResource = "resource"

	// PolicySourceTypeNone is a PolicySourceType enum value
	PolicySourceTypeNone = "none"
)
View Source
const (
	// PolicyTypeInline is a PolicyType enum value
	PolicyTypeInline = "INLINE"

	// PolicyTypeManaged is a PolicyType enum value
	PolicyTypeManaged = "MANAGED"
)
View Source
const (
	// PolicyUsageTypePermissionsPolicy is a PolicyUsageType enum value
	PolicyUsageTypePermissionsPolicy = "PermissionsPolicy"

	// PolicyUsageTypePermissionsBoundary is a PolicyUsageType enum value
	PolicyUsageTypePermissionsBoundary = "PermissionsBoundary"
)

The policy usage type that indicates whether the policy is used as a permissions policy or as the permissions boundary for an entity.

For more information about permissions boundaries, see Permissions boundaries for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the IAM User Guide.

View Source
const (
	// ReportStateTypeStarted is a ReportStateType enum value
	ReportStateTypeStarted = "STARTED"

	// ReportStateTypeInprogress is a ReportStateType enum value
	ReportStateTypeInprogress = "INPROGRESS"

	// ReportStateTypeComplete is a ReportStateType enum value
	ReportStateTypeComplete = "COMPLETE"
)
View Source
const (
	// SortKeyTypeServiceNamespaceAscending is a SortKeyType enum value
	SortKeyTypeServiceNamespaceAscending = "SERVICE_NAMESPACE_ASCENDING"

	// SortKeyTypeServiceNamespaceDescending is a SortKeyType enum value
	SortKeyTypeServiceNamespaceDescending = "SERVICE_NAMESPACE_DESCENDING"

	// SortKeyTypeLastAuthenticatedTimeAscending is a SortKeyType enum value
	SortKeyTypeLastAuthenticatedTimeAscending = "LAST_AUTHENTICATED_TIME_ASCENDING"

	// SortKeyTypeLastAuthenticatedTimeDescending is a SortKeyType enum value
	SortKeyTypeLastAuthenticatedTimeDescending = "LAST_AUTHENTICATED_TIME_DESCENDING"
)
View Source
const (
	// StatusTypeActive is a StatusType enum value
	StatusTypeActive = "Active"

	// StatusTypeInactive is a StatusType enum value
	StatusTypeInactive = "Inactive"
)
View Source
const (
	// SummaryKeyTypeUsers is a SummaryKeyType enum value
	SummaryKeyTypeUsers = "Users"

	// SummaryKeyTypeUsersQuota is a SummaryKeyType enum value
	SummaryKeyTypeUsersQuota = "UsersQuota"

	// SummaryKeyTypeGroups is a SummaryKeyType enum value
	SummaryKeyTypeGroups = "Groups"

	// SummaryKeyTypeGroupsQuota is a SummaryKeyType enum value
	SummaryKeyTypeGroupsQuota = "GroupsQuota"

	// SummaryKeyTypeServerCertificates is a SummaryKeyType enum value
	SummaryKeyTypeServerCertificates = "ServerCertificates"

	// SummaryKeyTypeServerCertificatesQuota is a SummaryKeyType enum value
	SummaryKeyTypeServerCertificatesQuota = "ServerCertificatesQuota"

	// SummaryKeyTypeUserPolicySizeQuota is a SummaryKeyType enum value
	SummaryKeyTypeUserPolicySizeQuota = "UserPolicySizeQuota"

	// SummaryKeyTypeGroupPolicySizeQuota is a SummaryKeyType enum value
	SummaryKeyTypeGroupPolicySizeQuota = "GroupPolicySizeQuota"

	// SummaryKeyTypeGroupsPerUserQuota is a SummaryKeyType enum value
	SummaryKeyTypeGroupsPerUserQuota = "GroupsPerUserQuota"

	// SummaryKeyTypeSigningCertificatesPerUserQuota is a SummaryKeyType enum value
	SummaryKeyTypeSigningCertificatesPerUserQuota = "SigningCertificatesPerUserQuota"

	// SummaryKeyTypeAccessKeysPerUserQuota is a SummaryKeyType enum value
	SummaryKeyTypeAccessKeysPerUserQuota = "AccessKeysPerUserQuota"

	// SummaryKeyTypeMfadevices is a SummaryKeyType enum value
	SummaryKeyTypeMfadevices = "MFADevices"

	// SummaryKeyTypeMfadevicesInUse is a SummaryKeyType enum value
	SummaryKeyTypeMfadevicesInUse = "MFADevicesInUse"

	// SummaryKeyTypeAccountMfaenabled is a SummaryKeyType enum value
	SummaryKeyTypeAccountMfaenabled = "AccountMFAEnabled"

	// SummaryKeyTypeAccountAccessKeysPresent is a SummaryKeyType enum value
	SummaryKeyTypeAccountAccessKeysPresent = "AccountAccessKeysPresent"

	// SummaryKeyTypeAccountSigningCertificatesPresent is a SummaryKeyType enum value
	SummaryKeyTypeAccountSigningCertificatesPresent = "AccountSigningCertificatesPresent"

	// SummaryKeyTypeAttachedPoliciesPerGroupQuota is a SummaryKeyType enum value
	SummaryKeyTypeAttachedPoliciesPerGroupQuota = "AttachedPoliciesPerGroupQuota"

	// SummaryKeyTypeAttachedPoliciesPerRoleQuota is a SummaryKeyType enum value
	SummaryKeyTypeAttachedPoliciesPerRoleQuota = "AttachedPoliciesPerRoleQuota"

	// SummaryKeyTypeAttachedPoliciesPerUserQuota is a SummaryKeyType enum value
	SummaryKeyTypeAttachedPoliciesPerUserQuota = "AttachedPoliciesPerUserQuota"

	// SummaryKeyTypePolicies is a SummaryKeyType enum value
	SummaryKeyTypePolicies = "Policies"

	// SummaryKeyTypePoliciesQuota is a SummaryKeyType enum value
	SummaryKeyTypePoliciesQuota = "PoliciesQuota"

	// SummaryKeyTypePolicySizeQuota is a SummaryKeyType enum value
	SummaryKeyTypePolicySizeQuota = "PolicySizeQuota"

	// SummaryKeyTypePolicyVersionsInUse is a SummaryKeyType enum value
	SummaryKeyTypePolicyVersionsInUse = "PolicyVersionsInUse"

	// SummaryKeyTypePolicyVersionsInUseQuota is a SummaryKeyType enum value
	SummaryKeyTypePolicyVersionsInUseQuota = "PolicyVersionsInUseQuota"

	// SummaryKeyTypeVersionsPerPolicyQuota is a SummaryKeyType enum value
	SummaryKeyTypeVersionsPerPolicyQuota = "VersionsPerPolicyQuota"

	// SummaryKeyTypeGlobalEndpointTokenVersion is a SummaryKeyType enum value
	SummaryKeyTypeGlobalEndpointTokenVersion = "GlobalEndpointTokenVersion"
)
View Source
const (

	// ErrCodeConcurrentModificationException for service response error code
	// "ConcurrentModification".
	//
	// The request was rejected because multiple requests to change this object
	// were submitted simultaneously. Wait a few minutes and submit your request
	// again.
	ErrCodeConcurrentModificationException = "ConcurrentModification"

	// ErrCodeCredentialReportExpiredException for service response error code
	// "ReportExpired".
	//
	// The request was rejected because the most recent credential report has expired.
	// To generate a new credential report, use GenerateCredentialReport. For more
	// information about credential report expiration, see Getting credential reports
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
	// in the IAM User Guide.
	ErrCodeCredentialReportExpiredException = "ReportExpired"

	// ErrCodeCredentialReportNotPresentException for service response error code
	// "ReportNotPresent".
	//
	// The request was rejected because the credential report does not exist. To
	// generate a credential report, use GenerateCredentialReport.
	ErrCodeCredentialReportNotPresentException = "ReportNotPresent"

	// ErrCodeCredentialReportNotReadyException for service response error code
	// "ReportInProgress".
	//
	// The request was rejected because the credential report is still being generated.
	ErrCodeCredentialReportNotReadyException = "ReportInProgress"

	// ErrCodeDeleteConflictException for service response error code
	// "DeleteConflict".
	//
	// The request was rejected because it attempted to delete a resource that has
	// attached subordinate entities. The error message describes these entities.
	ErrCodeDeleteConflictException = "DeleteConflict"

	// ErrCodeDuplicateCertificateException for service response error code
	// "DuplicateCertificate".
	//
	// The request was rejected because the same certificate is associated with
	// an IAM user in the account.
	ErrCodeDuplicateCertificateException = "DuplicateCertificate"

	// ErrCodeDuplicateSSHPublicKeyException for service response error code
	// "DuplicateSSHPublicKey".
	//
	// The request was rejected because the SSH public key is already associated
	// with the specified IAM user.
	ErrCodeDuplicateSSHPublicKeyException = "DuplicateSSHPublicKey"

	// ErrCodeEntityAlreadyExistsException for service response error code
	// "EntityAlreadyExists".
	//
	// The request was rejected because it attempted to create a resource that already
	// exists.
	ErrCodeEntityAlreadyExistsException = "EntityAlreadyExists"

	// ErrCodeEntityTemporarilyUnmodifiableException for service response error code
	// "EntityTemporarilyUnmodifiable".
	//
	// The request was rejected because it referenced an entity that is temporarily
	// unmodifiable, such as a user name that was deleted and then recreated. The
	// error indicates that the request is likely to succeed if you try again after
	// waiting several minutes. The error message describes the entity.
	ErrCodeEntityTemporarilyUnmodifiableException = "EntityTemporarilyUnmodifiable"

	// ErrCodeInvalidAuthenticationCodeException for service response error code
	// "InvalidAuthenticationCode".
	//
	// The request was rejected because the authentication code was not recognized.
	// The error message describes the specific error.
	ErrCodeInvalidAuthenticationCodeException = "InvalidAuthenticationCode"

	// ErrCodeInvalidCertificateException for service response error code
	// "InvalidCertificate".
	//
	// The request was rejected because the certificate is invalid.
	ErrCodeInvalidCertificateException = "InvalidCertificate"

	// ErrCodeInvalidInputException for service response error code
	// "InvalidInput".
	//
	// The request was rejected because an invalid or out-of-range value was supplied
	// for an input parameter.
	ErrCodeInvalidInputException = "InvalidInput"

	// ErrCodeInvalidPublicKeyException for service response error code
	// "InvalidPublicKey".
	//
	// The request was rejected because the public key is malformed or otherwise
	// invalid.
	ErrCodeInvalidPublicKeyException = "InvalidPublicKey"

	// ErrCodeInvalidUserTypeException for service response error code
	// "InvalidUserType".
	//
	// The request was rejected because the type of user for the transaction was
	// incorrect.
	ErrCodeInvalidUserTypeException = "InvalidUserType"

	// ErrCodeKeyPairMismatchException for service response error code
	// "KeyPairMismatch".
	//
	// The request was rejected because the public key certificate and the private
	// key do not match.
	ErrCodeKeyPairMismatchException = "KeyPairMismatch"

	// ErrCodeLimitExceededException for service response error code
	// "LimitExceeded".
	//
	// The request was rejected because it attempted to create resources beyond
	// the current Amazon Web Services account limits. The error message describes
	// the limit exceeded.
	ErrCodeLimitExceededException = "LimitExceeded"

	// ErrCodeMalformedCertificateException for service response error code
	// "MalformedCertificate".
	//
	// The request was rejected because the certificate was malformed or expired.
	// The error message describes the specific error.
	ErrCodeMalformedCertificateException = "MalformedCertificate"

	// ErrCodeMalformedPolicyDocumentException for service response error code
	// "MalformedPolicyDocument".
	//
	// The request was rejected because the policy document was malformed. The error
	// message describes the specific error.
	ErrCodeMalformedPolicyDocumentException = "MalformedPolicyDocument"

	// ErrCodeNoSuchEntityException for service response error code
	// "NoSuchEntity".
	//
	// The request was rejected because it referenced a resource entity that does
	// not exist. The error message describes the resource.
	ErrCodeNoSuchEntityException = "NoSuchEntity"

	// ErrCodePasswordPolicyViolationException for service response error code
	// "PasswordPolicyViolation".
	//
	// The request was rejected because the provided password did not meet the requirements
	// imposed by the account password policy.
	ErrCodePasswordPolicyViolationException = "PasswordPolicyViolation"

	// ErrCodePolicyEvaluationException for service response error code
	// "PolicyEvaluation".
	//
	// The request failed because a provided policy could not be successfully evaluated.
	// An additional detailed message indicates the source of the failure.
	ErrCodePolicyEvaluationException = "PolicyEvaluation"

	// ErrCodePolicyNotAttachableException for service response error code
	// "PolicyNotAttachable".
	//
	// The request failed because Amazon Web Services service role policies can
	// only be attached to the service-linked role for that service.
	ErrCodePolicyNotAttachableException = "PolicyNotAttachable"

	// ErrCodeReportGenerationLimitExceededException for service response error code
	// "ReportGenerationLimitExceeded".
	//
	// The request failed because the maximum number of concurrent requests for
	// this account are already running.
	ErrCodeReportGenerationLimitExceededException = "ReportGenerationLimitExceeded"

	// ErrCodeServiceFailureException for service response error code
	// "ServiceFailure".
	//
	// The request processing has failed because of an unknown error, exception
	// or failure.
	ErrCodeServiceFailureException = "ServiceFailure"

	// ErrCodeServiceNotSupportedException for service response error code
	// "NotSupportedService".
	//
	// The specified service does not support service-specific credentials.
	ErrCodeServiceNotSupportedException = "NotSupportedService"

	// ErrCodeUnmodifiableEntityException for service response error code
	// "UnmodifiableEntity".
	//
	// The request was rejected because service-linked roles are protected Amazon
	// Web Services resources. Only the service that depends on the service-linked
	// role can modify or delete the role on your behalf. The error message includes
	// the name of the service that depends on this service-linked role. You must
	// request the change through that service.
	ErrCodeUnmodifiableEntityException = "UnmodifiableEntity"

	// ErrCodeUnrecognizedPublicKeyEncodingException for service response error code
	// "UnrecognizedPublicKeyEncoding".
	//
	// The request was rejected because the public key encoding format is unsupported
	// or unrecognized.
	ErrCodeUnrecognizedPublicKeyEncodingException = "UnrecognizedPublicKeyEncoding"
)
View Source
const (
	ServiceName = "iam"       // Name of service.
	EndpointsID = ServiceName // ID to lookup a service endpoint with.
	ServiceID   = "IAM"       // ServiceID is a unique identifier of a specific service.
)

Service information constants

View Source
const (
	// PermissionsBoundaryAttachmentTypePermissionsBoundaryPolicy is a PermissionsBoundaryAttachmentType enum value
	PermissionsBoundaryAttachmentTypePermissionsBoundaryPolicy = "PermissionsBoundaryPolicy"
)
View Source
const (
	// ReportFormatTypeTextCsv is a ReportFormatType enum value
	ReportFormatTypeTextCsv = "text/csv"
)

Variables

This section is empty.

Functions

func AccessAdvisorUsageGranularityType_Values

func AccessAdvisorUsageGranularityType_Values() []string

AccessAdvisorUsageGranularityType_Values returns all elements of the AccessAdvisorUsageGranularityType enum

func AssignmentStatusType_Values

func AssignmentStatusType_Values() []string

AssignmentStatusType_Values returns all elements of the AssignmentStatusType enum

func ContextKeyTypeEnum_Values

func ContextKeyTypeEnum_Values() []string

ContextKeyTypeEnum_Values returns all elements of the ContextKeyTypeEnum enum

func DeletionTaskStatusType_Values

func DeletionTaskStatusType_Values() []string

DeletionTaskStatusType_Values returns all elements of the DeletionTaskStatusType enum

func EncodingType_Values

func EncodingType_Values() []string

EncodingType_Values returns all elements of the EncodingType enum

func EntityType_Values

func EntityType_Values() []string

EntityType_Values returns all elements of the EntityType enum

func GlobalEndpointTokenVersion_Values

func GlobalEndpointTokenVersion_Values() []string

GlobalEndpointTokenVersion_Values returns all elements of the GlobalEndpointTokenVersion enum

func JobStatusType_Values

func JobStatusType_Values() []string

JobStatusType_Values returns all elements of the JobStatusType enum

func PermissionsBoundaryAttachmentType_Values

func PermissionsBoundaryAttachmentType_Values() []string

PermissionsBoundaryAttachmentType_Values returns all elements of the PermissionsBoundaryAttachmentType enum

func PolicyEvaluationDecisionType_Values

func PolicyEvaluationDecisionType_Values() []string

PolicyEvaluationDecisionType_Values returns all elements of the PolicyEvaluationDecisionType enum

func PolicyOwnerEntityType_Values

func PolicyOwnerEntityType_Values() []string

PolicyOwnerEntityType_Values returns all elements of the PolicyOwnerEntityType enum

func PolicyScopeType_Values

func PolicyScopeType_Values() []string

PolicyScopeType_Values returns all elements of the PolicyScopeType enum

func PolicySourceType_Values

func PolicySourceType_Values() []string

PolicySourceType_Values returns all elements of the PolicySourceType enum

func PolicyType_Values

func PolicyType_Values() []string

PolicyType_Values returns all elements of the PolicyType enum

func PolicyUsageType_Values

func PolicyUsageType_Values() []string

PolicyUsageType_Values returns all elements of the PolicyUsageType enum

func ReportFormatType_Values

func ReportFormatType_Values() []string

ReportFormatType_Values returns all elements of the ReportFormatType enum

func ReportStateType_Values

func ReportStateType_Values() []string

ReportStateType_Values returns all elements of the ReportStateType enum

func SortKeyType_Values

func SortKeyType_Values() []string

SortKeyType_Values returns all elements of the SortKeyType enum

func StatusType_Values

func StatusType_Values() []string

StatusType_Values returns all elements of the StatusType enum

func SummaryKeyType_Values

func SummaryKeyType_Values() []string

SummaryKeyType_Values returns all elements of the SummaryKeyType enum

Types

type AccessDetail

type AccessDetail struct {

	// The path of the Organizations entity (root, organizational unit, or account)
	// from which an authenticated principal last attempted to access the service.
	// Amazon Web Services does not report unauthenticated requests.
	//
	// This field is null if no principals (IAM users, IAM roles, or root user)
	// in the reported Organizations entity attempted to access the service within
	// the tracking period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	EntityPath *string `min:"19" type:"string"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when an authenticated principal most recently attempted to access the service.
	// Amazon Web Services does not report unauthenticated requests.
	//
	// This field is null if no principals in the reported Organizations entity
	// attempted to access the service within the tracking period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAuthenticatedTime *time.Time `type:"timestamp"`

	// The Region where the last service access attempt occurred.
	//
	// This field is null if no principals in the reported Organizations entity
	// attempted to access the service within the tracking period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	Region *string `type:"string"`

	// The name of the service in which access was attempted.
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`

	// The namespace of the service in which access was attempted.
	//
	// To learn the service namespace of a service, see Actions, resources, and
	// condition keys for Amazon Web Services services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
	// in the Service Authorization Reference. Choose the name of the service to
	// view details for that service. In the first paragraph, find the service prefix.
	// For example, (service prefix: a4b). For more information about service namespaces,
	// see Amazon Web Services service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
	// in the Amazon Web Services General Reference.
	//
	// ServiceNamespace is a required field
	ServiceNamespace *string `min:"1" type:"string" required:"true"`

	// The number of accounts with authenticated principals (root user, IAM users,
	// and IAM roles) that attempted to access the service in the tracking period.
	TotalAuthenticatedEntities *int64 `type:"integer"`
	// contains filtered or unexported fields
}

An object that contains details about when a principal in the reported Organizations entity last attempted to access an Amazon Web Services service. A principal can be an IAM user, an IAM role, or the Amazon Web Services account root user within the reported Organizations entity.

This data type is a response element in the GetOrganizationsAccessReport operation.

func (AccessDetail) GoString

func (s AccessDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AccessDetail) SetEntityPath

func (s *AccessDetail) SetEntityPath(v string) *AccessDetail

SetEntityPath sets the EntityPath field's value.

func (*AccessDetail) SetLastAuthenticatedTime

func (s *AccessDetail) SetLastAuthenticatedTime(v time.Time) *AccessDetail

SetLastAuthenticatedTime sets the LastAuthenticatedTime field's value.

func (*AccessDetail) SetRegion

func (s *AccessDetail) SetRegion(v string) *AccessDetail

SetRegion sets the Region field's value.

func (*AccessDetail) SetServiceName

func (s *AccessDetail) SetServiceName(v string) *AccessDetail

SetServiceName sets the ServiceName field's value.

func (*AccessDetail) SetServiceNamespace

func (s *AccessDetail) SetServiceNamespace(v string) *AccessDetail

SetServiceNamespace sets the ServiceNamespace field's value.

func (*AccessDetail) SetTotalAuthenticatedEntities

func (s *AccessDetail) SetTotalAuthenticatedEntities(v int64) *AccessDetail

SetTotalAuthenticatedEntities sets the TotalAuthenticatedEntities field's value.

func (AccessDetail) String

func (s AccessDetail) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AccessKey

type AccessKey struct {

	// The ID for this access key.
	//
	// AccessKeyId is a required field
	AccessKeyId *string `min:"16" type:"string" required:"true"`

	// The date when the access key was created.
	CreateDate *time.Time `type:"timestamp"`

	// The secret key used to sign requests.
	//
	// SecretAccessKey is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by AccessKey's
	// String and GoString methods.
	//
	// SecretAccessKey is a required field
	SecretAccessKey *string `type:"string" required:"true" sensitive:"true"`

	// The status of the access key. Active means that the key is valid for API
	// calls, while Inactive means it is not.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"StatusType"`

	// The name of the IAM user that the access key is associated with.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an Amazon Web Services access key.

This data type is used as a response element in the CreateAccessKey and ListAccessKeys operations.

The SecretAccessKey value is returned only in response to CreateAccessKey. You can get a secret access key only when you first create an access key; you cannot recover the secret access key later. If you lose a secret access key, you must create a new access key.

func (AccessKey) GoString

func (s AccessKey) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AccessKey) SetAccessKeyId

func (s *AccessKey) SetAccessKeyId(v string) *AccessKey

SetAccessKeyId sets the AccessKeyId field's value.

func (*AccessKey) SetCreateDate

func (s *AccessKey) SetCreateDate(v time.Time) *AccessKey

SetCreateDate sets the CreateDate field's value.

func (*AccessKey) SetSecretAccessKey

func (s *AccessKey) SetSecretAccessKey(v string) *AccessKey

SetSecretAccessKey sets the SecretAccessKey field's value.

func (*AccessKey) SetStatus

func (s *AccessKey) SetStatus(v string) *AccessKey

SetStatus sets the Status field's value.

func (*AccessKey) SetUserName

func (s *AccessKey) SetUserName(v string) *AccessKey

SetUserName sets the UserName field's value.

func (AccessKey) String

func (s AccessKey) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AccessKeyLastUsed

type AccessKeyLastUsed struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the access key was most recently used. This field is null in the following
	// situations:
	//
	//    * The user does not have an access key.
	//
	//    * An access key exists but has not been used since IAM began tracking
	//    this information.
	//
	//    * There is no sign-in data associated with the user.
	//
	// LastUsedDate is a required field
	LastUsedDate *time.Time `type:"timestamp" required:"true"`

	// The Amazon Web Services Region where this access key was most recently used.
	// The value for this field is "N/A" in the following situations:
	//
	//    * The user does not have an access key.
	//
	//    * An access key exists but has not been used since IAM began tracking
	//    this information.
	//
	//    * There is no sign-in data associated with the user.
	//
	// For more information about Amazon Web Services Regions, see Regions and endpoints
	// (https://docs.aws.amazon.com/general/latest/gr/rande.html) in the Amazon
	// Web Services General Reference.
	//
	// Region is a required field
	Region *string `type:"string" required:"true"`

	// The name of the Amazon Web Services service with which this access key was
	// most recently used. The value of this field is "N/A" in the following situations:
	//
	//    * The user does not have an access key.
	//
	//    * An access key exists but has not been used since IAM started tracking
	//    this information.
	//
	//    * There is no sign-in data associated with the user.
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about the last time an Amazon Web Services access key was used since IAM began tracking this information on April 22, 2015.

This data type is used as a response element in the GetAccessKeyLastUsed operation.

func (AccessKeyLastUsed) GoString

func (s AccessKeyLastUsed) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AccessKeyLastUsed) SetLastUsedDate

func (s *AccessKeyLastUsed) SetLastUsedDate(v time.Time) *AccessKeyLastUsed

SetLastUsedDate sets the LastUsedDate field's value.

func (*AccessKeyLastUsed) SetRegion

func (s *AccessKeyLastUsed) SetRegion(v string) *AccessKeyLastUsed

SetRegion sets the Region field's value.

func (*AccessKeyLastUsed) SetServiceName

func (s *AccessKeyLastUsed) SetServiceName(v string) *AccessKeyLastUsed

SetServiceName sets the ServiceName field's value.

func (AccessKeyLastUsed) String

func (s AccessKeyLastUsed) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AccessKeyMetadata

type AccessKeyMetadata struct {

	// The ID for this access key.
	AccessKeyId *string `min:"16" type:"string"`

	// The date when the access key was created.
	CreateDate *time.Time `type:"timestamp"`

	// The status of the access key. Active means that the key is valid for API
	// calls; Inactive means it is not.
	Status *string `type:"string" enum:"StatusType"`

	// The name of the IAM user that the key is associated with.
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about an Amazon Web Services access key, without its secret key.

This data type is used as a response element in the ListAccessKeys operation.

func (AccessKeyMetadata) GoString

func (s AccessKeyMetadata) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AccessKeyMetadata) SetAccessKeyId

func (s *AccessKeyMetadata) SetAccessKeyId(v string) *AccessKeyMetadata

SetAccessKeyId sets the AccessKeyId field's value.

func (*AccessKeyMetadata) SetCreateDate

func (s *AccessKeyMetadata) SetCreateDate(v time.Time) *AccessKeyMetadata

SetCreateDate sets the CreateDate field's value.

func (*AccessKeyMetadata) SetStatus

func (s *AccessKeyMetadata) SetStatus(v string) *AccessKeyMetadata

SetStatus sets the Status field's value.

func (*AccessKeyMetadata) SetUserName

func (s *AccessKeyMetadata) SetUserName(v string) *AccessKeyMetadata

SetUserName sets the UserName field's value.

func (AccessKeyMetadata) String

func (s AccessKeyMetadata) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AddClientIDToOpenIDConnectProviderInput

type AddClientIDToOpenIDConnectProviderInput struct {

	// The client ID (also known as audience) to add to the IAM OpenID Connect provider
	// resource.
	//
	// ClientID is a required field
	ClientID *string `min:"1" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the IAM OpenID Connect (OIDC) provider
	// resource to add the client ID to. You can get a list of OIDC provider ARNs
	// by using the ListOpenIDConnectProviders operation.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AddClientIDToOpenIDConnectProviderInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AddClientIDToOpenIDConnectProviderInput) SetClientID

SetClientID sets the ClientID field's value.

func (*AddClientIDToOpenIDConnectProviderInput) SetOpenIDConnectProviderArn

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (AddClientIDToOpenIDConnectProviderInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AddClientIDToOpenIDConnectProviderInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type AddClientIDToOpenIDConnectProviderOutput

type AddClientIDToOpenIDConnectProviderOutput struct {
	// contains filtered or unexported fields
}

func (AddClientIDToOpenIDConnectProviderOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AddClientIDToOpenIDConnectProviderOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AddRoleToInstanceProfileInput

type AddRoleToInstanceProfileInput struct {

	// The name of the instance profile to update.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`

	// The name of the role to add.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AddRoleToInstanceProfileInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AddRoleToInstanceProfileInput) SetInstanceProfileName

SetInstanceProfileName sets the InstanceProfileName field's value.

func (*AddRoleToInstanceProfileInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (AddRoleToInstanceProfileInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AddRoleToInstanceProfileInput) Validate

func (s *AddRoleToInstanceProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AddRoleToInstanceProfileOutput

type AddRoleToInstanceProfileOutput struct {
	// contains filtered or unexported fields
}

func (AddRoleToInstanceProfileOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AddRoleToInstanceProfileOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AddUserToGroupInput

type AddUserToGroupInput struct {

	// The name of the group to update.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The name of the user to add.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AddUserToGroupInput) GoString

func (s AddUserToGroupInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AddUserToGroupInput) SetGroupName

func (s *AddUserToGroupInput) SetGroupName(v string) *AddUserToGroupInput

SetGroupName sets the GroupName field's value.

func (*AddUserToGroupInput) SetUserName

func (s *AddUserToGroupInput) SetUserName(v string) *AddUserToGroupInput

SetUserName sets the UserName field's value.

func (AddUserToGroupInput) String

func (s AddUserToGroupInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AddUserToGroupInput) Validate

func (s *AddUserToGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AddUserToGroupOutput

type AddUserToGroupOutput struct {
	// contains filtered or unexported fields
}

func (AddUserToGroupOutput) GoString

func (s AddUserToGroupOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AddUserToGroupOutput) String

func (s AddUserToGroupOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AttachGroupPolicyInput

type AttachGroupPolicyInput struct {

	// The name (friendly name, not ARN) of the group to attach the policy to.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AttachGroupPolicyInput) GoString

func (s AttachGroupPolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AttachGroupPolicyInput) SetGroupName

SetGroupName sets the GroupName field's value.

func (*AttachGroupPolicyInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (AttachGroupPolicyInput) String

func (s AttachGroupPolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AttachGroupPolicyInput) Validate

func (s *AttachGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AttachGroupPolicyOutput

type AttachGroupPolicyOutput struct {
	// contains filtered or unexported fields
}

func (AttachGroupPolicyOutput) GoString

func (s AttachGroupPolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AttachGroupPolicyOutput) String

func (s AttachGroupPolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AttachRolePolicyInput

type AttachRolePolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the role to attach the policy to.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AttachRolePolicyInput) GoString

func (s AttachRolePolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AttachRolePolicyInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (*AttachRolePolicyInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (AttachRolePolicyInput) String

func (s AttachRolePolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AttachRolePolicyInput) Validate

func (s *AttachRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AttachRolePolicyOutput

type AttachRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (AttachRolePolicyOutput) GoString

func (s AttachRolePolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AttachRolePolicyOutput) String

func (s AttachRolePolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AttachUserPolicyInput

type AttachUserPolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the IAM user to attach the policy to.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AttachUserPolicyInput) GoString

func (s AttachUserPolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AttachUserPolicyInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (*AttachUserPolicyInput) SetUserName

SetUserName sets the UserName field's value.

func (AttachUserPolicyInput) String

func (s AttachUserPolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AttachUserPolicyInput) Validate

func (s *AttachUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AttachUserPolicyOutput

type AttachUserPolicyOutput struct {
	// contains filtered or unexported fields
}

func (AttachUserPolicyOutput) GoString

func (s AttachUserPolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (AttachUserPolicyOutput) String

func (s AttachUserPolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AttachedPermissionsBoundary

type AttachedPermissionsBoundary struct {

	// The ARN of the policy used to set the permissions boundary for the user or
	// role.
	PermissionsBoundaryArn *string `min:"20" type:"string"`

	// The permissions boundary usage type that indicates what type of IAM resource
	// is used as the permissions boundary for an entity. This data type can only
	// have a value of Policy.
	PermissionsBoundaryType *string `type:"string" enum:"PermissionsBoundaryAttachmentType"`
	// contains filtered or unexported fields
}

Contains information about an attached permissions boundary.

An attached permissions boundary is a managed policy that has been attached to a user or role to set the permissions boundary.

For more information about permissions boundaries, see Permissions boundaries for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the IAM User Guide.

func (AttachedPermissionsBoundary) GoString

func (s AttachedPermissionsBoundary) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AttachedPermissionsBoundary) SetPermissionsBoundaryArn

func (s *AttachedPermissionsBoundary) SetPermissionsBoundaryArn(v string) *AttachedPermissionsBoundary

SetPermissionsBoundaryArn sets the PermissionsBoundaryArn field's value.

func (*AttachedPermissionsBoundary) SetPermissionsBoundaryType

func (s *AttachedPermissionsBoundary) SetPermissionsBoundaryType(v string) *AttachedPermissionsBoundary

SetPermissionsBoundaryType sets the PermissionsBoundaryType field's value.

func (AttachedPermissionsBoundary) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type AttachedPolicy

type AttachedPolicy struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	PolicyArn *string `min:"20" type:"string"`

	// The friendly name of the attached policy.
	PolicyName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about an attached policy.

An attached policy is a managed policy that has been attached to a user, group, or role. This data type is used as a response element in the ListAttachedGroupPolicies, ListAttachedRolePolicies, ListAttachedUserPolicies, and GetAccountAuthorizationDetails operations.

For more information about managed policies, refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

func (AttachedPolicy) GoString

func (s AttachedPolicy) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*AttachedPolicy) SetPolicyArn

func (s *AttachedPolicy) SetPolicyArn(v string) *AttachedPolicy

SetPolicyArn sets the PolicyArn field's value.

func (*AttachedPolicy) SetPolicyName

func (s *AttachedPolicy) SetPolicyName(v string) *AttachedPolicy

SetPolicyName sets the PolicyName field's value.

func (AttachedPolicy) String

func (s AttachedPolicy) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ChangePasswordInput

type ChangePasswordInput struct {

	// The new password. The new password must conform to the Amazon Web Services
	// account's password policy, if one exists.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
	// this parameter is a string of characters. That string can include almost
	// any printable ASCII character from the space (\u0020) through the end of
	// the ASCII character range (\u00FF). You can also include the tab (\u0009),
	// line feed (\u000A), and carriage return (\u000D) characters. Any of these
	// characters are valid in a password. However, many tools, such as the Amazon
	// Web Services Management Console, might restrict the ability to type certain
	// characters because they have special meaning within that tool.
	//
	// NewPassword is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ChangePasswordInput's
	// String and GoString methods.
	//
	// NewPassword is a required field
	NewPassword *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// The IAM user's current password.
	//
	// OldPassword is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ChangePasswordInput's
	// String and GoString methods.
	//
	// OldPassword is a required field
	OldPassword *string `min:"1" type:"string" required:"true" sensitive:"true"`
	// contains filtered or unexported fields
}

func (ChangePasswordInput) GoString

func (s ChangePasswordInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ChangePasswordInput) SetNewPassword

func (s *ChangePasswordInput) SetNewPassword(v string) *ChangePasswordInput

SetNewPassword sets the NewPassword field's value.

func (*ChangePasswordInput) SetOldPassword

func (s *ChangePasswordInput) SetOldPassword(v string) *ChangePasswordInput

SetOldPassword sets the OldPassword field's value.

func (ChangePasswordInput) String

func (s ChangePasswordInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ChangePasswordInput) Validate

func (s *ChangePasswordInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ChangePasswordOutput

type ChangePasswordOutput struct {
	// contains filtered or unexported fields
}

func (ChangePasswordOutput) GoString

func (s ChangePasswordOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (ChangePasswordOutput) String

func (s ChangePasswordOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ContextEntry

type ContextEntry struct {

	// The full name of a condition context key, including the service prefix. For
	// example, aws:SourceIp or s3:VersionId.
	ContextKeyName *string `min:"5" type:"string"`

	// The data type of the value (or values) specified in the ContextKeyValues
	// parameter.
	ContextKeyType *string `type:"string" enum:"ContextKeyTypeEnum"`

	// The value (or values, if the condition context key supports multiple values)
	// to provide to the simulation when the key is referenced by a Condition element
	// in an input policy.
	ContextKeyValues []*string `type:"list"`
	// contains filtered or unexported fields
}

Contains information about a condition context key. It includes the name of the key and specifies the value (or values, if the context key supports multiple values) to use in the simulation. This information is used when evaluating the Condition elements of the input policies.

This data type is used as an input parameter to SimulateCustomPolicy and SimulatePrincipalPolicy.

func (ContextEntry) GoString

func (s ContextEntry) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ContextEntry) SetContextKeyName

func (s *ContextEntry) SetContextKeyName(v string) *ContextEntry

SetContextKeyName sets the ContextKeyName field's value.

func (*ContextEntry) SetContextKeyType

func (s *ContextEntry) SetContextKeyType(v string) *ContextEntry

SetContextKeyType sets the ContextKeyType field's value.

func (*ContextEntry) SetContextKeyValues

func (s *ContextEntry) SetContextKeyValues(v []*string) *ContextEntry

SetContextKeyValues sets the ContextKeyValues field's value.

func (ContextEntry) String

func (s ContextEntry) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ContextEntry) Validate

func (s *ContextEntry) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateAccessKeyInput

type CreateAccessKeyInput struct {

	// The name of the IAM user that the new key will belong to.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (CreateAccessKeyInput) GoString

func (s CreateAccessKeyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateAccessKeyInput) SetUserName

SetUserName sets the UserName field's value.

func (CreateAccessKeyInput) String

func (s CreateAccessKeyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateAccessKeyInput) Validate

func (s *CreateAccessKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateAccessKeyOutput

type CreateAccessKeyOutput struct {

	// A structure with details about the access key.
	//
	// AccessKey is a required field
	AccessKey *AccessKey `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateAccessKey request.

func (CreateAccessKeyOutput) GoString

func (s CreateAccessKeyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateAccessKeyOutput) SetAccessKey

SetAccessKey sets the AccessKey field's value.

func (CreateAccessKeyOutput) String

func (s CreateAccessKeyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateAccountAliasInput

type CreateAccountAliasInput struct {

	// The account alias to create.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of lowercase letters, digits, and dashes.
	// You cannot start or finish with a dash, nor can you have two dashes in a
	// row.
	//
	// AccountAlias is a required field
	AccountAlias *string `min:"3" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateAccountAliasInput) GoString

func (s CreateAccountAliasInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateAccountAliasInput) SetAccountAlias

SetAccountAlias sets the AccountAlias field's value.

func (CreateAccountAliasInput) String

func (s CreateAccountAliasInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateAccountAliasInput) Validate

func (s *CreateAccountAliasInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateAccountAliasOutput

type CreateAccountAliasOutput struct {
	// contains filtered or unexported fields
}

func (CreateAccountAliasOutput) GoString

func (s CreateAccountAliasOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (CreateAccountAliasOutput) String

func (s CreateAccountAliasOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateGroupInput

type CreateGroupInput struct {

	// The name of the group to create. Do not include the path in this value.
	//
	// IAM user, group, role, and policy names must be unique within the account.
	// Names are not distinguished by case. For example, you cannot create resources
	// named both "MyResource" and "myresource".
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The path to the group. For more information about paths, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (CreateGroupInput) GoString

func (s CreateGroupInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateGroupInput) SetGroupName

func (s *CreateGroupInput) SetGroupName(v string) *CreateGroupInput

SetGroupName sets the GroupName field's value.

func (*CreateGroupInput) SetPath

func (s *CreateGroupInput) SetPath(v string) *CreateGroupInput

SetPath sets the Path field's value.

func (CreateGroupInput) String

func (s CreateGroupInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateGroupInput) Validate

func (s *CreateGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateGroupOutput

type CreateGroupOutput struct {

	// A structure containing details about the new group.
	//
	// Group is a required field
	Group *Group `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateGroup request.

func (CreateGroupOutput) GoString

func (s CreateGroupOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateGroupOutput) SetGroup

func (s *CreateGroupOutput) SetGroup(v *Group) *CreateGroupOutput

SetGroup sets the Group field's value.

func (CreateGroupOutput) String

func (s CreateGroupOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateInstanceProfileInput

type CreateInstanceProfileInput struct {

	// The name of the instance profile to create.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`

	// The path to the instance profile. For more information about paths, see IAM
	// Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`

	// A list of tags that you want to attach to the newly created IAM instance
	// profile. Each tag consists of a key name and an associated value. For more
	// information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	//
	// If any one of the tags is invalid or if you exceed the allowed maximum number
	// of tags, then the entire request fails and the resource is not created.
	Tags []*Tag `type:"list"`
	// contains filtered or unexported fields
}

func (CreateInstanceProfileInput) GoString

func (s CreateInstanceProfileInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateInstanceProfileInput) SetInstanceProfileName

func (s *CreateInstanceProfileInput) SetInstanceProfileName(v string) *CreateInstanceProfileInput

SetInstanceProfileName sets the InstanceProfileName field's value.

func (*CreateInstanceProfileInput) SetPath

SetPath sets the Path field's value.

func (*CreateInstanceProfileInput) SetTags

SetTags sets the Tags field's value.

func (CreateInstanceProfileInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateInstanceProfileInput) Validate

func (s *CreateInstanceProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateInstanceProfileOutput

type CreateInstanceProfileOutput struct {

	// A structure containing details about the new instance profile.
	//
	// InstanceProfile is a required field
	InstanceProfile *InstanceProfile `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateInstanceProfile request.

func (CreateInstanceProfileOutput) GoString

func (s CreateInstanceProfileOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateInstanceProfileOutput) SetInstanceProfile

SetInstanceProfile sets the InstanceProfile field's value.

func (CreateInstanceProfileOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateLoginProfileInput

type CreateLoginProfileInput struct {

	// The new password for the user.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
	// this parameter is a string of characters. That string can include almost
	// any printable ASCII character from the space (\u0020) through the end of
	// the ASCII character range (\u00FF). You can also include the tab (\u0009),
	// line feed (\u000A), and carriage return (\u000D) characters. Any of these
	// characters are valid in a password. However, many tools, such as the Amazon
	// Web Services Management Console, might restrict the ability to type certain
	// characters because they have special meaning within that tool.
	//
	// Password is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by CreateLoginProfileInput's
	// String and GoString methods.
	//
	// Password is a required field
	Password *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// Specifies whether the user is required to set a new password on next sign-in.
	PasswordResetRequired *bool `type:"boolean"`

	// The name of the IAM user to create a password for. The user must already
	// exist.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateLoginProfileInput) GoString

func (s CreateLoginProfileInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateLoginProfileInput) SetPassword

SetPassword sets the Password field's value.

func (*CreateLoginProfileInput) SetPasswordResetRequired

func (s *CreateLoginProfileInput) SetPasswordResetRequired(v bool) *CreateLoginProfileInput

SetPasswordResetRequired sets the PasswordResetRequired field's value.

func (*CreateLoginProfileInput) SetUserName

SetUserName sets the UserName field's value.

func (CreateLoginProfileInput) String

func (s CreateLoginProfileInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateLoginProfileInput) Validate

func (s *CreateLoginProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateLoginProfileOutput

type CreateLoginProfileOutput struct {

	// A structure containing the user name and password create date.
	//
	// LoginProfile is a required field
	LoginProfile *LoginProfile `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateLoginProfile request.

func (CreateLoginProfileOutput) GoString

func (s CreateLoginProfileOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateLoginProfileOutput) SetLoginProfile

SetLoginProfile sets the LoginProfile field's value.

func (CreateLoginProfileOutput) String

func (s CreateLoginProfileOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateOpenIDConnectProviderInput

type CreateOpenIDConnectProviderInput struct {

	// Provides a list of client IDs, also known as audiences. When a mobile or
	// web app registers with an OpenID Connect provider, they establish a value
	// that identifies the application. This is the value that's sent as the client_id
	// parameter on OAuth requests.
	//
	// You can register multiple client IDs with the same provider. For example,
	// you might have multiple applications that use the same OIDC provider. You
	// cannot register more than 100 client IDs with a single IAM OIDC provider.
	//
	// There is no defined format for a client ID. The CreateOpenIDConnectProviderRequest
	// operation accepts client IDs up to 255 characters long.
	ClientIDList []*string `type:"list"`

	// A list of tags that you want to attach to the new IAM OpenID Connect (OIDC)
	// provider. Each tag consists of a key name and an associated value. For more
	// information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	//
	// If any one of the tags is invalid or if you exceed the allowed maximum number
	// of tags, then the entire request fails and the resource is not created.
	Tags []*Tag `type:"list"`

	// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity
	// provider's server certificates. Typically this list includes only one entry.
	// However, IAM lets you have up to five thumbprints for an OIDC provider. This
	// lets you maintain multiple thumbprints if the identity provider is rotating
	// certificates.
	//
	// The server certificate thumbprint is the hex-encoded SHA-1 hash value of
	// the X.509 certificate used by the domain where the OpenID Connect provider
	// makes its keys available. It is always a 40-character string.
	//
	// You must provide at least one thumbprint when creating an IAM OIDC provider.
	// For example, assume that the OIDC provider is server.example.com and the
	// provider stores its keys at https://keys.server.example.com/openid-connect.
	// In that case, the thumbprint string would be the hex-encoded SHA-1 hash value
	// of the certificate used by https://keys.server.example.com.
	//
	// For more information about obtaining the OIDC provider thumbprint, see Obtaining
	// the thumbprint for an OpenID Connect provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html)
	// in the IAM user Guide.
	//
	// ThumbprintList is a required field
	ThumbprintList []*string `type:"list" required:"true"`

	// The URL of the identity provider. The URL must begin with https:// and should
	// correspond to the iss claim in the provider's OpenID Connect ID tokens. Per
	// the OIDC standard, path components are allowed but query parameters are not.
	// Typically the URL consists of only a hostname, like https://server.example.org
	// or https://example.com. The URL should not contain a port number.
	//
	// You cannot register the same provider multiple times in a single Amazon Web
	// Services account. If you try to submit a URL that has already been used for
	// an OpenID Connect provider in the Amazon Web Services account, you will get
	// an error.
	//
	// Url is a required field
	Url *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateOpenIDConnectProviderInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateOpenIDConnectProviderInput) SetClientIDList

SetClientIDList sets the ClientIDList field's value.

func (*CreateOpenIDConnectProviderInput) SetTags

SetTags sets the Tags field's value.

func (*CreateOpenIDConnectProviderInput) SetThumbprintList

SetThumbprintList sets the ThumbprintList field's value.

func (*CreateOpenIDConnectProviderInput) SetUrl

SetUrl sets the Url field's value.

func (CreateOpenIDConnectProviderInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateOpenIDConnectProviderInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type CreateOpenIDConnectProviderOutput

type CreateOpenIDConnectProviderOutput struct {

	// The Amazon Resource Name (ARN) of the new IAM OpenID Connect provider that
	// is created. For more information, see OpenIDConnectProviderListEntry.
	OpenIDConnectProviderArn *string `min:"20" type:"string"`

	// A list of tags that are attached to the new IAM OIDC provider. The returned
	// list of tags is sorted by tag key. For more information about tagging, see
	// Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	Tags []*Tag `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateOpenIDConnectProvider request.

func (CreateOpenIDConnectProviderOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateOpenIDConnectProviderOutput) SetOpenIDConnectProviderArn

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (*CreateOpenIDConnectProviderOutput) SetTags

SetTags sets the Tags field's value.

func (CreateOpenIDConnectProviderOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreatePolicyInput

type CreatePolicyInput struct {

	// A friendly description of the policy.
	//
	// Typically used to store information about the permissions defined in the
	// policy. For example, "Grants access to production DynamoDB tables."
	//
	// The policy description is immutable. After a value is assigned, it cannot
	// be changed.
	Description *string `type:"string"`

	// The path for the policy.
	//
	// For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	//
	// You cannot use an asterisk (*) in the path name.
	Path *string `min:"1" type:"string"`

	// The JSON policy document that you want to use as the content for the new
	// policy.
	//
	// You must provide policies in JSON format in IAM. However, for CloudFormation
	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
	// CloudFormation always converts a YAML policy to JSON format before submitting
	// it to IAM.
	//
	// The maximum length of the policy document that you can pass in this operation,
	// including whitespace, is listed below. To view the maximum character counts
	// of a managed policy with no whitespaces, see IAM and STS character quotas
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
	//
	// To learn more about JSON policy grammar, see Grammar of the IAM JSON policy
	// language (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html)
	// in the IAM User Guide.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The friendly name of the policy.
	//
	// IAM user, group, role, and policy names must be unique within the account.
	// Names are not distinguished by case. For example, you cannot create resources
	// named both "MyResource" and "myresource".
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// A list of tags that you want to attach to the new IAM customer managed policy.
	// Each tag consists of a key name and an associated value. For more information
	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	//
	// If any one of the tags is invalid or if you exceed the allowed maximum number
	// of tags, then the entire request fails and the resource is not created.
	Tags []*Tag `type:"list"`
	// contains filtered or unexported fields
}

func (CreatePolicyInput) GoString

func (s CreatePolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyInput) SetDescription

func (s *CreatePolicyInput) SetDescription(v string) *CreatePolicyInput

SetDescription sets the Description field's value.

func (*CreatePolicyInput) SetPath

SetPath sets the Path field's value.

func (*CreatePolicyInput) SetPolicyDocument

func (s *CreatePolicyInput) SetPolicyDocument(v string) *CreatePolicyInput

SetPolicyDocument sets the PolicyDocument field's value.

func (*CreatePolicyInput) SetPolicyName

func (s *CreatePolicyInput) SetPolicyName(v string) *CreatePolicyInput

SetPolicyName sets the PolicyName field's value.

func (*CreatePolicyInput) SetTags

func (s *CreatePolicyInput) SetTags(v []*Tag) *CreatePolicyInput

SetTags sets the Tags field's value.

func (CreatePolicyInput) String

func (s CreatePolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyInput) Validate

func (s *CreatePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreatePolicyOutput

type CreatePolicyOutput struct {

	// A structure containing details about the new policy.
	Policy *Policy `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreatePolicy request.

func (CreatePolicyOutput) GoString

func (s CreatePolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyOutput) SetPolicy

func (s *CreatePolicyOutput) SetPolicy(v *Policy) *CreatePolicyOutput

SetPolicy sets the Policy field's value.

func (CreatePolicyOutput) String

func (s CreatePolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreatePolicyVersionInput

type CreatePolicyVersionInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy to which you want to add
	// a new version.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The JSON policy document that you want to use as the content for this new
	// version of the policy.
	//
	// You must provide policies in JSON format in IAM. However, for CloudFormation
	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
	// CloudFormation always converts a YAML policy to JSON format before submitting
	// it to IAM.
	//
	// The maximum length of the policy document that you can pass in this operation,
	// including whitespace, is listed below. To view the maximum character counts
	// of a managed policy with no whitespaces, see IAM and STS character quotas
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// Specifies whether to set this version as the policy's default version.
	//
	// When this parameter is true, the new policy version becomes the operative
	// version. That is, it becomes the version that is in effect for the IAM users,
	// groups, and roles that the policy is attached to.
	//
	// For more information about managed policy versions, see Versioning for managed
	// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the IAM User Guide.
	SetAsDefault *bool `type:"boolean"`
	// contains filtered or unexported fields
}

func (CreatePolicyVersionInput) GoString

func (s CreatePolicyVersionInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyVersionInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (*CreatePolicyVersionInput) SetPolicyDocument

func (s *CreatePolicyVersionInput) SetPolicyDocument(v string) *CreatePolicyVersionInput

SetPolicyDocument sets the PolicyDocument field's value.

func (*CreatePolicyVersionInput) SetSetAsDefault

SetSetAsDefault sets the SetAsDefault field's value.

func (CreatePolicyVersionInput) String

func (s CreatePolicyVersionInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyVersionInput) Validate

func (s *CreatePolicyVersionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreatePolicyVersionOutput

type CreatePolicyVersionOutput struct {

	// A structure containing details about the new policy version.
	PolicyVersion *PolicyVersion `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreatePolicyVersion request.

func (CreatePolicyVersionOutput) GoString

func (s CreatePolicyVersionOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreatePolicyVersionOutput) SetPolicyVersion

SetPolicyVersion sets the PolicyVersion field's value.

func (CreatePolicyVersionOutput) String

func (s CreatePolicyVersionOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateRoleInput

type CreateRoleInput struct {

	// The trust relationship policy document that grants an entity permission to
	// assume the role.
	//
	// In IAM, you must provide a JSON policy that has been converted to a string.
	// However, for CloudFormation templates formatted in YAML, you can provide
	// the policy in JSON or YAML format. CloudFormation always converts a YAML
	// policy to JSON format before submitting it to IAM.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// Upon success, the response includes the same trust policy in JSON format.
	//
	// AssumeRolePolicyDocument is a required field
	AssumeRolePolicyDocument *string `min:"1" type:"string" required:"true"`

	// A description of the role.
	Description *string `type:"string"`

	// The maximum session duration (in seconds) that you want to set for the specified
	// role. If you do not specify a value for this setting, the default value of
	// one hour is applied. This setting can have a value from 1 hour to 12 hours.
	//
	// Anyone who assumes the role from the CLI or API can use the DurationSeconds
	// API parameter or the duration-seconds CLI parameter to request a longer session.
	// The MaxSessionDuration setting determines the maximum duration that can be
	// requested using the DurationSeconds parameter. If users don't specify a value
	// for the DurationSeconds parameter, their security credentials are valid for
	// one hour by default. This applies when you use the AssumeRole* API operations
	// or the assume-role* CLI operations but does not apply when you use those
	// operations to create a console URL. For more information, see Using IAM roles
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the
	// IAM User Guide.
	MaxSessionDuration *int64 `min:"3600" type:"integer"`

	// The path to the role. For more information about paths, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`

	// The ARN of the managed policy that is used to set the permissions boundary
	// for the role.
	//
	// A permissions boundary policy defines the maximum permissions that identity-based
	// policies can grant to an entity, but does not grant permissions. Permissions
	// boundaries do not define the maximum permissions that a resource-based policy
	// can grant to an entity. To learn more, see Permissions boundaries for IAM
	// entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	//
	// For more information about policy types, see Policy types (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types)
	// in the IAM User Guide.
	PermissionsBoundary *string `min:"20" type:"string"`

	// The name of the role to create.
	//
	// IAM user, group, role, and policy names must be unique within the account.
	// Names are not distinguished by case. For example, you cannot create resources
	// named both "MyResource" and "myresource".
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`

	// A list of tags that you want to attach to the new role. Each tag consists
	// of a key name and an associated value. For more information about tagging,
	// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	//
	// If any one of the tags is invalid or if you exceed the allowed maximum number
	// of tags, then the entire request fails and the resource is not created.
	Tags []*Tag `type:"list"`
	// contains filtered or unexported fields
}

func (CreateRoleInput) GoString

func (s CreateRoleInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateRoleInput) SetAssumeRolePolicyDocument

func (s *CreateRoleInput) SetAssumeRolePolicyDocument(v string) *CreateRoleInput

SetAssumeRolePolicyDocument sets the AssumeRolePolicyDocument field's value.

func (*CreateRoleInput) SetDescription

func (s *CreateRoleInput) SetDescription(v string) *CreateRoleInput

SetDescription sets the Description field's value.

func (*CreateRoleInput) SetMaxSessionDuration

func (s *CreateRoleInput) SetMaxSessionDuration(v int64) *CreateRoleInput

SetMaxSessionDuration sets the MaxSessionDuration field's value.

func (*CreateRoleInput) SetPath

func (s *CreateRoleInput) SetPath(v string) *CreateRoleInput

SetPath sets the Path field's value.

func (*CreateRoleInput) SetPermissionsBoundary

func (s *CreateRoleInput) SetPermissionsBoundary(v string) *CreateRoleInput

SetPermissionsBoundary sets the PermissionsBoundary field's value.

func (*CreateRoleInput) SetRoleName

func (s *CreateRoleInput) SetRoleName(v string) *CreateRoleInput

SetRoleName sets the RoleName field's value.

func (*CreateRoleInput) SetTags

func (s *CreateRoleInput) SetTags(v []*Tag) *CreateRoleInput

SetTags sets the Tags field's value.

func (CreateRoleInput) String

func (s CreateRoleInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateRoleInput) Validate

func (s *CreateRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateRoleOutput

type CreateRoleOutput struct {

	// A structure containing details about the new role.
	//
	// Role is a required field
	Role *Role `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateRole request.

func (CreateRoleOutput) GoString

func (s CreateRoleOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateRoleOutput) SetRole

func (s *CreateRoleOutput) SetRole(v *Role) *CreateRoleOutput

SetRole sets the Role field's value.

func (CreateRoleOutput) String

func (s CreateRoleOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateSAMLProviderInput

type CreateSAMLProviderInput struct {

	// The name of the provider to create.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`

	// An XML document generated by an identity provider (IdP) that supports SAML
	// 2.0. The document includes the issuer's name, expiration information, and
	// keys that can be used to validate the SAML authentication response (assertions)
	// that are received from the IdP. You must generate the metadata document using
	// the identity management software that is used as your organization's IdP.
	//
	// For more information, see About SAML 2.0-based federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html)
	// in the IAM User Guide
	//
	// SAMLMetadataDocument is a required field
	SAMLMetadataDocument *string `min:"1000" type:"string" required:"true"`

	// A list of tags that you want to attach to the new IAM SAML provider. Each
	// tag consists of a key name and an associated value. For more information
	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	//
	// If any one of the tags is invalid or if you exceed the allowed maximum number
	// of tags, then the entire request fails and the resource is not created.
	Tags []*Tag `type:"list"`
	// contains filtered or unexported fields
}

func (CreateSAMLProviderInput) GoString

func (s CreateSAMLProviderInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateSAMLProviderInput) SetName

SetName sets the Name field's value.

func (*CreateSAMLProviderInput) SetSAMLMetadataDocument

func (s *CreateSAMLProviderInput) SetSAMLMetadataDocument(v string) *CreateSAMLProviderInput

SetSAMLMetadataDocument sets the SAMLMetadataDocument field's value.

func (*CreateSAMLProviderInput) SetTags

SetTags sets the Tags field's value.

func (CreateSAMLProviderInput) String

func (s CreateSAMLProviderInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateSAMLProviderInput) Validate

func (s *CreateSAMLProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateSAMLProviderOutput

type CreateSAMLProviderOutput struct {

	// The Amazon Resource Name (ARN) of the new SAML provider resource in IAM.
	SAMLProviderArn *string `min:"20" type:"string"`

	// A list of tags that are attached to the new IAM SAML provider. The returned
	// list of tags is sorted by tag key. For more information about tagging, see
	// Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	Tags []*Tag `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateSAMLProvider request.

func (CreateSAMLProviderOutput) GoString

func (s CreateSAMLProviderOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateSAMLProviderOutput) SetSAMLProviderArn

func (s *CreateSAMLProviderOutput) SetSAMLProviderArn(v string) *CreateSAMLProviderOutput

SetSAMLProviderArn sets the SAMLProviderArn field's value.

func (*CreateSAMLProviderOutput) SetTags

SetTags sets the Tags field's value.

func (CreateSAMLProviderOutput) String

func (s CreateSAMLProviderOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateServiceLinkedRoleInput

type CreateServiceLinkedRoleInput struct {

	// The service principal for the Amazon Web Services service to which this role
	// is attached. You use a string similar to a URL but without the http:// in
	// front. For example: elasticbeanstalk.amazonaws.com.
	//
	// Service principals are unique and case-sensitive. To find the exact service
	// principal for your service-linked role, see Amazon Web Services services
	// that work with IAM (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html)
	// in the IAM User Guide. Look for the services that have Yes in the Service-Linked
	// Role column. Choose the Yes link to view the service-linked role documentation
	// for that service.
	//
	// AWSServiceName is a required field
	AWSServiceName *string `min:"1" type:"string" required:"true"`

	// A string that you provide, which is combined with the service-provided prefix
	// to form the complete role name. If you make multiple requests for the same
	// service, then you must supply a different CustomSuffix for each request.
	// Otherwise the request fails with a duplicate role name error. For example,
	// you could add -1 or -debug to the suffix.
	//
	// Some services do not support the CustomSuffix parameter. If you provide an
	// optional suffix and the operation fails, try the operation again without
	// the suffix.
	CustomSuffix *string `min:"1" type:"string"`

	// The description of the role.
	Description *string `type:"string"`
	// contains filtered or unexported fields
}

func (CreateServiceLinkedRoleInput) GoString

func (s CreateServiceLinkedRoleInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateServiceLinkedRoleInput) SetAWSServiceName

SetAWSServiceName sets the AWSServiceName field's value.

func (*CreateServiceLinkedRoleInput) SetCustomSuffix

SetCustomSuffix sets the CustomSuffix field's value.

func (*CreateServiceLinkedRoleInput) SetDescription

SetDescription sets the Description field's value.

func (CreateServiceLinkedRoleInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateServiceLinkedRoleInput) Validate

func (s *CreateServiceLinkedRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateServiceLinkedRoleOutput

type CreateServiceLinkedRoleOutput struct {

	// A Role object that contains details about the newly created role.
	Role *Role `type:"structure"`
	// contains filtered or unexported fields
}

func (CreateServiceLinkedRoleOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateServiceLinkedRoleOutput) SetRole

SetRole sets the Role field's value.

func (CreateServiceLinkedRoleOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateServiceSpecificCredentialInput

type CreateServiceSpecificCredentialInput struct {

	// The name of the Amazon Web Services service that is to be associated with
	// the credentials. The service you specify here is the only service that can
	// be accessed using these credentials.
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`

	// The name of the IAM user that is to be associated with the credentials. The
	// new service-specific credentials have the same permissions as the associated
	// user except that they can be used only to access the specified service.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateServiceSpecificCredentialInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateServiceSpecificCredentialInput) SetServiceName

SetServiceName sets the ServiceName field's value.

func (*CreateServiceSpecificCredentialInput) SetUserName

SetUserName sets the UserName field's value.

func (CreateServiceSpecificCredentialInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateServiceSpecificCredentialInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type CreateServiceSpecificCredentialOutput

type CreateServiceSpecificCredentialOutput struct {

	// A structure that contains information about the newly created service-specific
	// credential.
	//
	// This is the only time that the password for this credential set is available.
	// It cannot be recovered later. Instead, you must reset the password with ResetServiceSpecificCredential.
	ServiceSpecificCredential *ServiceSpecificCredential `type:"structure"`
	// contains filtered or unexported fields
}

func (CreateServiceSpecificCredentialOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateServiceSpecificCredentialOutput) SetServiceSpecificCredential

SetServiceSpecificCredential sets the ServiceSpecificCredential field's value.

func (CreateServiceSpecificCredentialOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateUserInput

type CreateUserInput struct {

	// The path for the user name. For more information about paths, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`

	// The ARN of the managed policy that is used to set the permissions boundary
	// for the user.
	//
	// A permissions boundary policy defines the maximum permissions that identity-based
	// policies can grant to an entity, but does not grant permissions. Permissions
	// boundaries do not define the maximum permissions that a resource-based policy
	// can grant to an entity. To learn more, see Permissions boundaries for IAM
	// entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	//
	// For more information about policy types, see Policy types (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types)
	// in the IAM User Guide.
	PermissionsBoundary *string `min:"20" type:"string"`

	// A list of tags that you want to attach to the new user. Each tag consists
	// of a key name and an associated value. For more information about tagging,
	// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	//
	// If any one of the tags is invalid or if you exceed the allowed maximum number
	// of tags, then the entire request fails and the resource is not created.
	Tags []*Tag `type:"list"`

	// The name of the user to create.
	//
	// IAM user, group, role, and policy names must be unique within the account.
	// Names are not distinguished by case. For example, you cannot create resources
	// named both "MyResource" and "myresource".
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateUserInput) GoString

func (s CreateUserInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateUserInput) SetPath

func (s *CreateUserInput) SetPath(v string) *CreateUserInput

SetPath sets the Path field's value.

func (*CreateUserInput) SetPermissionsBoundary

func (s *CreateUserInput) SetPermissionsBoundary(v string) *CreateUserInput

SetPermissionsBoundary sets the PermissionsBoundary field's value.

func (*CreateUserInput) SetTags

func (s *CreateUserInput) SetTags(v []*Tag) *CreateUserInput

SetTags sets the Tags field's value.

func (*CreateUserInput) SetUserName

func (s *CreateUserInput) SetUserName(v string) *CreateUserInput

SetUserName sets the UserName field's value.

func (CreateUserInput) String

func (s CreateUserInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateUserInput) Validate

func (s *CreateUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateUserOutput

type CreateUserOutput struct {

	// A structure with details about the new IAM user.
	User *User `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateUser request.

func (CreateUserOutput) GoString

func (s CreateUserOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateUserOutput) SetUser

func (s *CreateUserOutput) SetUser(v *User) *CreateUserOutput

SetUser sets the User field's value.

func (CreateUserOutput) String

func (s CreateUserOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type CreateVirtualMFADeviceInput

type CreateVirtualMFADeviceInput struct {

	// The path for the virtual MFA device. For more information about paths, see
	// IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`

	// A list of tags that you want to attach to the new IAM virtual MFA device.
	// Each tag consists of a key name and an associated value. For more information
	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	//
	// If any one of the tags is invalid or if you exceed the allowed maximum number
	// of tags, then the entire request fails and the resource is not created.
	Tags []*Tag `type:"list"`

	// The name of the virtual MFA device, which must be unique. Use with path to
	// uniquely identify a virtual MFA device.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// VirtualMFADeviceName is a required field
	VirtualMFADeviceName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateVirtualMFADeviceInput) GoString

func (s CreateVirtualMFADeviceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateVirtualMFADeviceInput) SetPath

SetPath sets the Path field's value.

func (*CreateVirtualMFADeviceInput) SetTags

SetTags sets the Tags field's value.

func (*CreateVirtualMFADeviceInput) SetVirtualMFADeviceName

func (s *CreateVirtualMFADeviceInput) SetVirtualMFADeviceName(v string) *CreateVirtualMFADeviceInput

SetVirtualMFADeviceName sets the VirtualMFADeviceName field's value.

func (CreateVirtualMFADeviceInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateVirtualMFADeviceInput) Validate

func (s *CreateVirtualMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateVirtualMFADeviceOutput

type CreateVirtualMFADeviceOutput struct {

	// A structure containing details about the new virtual MFA device.
	//
	// VirtualMFADevice is a required field
	VirtualMFADevice *VirtualMFADevice `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateVirtualMFADevice request.

func (CreateVirtualMFADeviceOutput) GoString

func (s CreateVirtualMFADeviceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*CreateVirtualMFADeviceOutput) SetVirtualMFADevice

SetVirtualMFADevice sets the VirtualMFADevice field's value.

func (CreateVirtualMFADeviceOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeactivateMFADeviceInput

type DeactivateMFADeviceInput struct {

	// The serial number that uniquely identifies the MFA device. For virtual MFA
	// devices, the serial number is the device ARN.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: =,.@:/-
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The name of the user whose MFA device you want to deactivate.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeactivateMFADeviceInput) GoString

func (s DeactivateMFADeviceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeactivateMFADeviceInput) SetSerialNumber

SetSerialNumber sets the SerialNumber field's value.

func (*DeactivateMFADeviceInput) SetUserName

SetUserName sets the UserName field's value.

func (DeactivateMFADeviceInput) String

func (s DeactivateMFADeviceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeactivateMFADeviceInput) Validate

func (s *DeactivateMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeactivateMFADeviceOutput

type DeactivateMFADeviceOutput struct {
	// contains filtered or unexported fields
}

func (DeactivateMFADeviceOutput) GoString

func (s DeactivateMFADeviceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeactivateMFADeviceOutput) String

func (s DeactivateMFADeviceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteAccessKeyInput

type DeleteAccessKeyInput struct {

	// The access key ID for the access key ID and secret access key you want to
	// delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// AccessKeyId is a required field
	AccessKeyId *string `min:"16" type:"string" required:"true"`

	// The name of the user whose access key pair you want to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (DeleteAccessKeyInput) GoString

func (s DeleteAccessKeyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteAccessKeyInput) SetAccessKeyId

func (s *DeleteAccessKeyInput) SetAccessKeyId(v string) *DeleteAccessKeyInput

SetAccessKeyId sets the AccessKeyId field's value.

func (*DeleteAccessKeyInput) SetUserName

SetUserName sets the UserName field's value.

func (DeleteAccessKeyInput) String

func (s DeleteAccessKeyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteAccessKeyInput) Validate

func (s *DeleteAccessKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteAccessKeyOutput

type DeleteAccessKeyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteAccessKeyOutput) GoString

func (s DeleteAccessKeyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteAccessKeyOutput) String

func (s DeleteAccessKeyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteAccountAliasInput

type DeleteAccountAliasInput struct {

	// The name of the account alias to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of lowercase letters, digits, and dashes.
	// You cannot start or finish with a dash, nor can you have two dashes in a
	// row.
	//
	// AccountAlias is a required field
	AccountAlias *string `min:"3" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteAccountAliasInput) GoString

func (s DeleteAccountAliasInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteAccountAliasInput) SetAccountAlias

SetAccountAlias sets the AccountAlias field's value.

func (DeleteAccountAliasInput) String

func (s DeleteAccountAliasInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteAccountAliasInput) Validate

func (s *DeleteAccountAliasInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteAccountAliasOutput

type DeleteAccountAliasOutput struct {
	// contains filtered or unexported fields
}

func (DeleteAccountAliasOutput) GoString

func (s DeleteAccountAliasOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteAccountAliasOutput) String

func (s DeleteAccountAliasOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteAccountPasswordPolicyInput

type DeleteAccountPasswordPolicyInput struct {
	// contains filtered or unexported fields
}

func (DeleteAccountPasswordPolicyInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteAccountPasswordPolicyInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteAccountPasswordPolicyOutput

type DeleteAccountPasswordPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteAccountPasswordPolicyOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteAccountPasswordPolicyOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteGroupInput

type DeleteGroupInput struct {

	// The name of the IAM group to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteGroupInput) GoString

func (s DeleteGroupInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteGroupInput) SetGroupName

func (s *DeleteGroupInput) SetGroupName(v string) *DeleteGroupInput

SetGroupName sets the GroupName field's value.

func (DeleteGroupInput) String

func (s DeleteGroupInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteGroupInput) Validate

func (s *DeleteGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteGroupOutput

type DeleteGroupOutput struct {
	// contains filtered or unexported fields
}

func (DeleteGroupOutput) GoString

func (s DeleteGroupOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteGroupOutput) String

func (s DeleteGroupOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteGroupPolicyInput

type DeleteGroupPolicyInput struct {

	// The name (friendly name, not ARN) identifying the group that the policy is
	// embedded in.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The name identifying the policy document to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteGroupPolicyInput) GoString

func (s DeleteGroupPolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteGroupPolicyInput) SetGroupName

SetGroupName sets the GroupName field's value.

func (*DeleteGroupPolicyInput) SetPolicyName

SetPolicyName sets the PolicyName field's value.

func (DeleteGroupPolicyInput) String

func (s DeleteGroupPolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteGroupPolicyInput) Validate

func (s *DeleteGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteGroupPolicyOutput

type DeleteGroupPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteGroupPolicyOutput) GoString

func (s DeleteGroupPolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteGroupPolicyOutput) String

func (s DeleteGroupPolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteInstanceProfileInput

type DeleteInstanceProfileInput struct {

	// The name of the instance profile to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteInstanceProfileInput) GoString

func (s DeleteInstanceProfileInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteInstanceProfileInput) SetInstanceProfileName

func (s *DeleteInstanceProfileInput) SetInstanceProfileName(v string) *DeleteInstanceProfileInput

SetInstanceProfileName sets the InstanceProfileName field's value.

func (DeleteInstanceProfileInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteInstanceProfileInput) Validate

func (s *DeleteInstanceProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteInstanceProfileOutput

type DeleteInstanceProfileOutput struct {
	// contains filtered or unexported fields
}

func (DeleteInstanceProfileOutput) GoString

func (s DeleteInstanceProfileOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteInstanceProfileOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteLoginProfileInput

type DeleteLoginProfileInput struct {

	// The name of the user whose password you want to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteLoginProfileInput) GoString

func (s DeleteLoginProfileInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteLoginProfileInput) SetUserName

SetUserName sets the UserName field's value.

func (DeleteLoginProfileInput) String

func (s DeleteLoginProfileInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteLoginProfileInput) Validate

func (s *DeleteLoginProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteLoginProfileOutput

type DeleteLoginProfileOutput struct {
	// contains filtered or unexported fields
}

func (DeleteLoginProfileOutput) GoString

func (s DeleteLoginProfileOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteLoginProfileOutput) String

func (s DeleteLoginProfileOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteOpenIDConnectProviderInput

type DeleteOpenIDConnectProviderInput struct {

	// The Amazon Resource Name (ARN) of the IAM OpenID Connect provider resource
	// object to delete. You can get a list of OpenID Connect provider resource
	// ARNs by using the ListOpenIDConnectProviders operation.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteOpenIDConnectProviderInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteOpenIDConnectProviderInput) SetOpenIDConnectProviderArn

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (DeleteOpenIDConnectProviderInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteOpenIDConnectProviderInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type DeleteOpenIDConnectProviderOutput

type DeleteOpenIDConnectProviderOutput struct {
	// contains filtered or unexported fields
}

func (DeleteOpenIDConnectProviderOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteOpenIDConnectProviderOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeletePolicyInput

type DeletePolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to delete.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeletePolicyInput) GoString

func (s DeletePolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeletePolicyInput) SetPolicyArn

func (s *DeletePolicyInput) SetPolicyArn(v string) *DeletePolicyInput

SetPolicyArn sets the PolicyArn field's value.

func (DeletePolicyInput) String

func (s DeletePolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeletePolicyInput) Validate

func (s *DeletePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeletePolicyOutput

type DeletePolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeletePolicyOutput) GoString

func (s DeletePolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeletePolicyOutput) String

func (s DeletePolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeletePolicyVersionInput

type DeletePolicyVersionInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy from which you want to delete
	// a version.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The policy version to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that consists of the lowercase letter 'v' followed
	// by one or two digits, and optionally followed by a period '.' and a string
	// of letters and digits.
	//
	// For more information about managed policy versions, see Versioning for managed
	// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the IAM User Guide.
	//
	// VersionId is a required field
	VersionId *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeletePolicyVersionInput) GoString

func (s DeletePolicyVersionInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeletePolicyVersionInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (*DeletePolicyVersionInput) SetVersionId

SetVersionId sets the VersionId field's value.

func (DeletePolicyVersionInput) String

func (s DeletePolicyVersionInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeletePolicyVersionInput) Validate

func (s *DeletePolicyVersionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeletePolicyVersionOutput

type DeletePolicyVersionOutput struct {
	// contains filtered or unexported fields
}

func (DeletePolicyVersionOutput) GoString

func (s DeletePolicyVersionOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeletePolicyVersionOutput) String

func (s DeletePolicyVersionOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteRoleInput

type DeleteRoleInput struct {

	// The name of the role to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteRoleInput) GoString

func (s DeleteRoleInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteRoleInput) SetRoleName

func (s *DeleteRoleInput) SetRoleName(v string) *DeleteRoleInput

SetRoleName sets the RoleName field's value.

func (DeleteRoleInput) String

func (s DeleteRoleInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteRoleInput) Validate

func (s *DeleteRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteRoleOutput

type DeleteRoleOutput struct {
	// contains filtered or unexported fields
}

func (DeleteRoleOutput) GoString

func (s DeleteRoleOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteRoleOutput) String

func (s DeleteRoleOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteRolePermissionsBoundaryInput

type DeleteRolePermissionsBoundaryInput struct {

	// The name (friendly name, not ARN) of the IAM role from which you want to
	// remove the permissions boundary.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteRolePermissionsBoundaryInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteRolePermissionsBoundaryInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (DeleteRolePermissionsBoundaryInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteRolePermissionsBoundaryInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type DeleteRolePermissionsBoundaryOutput

type DeleteRolePermissionsBoundaryOutput struct {
	// contains filtered or unexported fields
}

func (DeleteRolePermissionsBoundaryOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteRolePermissionsBoundaryOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteRolePolicyInput

type DeleteRolePolicyInput struct {

	// The name of the inline policy to delete from the specified IAM role.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name (friendly name, not ARN) identifying the role that the policy is
	// embedded in.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteRolePolicyInput) GoString

func (s DeleteRolePolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteRolePolicyInput) SetPolicyName

func (s *DeleteRolePolicyInput) SetPolicyName(v string) *DeleteRolePolicyInput

SetPolicyName sets the PolicyName field's value.

func (*DeleteRolePolicyInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (DeleteRolePolicyInput) String

func (s DeleteRolePolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteRolePolicyInput) Validate

func (s *DeleteRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteRolePolicyOutput

type DeleteRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteRolePolicyOutput) GoString

func (s DeleteRolePolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteRolePolicyOutput) String

func (s DeleteRolePolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteSAMLProviderInput

type DeleteSAMLProviderInput struct {

	// The Amazon Resource Name (ARN) of the SAML provider to delete.
	//
	// SAMLProviderArn is a required field
	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteSAMLProviderInput) GoString

func (s DeleteSAMLProviderInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteSAMLProviderInput) SetSAMLProviderArn

func (s *DeleteSAMLProviderInput) SetSAMLProviderArn(v string) *DeleteSAMLProviderInput

SetSAMLProviderArn sets the SAMLProviderArn field's value.

func (DeleteSAMLProviderInput) String

func (s DeleteSAMLProviderInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteSAMLProviderInput) Validate

func (s *DeleteSAMLProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteSAMLProviderOutput

type DeleteSAMLProviderOutput struct {
	// contains filtered or unexported fields
}

func (DeleteSAMLProviderOutput) GoString

func (s DeleteSAMLProviderOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteSAMLProviderOutput) String

func (s DeleteSAMLProviderOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteSSHPublicKeyInput

type DeleteSSHPublicKeyInput struct {

	// The unique identifier for the SSH public key.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The name of the IAM user associated with the SSH public key.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteSSHPublicKeyInput) GoString

func (s DeleteSSHPublicKeyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteSSHPublicKeyInput) SetSSHPublicKeyId

func (s *DeleteSSHPublicKeyInput) SetSSHPublicKeyId(v string) *DeleteSSHPublicKeyInput

SetSSHPublicKeyId sets the SSHPublicKeyId field's value.

func (*DeleteSSHPublicKeyInput) SetUserName

SetUserName sets the UserName field's value.

func (DeleteSSHPublicKeyInput) String

func (s DeleteSSHPublicKeyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteSSHPublicKeyInput) Validate

func (s *DeleteSSHPublicKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteSSHPublicKeyOutput

type DeleteSSHPublicKeyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteSSHPublicKeyOutput) GoString

func (s DeleteSSHPublicKeyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteSSHPublicKeyOutput) String

func (s DeleteSSHPublicKeyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteServerCertificateInput

type DeleteServerCertificateInput struct {

	// The name of the server certificate you want to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteServerCertificateInput) GoString

func (s DeleteServerCertificateInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteServerCertificateInput) SetServerCertificateName

func (s *DeleteServerCertificateInput) SetServerCertificateName(v string) *DeleteServerCertificateInput

SetServerCertificateName sets the ServerCertificateName field's value.

func (DeleteServerCertificateInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteServerCertificateInput) Validate

func (s *DeleteServerCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteServerCertificateOutput

type DeleteServerCertificateOutput struct {
	// contains filtered or unexported fields
}

func (DeleteServerCertificateOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteServerCertificateOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteServiceLinkedRoleInput

type DeleteServiceLinkedRoleInput struct {

	// The name of the service-linked role to be deleted.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteServiceLinkedRoleInput) GoString

func (s DeleteServiceLinkedRoleInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteServiceLinkedRoleInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (DeleteServiceLinkedRoleInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteServiceLinkedRoleInput) Validate

func (s *DeleteServiceLinkedRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteServiceLinkedRoleOutput

type DeleteServiceLinkedRoleOutput struct {

	// The deletion task identifier that you can use to check the status of the
	// deletion. This identifier is returned in the format task/aws-service-role/<service-principal-name>/<role-name>/<task-uuid>.
	//
	// DeletionTaskId is a required field
	DeletionTaskId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteServiceLinkedRoleOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteServiceLinkedRoleOutput) SetDeletionTaskId

SetDeletionTaskId sets the DeletionTaskId field's value.

func (DeleteServiceLinkedRoleOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteServiceSpecificCredentialInput

type DeleteServiceSpecificCredentialInput struct {

	// The unique identifier of the service-specific credential. You can get this
	// value by calling ListServiceSpecificCredentials.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The name of the IAM user associated with the service-specific credential.
	// If this value is not specified, then the operation assumes the user whose
	// credentials are used to call the operation.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (DeleteServiceSpecificCredentialInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteServiceSpecificCredentialInput) SetServiceSpecificCredentialId

SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.

func (*DeleteServiceSpecificCredentialInput) SetUserName

SetUserName sets the UserName field's value.

func (DeleteServiceSpecificCredentialInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteServiceSpecificCredentialInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type DeleteServiceSpecificCredentialOutput

type DeleteServiceSpecificCredentialOutput struct {
	// contains filtered or unexported fields
}

func (DeleteServiceSpecificCredentialOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteServiceSpecificCredentialOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteSigningCertificateInput

type DeleteSigningCertificateInput struct {

	// The ID of the signing certificate to delete.
	//
	// The format of this parameter, as described by its regex (http://wikipedia.org/wiki/regex)
	// pattern, is a string of characters that can be upper- or lower-cased letters
	// or digits.
	//
	// CertificateId is a required field
	CertificateId *string `min:"24" type:"string" required:"true"`

	// The name of the user the signing certificate belongs to.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (DeleteSigningCertificateInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteSigningCertificateInput) SetCertificateId

SetCertificateId sets the CertificateId field's value.

func (*DeleteSigningCertificateInput) SetUserName

SetUserName sets the UserName field's value.

func (DeleteSigningCertificateInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteSigningCertificateInput) Validate

func (s *DeleteSigningCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteSigningCertificateOutput

type DeleteSigningCertificateOutput struct {
	// contains filtered or unexported fields
}

func (DeleteSigningCertificateOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteSigningCertificateOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteUserInput

type DeleteUserInput struct {

	// The name of the user to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteUserInput) GoString

func (s DeleteUserInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteUserInput) SetUserName

func (s *DeleteUserInput) SetUserName(v string) *DeleteUserInput

SetUserName sets the UserName field's value.

func (DeleteUserInput) String

func (s DeleteUserInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteUserInput) Validate

func (s *DeleteUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteUserOutput

type DeleteUserOutput struct {
	// contains filtered or unexported fields
}

func (DeleteUserOutput) GoString

func (s DeleteUserOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteUserOutput) String

func (s DeleteUserOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteUserPermissionsBoundaryInput

type DeleteUserPermissionsBoundaryInput struct {

	// The name (friendly name, not ARN) of the IAM user from which you want to
	// remove the permissions boundary.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteUserPermissionsBoundaryInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteUserPermissionsBoundaryInput) SetUserName

SetUserName sets the UserName field's value.

func (DeleteUserPermissionsBoundaryInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteUserPermissionsBoundaryInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type DeleteUserPermissionsBoundaryOutput

type DeleteUserPermissionsBoundaryOutput struct {
	// contains filtered or unexported fields
}

func (DeleteUserPermissionsBoundaryOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteUserPermissionsBoundaryOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteUserPolicyInput

type DeleteUserPolicyInput struct {

	// The name identifying the policy document to delete.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name (friendly name, not ARN) identifying the user that the policy is
	// embedded in.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteUserPolicyInput) GoString

func (s DeleteUserPolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteUserPolicyInput) SetPolicyName

func (s *DeleteUserPolicyInput) SetPolicyName(v string) *DeleteUserPolicyInput

SetPolicyName sets the PolicyName field's value.

func (*DeleteUserPolicyInput) SetUserName

SetUserName sets the UserName field's value.

func (DeleteUserPolicyInput) String

func (s DeleteUserPolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteUserPolicyInput) Validate

func (s *DeleteUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteUserPolicyOutput

type DeleteUserPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteUserPolicyOutput) GoString

func (s DeleteUserPolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteUserPolicyOutput) String

func (s DeleteUserPolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeleteVirtualMFADeviceInput

type DeleteVirtualMFADeviceInput struct {

	// The serial number that uniquely identifies the MFA device. For virtual MFA
	// devices, the serial number is the same as the ARN.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: =,.@:/-
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteVirtualMFADeviceInput) GoString

func (s DeleteVirtualMFADeviceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteVirtualMFADeviceInput) SetSerialNumber

SetSerialNumber sets the SerialNumber field's value.

func (DeleteVirtualMFADeviceInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeleteVirtualMFADeviceInput) Validate

func (s *DeleteVirtualMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteVirtualMFADeviceOutput

type DeleteVirtualMFADeviceOutput struct {
	// contains filtered or unexported fields
}

func (DeleteVirtualMFADeviceOutput) GoString

func (s DeleteVirtualMFADeviceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DeleteVirtualMFADeviceOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DeletionTaskFailureReasonType

type DeletionTaskFailureReasonType struct {

	// A short description of the reason that the service-linked role deletion failed.
	Reason *string `type:"string"`

	// A list of objects that contains details about the service-linked role deletion
	// failure, if that information is returned by the service. If the service-linked
	// role has active sessions or if any resources that were used by the role have
	// not been deleted from the linked service, the role can't be deleted. This
	// parameter includes a list of the resources that are associated with the role
	// and the Region in which the resources are being used.
	RoleUsageList []*RoleUsageType `type:"list"`
	// contains filtered or unexported fields
}

The reason that the service-linked role deletion failed.

This data type is used as a response element in the GetServiceLinkedRoleDeletionStatus operation.

func (DeletionTaskFailureReasonType) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DeletionTaskFailureReasonType) SetReason

SetReason sets the Reason field's value.

func (*DeletionTaskFailureReasonType) SetRoleUsageList

SetRoleUsageList sets the RoleUsageList field's value.

func (DeletionTaskFailureReasonType) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DetachGroupPolicyInput

type DetachGroupPolicyInput struct {

	// The name (friendly name, not ARN) of the IAM group to detach the policy from.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DetachGroupPolicyInput) GoString

func (s DetachGroupPolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DetachGroupPolicyInput) SetGroupName

SetGroupName sets the GroupName field's value.

func (*DetachGroupPolicyInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (DetachGroupPolicyInput) String

func (s DetachGroupPolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DetachGroupPolicyInput) Validate

func (s *DetachGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DetachGroupPolicyOutput

type DetachGroupPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DetachGroupPolicyOutput) GoString

func (s DetachGroupPolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DetachGroupPolicyOutput) String

func (s DetachGroupPolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DetachRolePolicyInput

type DetachRolePolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the IAM role to detach the policy from.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DetachRolePolicyInput) GoString

func (s DetachRolePolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DetachRolePolicyInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (*DetachRolePolicyInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (DetachRolePolicyInput) String

func (s DetachRolePolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DetachRolePolicyInput) Validate

func (s *DetachRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DetachRolePolicyOutput

type DetachRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (DetachRolePolicyOutput) GoString

func (s DetachRolePolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DetachRolePolicyOutput) String

func (s DetachRolePolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type DetachUserPolicyInput

type DetachUserPolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the IAM user to detach the policy from.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DetachUserPolicyInput) GoString

func (s DetachUserPolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DetachUserPolicyInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (*DetachUserPolicyInput) SetUserName

SetUserName sets the UserName field's value.

func (DetachUserPolicyInput) String

func (s DetachUserPolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*DetachUserPolicyInput) Validate

func (s *DetachUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DetachUserPolicyOutput

type DetachUserPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DetachUserPolicyOutput) GoString

func (s DetachUserPolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (DetachUserPolicyOutput) String

func (s DetachUserPolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type EnableMFADeviceInput

type EnableMFADeviceInput struct {

	// An authentication code emitted by the device.
	//
	// The format for this parameter is a string of six digits.
	//
	// Submit your request immediately after generating the authentication codes.
	// If you generate the codes and then wait too long to submit the request, the
	// MFA device successfully associates with the user but the MFA device becomes
	// out of sync. This happens because time-based one-time passwords (TOTP) expire
	// after a short period of time. If this happens, you can resync the device
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html).
	//
	// AuthenticationCode1 is a required field
	AuthenticationCode1 *string `min:"6" type:"string" required:"true"`

	// A subsequent authentication code emitted by the device.
	//
	// The format for this parameter is a string of six digits.
	//
	// Submit your request immediately after generating the authentication codes.
	// If you generate the codes and then wait too long to submit the request, the
	// MFA device successfully associates with the user but the MFA device becomes
	// out of sync. This happens because time-based one-time passwords (TOTP) expire
	// after a short period of time. If this happens, you can resync the device
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html).
	//
	// AuthenticationCode2 is a required field
	AuthenticationCode2 *string `min:"6" type:"string" required:"true"`

	// The serial number that uniquely identifies the MFA device. For virtual MFA
	// devices, the serial number is the device ARN.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: =,.@:/-
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The name of the IAM user for whom you want to enable the MFA device.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (EnableMFADeviceInput) GoString

func (s EnableMFADeviceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EnableMFADeviceInput) SetAuthenticationCode1

func (s *EnableMFADeviceInput) SetAuthenticationCode1(v string) *EnableMFADeviceInput

SetAuthenticationCode1 sets the AuthenticationCode1 field's value.

func (*EnableMFADeviceInput) SetAuthenticationCode2

func (s *EnableMFADeviceInput) SetAuthenticationCode2(v string) *EnableMFADeviceInput

SetAuthenticationCode2 sets the AuthenticationCode2 field's value.

func (*EnableMFADeviceInput) SetSerialNumber

func (s *EnableMFADeviceInput) SetSerialNumber(v string) *EnableMFADeviceInput

SetSerialNumber sets the SerialNumber field's value.

func (*EnableMFADeviceInput) SetUserName

SetUserName sets the UserName field's value.

func (EnableMFADeviceInput) String

func (s EnableMFADeviceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EnableMFADeviceInput) Validate

func (s *EnableMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type EnableMFADeviceOutput

type EnableMFADeviceOutput struct {
	// contains filtered or unexported fields
}

func (EnableMFADeviceOutput) GoString

func (s EnableMFADeviceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (EnableMFADeviceOutput) String

func (s EnableMFADeviceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type EntityDetails

type EntityDetails struct {

	// The EntityInfo object that contains details about the entity (user or role).
	//
	// EntityInfo is a required field
	EntityInfo *EntityInfo `type:"structure" required:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the authenticated entity last attempted to access Amazon Web Services.
	// Amazon Web Services does not report unauthenticated requests.
	//
	// This field is null if no IAM entities attempted to access the service within
	// the tracking period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAuthenticated *time.Time `type:"timestamp"`
	// contains filtered or unexported fields
}

An object that contains details about when the IAM entities (users or roles) were last used in an attempt to access the specified Amazon Web Services service.

This data type is a response element in the GetServiceLastAccessedDetailsWithEntities operation.

func (EntityDetails) GoString

func (s EntityDetails) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EntityDetails) SetEntityInfo

func (s *EntityDetails) SetEntityInfo(v *EntityInfo) *EntityDetails

SetEntityInfo sets the EntityInfo field's value.

func (*EntityDetails) SetLastAuthenticated

func (s *EntityDetails) SetLastAuthenticated(v time.Time) *EntityDetails

SetLastAuthenticated sets the LastAuthenticated field's value.

func (EntityDetails) String

func (s EntityDetails) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type EntityInfo

type EntityInfo struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The identifier of the entity (user or role).
	//
	// Id is a required field
	Id *string `min:"16" type:"string" required:"true"`

	// The name of the entity (user or role).
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`

	// The path to the entity (user or role). For more information about paths,
	// see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	Path *string `min:"1" type:"string"`

	// The type of entity (user or role).
	//
	// Type is a required field
	Type *string `type:"string" required:"true" enum:"PolicyOwnerEntityType"`
	// contains filtered or unexported fields
}

Contains details about the specified entity (user or role).

This data type is an element of the EntityDetails object.

func (EntityInfo) GoString

func (s EntityInfo) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EntityInfo) SetArn

func (s *EntityInfo) SetArn(v string) *EntityInfo

SetArn sets the Arn field's value.

func (*EntityInfo) SetId

func (s *EntityInfo) SetId(v string) *EntityInfo

SetId sets the Id field's value.

func (*EntityInfo) SetName

func (s *EntityInfo) SetName(v string) *EntityInfo

SetName sets the Name field's value.

func (*EntityInfo) SetPath

func (s *EntityInfo) SetPath(v string) *EntityInfo

SetPath sets the Path field's value.

func (*EntityInfo) SetType

func (s *EntityInfo) SetType(v string) *EntityInfo

SetType sets the Type field's value.

func (EntityInfo) String

func (s EntityInfo) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ErrorDetails

type ErrorDetails struct {

	// The error code associated with the operation failure.
	//
	// Code is a required field
	Code *string `type:"string" required:"true"`

	// Detailed information about the reason that the operation failed.
	//
	// Message is a required field
	Message *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about the reason that the operation failed.

This data type is used as a response element in the GetOrganizationsAccessReport, GetServiceLastAccessedDetails, and GetServiceLastAccessedDetailsWithEntities operations.

func (ErrorDetails) GoString

func (s ErrorDetails) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ErrorDetails) SetCode

func (s *ErrorDetails) SetCode(v string) *ErrorDetails

SetCode sets the Code field's value.

func (*ErrorDetails) SetMessage

func (s *ErrorDetails) SetMessage(v string) *ErrorDetails

SetMessage sets the Message field's value.

func (ErrorDetails) String

func (s ErrorDetails) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type EvaluationResult

type EvaluationResult struct {

	// The name of the API operation tested on the indicated resource.
	//
	// EvalActionName is a required field
	EvalActionName *string `min:"3" type:"string" required:"true"`

	// The result of the simulation.
	//
	// EvalDecision is a required field
	EvalDecision *string `type:"string" required:"true" enum:"PolicyEvaluationDecisionType"`

	// Additional details about the results of the cross-account evaluation decision.
	// This parameter is populated for only cross-account simulations. It contains
	// a brief summary of how each policy type contributes to the final evaluation
	// decision.
	//
	// If the simulation evaluates policies within the same account and includes
	// a resource ARN, then the parameter is present but the response is empty.
	// If the simulation evaluates policies within the same account and specifies
	// all resources (*), then the parameter is not returned.
	//
	// When you make a cross-account request, Amazon Web Services evaluates the
	// request in the trusting account and the trusted account. The request is allowed
	// only if both evaluations return true. For more information about how policies
	// are evaluated, see Evaluating policies within a single account (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics).
	//
	// If an Organizations SCP included in the evaluation denies access, the simulation
	// ends. In this case, policy evaluation does not proceed any further and this
	// parameter is not returned.
	EvalDecisionDetails map[string]*string `type:"map"`

	// The ARN of the resource that the indicated API operation was tested on.
	EvalResourceName *string `min:"1" type:"string"`

	// A list of the statements in the input policies that determine the result
	// for this scenario. Remember that even if multiple statements allow the operation
	// on the resource, if only one statement denies that operation, then the explicit
	// deny overrides any allow. In addition, the deny statement is the only entry
	// included in the result.
	MatchedStatements []*Statement `type:"list"`

	// A list of context keys that are required by the included input policies but
	// that were not provided by one of the input parameters. This list is used
	// when the resource in a simulation is "*", either explicitly, or when the
	// ResourceArns parameter blank. If you include a list of resources, then any
	// missing context values are instead included under the ResourceSpecificResults
	// section. To discover the context keys used by a set of policies, you can
	// call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
	MissingContextValues []*string `type:"list"`

	// A structure that details how Organizations and its service control policies
	// affect the results of the simulation. Only applies if the simulated user's
	// account is part of an organization.
	OrganizationsDecisionDetail *OrganizationsDecisionDetail `type:"structure"`

	// Contains information about the effect that a permissions boundary has on
	// a policy simulation when the boundary is applied to an IAM entity.
	PermissionsBoundaryDecisionDetail *PermissionsBoundaryDecisionDetail `type:"structure"`

	// The individual results of the simulation of the API operation specified in
	// EvalActionName on each resource.
	ResourceSpecificResults []*ResourceSpecificResult `type:"list"`
	// contains filtered or unexported fields
}

Contains the results of a simulation.

This data type is used by the return parameter of SimulateCustomPolicy and SimulatePrincipalPolicy .

func (EvaluationResult) GoString

func (s EvaluationResult) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*EvaluationResult) SetEvalActionName

func (s *EvaluationResult) SetEvalActionName(v string) *EvaluationResult

SetEvalActionName sets the EvalActionName field's value.

func (*EvaluationResult) SetEvalDecision

func (s *EvaluationResult) SetEvalDecision(v string) *EvaluationResult

SetEvalDecision sets the EvalDecision field's value.

func (*EvaluationResult) SetEvalDecisionDetails

func (s *EvaluationResult) SetEvalDecisionDetails(v map[string]*string) *EvaluationResult

SetEvalDecisionDetails sets the EvalDecisionDetails field's value.

func (*EvaluationResult) SetEvalResourceName

func (s *EvaluationResult) SetEvalResourceName(v string) *EvaluationResult

SetEvalResourceName sets the EvalResourceName field's value.

func (*EvaluationResult) SetMatchedStatements

func (s *EvaluationResult) SetMatchedStatements(v []*Statement) *EvaluationResult

SetMatchedStatements sets the MatchedStatements field's value.

func (*EvaluationResult) SetMissingContextValues

func (s *EvaluationResult) SetMissingContextValues(v []*string) *EvaluationResult

SetMissingContextValues sets the MissingContextValues field's value.

func (*EvaluationResult) SetOrganizationsDecisionDetail

func (s *EvaluationResult) SetOrganizationsDecisionDetail(v *OrganizationsDecisionDetail) *EvaluationResult

SetOrganizationsDecisionDetail sets the OrganizationsDecisionDetail field's value.

func (*EvaluationResult) SetPermissionsBoundaryDecisionDetail

func (s *EvaluationResult) SetPermissionsBoundaryDecisionDetail(v *PermissionsBoundaryDecisionDetail) *EvaluationResult

SetPermissionsBoundaryDecisionDetail sets the PermissionsBoundaryDecisionDetail field's value.

func (*EvaluationResult) SetResourceSpecificResults

func (s *EvaluationResult) SetResourceSpecificResults(v []*ResourceSpecificResult) *EvaluationResult

SetResourceSpecificResults sets the ResourceSpecificResults field's value.

func (EvaluationResult) String

func (s EvaluationResult) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GenerateCredentialReportInput

type GenerateCredentialReportInput struct {
	// contains filtered or unexported fields
}

func (GenerateCredentialReportInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (GenerateCredentialReportInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GenerateCredentialReportOutput

type GenerateCredentialReportOutput struct {

	// Information about the credential report.
	Description *string `type:"string"`

	// Information about the state of the credential report.
	State *string `type:"string" enum:"ReportStateType"`
	// contains filtered or unexported fields
}

Contains the response to a successful GenerateCredentialReport request.

func (GenerateCredentialReportOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GenerateCredentialReportOutput) SetDescription

SetDescription sets the Description field's value.

func (*GenerateCredentialReportOutput) SetState

SetState sets the State field's value.

func (GenerateCredentialReportOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GenerateOrganizationsAccessReportInput

type GenerateOrganizationsAccessReportInput struct {

	// The path of the Organizations entity (root, OU, or account). You can build
	// an entity path using the known structure of your organization. For example,
	// assume that your account ID is 123456789012 and its parent OU ID is ou-rge0-awsabcde.
	// The organization root ID is r-f6g7h8i9j0example and your organization ID
	// is o-a1b2c3d4e5. Your entity path is o-a1b2c3d4e5/r-f6g7h8i9j0example/ou-rge0-awsabcde/123456789012.
	//
	// EntityPath is a required field
	EntityPath *string `min:"19" type:"string" required:"true"`

	// The identifier of the Organizations service control policy (SCP). This parameter
	// is optional.
	//
	// This ID is used to generate information about when an account principal that
	// is limited by the SCP attempted to access an Amazon Web Services service.
	OrganizationsPolicyId *string `type:"string"`
	// contains filtered or unexported fields
}

func (GenerateOrganizationsAccessReportInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GenerateOrganizationsAccessReportInput) SetEntityPath

SetEntityPath sets the EntityPath field's value.

func (*GenerateOrganizationsAccessReportInput) SetOrganizationsPolicyId

SetOrganizationsPolicyId sets the OrganizationsPolicyId field's value.

func (GenerateOrganizationsAccessReportInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GenerateOrganizationsAccessReportInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type GenerateOrganizationsAccessReportOutput

type GenerateOrganizationsAccessReportOutput struct {

	// The job identifier that you can use in the GetOrganizationsAccessReport operation.
	JobId *string `min:"36" type:"string"`
	// contains filtered or unexported fields
}

func (GenerateOrganizationsAccessReportOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GenerateOrganizationsAccessReportOutput) SetJobId

SetJobId sets the JobId field's value.

func (GenerateOrganizationsAccessReportOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GenerateServiceLastAccessedDetailsInput

type GenerateServiceLastAccessedDetailsInput struct {

	// The ARN of the IAM resource (user, group, role, or managed policy) used to
	// generate information about when the resource was last used in an attempt
	// to access an Amazon Web Services service.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The level of detail that you want to generate. You can specify whether you
	// want to generate information about the last attempt to access services or
	// actions. If you specify service-level granularity, this operation generates
	// only service data. If you specify action-level granularity, it generates
	// service and action data. If you don't include this optional parameter, the
	// operation generates service data.
	Granularity *string `type:"string" enum:"AccessAdvisorUsageGranularityType"`
	// contains filtered or unexported fields
}

func (GenerateServiceLastAccessedDetailsInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GenerateServiceLastAccessedDetailsInput) SetArn

SetArn sets the Arn field's value.

func (*GenerateServiceLastAccessedDetailsInput) SetGranularity

SetGranularity sets the Granularity field's value.

func (GenerateServiceLastAccessedDetailsInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GenerateServiceLastAccessedDetailsInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type GenerateServiceLastAccessedDetailsOutput

type GenerateServiceLastAccessedDetailsOutput struct {

	// The JobId that you can use in the GetServiceLastAccessedDetails or GetServiceLastAccessedDetailsWithEntities
	// operations. The JobId returned by GenerateServiceLastAccessedDetail must
	// be used by the same role within a session, or by the same user when used
	// to call GetServiceLastAccessedDetail.
	JobId *string `min:"36" type:"string"`
	// contains filtered or unexported fields
}

func (GenerateServiceLastAccessedDetailsOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GenerateServiceLastAccessedDetailsOutput) SetJobId

SetJobId sets the JobId field's value.

func (GenerateServiceLastAccessedDetailsOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetAccessKeyLastUsedInput

type GetAccessKeyLastUsedInput struct {

	// The identifier of an access key.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// AccessKeyId is a required field
	AccessKeyId *string `min:"16" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetAccessKeyLastUsedInput) GoString

func (s GetAccessKeyLastUsedInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetAccessKeyLastUsedInput) SetAccessKeyId

SetAccessKeyId sets the AccessKeyId field's value.

func (GetAccessKeyLastUsedInput) String

func (s GetAccessKeyLastUsedInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetAccessKeyLastUsedInput) Validate

func (s *GetAccessKeyLastUsedInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetAccessKeyLastUsedOutput

type GetAccessKeyLastUsedOutput struct {

	// Contains information about the last time the access key was used.
	AccessKeyLastUsed *AccessKeyLastUsed `type:"structure"`

	// The name of the IAM user that owns this access key.
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetAccessKeyLastUsed request. It is also returned as a member of the AccessKeyMetaData structure returned by the ListAccessKeys action.

func (GetAccessKeyLastUsedOutput) GoString

func (s GetAccessKeyLastUsedOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetAccessKeyLastUsedOutput) SetAccessKeyLastUsed

SetAccessKeyLastUsed sets the AccessKeyLastUsed field's value.

func (*GetAccessKeyLastUsedOutput) SetUserName

SetUserName sets the UserName field's value.

func (GetAccessKeyLastUsedOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetAccountAuthorizationDetailsInput

type GetAccountAuthorizationDetailsInput struct {

	// A list of entity types used to filter the results. Only the entities that
	// match the types you specify are included in the output. Use the value LocalManagedPolicy
	// to include customer managed policies.
	//
	// The format for this parameter is a comma-separated (if more than one) list
	// of strings. Each string value in the list must be one of the valid values
	// listed below.
	Filter []*string `type:"list" enum:"EntityType"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (GetAccountAuthorizationDetailsInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetAccountAuthorizationDetailsInput) SetFilter

SetFilter sets the Filter field's value.

func (*GetAccountAuthorizationDetailsInput) SetMarker

SetMarker sets the Marker field's value.

func (*GetAccountAuthorizationDetailsInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (GetAccountAuthorizationDetailsInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetAccountAuthorizationDetailsInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type GetAccountAuthorizationDetailsOutput

type GetAccountAuthorizationDetailsOutput struct {

	// A list containing information about IAM groups.
	GroupDetailList []*GroupDetail `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list containing information about managed policies.
	Policies []*ManagedPolicyDetail `type:"list"`

	// A list containing information about IAM roles.
	RoleDetailList []*RoleDetail `type:"list"`

	// A list containing information about IAM users.
	UserDetailList []*UserDetail `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetAccountAuthorizationDetails request.

func (GetAccountAuthorizationDetailsOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetAccountAuthorizationDetailsOutput) SetGroupDetailList

SetGroupDetailList sets the GroupDetailList field's value.

func (*GetAccountAuthorizationDetailsOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*GetAccountAuthorizationDetailsOutput) SetMarker

SetMarker sets the Marker field's value.

func (*GetAccountAuthorizationDetailsOutput) SetPolicies

SetPolicies sets the Policies field's value.

func (*GetAccountAuthorizationDetailsOutput) SetRoleDetailList

SetRoleDetailList sets the RoleDetailList field's value.

func (*GetAccountAuthorizationDetailsOutput) SetUserDetailList

SetUserDetailList sets the UserDetailList field's value.

func (GetAccountAuthorizationDetailsOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetAccountPasswordPolicyInput

type GetAccountPasswordPolicyInput struct {
	// contains filtered or unexported fields
}

func (GetAccountPasswordPolicyInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (GetAccountPasswordPolicyInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetAccountPasswordPolicyOutput

type GetAccountPasswordPolicyOutput struct {

	// A structure that contains details about the account's password policy.
	//
	// PasswordPolicy is a required field
	PasswordPolicy *PasswordPolicy `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetAccountPasswordPolicy request.

func (GetAccountPasswordPolicyOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetAccountPasswordPolicyOutput) SetPasswordPolicy

SetPasswordPolicy sets the PasswordPolicy field's value.

func (GetAccountPasswordPolicyOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetAccountSummaryInput

type GetAccountSummaryInput struct {
	// contains filtered or unexported fields
}

func (GetAccountSummaryInput) GoString

func (s GetAccountSummaryInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (GetAccountSummaryInput) String

func (s GetAccountSummaryInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetAccountSummaryOutput

type GetAccountSummaryOutput struct {

	// A set of key–value pairs containing information about IAM entity usage
	// and IAM quotas.
	SummaryMap map[string]*int64 `type:"map"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetAccountSummary request.

func (GetAccountSummaryOutput) GoString

func (s GetAccountSummaryOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetAccountSummaryOutput) SetSummaryMap

func (s *GetAccountSummaryOutput) SetSummaryMap(v map[string]*int64) *GetAccountSummaryOutput

SetSummaryMap sets the SummaryMap field's value.

func (GetAccountSummaryOutput) String

func (s GetAccountSummaryOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetContextKeysForCustomPolicyInput

type GetContextKeysForCustomPolicyInput struct {

	// A list of policies for which you want the list of context keys referenced
	// in those policies. Each document is specified as a string containing the
	// complete, valid JSON text of an IAM policy.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyInputList is a required field
	PolicyInputList []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (GetContextKeysForCustomPolicyInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetContextKeysForCustomPolicyInput) SetPolicyInputList

SetPolicyInputList sets the PolicyInputList field's value.

func (GetContextKeysForCustomPolicyInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetContextKeysForCustomPolicyInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type GetContextKeysForPolicyResponse

type GetContextKeysForPolicyResponse struct {

	// The list of context keys that are referenced in the input policies.
	ContextKeyNames []*string `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetContextKeysForPrincipalPolicy or GetContextKeysForCustomPolicy request.

func (GetContextKeysForPolicyResponse) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetContextKeysForPolicyResponse) SetContextKeyNames

SetContextKeyNames sets the ContextKeyNames field's value.

func (GetContextKeysForPolicyResponse) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetContextKeysForPrincipalPolicyInput

type GetContextKeysForPrincipalPolicyInput struct {

	// An optional list of additional policies for which you want the list of context
	// keys that are referenced.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	PolicyInputList []*string `type:"list"`

	// The ARN of a user, group, or role whose policies contain the context keys
	// that you want listed. If you specify a user, the list includes context keys
	// that are found in all policies that are attached to the user. The list also
	// includes all groups that the user is a member of. If you pick a group or
	// a role, then it includes only those context keys that are found in policies
	// attached to that entity. Note that all parameters are shown in unencoded
	// form here for clarity, but must be URL encoded to be included as a part of
	// a real HTML request.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// PolicySourceArn is a required field
	PolicySourceArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetContextKeysForPrincipalPolicyInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetContextKeysForPrincipalPolicyInput) SetPolicyInputList

SetPolicyInputList sets the PolicyInputList field's value.

func (*GetContextKeysForPrincipalPolicyInput) SetPolicySourceArn

SetPolicySourceArn sets the PolicySourceArn field's value.

func (GetContextKeysForPrincipalPolicyInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetContextKeysForPrincipalPolicyInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type GetCredentialReportInput

type GetCredentialReportInput struct {
	// contains filtered or unexported fields
}

func (GetCredentialReportInput) GoString

func (s GetCredentialReportInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (GetCredentialReportInput) String

func (s GetCredentialReportInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetCredentialReportOutput

type GetCredentialReportOutput struct {

	// Contains the credential report. The report is Base64-encoded.
	// Content is automatically base64 encoded/decoded by the SDK.
	Content []byte `type:"blob"`

	// The date and time when the credential report was created, in ISO 8601 date-time
	// format (http://www.iso.org/iso/iso8601).
	GeneratedTime *time.Time `type:"timestamp"`

	// The format (MIME type) of the credential report.
	ReportFormat *string `type:"string" enum:"ReportFormatType"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetCredentialReport request.

func (GetCredentialReportOutput) GoString

func (s GetCredentialReportOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetCredentialReportOutput) SetContent

SetContent sets the Content field's value.

func (*GetCredentialReportOutput) SetGeneratedTime

SetGeneratedTime sets the GeneratedTime field's value.

func (*GetCredentialReportOutput) SetReportFormat

SetReportFormat sets the ReportFormat field's value.

func (GetCredentialReportOutput) String

func (s GetCredentialReportOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetGroupInput

type GetGroupInput struct {

	// The name of the group.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (GetGroupInput) GoString

func (s GetGroupInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetGroupInput) SetGroupName

func (s *GetGroupInput) SetGroupName(v string) *GetGroupInput

SetGroupName sets the GroupName field's value.

func (*GetGroupInput) SetMarker

func (s *GetGroupInput) SetMarker(v string) *GetGroupInput

SetMarker sets the Marker field's value.

func (*GetGroupInput) SetMaxItems

func (s *GetGroupInput) SetMaxItems(v int64) *GetGroupInput

SetMaxItems sets the MaxItems field's value.

func (GetGroupInput) String

func (s GetGroupInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetGroupInput) Validate

func (s *GetGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetGroupOutput

type GetGroupOutput struct {

	// A structure that contains details about the group.
	//
	// Group is a required field
	Group *Group `type:"structure" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of users in the group.
	//
	// Users is a required field
	Users []*User `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetGroup request.

func (GetGroupOutput) GoString

func (s GetGroupOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetGroupOutput) SetGroup

func (s *GetGroupOutput) SetGroup(v *Group) *GetGroupOutput

SetGroup sets the Group field's value.

func (*GetGroupOutput) SetIsTruncated

func (s *GetGroupOutput) SetIsTruncated(v bool) *GetGroupOutput

SetIsTruncated sets the IsTruncated field's value.

func (*GetGroupOutput) SetMarker

func (s *GetGroupOutput) SetMarker(v string) *GetGroupOutput

SetMarker sets the Marker field's value.

func (*GetGroupOutput) SetUsers

func (s *GetGroupOutput) SetUsers(v []*User) *GetGroupOutput

SetUsers sets the Users field's value.

func (GetGroupOutput) String

func (s GetGroupOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetGroupPolicyInput

type GetGroupPolicyInput struct {

	// The name of the group the policy is associated with.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The name of the policy document to get.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetGroupPolicyInput) GoString

func (s GetGroupPolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetGroupPolicyInput) SetGroupName

func (s *GetGroupPolicyInput) SetGroupName(v string) *GetGroupPolicyInput

SetGroupName sets the GroupName field's value.

func (*GetGroupPolicyInput) SetPolicyName

func (s *GetGroupPolicyInput) SetPolicyName(v string) *GetGroupPolicyInput

SetPolicyName sets the PolicyName field's value.

func (GetGroupPolicyInput) String

func (s GetGroupPolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetGroupPolicyInput) Validate

func (s *GetGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetGroupPolicyOutput

type GetGroupPolicyOutput struct {

	// The group the policy is associated with.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The policy document.
	//
	// IAM stores policies in JSON format. However, resources that were created
	// using CloudFormation templates can be formatted in YAML. CloudFormation always
	// converts a YAML policy to JSON format before submitting it to IAM.
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy.
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetGroupPolicy request.

func (GetGroupPolicyOutput) GoString

func (s GetGroupPolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetGroupPolicyOutput) SetGroupName

func (s *GetGroupPolicyOutput) SetGroupName(v string) *GetGroupPolicyOutput

SetGroupName sets the GroupName field's value.

func (*GetGroupPolicyOutput) SetPolicyDocument

func (s *GetGroupPolicyOutput) SetPolicyDocument(v string) *GetGroupPolicyOutput

SetPolicyDocument sets the PolicyDocument field's value.

func (*GetGroupPolicyOutput) SetPolicyName

func (s *GetGroupPolicyOutput) SetPolicyName(v string) *GetGroupPolicyOutput

SetPolicyName sets the PolicyName field's value.

func (GetGroupPolicyOutput) String

func (s GetGroupPolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetInstanceProfileInput

type GetInstanceProfileInput struct {

	// The name of the instance profile to get information about.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetInstanceProfileInput) GoString

func (s GetInstanceProfileInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetInstanceProfileInput) SetInstanceProfileName

func (s *GetInstanceProfileInput) SetInstanceProfileName(v string) *GetInstanceProfileInput

SetInstanceProfileName sets the InstanceProfileName field's value.

func (GetInstanceProfileInput) String

func (s GetInstanceProfileInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetInstanceProfileInput) Validate

func (s *GetInstanceProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetInstanceProfileOutput

type GetInstanceProfileOutput struct {

	// A structure containing details about the instance profile.
	//
	// InstanceProfile is a required field
	InstanceProfile *InstanceProfile `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetInstanceProfile request.

func (GetInstanceProfileOutput) GoString

func (s GetInstanceProfileOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetInstanceProfileOutput) SetInstanceProfile

SetInstanceProfile sets the InstanceProfile field's value.

func (GetInstanceProfileOutput) String

func (s GetInstanceProfileOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetLoginProfileInput

type GetLoginProfileInput struct {

	// The name of the user whose login profile you want to retrieve.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetLoginProfileInput) GoString

func (s GetLoginProfileInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetLoginProfileInput) SetUserName

SetUserName sets the UserName field's value.

func (GetLoginProfileInput) String

func (s GetLoginProfileInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetLoginProfileInput) Validate

func (s *GetLoginProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetLoginProfileOutput

type GetLoginProfileOutput struct {

	// A structure containing the user name and the profile creation date for the
	// user.
	//
	// LoginProfile is a required field
	LoginProfile *LoginProfile `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetLoginProfile request.

func (GetLoginProfileOutput) GoString

func (s GetLoginProfileOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetLoginProfileOutput) SetLoginProfile

SetLoginProfile sets the LoginProfile field's value.

func (GetLoginProfileOutput) String

func (s GetLoginProfileOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetMFADeviceInput added in v1.42.9

type GetMFADeviceInput struct {

	// Serial number that uniquely identifies the MFA device. For this API, we only
	// accept FIDO security key ARNs (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference-arns.html).
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The friendly name identifying the user.
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (GetMFADeviceInput) GoString added in v1.42.9

func (s GetMFADeviceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetMFADeviceInput) SetSerialNumber added in v1.42.9

func (s *GetMFADeviceInput) SetSerialNumber(v string) *GetMFADeviceInput

SetSerialNumber sets the SerialNumber field's value.

func (*GetMFADeviceInput) SetUserName added in v1.42.9

func (s *GetMFADeviceInput) SetUserName(v string) *GetMFADeviceInput

SetUserName sets the UserName field's value.

func (GetMFADeviceInput) String added in v1.42.9

func (s GetMFADeviceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetMFADeviceInput) Validate added in v1.42.9

func (s *GetMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetMFADeviceOutput added in v1.42.9

type GetMFADeviceOutput struct {

	// The certifications of a specified user's MFA device. We currently provide
	// FIPS-140-2, FIPS-140-3, and FIDO certification levels obtained from FIDO
	// Alliance Metadata Service (MDS) (https://fidoalliance.org/metadata/).
	Certifications map[string]*string `type:"map"`

	// The date that a specified user's MFA device was first enabled.
	EnableDate *time.Time `type:"timestamp"`

	// Serial number that uniquely identifies the MFA device. For this API, we only
	// accept FIDO security key ARNs (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference-arns.html).
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The friendly name identifying the user.
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (GetMFADeviceOutput) GoString added in v1.42.9

func (s GetMFADeviceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetMFADeviceOutput) SetCertifications added in v1.42.9

func (s *GetMFADeviceOutput) SetCertifications(v map[string]*string) *GetMFADeviceOutput

SetCertifications sets the Certifications field's value.

func (*GetMFADeviceOutput) SetEnableDate added in v1.42.9

func (s *GetMFADeviceOutput) SetEnableDate(v time.Time) *GetMFADeviceOutput

SetEnableDate sets the EnableDate field's value.

func (*GetMFADeviceOutput) SetSerialNumber added in v1.42.9

func (s *GetMFADeviceOutput) SetSerialNumber(v string) *GetMFADeviceOutput

SetSerialNumber sets the SerialNumber field's value.

func (*GetMFADeviceOutput) SetUserName added in v1.42.9

func (s *GetMFADeviceOutput) SetUserName(v string) *GetMFADeviceOutput

SetUserName sets the UserName field's value.

func (GetMFADeviceOutput) String added in v1.42.9

func (s GetMFADeviceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetOpenIDConnectProviderInput

type GetOpenIDConnectProviderInput struct {

	// The Amazon Resource Name (ARN) of the OIDC provider resource object in IAM
	// to get information for. You can get a list of OIDC provider resource ARNs
	// by using the ListOpenIDConnectProviders operation.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetOpenIDConnectProviderInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetOpenIDConnectProviderInput) SetOpenIDConnectProviderArn

func (s *GetOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *GetOpenIDConnectProviderInput

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (GetOpenIDConnectProviderInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetOpenIDConnectProviderInput) Validate

func (s *GetOpenIDConnectProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetOpenIDConnectProviderOutput

type GetOpenIDConnectProviderOutput struct {

	// A list of client IDs (also known as audiences) that are associated with the
	// specified IAM OIDC provider resource object. For more information, see CreateOpenIDConnectProvider.
	ClientIDList []*string `type:"list"`

	// The date and time when the IAM OIDC provider resource object was created
	// in the Amazon Web Services account.
	CreateDate *time.Time `type:"timestamp"`

	// A list of tags that are attached to the specified IAM OIDC provider. The
	// returned list of tags is sorted by tag key. For more information about tagging,
	// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	Tags []*Tag `type:"list"`

	// A list of certificate thumbprints that are associated with the specified
	// IAM OIDC provider resource object. For more information, see CreateOpenIDConnectProvider.
	ThumbprintList []*string `type:"list"`

	// The URL that the IAM OIDC provider resource object is associated with. For
	// more information, see CreateOpenIDConnectProvider.
	Url *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetOpenIDConnectProvider request.

func (GetOpenIDConnectProviderOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetOpenIDConnectProviderOutput) SetClientIDList

SetClientIDList sets the ClientIDList field's value.

func (*GetOpenIDConnectProviderOutput) SetCreateDate

SetCreateDate sets the CreateDate field's value.

func (*GetOpenIDConnectProviderOutput) SetTags

SetTags sets the Tags field's value.

func (*GetOpenIDConnectProviderOutput) SetThumbprintList

SetThumbprintList sets the ThumbprintList field's value.

func (*GetOpenIDConnectProviderOutput) SetUrl

SetUrl sets the Url field's value.

func (GetOpenIDConnectProviderOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetOrganizationsAccessReportInput

type GetOrganizationsAccessReportInput struct {

	// The identifier of the request generated by the GenerateOrganizationsAccessReport
	// operation.
	//
	// JobId is a required field
	JobId *string `min:"36" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The key that is used to sort the results. If you choose the namespace key,
	// the results are returned in alphabetical order. If you choose the time key,
	// the results are sorted numerically by the date and time.
	SortKey *string `type:"string" enum:"SortKeyType"`
	// contains filtered or unexported fields
}

func (GetOrganizationsAccessReportInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetOrganizationsAccessReportInput) SetJobId

SetJobId sets the JobId field's value.

func (*GetOrganizationsAccessReportInput) SetMarker

SetMarker sets the Marker field's value.

func (*GetOrganizationsAccessReportInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*GetOrganizationsAccessReportInput) SetSortKey

SetSortKey sets the SortKey field's value.

func (GetOrganizationsAccessReportInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetOrganizationsAccessReportInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type GetOrganizationsAccessReportOutput

type GetOrganizationsAccessReportOutput struct {

	// An object that contains details about the most recent attempt to access the
	// service.
	AccessDetails []*AccessDetail `type:"list"`

	// Contains information about the reason that the operation failed.
	//
	// This data type is used as a response element in the GetOrganizationsAccessReport,
	// GetServiceLastAccessedDetails, and GetServiceLastAccessedDetailsWithEntities
	// operations.
	ErrorDetails *ErrorDetails `type:"structure"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the generated report job was completed or failed.
	//
	// This field is null if the job is still in progress, as indicated by a job
	// status value of IN_PROGRESS.
	JobCompletionDate *time.Time `type:"timestamp"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the report job was created.
	//
	// JobCreationDate is a required field
	JobCreationDate *time.Time `type:"timestamp" required:"true"`

	// The status of the job.
	//
	// JobStatus is a required field
	JobStatus *string `type:"string" required:"true" enum:"JobStatusType"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// The number of services that the applicable SCPs allow account principals
	// to access.
	NumberOfServicesAccessible *int64 `type:"integer"`

	// The number of services that account principals are allowed but did not attempt
	// to access.
	NumberOfServicesNotAccessed *int64 `type:"integer"`
	// contains filtered or unexported fields
}

func (GetOrganizationsAccessReportOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetOrganizationsAccessReportOutput) SetAccessDetails

SetAccessDetails sets the AccessDetails field's value.

func (*GetOrganizationsAccessReportOutput) SetErrorDetails

SetErrorDetails sets the ErrorDetails field's value.

func (*GetOrganizationsAccessReportOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*GetOrganizationsAccessReportOutput) SetJobCompletionDate

SetJobCompletionDate sets the JobCompletionDate field's value.

func (*GetOrganizationsAccessReportOutput) SetJobCreationDate

SetJobCreationDate sets the JobCreationDate field's value.

func (*GetOrganizationsAccessReportOutput) SetJobStatus

SetJobStatus sets the JobStatus field's value.

func (*GetOrganizationsAccessReportOutput) SetMarker

SetMarker sets the Marker field's value.

func (*GetOrganizationsAccessReportOutput) SetNumberOfServicesAccessible

SetNumberOfServicesAccessible sets the NumberOfServicesAccessible field's value.

func (*GetOrganizationsAccessReportOutput) SetNumberOfServicesNotAccessed

func (s *GetOrganizationsAccessReportOutput) SetNumberOfServicesNotAccessed(v int64) *GetOrganizationsAccessReportOutput

SetNumberOfServicesNotAccessed sets the NumberOfServicesNotAccessed field's value.

func (GetOrganizationsAccessReportOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetPolicyInput

type GetPolicyInput struct {

	// The Amazon Resource Name (ARN) of the managed policy that you want information
	// about.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetPolicyInput) GoString

func (s GetPolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyInput) SetPolicyArn

func (s *GetPolicyInput) SetPolicyArn(v string) *GetPolicyInput

SetPolicyArn sets the PolicyArn field's value.

func (GetPolicyInput) String

func (s GetPolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyInput) Validate

func (s *GetPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetPolicyOutput

type GetPolicyOutput struct {

	// A structure containing details about the policy.
	Policy *Policy `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetPolicy request.

func (GetPolicyOutput) GoString

func (s GetPolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyOutput) SetPolicy

func (s *GetPolicyOutput) SetPolicy(v *Policy) *GetPolicyOutput

SetPolicy sets the Policy field's value.

func (GetPolicyOutput) String

func (s GetPolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetPolicyVersionInput

type GetPolicyVersionInput struct {

	// The Amazon Resource Name (ARN) of the managed policy that you want information
	// about.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// Identifies the policy version to retrieve.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that consists of the lowercase letter 'v' followed
	// by one or two digits, and optionally followed by a period '.' and a string
	// of letters and digits.
	//
	// VersionId is a required field
	VersionId *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetPolicyVersionInput) GoString

func (s GetPolicyVersionInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyVersionInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (*GetPolicyVersionInput) SetVersionId

SetVersionId sets the VersionId field's value.

func (GetPolicyVersionInput) String

func (s GetPolicyVersionInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyVersionInput) Validate

func (s *GetPolicyVersionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetPolicyVersionOutput

type GetPolicyVersionOutput struct {

	// A structure containing details about the policy version.
	PolicyVersion *PolicyVersion `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetPolicyVersion request.

func (GetPolicyVersionOutput) GoString

func (s GetPolicyVersionOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetPolicyVersionOutput) SetPolicyVersion

SetPolicyVersion sets the PolicyVersion field's value.

func (GetPolicyVersionOutput) String

func (s GetPolicyVersionOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetRoleInput

type GetRoleInput struct {

	// The name of the IAM role to get information about.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetRoleInput) GoString

func (s GetRoleInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetRoleInput) SetRoleName

func (s *GetRoleInput) SetRoleName(v string) *GetRoleInput

SetRoleName sets the RoleName field's value.

func (GetRoleInput) String

func (s GetRoleInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetRoleInput) Validate

func (s *GetRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetRoleOutput

type GetRoleOutput struct {

	// A structure containing details about the IAM role.
	//
	// Role is a required field
	Role *Role `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetRole request.

func (GetRoleOutput) GoString

func (s GetRoleOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetRoleOutput) SetRole

func (s *GetRoleOutput) SetRole(v *Role) *GetRoleOutput

SetRole sets the Role field's value.

func (GetRoleOutput) String

func (s GetRoleOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetRolePolicyInput

type GetRolePolicyInput struct {

	// The name of the policy document to get.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name of the role associated with the policy.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetRolePolicyInput) GoString

func (s GetRolePolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetRolePolicyInput) SetPolicyName

func (s *GetRolePolicyInput) SetPolicyName(v string) *GetRolePolicyInput

SetPolicyName sets the PolicyName field's value.

func (*GetRolePolicyInput) SetRoleName

func (s *GetRolePolicyInput) SetRoleName(v string) *GetRolePolicyInput

SetRoleName sets the RoleName field's value.

func (GetRolePolicyInput) String

func (s GetRolePolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetRolePolicyInput) Validate

func (s *GetRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetRolePolicyOutput

type GetRolePolicyOutput struct {

	// The policy document.
	//
	// IAM stores policies in JSON format. However, resources that were created
	// using CloudFormation templates can be formatted in YAML. CloudFormation always
	// converts a YAML policy to JSON format before submitting it to IAM.
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy.
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The role the policy is associated with.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetRolePolicy request.

func (GetRolePolicyOutput) GoString

func (s GetRolePolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetRolePolicyOutput) SetPolicyDocument

func (s *GetRolePolicyOutput) SetPolicyDocument(v string) *GetRolePolicyOutput

SetPolicyDocument sets the PolicyDocument field's value.

func (*GetRolePolicyOutput) SetPolicyName

func (s *GetRolePolicyOutput) SetPolicyName(v string) *GetRolePolicyOutput

SetPolicyName sets the PolicyName field's value.

func (*GetRolePolicyOutput) SetRoleName

func (s *GetRolePolicyOutput) SetRoleName(v string) *GetRolePolicyOutput

SetRoleName sets the RoleName field's value.

func (GetRolePolicyOutput) String

func (s GetRolePolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetSAMLProviderInput

type GetSAMLProviderInput struct {

	// The Amazon Resource Name (ARN) of the SAML provider resource object in IAM
	// to get information about.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// SAMLProviderArn is a required field
	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetSAMLProviderInput) GoString

func (s GetSAMLProviderInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetSAMLProviderInput) SetSAMLProviderArn

func (s *GetSAMLProviderInput) SetSAMLProviderArn(v string) *GetSAMLProviderInput

SetSAMLProviderArn sets the SAMLProviderArn field's value.

func (GetSAMLProviderInput) String

func (s GetSAMLProviderInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetSAMLProviderInput) Validate

func (s *GetSAMLProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetSAMLProviderOutput

type GetSAMLProviderOutput struct {

	// The date and time when the SAML provider was created.
	CreateDate *time.Time `type:"timestamp"`

	// The XML metadata document that includes information about an identity provider.
	SAMLMetadataDocument *string `min:"1000" type:"string"`

	// A list of tags that are attached to the specified IAM SAML provider. The
	// returned list of tags is sorted by tag key. For more information about tagging,
	// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	Tags []*Tag `type:"list"`

	// The expiration date and time for the SAML provider.
	ValidUntil *time.Time `type:"timestamp"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetSAMLProvider request.

func (GetSAMLProviderOutput) GoString

func (s GetSAMLProviderOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetSAMLProviderOutput) SetCreateDate

SetCreateDate sets the CreateDate field's value.

func (*GetSAMLProviderOutput) SetSAMLMetadataDocument

func (s *GetSAMLProviderOutput) SetSAMLMetadataDocument(v string) *GetSAMLProviderOutput

SetSAMLMetadataDocument sets the SAMLMetadataDocument field's value.

func (*GetSAMLProviderOutput) SetTags

SetTags sets the Tags field's value.

func (*GetSAMLProviderOutput) SetValidUntil

SetValidUntil sets the ValidUntil field's value.

func (GetSAMLProviderOutput) String

func (s GetSAMLProviderOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetSSHPublicKeyInput

type GetSSHPublicKeyInput struct {

	// Specifies the public key encoding format to use in the response. To retrieve
	// the public key in ssh-rsa format, use SSH. To retrieve the public key in
	// PEM format, use PEM.
	//
	// Encoding is a required field
	Encoding *string `type:"string" required:"true" enum:"EncodingType"`

	// The unique identifier for the SSH public key.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The name of the IAM user associated with the SSH public key.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetSSHPublicKeyInput) GoString

func (s GetSSHPublicKeyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetSSHPublicKeyInput) SetEncoding

SetEncoding sets the Encoding field's value.

func (*GetSSHPublicKeyInput) SetSSHPublicKeyId

func (s *GetSSHPublicKeyInput) SetSSHPublicKeyId(v string) *GetSSHPublicKeyInput

SetSSHPublicKeyId sets the SSHPublicKeyId field's value.

func (*GetSSHPublicKeyInput) SetUserName

SetUserName sets the UserName field's value.

func (GetSSHPublicKeyInput) String

func (s GetSSHPublicKeyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetSSHPublicKeyInput) Validate

func (s *GetSSHPublicKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetSSHPublicKeyOutput

type GetSSHPublicKeyOutput struct {

	// A structure containing details about the SSH public key.
	SSHPublicKey *SSHPublicKey `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetSSHPublicKey request.

func (GetSSHPublicKeyOutput) GoString

func (s GetSSHPublicKeyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetSSHPublicKeyOutput) SetSSHPublicKey

SetSSHPublicKey sets the SSHPublicKey field's value.

func (GetSSHPublicKeyOutput) String

func (s GetSSHPublicKeyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetServerCertificateInput

type GetServerCertificateInput struct {

	// The name of the server certificate you want to retrieve information about.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetServerCertificateInput) GoString

func (s GetServerCertificateInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetServerCertificateInput) SetServerCertificateName

func (s *GetServerCertificateInput) SetServerCertificateName(v string) *GetServerCertificateInput

SetServerCertificateName sets the ServerCertificateName field's value.

func (GetServerCertificateInput) String

func (s GetServerCertificateInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetServerCertificateInput) Validate

func (s *GetServerCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetServerCertificateOutput

type GetServerCertificateOutput struct {

	// A structure containing details about the server certificate.
	//
	// ServerCertificate is a required field
	ServerCertificate *ServerCertificate `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetServerCertificate request.

func (GetServerCertificateOutput) GoString

func (s GetServerCertificateOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetServerCertificateOutput) SetServerCertificate

SetServerCertificate sets the ServerCertificate field's value.

func (GetServerCertificateOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetServiceLastAccessedDetailsInput

type GetServiceLastAccessedDetailsInput struct {

	// The ID of the request generated by the GenerateServiceLastAccessedDetails
	// operation. The JobId returned by GenerateServiceLastAccessedDetail must be
	// used by the same role within a session, or by the same user when used to
	// call GetServiceLastAccessedDetail.
	//
	// JobId is a required field
	JobId *string `min:"36" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (GetServiceLastAccessedDetailsInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetServiceLastAccessedDetailsInput) SetJobId

SetJobId sets the JobId field's value.

func (*GetServiceLastAccessedDetailsInput) SetMarker

SetMarker sets the Marker field's value.

func (*GetServiceLastAccessedDetailsInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (GetServiceLastAccessedDetailsInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetServiceLastAccessedDetailsInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type GetServiceLastAccessedDetailsOutput

type GetServiceLastAccessedDetailsOutput struct {

	// An object that contains details about the reason the operation failed.
	Error *ErrorDetails `type:"structure"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the generated report job was completed or failed.
	//
	// This field is null if the job is still in progress, as indicated by a job
	// status value of IN_PROGRESS.
	//
	// JobCompletionDate is a required field
	JobCompletionDate *time.Time `type:"timestamp" required:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the report job was created.
	//
	// JobCreationDate is a required field
	JobCreationDate *time.Time `type:"timestamp" required:"true"`

	// The status of the job.
	//
	// JobStatus is a required field
	JobStatus *string `type:"string" required:"true" enum:"JobStatusType"`

	// The type of job. Service jobs return information about when each service
	// was last accessed. Action jobs also include information about when tracked
	// actions within the service were last accessed.
	JobType *string `type:"string" enum:"AccessAdvisorUsageGranularityType"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A ServiceLastAccessed object that contains details about the most recent
	// attempt to access the service.
	//
	// ServicesLastAccessed is a required field
	ServicesLastAccessed []*ServiceLastAccessed `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (GetServiceLastAccessedDetailsOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetServiceLastAccessedDetailsOutput) SetError

SetError sets the Error field's value.

func (*GetServiceLastAccessedDetailsOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*GetServiceLastAccessedDetailsOutput) SetJobCompletionDate

SetJobCompletionDate sets the JobCompletionDate field's value.

func (*GetServiceLastAccessedDetailsOutput) SetJobCreationDate

SetJobCreationDate sets the JobCreationDate field's value.

func (*GetServiceLastAccessedDetailsOutput) SetJobStatus

SetJobStatus sets the JobStatus field's value.

func (*GetServiceLastAccessedDetailsOutput) SetJobType

SetJobType sets the JobType field's value.

func (*GetServiceLastAccessedDetailsOutput) SetMarker

SetMarker sets the Marker field's value.

func (*GetServiceLastAccessedDetailsOutput) SetServicesLastAccessed

SetServicesLastAccessed sets the ServicesLastAccessed field's value.

func (GetServiceLastAccessedDetailsOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetServiceLastAccessedDetailsWithEntitiesInput

type GetServiceLastAccessedDetailsWithEntitiesInput struct {

	// The ID of the request generated by the GenerateServiceLastAccessedDetails
	// operation.
	//
	// JobId is a required field
	JobId *string `min:"36" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The service namespace for an Amazon Web Services service. Provide the service
	// namespace to learn when the IAM entity last attempted to access the specified
	// service.
	//
	// To learn the service namespace for a service, see Actions, resources, and
	// condition keys for Amazon Web Services services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
	// in the IAM User Guide. Choose the name of the service to view details for
	// that service. In the first paragraph, find the service prefix. For example,
	// (service prefix: a4b). For more information about service namespaces, see
	// Amazon Web Services service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
	// in the Amazon Web Services General Reference.
	//
	// ServiceNamespace is a required field
	ServiceNamespace *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetServiceLastAccessedDetailsWithEntitiesInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetServiceLastAccessedDetailsWithEntitiesInput) SetJobId

SetJobId sets the JobId field's value.

func (*GetServiceLastAccessedDetailsWithEntitiesInput) SetMarker

SetMarker sets the Marker field's value.

func (*GetServiceLastAccessedDetailsWithEntitiesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*GetServiceLastAccessedDetailsWithEntitiesInput) SetServiceNamespace

SetServiceNamespace sets the ServiceNamespace field's value.

func (GetServiceLastAccessedDetailsWithEntitiesInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetServiceLastAccessedDetailsWithEntitiesInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type GetServiceLastAccessedDetailsWithEntitiesOutput

type GetServiceLastAccessedDetailsWithEntitiesOutput struct {

	// An EntityDetailsList object that contains details about when an IAM entity
	// (user or role) used group or policy permissions in an attempt to access the
	// specified Amazon Web Services service.
	//
	// EntityDetailsList is a required field
	EntityDetailsList []*EntityDetails `type:"list" required:"true"`

	// An object that contains details about the reason the operation failed.
	Error *ErrorDetails `type:"structure"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the generated report job was completed or failed.
	//
	// This field is null if the job is still in progress, as indicated by a job
	// status value of IN_PROGRESS.
	//
	// JobCompletionDate is a required field
	JobCompletionDate *time.Time `type:"timestamp" required:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the report job was created.
	//
	// JobCreationDate is a required field
	JobCreationDate *time.Time `type:"timestamp" required:"true"`

	// The status of the job.
	//
	// JobStatus is a required field
	JobStatus *string `type:"string" required:"true" enum:"JobStatusType"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

func (GetServiceLastAccessedDetailsWithEntitiesOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetServiceLastAccessedDetailsWithEntitiesOutput) SetEntityDetailsList

SetEntityDetailsList sets the EntityDetailsList field's value.

func (*GetServiceLastAccessedDetailsWithEntitiesOutput) SetError

SetError sets the Error field's value.

func (*GetServiceLastAccessedDetailsWithEntitiesOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*GetServiceLastAccessedDetailsWithEntitiesOutput) SetJobCompletionDate

SetJobCompletionDate sets the JobCompletionDate field's value.

func (*GetServiceLastAccessedDetailsWithEntitiesOutput) SetJobCreationDate

SetJobCreationDate sets the JobCreationDate field's value.

func (*GetServiceLastAccessedDetailsWithEntitiesOutput) SetJobStatus

SetJobStatus sets the JobStatus field's value.

func (*GetServiceLastAccessedDetailsWithEntitiesOutput) SetMarker

SetMarker sets the Marker field's value.

func (GetServiceLastAccessedDetailsWithEntitiesOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetServiceLinkedRoleDeletionStatusInput

type GetServiceLinkedRoleDeletionStatusInput struct {

	// The deletion task identifier. This identifier is returned by the DeleteServiceLinkedRole
	// operation in the format task/aws-service-role/<service-principal-name>/<role-name>/<task-uuid>.
	//
	// DeletionTaskId is a required field
	DeletionTaskId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetServiceLinkedRoleDeletionStatusInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetServiceLinkedRoleDeletionStatusInput) SetDeletionTaskId

SetDeletionTaskId sets the DeletionTaskId field's value.

func (GetServiceLinkedRoleDeletionStatusInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetServiceLinkedRoleDeletionStatusInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type GetServiceLinkedRoleDeletionStatusOutput

type GetServiceLinkedRoleDeletionStatusOutput struct {

	// An object that contains details about the reason the deletion failed.
	Reason *DeletionTaskFailureReasonType `type:"structure"`

	// The status of the deletion.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"DeletionTaskStatusType"`
	// contains filtered or unexported fields
}

func (GetServiceLinkedRoleDeletionStatusOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetServiceLinkedRoleDeletionStatusOutput) SetReason

SetReason sets the Reason field's value.

func (*GetServiceLinkedRoleDeletionStatusOutput) SetStatus

SetStatus sets the Status field's value.

func (GetServiceLinkedRoleDeletionStatusOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetUserInput

type GetUserInput struct {

	// The name of the user to get information about.
	//
	// This parameter is optional. If it is not included, it defaults to the user
	// making the request. This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (GetUserInput) GoString

func (s GetUserInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetUserInput) SetUserName

func (s *GetUserInput) SetUserName(v string) *GetUserInput

SetUserName sets the UserName field's value.

func (GetUserInput) String

func (s GetUserInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetUserInput) Validate

func (s *GetUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetUserOutput

type GetUserOutput struct {

	// A structure containing details about the IAM user.
	//
	// Due to a service issue, password last used data does not include password
	// use from May 3, 2018 22:50 PDT to May 23, 2018 14:08 PDT. This affects last
	// sign-in (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_finding-unused.html)
	// dates shown in the IAM console and password last used dates in the IAM credential
	// report (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html),
	// and returned by this operation. If users signed in during the affected time,
	// the password last used date that is returned is the date the user last signed
	// in before May 3, 2018. For users that signed in after May 23, 2018 14:08
	// PDT, the returned password last used date is accurate.
	//
	// You can use password last used information to identify unused credentials
	// for deletion. For example, you might delete users who did not sign in to
	// Amazon Web Services in the last 90 days. In cases like this, we recommend
	// that you adjust your evaluation window to include dates after May 23, 2018.
	// Alternatively, if your users use access keys to access Amazon Web Services
	// programmatically you can refer to access key last used information because
	// it is accurate for all dates.
	//
	// User is a required field
	User *User `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetUser request.

func (GetUserOutput) GoString

func (s GetUserOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetUserOutput) SetUser

func (s *GetUserOutput) SetUser(v *User) *GetUserOutput

SetUser sets the User field's value.

func (GetUserOutput) String

func (s GetUserOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GetUserPolicyInput

type GetUserPolicyInput struct {

	// The name of the policy document to get.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name of the user who the policy is associated with.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetUserPolicyInput) GoString

func (s GetUserPolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetUserPolicyInput) SetPolicyName

func (s *GetUserPolicyInput) SetPolicyName(v string) *GetUserPolicyInput

SetPolicyName sets the PolicyName field's value.

func (*GetUserPolicyInput) SetUserName

func (s *GetUserPolicyInput) SetUserName(v string) *GetUserPolicyInput

SetUserName sets the UserName field's value.

func (GetUserPolicyInput) String

func (s GetUserPolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetUserPolicyInput) Validate

func (s *GetUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetUserPolicyOutput

type GetUserPolicyOutput struct {

	// The policy document.
	//
	// IAM stores policies in JSON format. However, resources that were created
	// using CloudFormation templates can be formatted in YAML. CloudFormation always
	// converts a YAML policy to JSON format before submitting it to IAM.
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy.
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The user the policy is associated with.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetUserPolicy request.

func (GetUserPolicyOutput) GoString

func (s GetUserPolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GetUserPolicyOutput) SetPolicyDocument

func (s *GetUserPolicyOutput) SetPolicyDocument(v string) *GetUserPolicyOutput

SetPolicyDocument sets the PolicyDocument field's value.

func (*GetUserPolicyOutput) SetPolicyName

func (s *GetUserPolicyOutput) SetPolicyName(v string) *GetUserPolicyOutput

SetPolicyName sets the PolicyName field's value.

func (*GetUserPolicyOutput) SetUserName

func (s *GetUserPolicyOutput) SetUserName(v string) *GetUserPolicyOutput

SetUserName sets the UserName field's value.

func (GetUserPolicyOutput) String

func (s GetUserPolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type Group

type Group struct {

	// The Amazon Resource Name (ARN) specifying the group. For more information
	// about ARNs and how to use them in policies, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the group was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" required:"true"`

	// The stable and unique string identifying the group. For more information
	// about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// GroupId is a required field
	GroupId *string `min:"16" type:"string" required:"true"`

	// The friendly name that identifies the group.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The path to the group. For more information about paths, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an IAM group entity.

This data type is used as a response element in the following operations:

  • CreateGroup

  • GetGroup

  • ListGroups

func (Group) GoString

func (s Group) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*Group) SetArn

func (s *Group) SetArn(v string) *Group

SetArn sets the Arn field's value.

func (*Group) SetCreateDate

func (s *Group) SetCreateDate(v time.Time) *Group

SetCreateDate sets the CreateDate field's value.

func (*Group) SetGroupId

func (s *Group) SetGroupId(v string) *Group

SetGroupId sets the GroupId field's value.

func (*Group) SetGroupName

func (s *Group) SetGroupName(v string) *Group

SetGroupName sets the GroupName field's value.

func (*Group) SetPath

func (s *Group) SetPath(v string) *Group

SetPath sets the Path field's value.

func (Group) String

func (s Group) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type GroupDetail

type GroupDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	Arn *string `min:"20" type:"string"`

	// A list of the managed policies attached to the group.
	AttachedManagedPolicies []*AttachedPolicy `type:"list"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the group was created.
	CreateDate *time.Time `type:"timestamp"`

	// The stable and unique string identifying the group. For more information
	// about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	GroupId *string `min:"16" type:"string"`

	// The friendly name that identifies the group.
	GroupName *string `min:"1" type:"string"`

	// A list of the inline policies embedded in the group.
	GroupPolicyList []*PolicyDetail `type:"list"`

	// The path to the group. For more information about paths, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	Path *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about an IAM group, including all of the group's policies.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

func (GroupDetail) GoString

func (s GroupDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*GroupDetail) SetArn

func (s *GroupDetail) SetArn(v string) *GroupDetail

SetArn sets the Arn field's value.

func (*GroupDetail) SetAttachedManagedPolicies

func (s *GroupDetail) SetAttachedManagedPolicies(v []*AttachedPolicy) *GroupDetail

SetAttachedManagedPolicies sets the AttachedManagedPolicies field's value.

func (*GroupDetail) SetCreateDate

func (s *GroupDetail) SetCreateDate(v time.Time) *GroupDetail

SetCreateDate sets the CreateDate field's value.

func (*GroupDetail) SetGroupId

func (s *GroupDetail) SetGroupId(v string) *GroupDetail

SetGroupId sets the GroupId field's value.

func (*GroupDetail) SetGroupName

func (s *GroupDetail) SetGroupName(v string) *GroupDetail

SetGroupName sets the GroupName field's value.

func (*GroupDetail) SetGroupPolicyList

func (s *GroupDetail) SetGroupPolicyList(v []*PolicyDetail) *GroupDetail

SetGroupPolicyList sets the GroupPolicyList field's value.

func (*GroupDetail) SetPath

func (s *GroupDetail) SetPath(v string) *GroupDetail

SetPath sets the Path field's value.

func (GroupDetail) String

func (s GroupDetail) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type IAM

type IAM struct {
	*client.Client
}

IAM provides the API operation methods for making requests to AWS Identity and Access Management. See this package's package overview docs for details on the service.

IAM methods are safe to use concurrently. It is not safe to modify mutate any of the struct's properties though.

func New

func New(p client.ConfigProvider, cfgs ...*aws.Config) *IAM

New creates a new instance of the IAM client with a session. If additional configuration is needed for the client instance use the optional aws.Config parameter to add your extra config.

Example:

mySession := session.Must(session.NewSession())

// Create a IAM client from just a session.
svc := iam.New(mySession)

// Create a IAM client with additional configuration
svc := iam.New(mySession, aws.NewConfig().WithRegion("us-west-2"))

func (*IAM) AddClientIDToOpenIDConnectProvider

func (c *IAM) AddClientIDToOpenIDConnectProvider(input *AddClientIDToOpenIDConnectProviderInput) (*AddClientIDToOpenIDConnectProviderOutput, error)

AddClientIDToOpenIDConnectProvider API operation for AWS Identity and Access Management.

Adds a new client ID (also known as audience) to the list of client IDs already registered for the specified IAM OpenID Connect (OIDC) provider resource.

This operation is idempotent; it does not fail or return an error if you add an existing client ID to the provider.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation AddClientIDToOpenIDConnectProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddClientIDToOpenIDConnectProvider

Example (Shared00)

To add a client ID (audience) to an Open-ID Connect (OIDC) provider The following add-client-id-to-open-id-connect-provider command adds the client ID my-application-ID to the OIDC provider named server.example.com:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.AddClientIDToOpenIDConnectProviderInput{
		ClientID:                 aws.String("my-application-ID"),
		OpenIDConnectProviderArn: aws.String("arn:aws:iam::123456789012:oidc-provider/server.example.com"),
	}

	result, err := svc.AddClientIDToOpenIDConnectProvider(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) AddClientIDToOpenIDConnectProviderRequest

func (c *IAM) AddClientIDToOpenIDConnectProviderRequest(input *AddClientIDToOpenIDConnectProviderInput) (req *request.Request, output *AddClientIDToOpenIDConnectProviderOutput)

AddClientIDToOpenIDConnectProviderRequest generates a "aws/request.Request" representing the client's request for the AddClientIDToOpenIDConnectProvider operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AddClientIDToOpenIDConnectProvider for more information on using the AddClientIDToOpenIDConnectProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AddClientIDToOpenIDConnectProviderRequest method.
req, resp := client.AddClientIDToOpenIDConnectProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddClientIDToOpenIDConnectProvider

func (*IAM) AddClientIDToOpenIDConnectProviderWithContext

func (c *IAM) AddClientIDToOpenIDConnectProviderWithContext(ctx aws.Context, input *AddClientIDToOpenIDConnectProviderInput, opts ...request.Option) (*AddClientIDToOpenIDConnectProviderOutput, error)

AddClientIDToOpenIDConnectProviderWithContext is the same as AddClientIDToOpenIDConnectProvider with the addition of the ability to pass a context and additional request options.

See AddClientIDToOpenIDConnectProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) AddRoleToInstanceProfile

func (c *IAM) AddRoleToInstanceProfile(input *AddRoleToInstanceProfileInput) (*AddRoleToInstanceProfileOutput, error)

AddRoleToInstanceProfile API operation for AWS Identity and Access Management.

Adds the specified IAM role to the specified instance profile. An instance profile can contain only one role, and this quota cannot be increased. You can remove the existing role and then add a different role to an instance profile. You must then wait for the change to appear across all of Amazon Web Services because of eventual consistency (https://en.wikipedia.org/wiki/Eventual_consistency). To force the change, you must disassociate the instance profile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateIamInstanceProfile.html) and then associate the instance profile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateIamInstanceProfile.html), or you can stop your instance and then restart it.

The caller of this operation must be granted the PassRole permission on the IAM role by a permissions policy.

For more information about roles, see IAM roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) in the IAM User Guide. For more information about instance profiles, see Using instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation AddRoleToInstanceProfile for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because service-linked roles are protected Amazon Web Services resources. Only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddRoleToInstanceProfile

Example (Shared00)

To add a role to an instance profile The following command adds the role named S3Access to the instance profile named Webserver:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.AddRoleToInstanceProfileInput{
		InstanceProfileName: aws.String("Webserver"),
		RoleName:            aws.String("S3Access"),
	}

	result, err := svc.AddRoleToInstanceProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) AddRoleToInstanceProfileRequest

func (c *IAM) AddRoleToInstanceProfileRequest(input *AddRoleToInstanceProfileInput) (req *request.Request, output *AddRoleToInstanceProfileOutput)

AddRoleToInstanceProfileRequest generates a "aws/request.Request" representing the client's request for the AddRoleToInstanceProfile operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AddRoleToInstanceProfile for more information on using the AddRoleToInstanceProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AddRoleToInstanceProfileRequest method.
req, resp := client.AddRoleToInstanceProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddRoleToInstanceProfile

func (*IAM) AddRoleToInstanceProfileWithContext

func (c *IAM) AddRoleToInstanceProfileWithContext(ctx aws.Context, input *AddRoleToInstanceProfileInput, opts ...request.Option) (*AddRoleToInstanceProfileOutput, error)

AddRoleToInstanceProfileWithContext is the same as AddRoleToInstanceProfile with the addition of the ability to pass a context and additional request options.

See AddRoleToInstanceProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) AddUserToGroup

func (c *IAM) AddUserToGroup(input *AddUserToGroupInput) (*AddUserToGroupOutput, error)

AddUserToGroup API operation for AWS Identity and Access Management.

Adds the specified user to the specified group.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation AddUserToGroup for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddUserToGroup

Example (Shared00)

To add a user to an IAM group The following command adds an IAM user named Bob to the IAM group named Admins:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.AddUserToGroupInput{
		GroupName: aws.String("Admins"),
		UserName:  aws.String("Bob"),
	}

	result, err := svc.AddUserToGroup(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) AddUserToGroupRequest

func (c *IAM) AddUserToGroupRequest(input *AddUserToGroupInput) (req *request.Request, output *AddUserToGroupOutput)

AddUserToGroupRequest generates a "aws/request.Request" representing the client's request for the AddUserToGroup operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AddUserToGroup for more information on using the AddUserToGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AddUserToGroupRequest method.
req, resp := client.AddUserToGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddUserToGroup

func (*IAM) AddUserToGroupWithContext

func (c *IAM) AddUserToGroupWithContext(ctx aws.Context, input *AddUserToGroupInput, opts ...request.Option) (*AddUserToGroupOutput, error)

AddUserToGroupWithContext is the same as AddUserToGroup with the addition of the ability to pass a context and additional request options.

See AddUserToGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) AttachGroupPolicy

func (c *IAM) AttachGroupPolicy(input *AttachGroupPolicyInput) (*AttachGroupPolicyOutput, error)

AttachGroupPolicy API operation for AWS Identity and Access Management.

Attaches the specified managed policy to the specified IAM group.

You use this operation to attach a managed policy to a group. To embed an inline policy in a group, use PutGroupPolicy (https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutGroupPolicy.html).

As a best practice, you can validate your IAM policies. To learn more, see Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html) in the IAM User Guide.

For more information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation AttachGroupPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodePolicyNotAttachableException "PolicyNotAttachable" The request failed because Amazon Web Services service role policies can only be attached to the service-linked role for that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachGroupPolicy

Example (Shared00)

To attach a managed policy to an IAM group The following command attaches the AWS managed policy named ReadOnlyAccess to the IAM group named Finance.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.AttachGroupPolicyInput{
		GroupName: aws.String("Finance"),
		PolicyArn: aws.String("arn:aws:iam::aws:policy/ReadOnlyAccess"),
	}

	result, err := svc.AttachGroupPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodePolicyNotAttachableException:
				fmt.Println(iam.ErrCodePolicyNotAttachableException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) AttachGroupPolicyRequest

func (c *IAM) AttachGroupPolicyRequest(input *AttachGroupPolicyInput) (req *request.Request, output *AttachGroupPolicyOutput)

AttachGroupPolicyRequest generates a "aws/request.Request" representing the client's request for the AttachGroupPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AttachGroupPolicy for more information on using the AttachGroupPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AttachGroupPolicyRequest method.
req, resp := client.AttachGroupPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachGroupPolicy

func (*IAM) AttachGroupPolicyWithContext

func (c *IAM) AttachGroupPolicyWithContext(ctx aws.Context, input *AttachGroupPolicyInput, opts ...request.Option) (*AttachGroupPolicyOutput, error)

AttachGroupPolicyWithContext is the same as AttachGroupPolicy with the addition of the ability to pass a context and additional request options.

See AttachGroupPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) AttachRolePolicy

func (c *IAM) AttachRolePolicy(input *AttachRolePolicyInput) (*AttachRolePolicyOutput, error)

AttachRolePolicy API operation for AWS Identity and Access Management.

Attaches the specified managed policy to the specified IAM role. When you attach a managed policy to a role, the managed policy becomes part of the role's permission (access) policy.

You cannot use a managed policy as the role's trust policy. The role's trust policy is created at the same time as the role, using CreateRole (https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html). You can update a role's trust policy using UpdateAssumerolePolicy (https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateAssumeRolePolicy.html).

Use this operation to attach a managed policy to a role. To embed an inline policy in a role, use PutRolePolicy (https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutRolePolicy.html). For more information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

As a best practice, you can validate your IAM policies. To learn more, see Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation AttachRolePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because service-linked roles are protected Amazon Web Services resources. Only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodePolicyNotAttachableException "PolicyNotAttachable" The request failed because Amazon Web Services service role policies can only be attached to the service-linked role for that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachRolePolicy

Example (Shared00)

To attach a managed policy to an IAM role The following command attaches the AWS managed policy named ReadOnlyAccess to the IAM role named ReadOnlyRole.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.AttachRolePolicyInput{
		PolicyArn: aws.String("arn:aws:iam::aws:policy/ReadOnlyAccess"),
		RoleName:  aws.String("ReadOnlyRole"),
	}

	result, err := svc.AttachRolePolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodePolicyNotAttachableException:
				fmt.Println(iam.ErrCodePolicyNotAttachableException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) AttachRolePolicyRequest

func (c *IAM) AttachRolePolicyRequest(input *AttachRolePolicyInput) (req *request.Request, output *AttachRolePolicyOutput)

AttachRolePolicyRequest generates a "aws/request.Request" representing the client's request for the AttachRolePolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AttachRolePolicy for more information on using the AttachRolePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AttachRolePolicyRequest method.
req, resp := client.AttachRolePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachRolePolicy

func (*IAM) AttachRolePolicyWithContext

func (c *IAM) AttachRolePolicyWithContext(ctx aws.Context, input *AttachRolePolicyInput, opts ...request.Option) (*AttachRolePolicyOutput, error)

AttachRolePolicyWithContext is the same as AttachRolePolicy with the addition of the ability to pass a context and additional request options.

See AttachRolePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) AttachUserPolicy

func (c *IAM) AttachUserPolicy(input *AttachUserPolicyInput) (*AttachUserPolicyOutput, error)

AttachUserPolicy API operation for AWS Identity and Access Management.

Attaches the specified managed policy to the specified user.

You use this operation to attach a managed policy to a user. To embed an inline policy in a user, use PutUserPolicy (https://docs.aws.amazon.com/IAM/latest/APIReference/API_PutUserPolicy.html).

As a best practice, you can validate your IAM policies. To learn more, see Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html) in the IAM User Guide.

For more information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation AttachUserPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodePolicyNotAttachableException "PolicyNotAttachable" The request failed because Amazon Web Services service role policies can only be attached to the service-linked role for that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachUserPolicy

Example (Shared00)

To attach a managed policy to an IAM user The following command attaches the AWS managed policy named AdministratorAccess to the IAM user named Alice.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.AttachUserPolicyInput{
		PolicyArn: aws.String("arn:aws:iam::aws:policy/AdministratorAccess"),
		UserName:  aws.String("Alice"),
	}

	result, err := svc.AttachUserPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodePolicyNotAttachableException:
				fmt.Println(iam.ErrCodePolicyNotAttachableException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) AttachUserPolicyRequest

func (c *IAM) AttachUserPolicyRequest(input *AttachUserPolicyInput) (req *request.Request, output *AttachUserPolicyOutput)

AttachUserPolicyRequest generates a "aws/request.Request" representing the client's request for the AttachUserPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AttachUserPolicy for more information on using the AttachUserPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AttachUserPolicyRequest method.
req, resp := client.AttachUserPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachUserPolicy

func (*IAM) AttachUserPolicyWithContext

func (c *IAM) AttachUserPolicyWithContext(ctx aws.Context, input *AttachUserPolicyInput, opts ...request.Option) (*AttachUserPolicyOutput, error)

AttachUserPolicyWithContext is the same as AttachUserPolicy with the addition of the ability to pass a context and additional request options.

See AttachUserPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ChangePassword

func (c *IAM) ChangePassword(input *ChangePasswordInput) (*ChangePasswordOutput, error)

ChangePassword API operation for AWS Identity and Access Management.

Changes the password of the IAM user who is calling this operation. This operation can be performed using the CLI, the Amazon Web Services API, or the My Security Credentials page in the Amazon Web Services Management Console. The Amazon Web Services account root user password is not affected by this operation.

Use UpdateLoginProfile to use the CLI, the Amazon Web Services API, or the Users page in the IAM console to change the password for any IAM user. For more information about modifying passwords, see Managing passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ChangePassword for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidUserTypeException "InvalidUserType" The request was rejected because the type of user for the transaction was incorrect.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable" The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

  • ErrCodePasswordPolicyViolationException "PasswordPolicyViolation" The request was rejected because the provided password did not meet the requirements imposed by the account password policy.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ChangePassword

Example (Shared00)

To change the password for your IAM user The following command changes the password for the current IAM user.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ChangePasswordInput{
		NewPassword: aws.String("]35d/{pB9Fo9wJ"),
		OldPassword: aws.String("3s0K_;xh4~8XXI"),
	}

	result, err := svc.ChangePassword(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeInvalidUserTypeException:
				fmt.Println(iam.ErrCodeInvalidUserTypeException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityTemporarilyUnmodifiableException:
				fmt.Println(iam.ErrCodeEntityTemporarilyUnmodifiableException, aerr.Error())
			case iam.ErrCodePasswordPolicyViolationException:
				fmt.Println(iam.ErrCodePasswordPolicyViolationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ChangePasswordRequest

func (c *IAM) ChangePasswordRequest(input *ChangePasswordInput) (req *request.Request, output *ChangePasswordOutput)

ChangePasswordRequest generates a "aws/request.Request" representing the client's request for the ChangePassword operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ChangePassword for more information on using the ChangePassword API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ChangePasswordRequest method.
req, resp := client.ChangePasswordRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ChangePassword

func (*IAM) ChangePasswordWithContext

func (c *IAM) ChangePasswordWithContext(ctx aws.Context, input *ChangePasswordInput, opts ...request.Option) (*ChangePasswordOutput, error)

ChangePasswordWithContext is the same as ChangePassword with the addition of the ability to pass a context and additional request options.

See ChangePassword for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateAccessKey

func (c *IAM) CreateAccessKey(input *CreateAccessKeyInput) (*CreateAccessKeyOutput, error)

CreateAccessKey API operation for AWS Identity and Access Management.

Creates a new Amazon Web Services secret access key and corresponding Amazon Web Services access key ID for the specified user. The default status for new keys is Active.

If you do not specify a user name, IAM determines the user name implicitly based on the Amazon Web Services access key ID signing the request. This operation works for access keys under the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root user credentials. This is true even if the Amazon Web Services account has no associated users.

For information about quotas on the number of keys you can create, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) in the IAM User Guide.

To ensure the security of your Amazon Web Services account, the secret access key is accessible only during key and user creation. You must save the key (for example, in a text file) if you want to be able to access it again. If a secret key is lost, you can delete the access keys for the associated user and then create new keys.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateAccessKey for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccessKey

Example (Shared00)

To create an access key for an IAM user The following command creates an access key (access key ID and secret access key) for the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateAccessKeyInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.CreateAccessKey(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateAccessKeyRequest

func (c *IAM) CreateAccessKeyRequest(input *CreateAccessKeyInput) (req *request.Request, output *CreateAccessKeyOutput)

CreateAccessKeyRequest generates a "aws/request.Request" representing the client's request for the CreateAccessKey operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateAccessKey for more information on using the CreateAccessKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateAccessKeyRequest method.
req, resp := client.CreateAccessKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccessKey

func (*IAM) CreateAccessKeyWithContext

func (c *IAM) CreateAccessKeyWithContext(ctx aws.Context, input *CreateAccessKeyInput, opts ...request.Option) (*CreateAccessKeyOutput, error)

CreateAccessKeyWithContext is the same as CreateAccessKey with the addition of the ability to pass a context and additional request options.

See CreateAccessKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateAccountAlias

func (c *IAM) CreateAccountAlias(input *CreateAccountAliasInput) (*CreateAccountAliasOutput, error)

CreateAccountAlias API operation for AWS Identity and Access Management.

Creates an alias for your Amazon Web Services account. For information about using an Amazon Web Services account alias, see Creating, deleting, and listing an Amazon Web Services account alias (https://docs.aws.amazon.com/signin/latest/userguide/CreateAccountAlias.html) in the Amazon Web Services Sign-In User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateAccountAlias for usage and error information.

Returned Error Codes:

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccountAlias

Example (Shared00)

To create an account alias The following command associates the alias examplecorp to your AWS account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateAccountAliasInput{
		AccountAlias: aws.String("examplecorp"),
	}

	result, err := svc.CreateAccountAlias(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateAccountAliasRequest

func (c *IAM) CreateAccountAliasRequest(input *CreateAccountAliasInput) (req *request.Request, output *CreateAccountAliasOutput)

CreateAccountAliasRequest generates a "aws/request.Request" representing the client's request for the CreateAccountAlias operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateAccountAlias for more information on using the CreateAccountAlias API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateAccountAliasRequest method.
req, resp := client.CreateAccountAliasRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccountAlias

func (*IAM) CreateAccountAliasWithContext

func (c *IAM) CreateAccountAliasWithContext(ctx aws.Context, input *CreateAccountAliasInput, opts ...request.Option) (*CreateAccountAliasOutput, error)

CreateAccountAliasWithContext is the same as CreateAccountAlias with the addition of the ability to pass a context and additional request options.

See CreateAccountAlias for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateGroup

func (c *IAM) CreateGroup(input *CreateGroupInput) (*CreateGroupOutput, error)

CreateGroup API operation for AWS Identity and Access Management.

Creates a new group.

For information about the number of groups you can create, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateGroup for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateGroup

Example (Shared00)

To create an IAM group The following command creates an IAM group named Admins.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateGroupInput{
		GroupName: aws.String("Admins"),
	}

	result, err := svc.CreateGroup(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateGroupRequest

func (c *IAM) CreateGroupRequest(input *CreateGroupInput) (req *request.Request, output *CreateGroupOutput)

CreateGroupRequest generates a "aws/request.Request" representing the client's request for the CreateGroup operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateGroup for more information on using the CreateGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateGroupRequest method.
req, resp := client.CreateGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateGroup

func (*IAM) CreateGroupWithContext

func (c *IAM) CreateGroupWithContext(ctx aws.Context, input *CreateGroupInput, opts ...request.Option) (*CreateGroupOutput, error)

CreateGroupWithContext is the same as CreateGroup with the addition of the ability to pass a context and additional request options.

See CreateGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateInstanceProfile

func (c *IAM) CreateInstanceProfile(input *CreateInstanceProfileInput) (*CreateInstanceProfileOutput, error)

CreateInstanceProfile API operation for AWS Identity and Access Management.

Creates a new instance profile. For information about instance profiles, see Using roles for applications on Amazon EC2 (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2.html) in the IAM User Guide, and Instance profiles (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#ec2-instance-profile) in the Amazon EC2 User Guide.

For information about the number of instance profiles you can create, see IAM object quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateInstanceProfile for usage and error information.

Returned Error Codes:

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateInstanceProfile

Example (Shared00)

To create an instance profile The following command creates an instance profile named Webserver that is ready to have a role attached and then be associated with an EC2 instance.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateInstanceProfileInput{
		InstanceProfileName: aws.String("Webserver"),
	}

	result, err := svc.CreateInstanceProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateInstanceProfileRequest

func (c *IAM) CreateInstanceProfileRequest(input *CreateInstanceProfileInput) (req *request.Request, output *CreateInstanceProfileOutput)

CreateInstanceProfileRequest generates a "aws/request.Request" representing the client's request for the CreateInstanceProfile operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateInstanceProfile for more information on using the CreateInstanceProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateInstanceProfileRequest method.
req, resp := client.CreateInstanceProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateInstanceProfile

func (*IAM) CreateInstanceProfileWithContext

func (c *IAM) CreateInstanceProfileWithContext(ctx aws.Context, input *CreateInstanceProfileInput, opts ...request.Option) (*CreateInstanceProfileOutput, error)

CreateInstanceProfileWithContext is the same as CreateInstanceProfile with the addition of the ability to pass a context and additional request options.

See CreateInstanceProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateLoginProfile

func (c *IAM) CreateLoginProfile(input *CreateLoginProfileInput) (*CreateLoginProfileOutput, error)

CreateLoginProfile API operation for AWS Identity and Access Management.

Creates a password for the specified IAM user. A password allows an IAM user to access Amazon Web Services services through the Amazon Web Services Management Console.

You can use the CLI, the Amazon Web Services API, or the Users page in the IAM console to create a password for any IAM user. Use ChangePassword to update your own existing password in the My Security Credentials page in the Amazon Web Services Management Console.

For more information about managing passwords, see Managing passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateLoginProfile for usage and error information.

Returned Error Codes:

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodePasswordPolicyViolationException "PasswordPolicyViolation" The request was rejected because the provided password did not meet the requirements imposed by the account password policy.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateLoginProfile

Example (Shared00)

To create an instance profile The following command changes IAM user Bob's password and sets the flag that required Bob to change the password the next time he signs in.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateLoginProfileInput{
		Password:              aws.String("h]6EszR}vJ*m"),
		PasswordResetRequired: aws.Bool(true),
		UserName:              aws.String("Bob"),
	}

	result, err := svc.CreateLoginProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodePasswordPolicyViolationException:
				fmt.Println(iam.ErrCodePasswordPolicyViolationException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateLoginProfileRequest

func (c *IAM) CreateLoginProfileRequest(input *CreateLoginProfileInput) (req *request.Request, output *CreateLoginProfileOutput)

CreateLoginProfileRequest generates a "aws/request.Request" representing the client's request for the CreateLoginProfile operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateLoginProfile for more information on using the CreateLoginProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateLoginProfileRequest method.
req, resp := client.CreateLoginProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateLoginProfile

func (*IAM) CreateLoginProfileWithContext

func (c *IAM) CreateLoginProfileWithContext(ctx aws.Context, input *CreateLoginProfileInput, opts ...request.Option) (*CreateLoginProfileOutput, error)

CreateLoginProfileWithContext is the same as CreateLoginProfile with the addition of the ability to pass a context and additional request options.

See CreateLoginProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateOpenIDConnectProvider

func (c *IAM) CreateOpenIDConnectProvider(input *CreateOpenIDConnectProviderInput) (*CreateOpenIDConnectProviderOutput, error)

CreateOpenIDConnectProvider API operation for AWS Identity and Access Management.

Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC) (http://openid.net/connect/).

The OIDC provider that you create with this operation can be used as a principal in a role's trust policy. Such a policy establishes a trust relationship between Amazon Web Services and the OIDC provider.

If you are using an OIDC identity provider from Google, Facebook, or Amazon Cognito, you don't need to create a separate IAM identity provider. These OIDC identity providers are already built-in to Amazon Web Services and are available for your use. Instead, you can move directly to creating new roles using your identity provider. To learn more, see Creating a role for web identity or OpenID connect federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_oidc.html) in the IAM User Guide.

When you create the IAM OIDC provider, you specify the following:

  • The URL of the OIDC identity provider (IdP) to trust

  • A list of client IDs (also known as audiences) that identify the application or applications allowed to authenticate using the OIDC provider

  • A list of tags that are attached to the specified IAM OIDC provider

  • A list of thumbprints of one or more server certificates that the IdP uses

You get all of this information from the OIDC IdP you want to use to access Amazon Web Services.

Amazon Web Services secures communication with some OIDC identity providers (IdPs) through our library of trusted root certificate authorities (CAs) instead of using a certificate thumbprint to verify your IdP server certificate. These OIDC IdPs include Auth0, GitHub, Google, and those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these cases, your legacy thumbprint remains in your configuration, but is no longer used for validation.

The trust for the OIDC provider is derived from the IAM provider that this operation creates. Therefore, it is best to limit access to the CreateOpenIDConnectProvider operation to highly privileged users.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateOpenIDConnectProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateOpenIDConnectProvider

Example (Shared00)

To create an instance profile The following example defines a new OIDC provider in IAM with a client ID of my-application-id and pointing at the server with a URL of https://server.example.com.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateOpenIDConnectProviderInput{
		ClientIDList: []*string{
			aws.String("my-application-id"),
		},
		ThumbprintList: []*string{
			aws.String("3768084dfb3d2b68b7897bf5f565da8efEXAMPLE"),
		},
		Url: aws.String("https://server.example.com"),
	}

	result, err := svc.CreateOpenIDConnectProvider(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateOpenIDConnectProviderRequest

func (c *IAM) CreateOpenIDConnectProviderRequest(input *CreateOpenIDConnectProviderInput) (req *request.Request, output *CreateOpenIDConnectProviderOutput)

CreateOpenIDConnectProviderRequest generates a "aws/request.Request" representing the client's request for the CreateOpenIDConnectProvider operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateOpenIDConnectProvider for more information on using the CreateOpenIDConnectProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateOpenIDConnectProviderRequest method.
req, resp := client.CreateOpenIDConnectProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateOpenIDConnectProvider

func (*IAM) CreateOpenIDConnectProviderWithContext

func (c *IAM) CreateOpenIDConnectProviderWithContext(ctx aws.Context, input *CreateOpenIDConnectProviderInput, opts ...request.Option) (*CreateOpenIDConnectProviderOutput, error)

CreateOpenIDConnectProviderWithContext is the same as CreateOpenIDConnectProvider with the addition of the ability to pass a context and additional request options.

See CreateOpenIDConnectProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreatePolicy

func (c *IAM) CreatePolicy(input *CreatePolicyInput) (*CreatePolicyOutput, error)

CreatePolicy API operation for AWS Identity and Access Management.

Creates a new managed policy for your Amazon Web Services account.

This operation creates a policy version with a version identifier of v1 and sets v1 as the policy's default version. For more information about policy versions, see Versioning for managed policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) in the IAM User Guide.

As a best practice, you can validate your IAM policies. To learn more, see Validating IAM policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_policy-validator.html) in the IAM User Guide.

For more information about managed policies in general, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreatePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicy

func (*IAM) CreatePolicyRequest

func (c *IAM) CreatePolicyRequest(input *CreatePolicyInput) (req *request.Request, output *CreatePolicyOutput)

CreatePolicyRequest generates a "aws/request.Request" representing the client's request for the CreatePolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreatePolicy for more information on using the CreatePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreatePolicyRequest method.
req, resp := client.CreatePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicy

func (*IAM) CreatePolicyVersion

func (c *IAM) CreatePolicyVersion(input *CreatePolicyVersionInput) (*CreatePolicyVersionOutput, error)

CreatePolicyVersion API operation for AWS Identity and Access Management.

Creates a new version of the specified managed policy. To update a managed policy, you create a new policy version. A managed policy can have up to five versions. If the policy has five versions, you must delete an existing version using DeletePolicyVersion before you create a new version.

Optionally, you can set the new version as the policy's default version. The default version is the version that is in effect for the IAM users, groups, and roles to which the policy is attached.

For more information about managed policy versions, see Versioning for managed policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreatePolicyVersion for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicyVersion

func (*IAM) CreatePolicyVersionRequest

func (c *IAM) CreatePolicyVersionRequest(input *CreatePolicyVersionInput) (req *request.Request, output *CreatePolicyVersionOutput)

CreatePolicyVersionRequest generates a "aws/request.Request" representing the client's request for the CreatePolicyVersion operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreatePolicyVersion for more information on using the CreatePolicyVersion API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreatePolicyVersionRequest method.
req, resp := client.CreatePolicyVersionRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicyVersion

func (*IAM) CreatePolicyVersionWithContext

func (c *IAM) CreatePolicyVersionWithContext(ctx aws.Context, input *CreatePolicyVersionInput, opts ...request.Option) (*CreatePolicyVersionOutput, error)

CreatePolicyVersionWithContext is the same as CreatePolicyVersion with the addition of the ability to pass a context and additional request options.

See CreatePolicyVersion for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreatePolicyWithContext

func (c *IAM) CreatePolicyWithContext(ctx aws.Context, input *CreatePolicyInput, opts ...request.Option) (*CreatePolicyOutput, error)

CreatePolicyWithContext is the same as CreatePolicy with the addition of the ability to pass a context and additional request options.

See CreatePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateRole

func (c *IAM) CreateRole(input *CreateRoleInput) (*CreateRoleOutput, error)

CreateRole API operation for AWS Identity and Access Management.

Creates a new role for your Amazon Web Services account.

For more information about roles, see IAM roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) in the IAM User Guide. For information about quotas for role names and the number of roles you can create, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateRole for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateRole

Example (Shared00)

To create an IAM role The following command creates a role named Test-Role and attaches a trust policy that you must convert from JSON to a string. Upon success, the response includes the same policy as a URL-encoded JSON string.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateRoleInput{
		AssumeRolePolicyDocument: aws.String("<Stringified-JSON>"),
		Path:                     aws.String("/"),
		RoleName:                 aws.String("Test-Role"),
	}

	result, err := svc.CreateRole(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateRoleRequest

func (c *IAM) CreateRoleRequest(input *CreateRoleInput) (req *request.Request, output *CreateRoleOutput)

CreateRoleRequest generates a "aws/request.Request" representing the client's request for the CreateRole operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateRole for more information on using the CreateRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateRoleRequest method.
req, resp := client.CreateRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateRole

func (*IAM) CreateRoleWithContext

func (c *IAM) CreateRoleWithContext(ctx aws.Context, input *CreateRoleInput, opts ...request.Option) (*CreateRoleOutput, error)

CreateRoleWithContext is the same as CreateRole with the addition of the ability to pass a context and additional request options.

See CreateRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateSAMLProvider

func (c *IAM) CreateSAMLProvider(input *CreateSAMLProviderInput) (*CreateSAMLProviderOutput, error)

CreateSAMLProvider API operation for AWS Identity and Access Management.

Creates an IAM resource that describes an identity provider (IdP) that supports SAML 2.0.

The SAML provider resource that you create with this operation can be used as a principal in an IAM role's trust policy. Such a policy can enable federated users who sign in using the SAML IdP to assume the role. You can create an IAM role that supports Web-based single sign-on (SSO) to the Amazon Web Services Management Console or one that supports API access to Amazon Web Services.

When you create the SAML provider resource, you upload a SAML metadata document that you get from your IdP. That document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that the IdP sends. You must generate the metadata document using the identity management software that is used as your organization's IdP.

This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

For more information, see Enabling SAML 2.0 federated users to access the Amazon Web Services Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html) and About SAML 2.0-based federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateSAMLProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateSAMLProvider

func (*IAM) CreateSAMLProviderRequest

func (c *IAM) CreateSAMLProviderRequest(input *CreateSAMLProviderInput) (req *request.Request, output *CreateSAMLProviderOutput)

CreateSAMLProviderRequest generates a "aws/request.Request" representing the client's request for the CreateSAMLProvider operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateSAMLProvider for more information on using the CreateSAMLProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateSAMLProviderRequest method.
req, resp := client.CreateSAMLProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateSAMLProvider

func (*IAM) CreateSAMLProviderWithContext

func (c *IAM) CreateSAMLProviderWithContext(ctx aws.Context, input *CreateSAMLProviderInput, opts ...request.Option) (*CreateSAMLProviderOutput, error)

CreateSAMLProviderWithContext is the same as CreateSAMLProvider with the addition of the ability to pass a context and additional request options.

See CreateSAMLProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateServiceLinkedRole

func (c *IAM) CreateServiceLinkedRole(input *CreateServiceLinkedRoleInput) (*CreateServiceLinkedRoleOutput, error)

CreateServiceLinkedRole API operation for AWS Identity and Access Management.

Creates an IAM role that is linked to a specific Amazon Web Services service. The service controls the attached policies and when the role can be deleted. This helps ensure that the service is not broken by an unexpectedly changed or deleted role, which could put your Amazon Web Services resources into an unknown state. Allowing the service to control the role helps improve service stability and proper cleanup when a service and its role are no longer needed. For more information, see Using service-linked roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html) in the IAM User Guide.

To attach a policy to this service-linked role, you must make the request using the Amazon Web Services service that depends on this role.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateServiceLinkedRole for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceLinkedRole

func (*IAM) CreateServiceLinkedRoleRequest

func (c *IAM) CreateServiceLinkedRoleRequest(input *CreateServiceLinkedRoleInput) (req *request.Request, output *CreateServiceLinkedRoleOutput)

CreateServiceLinkedRoleRequest generates a "aws/request.Request" representing the client's request for the CreateServiceLinkedRole operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateServiceLinkedRole for more information on using the CreateServiceLinkedRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateServiceLinkedRoleRequest method.
req, resp := client.CreateServiceLinkedRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceLinkedRole

func (*IAM) CreateServiceLinkedRoleWithContext

func (c *IAM) CreateServiceLinkedRoleWithContext(ctx aws.Context, input *CreateServiceLinkedRoleInput, opts ...request.Option) (*CreateServiceLinkedRoleOutput, error)

CreateServiceLinkedRoleWithContext is the same as CreateServiceLinkedRole with the addition of the ability to pass a context and additional request options.

See CreateServiceLinkedRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateServiceSpecificCredential

func (c *IAM) CreateServiceSpecificCredential(input *CreateServiceSpecificCredentialInput) (*CreateServiceSpecificCredentialOutput, error)

CreateServiceSpecificCredential API operation for AWS Identity and Access Management.

Generates a set of credentials consisting of a user name and password that can be used to access the service specified in the request. These credentials are generated by IAM, and can be used only for the specified service.

You can have a maximum of two sets of service-specific credentials for each supported service per user.

You can create service-specific credentials for CodeCommit and Amazon Keyspaces (for Apache Cassandra).

You can reset the password to a new service-generated value by calling ResetServiceSpecificCredential.

For more information about service-specific credentials, see Using IAM with CodeCommit: Git credentials, SSH keys, and Amazon Web Services access keys (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_ssh-keys.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateServiceSpecificCredential for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceNotSupportedException "NotSupportedService" The specified service does not support service-specific credentials.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceSpecificCredential

func (*IAM) CreateServiceSpecificCredentialRequest

func (c *IAM) CreateServiceSpecificCredentialRequest(input *CreateServiceSpecificCredentialInput) (req *request.Request, output *CreateServiceSpecificCredentialOutput)

CreateServiceSpecificCredentialRequest generates a "aws/request.Request" representing the client's request for the CreateServiceSpecificCredential operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateServiceSpecificCredential for more information on using the CreateServiceSpecificCredential API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateServiceSpecificCredentialRequest method.
req, resp := client.CreateServiceSpecificCredentialRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceSpecificCredential

func (*IAM) CreateServiceSpecificCredentialWithContext

func (c *IAM) CreateServiceSpecificCredentialWithContext(ctx aws.Context, input *CreateServiceSpecificCredentialInput, opts ...request.Option) (*CreateServiceSpecificCredentialOutput, error)

CreateServiceSpecificCredentialWithContext is the same as CreateServiceSpecificCredential with the addition of the ability to pass a context and additional request options.

See CreateServiceSpecificCredential for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateUser

func (c *IAM) CreateUser(input *CreateUserInput) (*CreateUserOutput, error)

CreateUser API operation for AWS Identity and Access Management.

Creates a new IAM user for your Amazon Web Services account.

For information about quotas for the number of IAM users you can create, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateUser for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateUser

Example (Shared00)

To create an IAM user The following create-user command creates an IAM user named Bob in the current account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateUserInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.CreateUser(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateUserRequest

func (c *IAM) CreateUserRequest(input *CreateUserInput) (req *request.Request, output *CreateUserOutput)

CreateUserRequest generates a "aws/request.Request" representing the client's request for the CreateUser operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateUser for more information on using the CreateUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateUserRequest method.
req, resp := client.CreateUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateUser

func (*IAM) CreateUserWithContext

func (c *IAM) CreateUserWithContext(ctx aws.Context, input *CreateUserInput, opts ...request.Option) (*CreateUserOutput, error)

CreateUserWithContext is the same as CreateUser with the addition of the ability to pass a context and additional request options.

See CreateUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateVirtualMFADevice

func (c *IAM) CreateVirtualMFADevice(input *CreateVirtualMFADeviceInput) (*CreateVirtualMFADeviceOutput, error)

CreateVirtualMFADevice API operation for AWS Identity and Access Management.

Creates a new virtual MFA device for the Amazon Web Services account. After creating the virtual MFA, use EnableMFADevice to attach the MFA device to an IAM user. For more information about creating and working with virtual MFA devices, see Using a virtual MFA device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) in the IAM User Guide.

For information about the maximum number of MFA devices you can create, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) in the IAM User Guide.

The seed information contained in the QR code and the Base32 string should be treated like any other secret access information. In other words, protect the seed information as you would your Amazon Web Services access keys or your passwords. After you provision your virtual device, you should ensure that the information is destroyed following secure procedures.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateVirtualMFADevice for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateVirtualMFADevice

func (*IAM) CreateVirtualMFADeviceRequest

func (c *IAM) CreateVirtualMFADeviceRequest(input *CreateVirtualMFADeviceInput) (req *request.Request, output *CreateVirtualMFADeviceOutput)

CreateVirtualMFADeviceRequest generates a "aws/request.Request" representing the client's request for the CreateVirtualMFADevice operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateVirtualMFADevice for more information on using the CreateVirtualMFADevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateVirtualMFADeviceRequest method.
req, resp := client.CreateVirtualMFADeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateVirtualMFADevice

func (*IAM) CreateVirtualMFADeviceWithContext

func (c *IAM) CreateVirtualMFADeviceWithContext(ctx aws.Context, input *CreateVirtualMFADeviceInput, opts ...request.Option) (*CreateVirtualMFADeviceOutput, error)

CreateVirtualMFADeviceWithContext is the same as CreateVirtualMFADevice with the addition of the ability to pass a context and additional request options.

See CreateVirtualMFADevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeactivateMFADevice

func (c *IAM) DeactivateMFADevice(input *DeactivateMFADeviceInput) (*DeactivateMFADeviceOutput, error)

DeactivateMFADevice API operation for AWS Identity and Access Management.

Deactivates the specified MFA device and removes it from association with the user name for which it was originally enabled.

For more information about creating and working with virtual MFA devices, see Enabling a virtual multi-factor authentication (MFA) device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeactivateMFADevice for usage and error information.

Returned Error Codes:

  • ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable" The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeactivateMFADevice

func (*IAM) DeactivateMFADeviceRequest

func (c *IAM) DeactivateMFADeviceRequest(input *DeactivateMFADeviceInput) (req *request.Request, output *DeactivateMFADeviceOutput)

DeactivateMFADeviceRequest generates a "aws/request.Request" representing the client's request for the DeactivateMFADevice operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeactivateMFADevice for more information on using the DeactivateMFADevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeactivateMFADeviceRequest method.
req, resp := client.DeactivateMFADeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeactivateMFADevice

func (*IAM) DeactivateMFADeviceWithContext

func (c *IAM) DeactivateMFADeviceWithContext(ctx aws.Context, input *DeactivateMFADeviceInput, opts ...request.Option) (*DeactivateMFADeviceOutput, error)

DeactivateMFADeviceWithContext is the same as DeactivateMFADevice with the addition of the ability to pass a context and additional request options.

See DeactivateMFADevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteAccessKey

func (c *IAM) DeleteAccessKey(input *DeleteAccessKeyInput) (*DeleteAccessKeyOutput, error)

DeleteAccessKey API operation for AWS Identity and Access Management.

Deletes the access key pair associated with the specified IAM user.

If you do not specify a user name, IAM determines the user name implicitly based on the Amazon Web Services access key ID signing the request. This operation works for access keys under the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root user credentials even if the Amazon Web Services account has no associated users.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteAccessKey for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccessKey

Example (Shared00)

To delete an access key for an IAM user The following command deletes one access key (access key ID and secret access key) assigned to the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteAccessKeyInput{
		AccessKeyId: aws.String("AKIDPMS9RO4H3FEXAMPLE"),
		UserName:    aws.String("Bob"),
	}

	result, err := svc.DeleteAccessKey(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteAccessKeyRequest

func (c *IAM) DeleteAccessKeyRequest(input *DeleteAccessKeyInput) (req *request.Request, output *DeleteAccessKeyOutput)

DeleteAccessKeyRequest generates a "aws/request.Request" representing the client's request for the DeleteAccessKey operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteAccessKey for more information on using the DeleteAccessKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteAccessKeyRequest method.
req, resp := client.DeleteAccessKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccessKey

func (*IAM) DeleteAccessKeyWithContext

func (c *IAM) DeleteAccessKeyWithContext(ctx aws.Context, input *DeleteAccessKeyInput, opts ...request.Option) (*DeleteAccessKeyOutput, error)

DeleteAccessKeyWithContext is the same as DeleteAccessKey with the addition of the ability to pass a context and additional request options.

See DeleteAccessKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteAccountAlias

func (c *IAM) DeleteAccountAlias(input *DeleteAccountAliasInput) (*DeleteAccountAliasOutput, error)

DeleteAccountAlias API operation for AWS Identity and Access Management.

Deletes the specified Amazon Web Services account alias. For information about using an Amazon Web Services account alias, see Creating, deleting, and listing an Amazon Web Services account alias (https://docs.aws.amazon.com/signin/latest/userguide/CreateAccountAlias.html) in the Amazon Web Services Sign-In User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteAccountAlias for usage and error information.

Returned Error Codes:

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountAlias

Example (Shared00)

To delete an account alias The following command removes the alias mycompany from the current AWS account:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteAccountAliasInput{
		AccountAlias: aws.String("mycompany"),
	}

	result, err := svc.DeleteAccountAlias(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteAccountAliasRequest

func (c *IAM) DeleteAccountAliasRequest(input *DeleteAccountAliasInput) (req *request.Request, output *DeleteAccountAliasOutput)

DeleteAccountAliasRequest generates a "aws/request.Request" representing the client's request for the DeleteAccountAlias operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteAccountAlias for more information on using the DeleteAccountAlias API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteAccountAliasRequest method.
req, resp := client.DeleteAccountAliasRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountAlias

func (*IAM) DeleteAccountAliasWithContext

func (c *IAM) DeleteAccountAliasWithContext(ctx aws.Context, input *DeleteAccountAliasInput, opts ...request.Option) (*DeleteAccountAliasOutput, error)

DeleteAccountAliasWithContext is the same as DeleteAccountAlias with the addition of the ability to pass a context and additional request options.

See DeleteAccountAlias for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteAccountPasswordPolicy

func (c *IAM) DeleteAccountPasswordPolicy(input *DeleteAccountPasswordPolicyInput) (*DeleteAccountPasswordPolicyOutput, error)

DeleteAccountPasswordPolicy API operation for AWS Identity and Access Management.

Deletes the password policy for the Amazon Web Services account. There are no parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteAccountPasswordPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountPasswordPolicy

Example (Shared00)

To delete the current account password policy The following command removes the password policy from the current AWS account:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteAccountPasswordPolicyInput{}

	result, err := svc.DeleteAccountPasswordPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteAccountPasswordPolicyRequest

func (c *IAM) DeleteAccountPasswordPolicyRequest(input *DeleteAccountPasswordPolicyInput) (req *request.Request, output *DeleteAccountPasswordPolicyOutput)

DeleteAccountPasswordPolicyRequest generates a "aws/request.Request" representing the client's request for the DeleteAccountPasswordPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteAccountPasswordPolicy for more information on using the DeleteAccountPasswordPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteAccountPasswordPolicyRequest method.
req, resp := client.DeleteAccountPasswordPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountPasswordPolicy

func (*IAM) DeleteAccountPasswordPolicyWithContext

func (c *IAM) DeleteAccountPasswordPolicyWithContext(ctx aws.Context, input *DeleteAccountPasswordPolicyInput, opts ...request.Option) (*DeleteAccountPasswordPolicyOutput, error)

DeleteAccountPasswordPolicyWithContext is the same as DeleteAccountPasswordPolicy with the addition of the ability to pass a context and additional request options.

See DeleteAccountPasswordPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteGroup

func (c *IAM) DeleteGroup(input *DeleteGroupInput) (*DeleteGroupOutput, error)

DeleteGroup API operation for AWS Identity and Access Management.

Deletes the specified IAM group. The group must not contain any users or have any attached policies.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteGroup for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroup

func (*IAM) DeleteGroupPolicy

func (c *IAM) DeleteGroupPolicy(input *DeleteGroupPolicyInput) (*DeleteGroupPolicyOutput, error)

DeleteGroupPolicy API operation for AWS Identity and Access Management.

Deletes the specified inline policy that is embedded in the specified IAM group.

A group can also have managed policies attached to it. To detach a managed policy from a group, use DetachGroupPolicy. For more information about policies, refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteGroupPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroupPolicy

Example (Shared00)

To delete a policy from an IAM group The following command deletes the policy named ExamplePolicy from the group named Admins:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteGroupPolicyInput{
		GroupName:  aws.String("Admins"),
		PolicyName: aws.String("ExamplePolicy"),
	}

	result, err := svc.DeleteGroupPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteGroupPolicyRequest

func (c *IAM) DeleteGroupPolicyRequest(input *DeleteGroupPolicyInput) (req *request.Request, output *DeleteGroupPolicyOutput)

DeleteGroupPolicyRequest generates a "aws/request.Request" representing the client's request for the DeleteGroupPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteGroupPolicy for more information on using the DeleteGroupPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteGroupPolicyRequest method.
req, resp := client.DeleteGroupPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroupPolicy

func (*IAM) DeleteGroupPolicyWithContext

func (c *IAM) DeleteGroupPolicyWithContext(ctx aws.Context, input *DeleteGroupPolicyInput, opts ...request.Option) (*DeleteGroupPolicyOutput, error)

DeleteGroupPolicyWithContext is the same as DeleteGroupPolicy with the addition of the ability to pass a context and additional request options.

See DeleteGroupPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteGroupRequest

func (c *IAM) DeleteGroupRequest(input *DeleteGroupInput) (req *request.Request, output *DeleteGroupOutput)

DeleteGroupRequest generates a "aws/request.Request" representing the client's request for the DeleteGroup operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteGroup for more information on using the DeleteGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteGroupRequest method.
req, resp := client.DeleteGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroup

func (*IAM) DeleteGroupWithContext

func (c *IAM) DeleteGroupWithContext(ctx aws.Context, input *DeleteGroupInput, opts ...request.Option) (*DeleteGroupOutput, error)

DeleteGroupWithContext is the same as DeleteGroup with the addition of the ability to pass a context and additional request options.

See DeleteGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteInstanceProfile

func (c *IAM) DeleteInstanceProfile(input *DeleteInstanceProfileInput) (*DeleteInstanceProfileOutput, error)

DeleteInstanceProfile API operation for AWS Identity and Access Management.

Deletes the specified instance profile. The instance profile must not have an associated role.

Make sure that you do not have any Amazon EC2 instances running with the instance profile you are about to delete. Deleting a role or instance profile that is associated with a running instance will break any applications running on the instance.

For more information about instance profiles, see Using instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteInstanceProfile for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteInstanceProfile

Example (Shared00)

To delete an instance profile The following command deletes the instance profile named ExampleInstanceProfile

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteInstanceProfileInput{
		InstanceProfileName: aws.String("ExampleInstanceProfile"),
	}

	result, err := svc.DeleteInstanceProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeDeleteConflictException:
				fmt.Println(iam.ErrCodeDeleteConflictException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteInstanceProfileRequest

func (c *IAM) DeleteInstanceProfileRequest(input *DeleteInstanceProfileInput) (req *request.Request, output *DeleteInstanceProfileOutput)

DeleteInstanceProfileRequest generates a "aws/request.Request" representing the client's request for the DeleteInstanceProfile operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteInstanceProfile for more information on using the DeleteInstanceProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteInstanceProfileRequest method.
req, resp := client.DeleteInstanceProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteInstanceProfile

func (*IAM) DeleteInstanceProfileWithContext

func (c *IAM) DeleteInstanceProfileWithContext(ctx aws.Context, input *DeleteInstanceProfileInput, opts ...request.Option) (*DeleteInstanceProfileOutput, error)

DeleteInstanceProfileWithContext is the same as DeleteInstanceProfile with the addition of the ability to pass a context and additional request options.

See DeleteInstanceProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteLoginProfile

func (c *IAM) DeleteLoginProfile(input *DeleteLoginProfileInput) (*DeleteLoginProfileOutput, error)

DeleteLoginProfile API operation for AWS Identity and Access Management.

Deletes the password for the specified IAM user, For more information, see Managing passwords for IAM users (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_admin-change-user.html).

You can use the CLI, the Amazon Web Services API, or the Users page in the IAM console to delete a password for any IAM user. You can use ChangePassword to update, but not delete, your own password in the My Security Credentials page in the Amazon Web Services Management Console.

Deleting a user's password does not prevent a user from accessing Amazon Web Services through the command line interface or the API. To prevent all user access, you must also either make any access keys inactive or delete them. For more information about making keys inactive or deleting them, see UpdateAccessKey and DeleteAccessKey.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteLoginProfile for usage and error information.

Returned Error Codes:

  • ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable" The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteLoginProfile

Example (Shared00)

To delete a password for an IAM user The following command deletes the password for the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteLoginProfileInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.DeleteLoginProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeEntityTemporarilyUnmodifiableException:
				fmt.Println(iam.ErrCodeEntityTemporarilyUnmodifiableException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteLoginProfileRequest

func (c *IAM) DeleteLoginProfileRequest(input *DeleteLoginProfileInput) (req *request.Request, output *DeleteLoginProfileOutput)

DeleteLoginProfileRequest generates a "aws/request.Request" representing the client's request for the DeleteLoginProfile operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteLoginProfile for more information on using the DeleteLoginProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteLoginProfileRequest method.
req, resp := client.DeleteLoginProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteLoginProfile

func (*IAM) DeleteLoginProfileWithContext

func (c *IAM) DeleteLoginProfileWithContext(ctx aws.Context, input *DeleteLoginProfileInput, opts ...request.Option) (*DeleteLoginProfileOutput, error)

DeleteLoginProfileWithContext is the same as DeleteLoginProfile with the addition of the ability to pass a context and additional request options.

See DeleteLoginProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteOpenIDConnectProvider

func (c *IAM) DeleteOpenIDConnectProvider(input *DeleteOpenIDConnectProviderInput) (*DeleteOpenIDConnectProviderOutput, error)

DeleteOpenIDConnectProvider API operation for AWS Identity and Access Management.

Deletes an OpenID Connect identity provider (IdP) resource object in IAM.

Deleting an IAM OIDC provider resource does not update any roles that reference the provider as a principal in their trust policies. Any attempt to assume a role that references a deleted provider fails.

This operation is idempotent; it does not fail or return an error if you call the operation for a provider that does not exist.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteOpenIDConnectProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteOpenIDConnectProvider

func (*IAM) DeleteOpenIDConnectProviderRequest

func (c *IAM) DeleteOpenIDConnectProviderRequest(input *DeleteOpenIDConnectProviderInput) (req *request.Request, output *DeleteOpenIDConnectProviderOutput)

DeleteOpenIDConnectProviderRequest generates a "aws/request.Request" representing the client's request for the DeleteOpenIDConnectProvider operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteOpenIDConnectProvider for more information on using the DeleteOpenIDConnectProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteOpenIDConnectProviderRequest method.
req, resp := client.DeleteOpenIDConnectProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteOpenIDConnectProvider

func (*IAM) DeleteOpenIDConnectProviderWithContext

func (c *IAM) DeleteOpenIDConnectProviderWithContext(ctx aws.Context, input *DeleteOpenIDConnectProviderInput, opts ...request.Option) (*DeleteOpenIDConnectProviderOutput, error)

DeleteOpenIDConnectProviderWithContext is the same as DeleteOpenIDConnectProvider with the addition of the ability to pass a context and additional request options.

See DeleteOpenIDConnectProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeletePolicy

func (c *IAM) DeletePolicy(input *DeletePolicyInput) (*DeletePolicyOutput, error)

DeletePolicy API operation for AWS Identity and Access Management.

Deletes the specified managed policy.

Before you can delete a managed policy, you must first detach the policy from all users, groups, and roles that it is attached to. In addition, you must delete all the policy's versions. The following steps describe the process for deleting a managed policy:

  • Detach the policy from all users, groups, and roles that the policy is attached to, using DetachUserPolicy, DetachGroupPolicy, or DetachRolePolicy. To list all the users, groups, and roles that a policy is attached to, use ListEntitiesForPolicy.

  • Delete all versions of the policy using DeletePolicyVersion. To list the policy's versions, use ListPolicyVersions. You cannot use DeletePolicyVersion to delete the version that is marked as the default version. You delete the policy's default version in the next step of the process.

  • Delete the policy (this automatically deletes the policy's default version) using this operation.

For information about managed policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeletePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicy

func (*IAM) DeletePolicyRequest

func (c *IAM) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Request, output *DeletePolicyOutput)

DeletePolicyRequest generates a "aws/request.Request" representing the client's request for the DeletePolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeletePolicy for more information on using the DeletePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeletePolicyRequest method.
req, resp := client.DeletePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicy

func (*IAM) DeletePolicyVersion

func (c *IAM) DeletePolicyVersion(input *DeletePolicyVersionInput) (*DeletePolicyVersionOutput, error)

DeletePolicyVersion API operation for AWS Identity and Access Management.

Deletes the specified version from the specified managed policy.

You cannot delete the default version from a policy using this operation. To delete the default version from a policy, use DeletePolicy. To find out which version of a policy is marked as the default version, use ListPolicyVersions.

For information about versions for managed policies, see Versioning for managed policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeletePolicyVersion for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicyVersion

func (*IAM) DeletePolicyVersionRequest

func (c *IAM) DeletePolicyVersionRequest(input *DeletePolicyVersionInput) (req *request.Request, output *DeletePolicyVersionOutput)

DeletePolicyVersionRequest generates a "aws/request.Request" representing the client's request for the DeletePolicyVersion operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeletePolicyVersion for more information on using the DeletePolicyVersion API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeletePolicyVersionRequest method.
req, resp := client.DeletePolicyVersionRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicyVersion

func (*IAM) DeletePolicyVersionWithContext

func (c *IAM) DeletePolicyVersionWithContext(ctx aws.Context, input *DeletePolicyVersionInput, opts ...request.Option) (*DeletePolicyVersionOutput, error)

DeletePolicyVersionWithContext is the same as DeletePolicyVersion with the addition of the ability to pass a context and additional request options.

See DeletePolicyVersion for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeletePolicyWithContext

func (c *IAM) DeletePolicyWithContext(ctx aws.Context, input *DeletePolicyInput, opts ...request.Option) (*DeletePolicyOutput, error)

DeletePolicyWithContext is the same as DeletePolicy with the addition of the ability to pass a context and additional request options.

See DeletePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteRole

func (c *IAM) DeleteRole(input *DeleteRoleInput) (*DeleteRoleOutput, error)

DeleteRole API operation for AWS Identity and Access Management.

Deletes the specified role. Unlike the Amazon Web Services Management Console, when you delete a role programmatically, you must delete the items attached to the role manually, or the deletion fails. For more information, see Deleting an IAM role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_manage_delete.html#roles-managingrole-deleting-cli). Before attempting to delete a role, remove the following attached items:

  • Inline policies (DeleteRolePolicy)

  • Attached managed policies (DetachRolePolicy)

  • Instance profile (RemoveRoleFromInstanceProfile)

  • Optional – Delete instance profile after detaching from role for resource clean up (DeleteInstanceProfile)

Make sure that you do not have any Amazon EC2 instances running with the role you are about to delete. Deleting a role or instance profile that is associated with a running instance will break any applications running on the instance.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteRole for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because service-linked roles are protected Amazon Web Services resources. Only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRole

Example (Shared00)

To delete an IAM role The following command removes the role named Test-Role.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteRoleInput{
		RoleName: aws.String("Test-Role"),
	}

	result, err := svc.DeleteRole(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeDeleteConflictException:
				fmt.Println(iam.ErrCodeDeleteConflictException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteRolePermissionsBoundary

func (c *IAM) DeleteRolePermissionsBoundary(input *DeleteRolePermissionsBoundaryInput) (*DeleteRolePermissionsBoundaryOutput, error)

DeleteRolePermissionsBoundary API operation for AWS Identity and Access Management.

Deletes the permissions boundary for the specified IAM role.

You cannot set the boundary for a service-linked role.

Deleting the permissions boundary for a role might increase its permissions. For example, it might allow anyone who assumes the role to perform all the actions granted in its permissions policies.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteRolePermissionsBoundary for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because service-linked roles are protected Amazon Web Services resources. Only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePermissionsBoundary

func (*IAM) DeleteRolePermissionsBoundaryRequest

func (c *IAM) DeleteRolePermissionsBoundaryRequest(input *DeleteRolePermissionsBoundaryInput) (req *request.Request, output *DeleteRolePermissionsBoundaryOutput)

DeleteRolePermissionsBoundaryRequest generates a "aws/request.Request" representing the client's request for the DeleteRolePermissionsBoundary operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteRolePermissionsBoundary for more information on using the DeleteRolePermissionsBoundary API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteRolePermissionsBoundaryRequest method.
req, resp := client.DeleteRolePermissionsBoundaryRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePermissionsBoundary

func (*IAM) DeleteRolePermissionsBoundaryWithContext

func (c *IAM) DeleteRolePermissionsBoundaryWithContext(ctx aws.Context, input *DeleteRolePermissionsBoundaryInput, opts ...request.Option) (*DeleteRolePermissionsBoundaryOutput, error)

DeleteRolePermissionsBoundaryWithContext is the same as DeleteRolePermissionsBoundary with the addition of the ability to pass a context and additional request options.

See DeleteRolePermissionsBoundary for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteRolePolicy

func (c *IAM) DeleteRolePolicy(input *DeleteRolePolicyInput) (*DeleteRolePolicyOutput, error)

DeleteRolePolicy API operation for AWS Identity and Access Management.

Deletes the specified inline policy that is embedded in the specified IAM role.

A role can also have managed policies attached to it. To detach a managed policy from a role, use DetachRolePolicy. For more information about policies, refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteRolePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because service-linked roles are protected Amazon Web Services resources. Only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePolicy

Example (Shared00)

To remove a policy from an IAM role The following command removes the policy named ExamplePolicy from the role named Test-Role.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteRolePolicyInput{
		PolicyName: aws.String("ExamplePolicy"),
		RoleName:   aws.String("Test-Role"),
	}

	result, err := svc.DeleteRolePolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteRolePolicyRequest

func (c *IAM) DeleteRolePolicyRequest(input *DeleteRolePolicyInput) (req *request.Request, output *DeleteRolePolicyOutput)

DeleteRolePolicyRequest generates a "aws/request.Request" representing the client's request for the DeleteRolePolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteRolePolicy for more information on using the DeleteRolePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteRolePolicyRequest method.
req, resp := client.DeleteRolePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePolicy

func (*IAM) DeleteRolePolicyWithContext

func (c *IAM) DeleteRolePolicyWithContext(ctx aws.Context, input *DeleteRolePolicyInput, opts ...request.Option) (*DeleteRolePolicyOutput, error)

DeleteRolePolicyWithContext is the same as DeleteRolePolicy with the addition of the ability to pass a context and additional request options.

See DeleteRolePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteRoleRequest

func (c *IAM) DeleteRoleRequest(input *DeleteRoleInput) (req *request.Request, output *DeleteRoleOutput)

DeleteRoleRequest generates a "aws/request.Request" representing the client's request for the DeleteRole operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteRole for more information on using the DeleteRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteRoleRequest method.
req, resp := client.DeleteRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRole

func (*IAM) DeleteRoleWithContext

func (c *IAM) DeleteRoleWithContext(ctx aws.Context, input *DeleteRoleInput, opts ...request.Option) (*DeleteRoleOutput, error)

DeleteRoleWithContext is the same as DeleteRole with the addition of the ability to pass a context and additional request options.

See DeleteRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteSAMLProvider

func (c *IAM) DeleteSAMLProvider(input *DeleteSAMLProviderInput) (*DeleteSAMLProviderOutput, error)

DeleteSAMLProvider API operation for AWS Identity and Access Management.

Deletes a SAML provider resource in IAM.

Deleting the provider resource from IAM does not update any roles that reference the SAML provider resource's ARN as a principal in their trust policies. Any attempt to assume a role that references a non-existent provider resource ARN fails.

This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteSAMLProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSAMLProvider

func (*IAM) DeleteSAMLProviderRequest

func (c *IAM) DeleteSAMLProviderRequest(input *DeleteSAMLProviderInput) (req *request.Request, output *DeleteSAMLProviderOutput)

DeleteSAMLProviderRequest generates a "aws/request.Request" representing the client's request for the DeleteSAMLProvider operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteSAMLProvider for more information on using the DeleteSAMLProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteSAMLProviderRequest method.
req, resp := client.DeleteSAMLProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSAMLProvider

func (*IAM) DeleteSAMLProviderWithContext

func (c *IAM) DeleteSAMLProviderWithContext(ctx aws.Context, input *DeleteSAMLProviderInput, opts ...request.Option) (*DeleteSAMLProviderOutput, error)

DeleteSAMLProviderWithContext is the same as DeleteSAMLProvider with the addition of the ability to pass a context and additional request options.

See DeleteSAMLProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteSSHPublicKey

func (c *IAM) DeleteSSHPublicKey(input *DeleteSSHPublicKeyInput) (*DeleteSSHPublicKeyOutput, error)

DeleteSSHPublicKey API operation for AWS Identity and Access Management.

Deletes the specified SSH public key.

The SSH public key deleted by this operation is used only for authenticating the associated IAM user to an CodeCommit repository. For more information about using SSH keys to authenticate to an CodeCommit repository, see Set up CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the CodeCommit User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteSSHPublicKey for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSSHPublicKey

func (*IAM) DeleteSSHPublicKeyRequest

func (c *IAM) DeleteSSHPublicKeyRequest(input *DeleteSSHPublicKeyInput) (req *request.Request, output *DeleteSSHPublicKeyOutput)

DeleteSSHPublicKeyRequest generates a "aws/request.Request" representing the client's request for the DeleteSSHPublicKey operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteSSHPublicKey for more information on using the DeleteSSHPublicKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteSSHPublicKeyRequest method.
req, resp := client.DeleteSSHPublicKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSSHPublicKey

func (*IAM) DeleteSSHPublicKeyWithContext

func (c *IAM) DeleteSSHPublicKeyWithContext(ctx aws.Context, input *DeleteSSHPublicKeyInput, opts ...request.Option) (*DeleteSSHPublicKeyOutput, error)

DeleteSSHPublicKeyWithContext is the same as DeleteSSHPublicKey with the addition of the ability to pass a context and additional request options.

See DeleteSSHPublicKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteServerCertificate

func (c *IAM) DeleteServerCertificate(input *DeleteServerCertificateInput) (*DeleteServerCertificateOutput, error)

DeleteServerCertificate API operation for AWS Identity and Access Management.

Deletes the specified server certificate.

For more information about working with server certificates, see Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic also includes a list of Amazon Web Services services that can use the server certificates that you manage with IAM.

If you are using a server certificate with Elastic Load Balancing, deleting the certificate could have implications for your application. If Elastic Load Balancing doesn't detect the deletion of bound certificates, it may continue to use the certificates. This could cause Elastic Load Balancing to stop accepting traffic. We recommend that you remove the reference to the certificate from Elastic Load Balancing before using this command to delete the certificate. For more information, see DeleteLoadBalancerListeners (https://docs.aws.amazon.com/ElasticLoadBalancing/latest/APIReference/API_DeleteLoadBalancerListeners.html) in the Elastic Load Balancing API Reference.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteServerCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServerCertificate

func (*IAM) DeleteServerCertificateRequest

func (c *IAM) DeleteServerCertificateRequest(input *DeleteServerCertificateInput) (req *request.Request, output *DeleteServerCertificateOutput)

DeleteServerCertificateRequest generates a "aws/request.Request" representing the client's request for the DeleteServerCertificate operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteServerCertificate for more information on using the DeleteServerCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteServerCertificateRequest method.
req, resp := client.DeleteServerCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServerCertificate

func (*IAM) DeleteServerCertificateWithContext

func (c *IAM) DeleteServerCertificateWithContext(ctx aws.Context, input *DeleteServerCertificateInput, opts ...request.Option) (*DeleteServerCertificateOutput, error)

DeleteServerCertificateWithContext is the same as DeleteServerCertificate with the addition of the ability to pass a context and additional request options.

See DeleteServerCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteServiceLinkedRole

func (c *IAM) DeleteServiceLinkedRole(input *DeleteServiceLinkedRoleInput) (*DeleteServiceLinkedRoleOutput, error)

DeleteServiceLinkedRole API operation for AWS Identity and Access Management.

Submits a service-linked role deletion request and returns a DeletionTaskId, which you can use to check the status of the deletion. Before you call this operation, confirm that the role has no active sessions and that any resources used by the role in the linked service are deleted. If you call this operation more than once for the same service-linked role and an earlier deletion task is not complete, then the DeletionTaskId of the earlier request is returned.

If you submit a deletion request for a service-linked role whose linked service is still accessing a resource, then the deletion task fails. If it fails, the GetServiceLinkedRoleDeletionStatus operation returns the reason for the failure, usually including the resources that must be deleted. To delete the service-linked role, you must first remove those resources from the linked service and then submit the deletion request again. Resources are specific to the service that is linked to the role. For more information about removing resources from a service, see the Amazon Web Services documentation (http://docs.aws.amazon.com/) for your service.

For more information about service-linked roles, see Roles terms and concepts: Amazon Web Services service-linked role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#iam-term-service-linked-role) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteServiceLinkedRole for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceLinkedRole

func (*IAM) DeleteServiceLinkedRoleRequest

func (c *IAM) DeleteServiceLinkedRoleRequest(input *DeleteServiceLinkedRoleInput) (req *request.Request, output *DeleteServiceLinkedRoleOutput)

DeleteServiceLinkedRoleRequest generates a "aws/request.Request" representing the client's request for the DeleteServiceLinkedRole operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteServiceLinkedRole for more information on using the DeleteServiceLinkedRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteServiceLinkedRoleRequest method.
req, resp := client.DeleteServiceLinkedRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceLinkedRole

func (*IAM) DeleteServiceLinkedRoleWithContext

func (c *IAM) DeleteServiceLinkedRoleWithContext(ctx aws.Context, input *DeleteServiceLinkedRoleInput, opts ...request.Option) (*DeleteServiceLinkedRoleOutput, error)

DeleteServiceLinkedRoleWithContext is the same as DeleteServiceLinkedRole with the addition of the ability to pass a context and additional request options.

See DeleteServiceLinkedRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteServiceSpecificCredential

func (c *IAM) DeleteServiceSpecificCredential(input *DeleteServiceSpecificCredentialInput) (*DeleteServiceSpecificCredentialOutput, error)

DeleteServiceSpecificCredential API operation for AWS Identity and Access Management.

Deletes the specified service-specific credential.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteServiceSpecificCredential for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceSpecificCredential

func (*IAM) DeleteServiceSpecificCredentialRequest

func (c *IAM) DeleteServiceSpecificCredentialRequest(input *DeleteServiceSpecificCredentialInput) (req *request.Request, output *DeleteServiceSpecificCredentialOutput)

DeleteServiceSpecificCredentialRequest generates a "aws/request.Request" representing the client's request for the DeleteServiceSpecificCredential operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteServiceSpecificCredential for more information on using the DeleteServiceSpecificCredential API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteServiceSpecificCredentialRequest method.
req, resp := client.DeleteServiceSpecificCredentialRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceSpecificCredential

func (*IAM) DeleteServiceSpecificCredentialWithContext

func (c *IAM) DeleteServiceSpecificCredentialWithContext(ctx aws.Context, input *DeleteServiceSpecificCredentialInput, opts ...request.Option) (*DeleteServiceSpecificCredentialOutput, error)

DeleteServiceSpecificCredentialWithContext is the same as DeleteServiceSpecificCredential with the addition of the ability to pass a context and additional request options.

See DeleteServiceSpecificCredential for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteSigningCertificate

func (c *IAM) DeleteSigningCertificate(input *DeleteSigningCertificateInput) (*DeleteSigningCertificateOutput, error)

DeleteSigningCertificate API operation for AWS Identity and Access Management.

Deletes a signing certificate associated with the specified IAM user.

If you do not specify a user name, IAM determines the user name implicitly based on the Amazon Web Services access key ID signing the request. This operation works for access keys under the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root user credentials even if the Amazon Web Services account has no associated IAM users.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteSigningCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSigningCertificate

Example (Shared00)

To delete a signing certificate for an IAM user The following command deletes the specified signing certificate for the IAM user named Anika.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteSigningCertificateInput{
		CertificateId: aws.String("TA7SMP42TDN5Z26OBPJE7EXAMPLE"),
		UserName:      aws.String("Anika"),
	}

	result, err := svc.DeleteSigningCertificate(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteSigningCertificateRequest

func (c *IAM) DeleteSigningCertificateRequest(input *DeleteSigningCertificateInput) (req *request.Request, output *DeleteSigningCertificateOutput)

DeleteSigningCertificateRequest generates a "aws/request.Request" representing the client's request for the DeleteSigningCertificate operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteSigningCertificate for more information on using the DeleteSigningCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteSigningCertificateRequest method.
req, resp := client.DeleteSigningCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSigningCertificate

func (*IAM) DeleteSigningCertificateWithContext

func (c *IAM) DeleteSigningCertificateWithContext(ctx aws.Context, input *DeleteSigningCertificateInput, opts ...request.Option) (*DeleteSigningCertificateOutput, error)

DeleteSigningCertificateWithContext is the same as DeleteSigningCertificate with the addition of the ability to pass a context and additional request options.

See DeleteSigningCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteUser

func (c *IAM) DeleteUser(input *DeleteUserInput) (*DeleteUserOutput, error)

DeleteUser API operation for AWS Identity and Access Management.

Deletes the specified IAM user. Unlike the Amazon Web Services Management Console, when you delete a user programmatically, you must delete the items attached to the user manually, or the deletion fails. For more information, see Deleting an IAM user (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_manage.html#id_users_deleting_cli). Before attempting to delete a user, remove the following items:

  • Password (DeleteLoginProfile)

  • Access keys (DeleteAccessKey)

  • Signing certificate (DeleteSigningCertificate)

  • SSH public key (DeleteSSHPublicKey)

  • Git credentials (DeleteServiceSpecificCredential)

  • Multi-factor authentication (MFA) device (DeactivateMFADevice, DeleteVirtualMFADevice)

  • Inline policies (DeleteUserPolicy)

  • Attached managed policies (DetachUserPolicy)

  • Group memberships (RemoveUserFromGroup)

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteUser for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUser

Example (Shared00)

To delete an IAM user The following command removes the IAM user named Bob from the current account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteUserInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.DeleteUser(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeDeleteConflictException:
				fmt.Println(iam.ErrCodeDeleteConflictException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteUserPermissionsBoundary

func (c *IAM) DeleteUserPermissionsBoundary(input *DeleteUserPermissionsBoundaryInput) (*DeleteUserPermissionsBoundaryOutput, error)

DeleteUserPermissionsBoundary API operation for AWS Identity and Access Management.

Deletes the permissions boundary for the specified IAM user.

Deleting the permissions boundary for a user might increase its permissions by allowing the user to perform all the actions granted in its permissions policies.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteUserPermissionsBoundary for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPermissionsBoundary

func (*IAM) DeleteUserPermissionsBoundaryRequest

func (c *IAM) DeleteUserPermissionsBoundaryRequest(input *DeleteUserPermissionsBoundaryInput) (req *request.Request, output *DeleteUserPermissionsBoundaryOutput)

DeleteUserPermissionsBoundaryRequest generates a "aws/request.Request" representing the client's request for the DeleteUserPermissionsBoundary operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteUserPermissionsBoundary for more information on using the DeleteUserPermissionsBoundary API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteUserPermissionsBoundaryRequest method.
req, resp := client.DeleteUserPermissionsBoundaryRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPermissionsBoundary

func (*IAM) DeleteUserPermissionsBoundaryWithContext

func (c *IAM) DeleteUserPermissionsBoundaryWithContext(ctx aws.Context, input *DeleteUserPermissionsBoundaryInput, opts ...request.Option) (*DeleteUserPermissionsBoundaryOutput, error)

DeleteUserPermissionsBoundaryWithContext is the same as DeleteUserPermissionsBoundary with the addition of the ability to pass a context and additional request options.

See DeleteUserPermissionsBoundary for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteUserPolicy

func (c *IAM) DeleteUserPolicy(input *DeleteUserPolicyInput) (*DeleteUserPolicyOutput, error)

DeleteUserPolicy API operation for AWS Identity and Access Management.

Deletes the specified inline policy that is embedded in the specified IAM user.

A user can also have managed policies attached to it. To detach a managed policy from a user, use DetachUserPolicy. For more information about policies, refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteUserPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPolicy

Example (Shared00)

To remove a policy from an IAM user The following delete-user-policy command removes the specified policy from the IAM user named Juan:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteUserPolicyInput{
		PolicyName: aws.String("ExamplePolicy"),
		UserName:   aws.String("Juan"),
	}

	result, err := svc.DeleteUserPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteUserPolicyRequest

func (c *IAM) DeleteUserPolicyRequest(input *DeleteUserPolicyInput) (req *request.Request, output *DeleteUserPolicyOutput)

DeleteUserPolicyRequest generates a "aws/request.Request" representing the client's request for the DeleteUserPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteUserPolicy for more information on using the DeleteUserPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteUserPolicyRequest method.
req, resp := client.DeleteUserPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPolicy

func (*IAM) DeleteUserPolicyWithContext

func (c *IAM) DeleteUserPolicyWithContext(ctx aws.Context, input *DeleteUserPolicyInput, opts ...request.Option) (*DeleteUserPolicyOutput, error)

DeleteUserPolicyWithContext is the same as DeleteUserPolicy with the addition of the ability to pass a context and additional request options.

See DeleteUserPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteUserRequest

func (c *IAM) DeleteUserRequest(input *DeleteUserInput) (req *request.Request, output *DeleteUserOutput)

DeleteUserRequest generates a "aws/request.Request" representing the client's request for the DeleteUser operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteUser for more information on using the DeleteUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteUserRequest method.
req, resp := client.DeleteUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUser

func (*IAM) DeleteUserWithContext

func (c *IAM) DeleteUserWithContext(ctx aws.Context, input *DeleteUserInput, opts ...request.Option) (*DeleteUserOutput, error)

DeleteUserWithContext is the same as DeleteUser with the addition of the ability to pass a context and additional request options.

See DeleteUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteVirtualMFADevice

func (c *IAM) DeleteVirtualMFADevice(input *DeleteVirtualMFADeviceInput) (*DeleteVirtualMFADeviceOutput, error)

DeleteVirtualMFADevice API operation for AWS Identity and Access Management.

Deletes a virtual MFA device.

You must deactivate a user's virtual MFA device before you can delete it. For information about deactivating MFA devices, see DeactivateMFADevice.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteVirtualMFADevice for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteVirtualMFADevice

Example (Shared00)

To remove a virtual MFA device The following delete-virtual-mfa-device command removes the specified MFA device from the current AWS account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteVirtualMFADeviceInput{
		SerialNumber: aws.String("arn:aws:iam::123456789012:mfa/ExampleName"),
	}

	result, err := svc.DeleteVirtualMFADevice(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeDeleteConflictException:
				fmt.Println(iam.ErrCodeDeleteConflictException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteVirtualMFADeviceRequest

func (c *IAM) DeleteVirtualMFADeviceRequest(input *DeleteVirtualMFADeviceInput) (req *request.Request, output *DeleteVirtualMFADeviceOutput)

DeleteVirtualMFADeviceRequest generates a "aws/request.Request" representing the client's request for the DeleteVirtualMFADevice operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteVirtualMFADevice for more information on using the DeleteVirtualMFADevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteVirtualMFADeviceRequest method.
req, resp := client.DeleteVirtualMFADeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteVirtualMFADevice

func (*IAM) DeleteVirtualMFADeviceWithContext

func (c *IAM) DeleteVirtualMFADeviceWithContext(ctx aws.Context, input *DeleteVirtualMFADeviceInput, opts ...request.Option) (*DeleteVirtualMFADeviceOutput, error)

DeleteVirtualMFADeviceWithContext is the same as DeleteVirtualMFADevice with the addition of the ability to pass a context and additional request options.

See DeleteVirtualMFADevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DetachGroupPolicy

func (c *IAM) DetachGroupPolicy(input *DetachGroupPolicyInput) (*DetachGroupPolicyOutput, error)

DetachGroupPolicy API operation for AWS Identity and Access Management.

Removes the specified managed policy from the specified IAM group.

A group can also have inline policies embedded with it. To delete an inline policy, use DeleteGroupPolicy. For information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DetachGroupPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachGroupPolicy

func (*IAM) DetachGroupPolicyRequest

func (c *IAM) DetachGroupPolicyRequest(input *DetachGroupPolicyInput) (req *request.Request, output *DetachGroupPolicyOutput)

DetachGroupPolicyRequest generates a "aws/request.Request" representing the client's request for the DetachGroupPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DetachGroupPolicy for more information on using the DetachGroupPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DetachGroupPolicyRequest method.
req, resp := client.DetachGroupPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachGroupPolicy

func (*IAM) DetachGroupPolicyWithContext

func (c *IAM) DetachGroupPolicyWithContext(ctx aws.Context, input *DetachGroupPolicyInput, opts ...request.Option) (*DetachGroupPolicyOutput, error)

DetachGroupPolicyWithContext is the same as DetachGroupPolicy with the addition of the ability to pass a context and additional request options.

See DetachGroupPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DetachRolePolicy

func (c *IAM) DetachRolePolicy(input *DetachRolePolicyInput) (*DetachRolePolicyOutput, error)

DetachRolePolicy API operation for AWS Identity and Access Management.

Removes the specified managed policy from the specified role.

A role can also have inline policies embedded with it. To delete an inline policy, use DeleteRolePolicy. For information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DetachRolePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because service-linked roles are protected Amazon Web Services resources. Only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachRolePolicy

func (*IAM) DetachRolePolicyRequest

func (c *IAM) DetachRolePolicyRequest(input *DetachRolePolicyInput) (req *request.Request, output *DetachRolePolicyOutput)

DetachRolePolicyRequest generates a "aws/request.Request" representing the client's request for the DetachRolePolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DetachRolePolicy for more information on using the DetachRolePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DetachRolePolicyRequest method.
req, resp := client.DetachRolePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachRolePolicy

func (*IAM) DetachRolePolicyWithContext

func (c *IAM) DetachRolePolicyWithContext(ctx aws.Context, input *DetachRolePolicyInput, opts ...request.Option) (*DetachRolePolicyOutput, error)

DetachRolePolicyWithContext is the same as DetachRolePolicy with the addition of the ability to pass a context and additional request options.

See DetachRolePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DetachUserPolicy

func (c *IAM) DetachUserPolicy(input *DetachUserPolicyInput) (*DetachUserPolicyOutput, error)

DetachUserPolicy API operation for AWS Identity and Access Management.

Removes the specified managed policy from the specified user.

A user can also have inline policies embedded with it. To delete an inline policy, use DeleteUserPolicy. For information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DetachUserPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachUserPolicy

func (*IAM) DetachUserPolicyRequest

func (c *IAM) DetachUserPolicyRequest(input *DetachUserPolicyInput) (req *request.Request, output *DetachUserPolicyOutput)

DetachUserPolicyRequest generates a "aws/request.Request" representing the client's request for the DetachUserPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DetachUserPolicy for more information on using the DetachUserPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DetachUserPolicyRequest method.
req, resp := client.DetachUserPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachUserPolicy

func (*IAM) DetachUserPolicyWithContext

func (c *IAM) DetachUserPolicyWithContext(ctx aws.Context, input *DetachUserPolicyInput, opts ...request.Option) (*DetachUserPolicyOutput, error)

DetachUserPolicyWithContext is the same as DetachUserPolicy with the addition of the ability to pass a context and additional request options.

See DetachUserPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) EnableMFADevice

func (c *IAM) EnableMFADevice(input *EnableMFADeviceInput) (*EnableMFADeviceOutput, error)

EnableMFADevice API operation for AWS Identity and Access Management.

Enables the specified MFA device and associates it with the specified IAM user. When enabled, the MFA device is required for every subsequent login by the IAM user associated with the device.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation EnableMFADevice for usage and error information.

Returned Error Codes:

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable" The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

  • ErrCodeInvalidAuthenticationCodeException "InvalidAuthenticationCode" The request was rejected because the authentication code was not recognized. The error message describes the specific error.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/EnableMFADevice

func (*IAM) EnableMFADeviceRequest

func (c *IAM) EnableMFADeviceRequest(input *EnableMFADeviceInput) (req *request.Request, output *EnableMFADeviceOutput)

EnableMFADeviceRequest generates a "aws/request.Request" representing the client's request for the EnableMFADevice operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See EnableMFADevice for more information on using the EnableMFADevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the EnableMFADeviceRequest method.
req, resp := client.EnableMFADeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/EnableMFADevice

func (*IAM) EnableMFADeviceWithContext

func (c *IAM) EnableMFADeviceWithContext(ctx aws.Context, input *EnableMFADeviceInput, opts ...request.Option) (*EnableMFADeviceOutput, error)

EnableMFADeviceWithContext is the same as EnableMFADevice with the addition of the ability to pass a context and additional request options.

See EnableMFADevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GenerateCredentialReport

func (c *IAM) GenerateCredentialReport(input *GenerateCredentialReportInput) (*GenerateCredentialReportOutput, error)

GenerateCredentialReport API operation for AWS Identity and Access Management.

Generates a credential report for the Amazon Web Services account. For more information about the credential report, see Getting credential reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GenerateCredentialReport for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateCredentialReport

func (*IAM) GenerateCredentialReportRequest

func (c *IAM) GenerateCredentialReportRequest(input *GenerateCredentialReportInput) (req *request.Request, output *GenerateCredentialReportOutput)

GenerateCredentialReportRequest generates a "aws/request.Request" representing the client's request for the GenerateCredentialReport operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GenerateCredentialReport for more information on using the GenerateCredentialReport API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GenerateCredentialReportRequest method.
req, resp := client.GenerateCredentialReportRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateCredentialReport

func (*IAM) GenerateCredentialReportWithContext

func (c *IAM) GenerateCredentialReportWithContext(ctx aws.Context, input *GenerateCredentialReportInput, opts ...request.Option) (*GenerateCredentialReportOutput, error)

GenerateCredentialReportWithContext is the same as GenerateCredentialReport with the addition of the ability to pass a context and additional request options.

See GenerateCredentialReport for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GenerateOrganizationsAccessReport

func (c *IAM) GenerateOrganizationsAccessReport(input *GenerateOrganizationsAccessReportInput) (*GenerateOrganizationsAccessReportOutput, error)

GenerateOrganizationsAccessReport API operation for AWS Identity and Access Management.

Generates a report for service last accessed data for Organizations. You can generate a report for any entities (organization root, organizational unit, or account) or policies in your organization.

To call this operation, you must be signed in using your Organizations management account credentials. You can use your long-term IAM user or root user credentials, or temporary credentials from assuming an IAM role. SCPs must be enabled for your organization root. You must have the required IAM and Organizations permissions. For more information, see Refining permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) in the IAM User Guide.

You can generate a service last accessed data report for entities by specifying only the entity's path. This data includes a list of services that are allowed by any service control policies (SCPs) that apply to the entity.

You can generate a service last accessed data report for a policy by specifying an entity's path and an optional Organizations policy ID. This data includes a list of services that are allowed by the specified SCP.

For each service in both report types, the data includes the most recent account activity that the policy allows to account principals in the entity or the entity's children. For important information about the data, reporting period, permissions required, troubleshooting, and supported Regions see Reducing permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) in the IAM User Guide.

The data includes all attempts to access Amazon Web Services, not just the successful ones. This includes all attempts that were made using the Amazon Web Services Management Console, the Amazon Web Services API through any of the SDKs, or any of the command line tools. An unexpected entry in the service last accessed data does not mean that an account has been compromised, because the request might have been denied. Refer to your CloudTrail logs as the authoritative source for information about all API calls and whether they were successful or denied access. For more information, see Logging IAM events with CloudTrail (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html) in the IAM User Guide.

This operation returns a JobId. Use this parameter in the GetOrganizationsAccessReport operation to check the status of the report generation. To check the status of this request, use the JobId parameter in the GetOrganizationsAccessReport operation and test the JobStatus response parameter. When the job is complete, you can retrieve the report.

To generate a service last accessed data report for entities, specify an entity path without specifying the optional Organizations policy ID. The type of entity that you specify determines the data returned in the report.

  • Root – When you specify the organizations root as the entity, the resulting report lists all of the services allowed by SCPs that are attached to your root. For each service, the report includes data for all accounts in your organization except the management account, because the management account is not limited by SCPs.

  • OU – When you specify an organizational unit (OU) as the entity, the resulting report lists all of the services allowed by SCPs that are attached to the OU and its parents. For each service, the report includes data for all accounts in the OU or its children. This data excludes the management account, because the management account is not limited by SCPs.

  • management account – When you specify the management account, the resulting report lists all Amazon Web Services services, because the management account is not limited by SCPs. For each service, the report includes data for only the management account.

  • Account – When you specify another account as the entity, the resulting report lists all of the services allowed by SCPs that are attached to the account and its parents. For each service, the report includes data for only the specified account.

To generate a service last accessed data report for policies, specify an entity path and the optional Organizations policy ID. The type of entity that you specify determines the data returned for each service.

  • Root – When you specify the root entity and a policy ID, the resulting report lists all of the services that are allowed by the specified SCP. For each service, the report includes data for all accounts in your organization to which the SCP applies. This data excludes the management account, because the management account is not limited by SCPs. If the SCP is not attached to any entities in the organization, then the report will return a list of services with no data.

  • OU – When you specify an OU entity and a policy ID, the resulting report lists all of the services that are allowed by the specified SCP. For each service, the report includes data for all accounts in the OU or its children to which the SCP applies. This means that other accounts outside the OU that are affected by the SCP might not be included in the data. This data excludes the management account, because the management account is not limited by SCPs. If the SCP is not attached to the OU or one of its children, the report will return a list of services with no data.

  • management account – When you specify the management account, the resulting report lists all Amazon Web Services services, because the management account is not limited by SCPs. If you specify a policy ID in the CLI or API, the policy is ignored. For each service, the report includes data for only the management account.

  • Account – When you specify another account entity and a policy ID, the resulting report lists all of the services that are allowed by the specified SCP. For each service, the report includes data for only the specified account. This means that other accounts in the organization that are affected by the SCP might not be included in the data. If the SCP is not attached to the account, the report will return a list of services with no data.

Service last accessed data does not use other policy types when determining whether a principal could access a service. These other policy types include identity-based policies, resource-based policies, access control lists, IAM permissions boundaries, and STS assume role policies. It only applies SCP logic. For more about the evaluation of policy types, see Evaluating policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics) in the IAM User Guide.

For more information about service last accessed data, see Reducing policy scope by viewing user activity (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GenerateOrganizationsAccessReport for usage and error information.

Returned Error Codes:

  • ErrCodeReportGenerationLimitExceededException "ReportGenerationLimitExceeded" The request failed because the maximum number of concurrent requests for this account are already running.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateOrganizationsAccessReport

Example (Shared00)

To generate a service last accessed data report for an organizational unit The following operation generates a report for the organizational unit ou-rge0-awexample

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GenerateOrganizationsAccessReportInput{
		EntityPath: aws.String("o-a1b2c3d4e5/r-f6g7h8i9j0example/ou-1a2b3c-k9l8m7n6o5example"),
	}

	result, err := svc.GenerateOrganizationsAccessReport(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeReportGenerationLimitExceededException:
				fmt.Println(iam.ErrCodeReportGenerationLimitExceededException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GenerateOrganizationsAccessReportRequest

func (c *IAM) GenerateOrganizationsAccessReportRequest(input *GenerateOrganizationsAccessReportInput) (req *request.Request, output *GenerateOrganizationsAccessReportOutput)

GenerateOrganizationsAccessReportRequest generates a "aws/request.Request" representing the client's request for the GenerateOrganizationsAccessReport operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GenerateOrganizationsAccessReport for more information on using the GenerateOrganizationsAccessReport API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GenerateOrganizationsAccessReportRequest method.
req, resp := client.GenerateOrganizationsAccessReportRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateOrganizationsAccessReport

func (*IAM) GenerateOrganizationsAccessReportWithContext

func (c *IAM) GenerateOrganizationsAccessReportWithContext(ctx aws.Context, input *GenerateOrganizationsAccessReportInput, opts ...request.Option) (*GenerateOrganizationsAccessReportOutput, error)

GenerateOrganizationsAccessReportWithContext is the same as GenerateOrganizationsAccessReport with the addition of the ability to pass a context and additional request options.

See GenerateOrganizationsAccessReport for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GenerateServiceLastAccessedDetails

func (c *IAM) GenerateServiceLastAccessedDetails(input *GenerateServiceLastAccessedDetailsInput) (*GenerateServiceLastAccessedDetailsOutput, error)

GenerateServiceLastAccessedDetails API operation for AWS Identity and Access Management.

Generates a report that includes details about when an IAM resource (user, group, role, or policy) was last used in an attempt to access Amazon Web Services services. Recent activity usually appears within four hours. IAM reports activity for at least the last 400 days, or less if your Region began supporting this feature within the last year. For more information, see Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period).

The service last accessed data includes all attempts to access an Amazon Web Services API, not just the successful ones. This includes all attempts that were made using the Amazon Web Services Management Console, the Amazon Web Services API through any of the SDKs, or any of the command line tools. An unexpected entry in the service last accessed data does not mean that your account has been compromised, because the request might have been denied. Refer to your CloudTrail logs as the authoritative source for information about all API calls and whether they were successful or denied access. For more information, see Logging IAM events with CloudTrail (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html) in the IAM User Guide.

The GenerateServiceLastAccessedDetails operation returns a JobId. Use this parameter in the following operations to retrieve the following details from your report:

  • GetServiceLastAccessedDetails – Use this operation for users, groups, roles, or policies to list every Amazon Web Services service that the resource could access using permissions policies. For each service, the response includes information about the most recent access attempt. The JobId returned by GenerateServiceLastAccessedDetail must be used by the same role within a session, or by the same user when used to call GetServiceLastAccessedDetail.

  • GetServiceLastAccessedDetailsWithEntities – Use this operation for groups and policies to list information about the associated entities (users or roles) that attempted to access a specific Amazon Web Services service.

To check the status of the GenerateServiceLastAccessedDetails request, use the JobId parameter in the same operations and test the JobStatus response parameter.

For additional information about the permissions policies that allow an identity (user, group, or role) to access specific services, use the ListPoliciesGrantingServiceAccess operation.

Service last accessed data does not use other policy types when determining whether a resource could access a service. These other policy types include resource-based policies, access control lists, Organizations policies, IAM permissions boundaries, and STS assume role policies. It only applies permissions policy logic. For more about the evaluation of policy types, see Evaluating policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics) in the IAM User Guide.

For more information about service and action last accessed data, see Reducing permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GenerateServiceLastAccessedDetails for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateServiceLastAccessedDetails

Example (Shared00)

To generate a service last accessed data report for a policy The following operation generates a report for the policy: ExamplePolicy1

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GenerateServiceLastAccessedDetailsInput{
		Arn: aws.String("arn:aws:iam::123456789012:policy/ExamplePolicy1"),
	}

	result, err := svc.GenerateServiceLastAccessedDetails(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GenerateServiceLastAccessedDetailsRequest

func (c *IAM) GenerateServiceLastAccessedDetailsRequest(input *GenerateServiceLastAccessedDetailsInput) (req *request.Request, output *GenerateServiceLastAccessedDetailsOutput)

GenerateServiceLastAccessedDetailsRequest generates a "aws/request.Request" representing the client's request for the GenerateServiceLastAccessedDetails operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GenerateServiceLastAccessedDetails for more information on using the GenerateServiceLastAccessedDetails API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GenerateServiceLastAccessedDetailsRequest method.
req, resp := client.GenerateServiceLastAccessedDetailsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateServiceLastAccessedDetails

func (*IAM) GenerateServiceLastAccessedDetailsWithContext

func (c *IAM) GenerateServiceLastAccessedDetailsWithContext(ctx aws.Context, input *GenerateServiceLastAccessedDetailsInput, opts ...request.Option) (*GenerateServiceLastAccessedDetailsOutput, error)

GenerateServiceLastAccessedDetailsWithContext is the same as GenerateServiceLastAccessedDetails with the addition of the ability to pass a context and additional request options.

See GenerateServiceLastAccessedDetails for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetAccessKeyLastUsed

func (c *IAM) GetAccessKeyLastUsed(input *GetAccessKeyLastUsedInput) (*GetAccessKeyLastUsedOutput, error)

GetAccessKeyLastUsed API operation for AWS Identity and Access Management.

Retrieves information about when the specified access key was last used. The information includes the date and time of last use, along with the Amazon Web Services service and Region that were specified in the last request made with that key.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetAccessKeyLastUsed for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccessKeyLastUsed

func (*IAM) GetAccessKeyLastUsedRequest

func (c *IAM) GetAccessKeyLastUsedRequest(input *GetAccessKeyLastUsedInput) (req *request.Request, output *GetAccessKeyLastUsedOutput)

GetAccessKeyLastUsedRequest generates a "aws/request.Request" representing the client's request for the GetAccessKeyLastUsed operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetAccessKeyLastUsed for more information on using the GetAccessKeyLastUsed API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetAccessKeyLastUsedRequest method.
req, resp := client.GetAccessKeyLastUsedRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccessKeyLastUsed

func (*IAM) GetAccessKeyLastUsedWithContext

func (c *IAM) GetAccessKeyLastUsedWithContext(ctx aws.Context, input *GetAccessKeyLastUsedInput, opts ...request.Option) (*GetAccessKeyLastUsedOutput, error)

GetAccessKeyLastUsedWithContext is the same as GetAccessKeyLastUsed with the addition of the ability to pass a context and additional request options.

See GetAccessKeyLastUsed for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetAccountAuthorizationDetails

func (c *IAM) GetAccountAuthorizationDetails(input *GetAccountAuthorizationDetailsInput) (*GetAccountAuthorizationDetailsOutput, error)

GetAccountAuthorizationDetails API operation for AWS Identity and Access Management.

Retrieves information about all IAM users, groups, roles, and policies in your Amazon Web Services account, including their relationships to one another. Use this operation to obtain a snapshot of the configuration of IAM permissions (users, groups, roles, and policies) in your account.

Policies returned by this operation are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

You can optionally filter the results using the Filter parameter. You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetAccountAuthorizationDetails for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountAuthorizationDetails

func (*IAM) GetAccountAuthorizationDetailsPages

func (c *IAM) GetAccountAuthorizationDetailsPages(input *GetAccountAuthorizationDetailsInput, fn func(*GetAccountAuthorizationDetailsOutput, bool) bool) error

GetAccountAuthorizationDetailsPages iterates over the pages of a GetAccountAuthorizationDetails operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See GetAccountAuthorizationDetails method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a GetAccountAuthorizationDetails operation.
pageNum := 0
err := client.GetAccountAuthorizationDetailsPages(params,
    func(page *iam.GetAccountAuthorizationDetailsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) GetAccountAuthorizationDetailsPagesWithContext

func (c *IAM) GetAccountAuthorizationDetailsPagesWithContext(ctx aws.Context, input *GetAccountAuthorizationDetailsInput, fn func(*GetAccountAuthorizationDetailsOutput, bool) bool, opts ...request.Option) error

GetAccountAuthorizationDetailsPagesWithContext same as GetAccountAuthorizationDetailsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetAccountAuthorizationDetailsRequest

func (c *IAM) GetAccountAuthorizationDetailsRequest(input *GetAccountAuthorizationDetailsInput) (req *request.Request, output *GetAccountAuthorizationDetailsOutput)

GetAccountAuthorizationDetailsRequest generates a "aws/request.Request" representing the client's request for the GetAccountAuthorizationDetails operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetAccountAuthorizationDetails for more information on using the GetAccountAuthorizationDetails API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetAccountAuthorizationDetailsRequest method.
req, resp := client.GetAccountAuthorizationDetailsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountAuthorizationDetails

func (*IAM) GetAccountAuthorizationDetailsWithContext

func (c *IAM) GetAccountAuthorizationDetailsWithContext(ctx aws.Context, input *GetAccountAuthorizationDetailsInput, opts ...request.Option) (*GetAccountAuthorizationDetailsOutput, error)

GetAccountAuthorizationDetailsWithContext is the same as GetAccountAuthorizationDetails with the addition of the ability to pass a context and additional request options.

See GetAccountAuthorizationDetails for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetAccountPasswordPolicy

func (c *IAM) GetAccountPasswordPolicy(input *GetAccountPasswordPolicyInput) (*GetAccountPasswordPolicyOutput, error)

GetAccountPasswordPolicy API operation for AWS Identity and Access Management.

Retrieves the password policy for the Amazon Web Services account. This tells you the complexity requirements and mandatory rotation periods for the IAM user passwords in your account. For more information about using a password policy, see Managing an IAM password policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetAccountPasswordPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountPasswordPolicy

Example (Shared00)

To see the current account password policy The following command displays details about the password policy for the current AWS account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetAccountPasswordPolicyInput{}

	result, err := svc.GetAccountPasswordPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetAccountPasswordPolicyRequest

func (c *IAM) GetAccountPasswordPolicyRequest(input *GetAccountPasswordPolicyInput) (req *request.Request, output *GetAccountPasswordPolicyOutput)

GetAccountPasswordPolicyRequest generates a "aws/request.Request" representing the client's request for the GetAccountPasswordPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetAccountPasswordPolicy for more information on using the GetAccountPasswordPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetAccountPasswordPolicyRequest method.
req, resp := client.GetAccountPasswordPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountPasswordPolicy

func (*IAM) GetAccountPasswordPolicyWithContext

func (c *IAM) GetAccountPasswordPolicyWithContext(ctx aws.Context, input *GetAccountPasswordPolicyInput, opts ...request.Option) (*GetAccountPasswordPolicyOutput, error)

GetAccountPasswordPolicyWithContext is the same as GetAccountPasswordPolicy with the addition of the ability to pass a context and additional request options.

See GetAccountPasswordPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetAccountSummary

func (c *IAM) GetAccountSummary(input *GetAccountSummaryInput) (*GetAccountSummaryOutput, error)

GetAccountSummary API operation for AWS Identity and Access Management.

Retrieves information about IAM entity usage and IAM quotas in the Amazon Web Services account.

For information about IAM quotas, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetAccountSummary for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountSummary

Example (Shared00)

To get information about IAM entity quotas and usage in the current account The following command returns information about the IAM entity quotas and usage in the current AWS account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetAccountSummaryInput{}

	result, err := svc.GetAccountSummary(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetAccountSummaryRequest

func (c *IAM) GetAccountSummaryRequest(input *GetAccountSummaryInput) (req *request.Request, output *GetAccountSummaryOutput)

GetAccountSummaryRequest generates a "aws/request.Request" representing the client's request for the GetAccountSummary operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetAccountSummary for more information on using the GetAccountSummary API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetAccountSummaryRequest method.
req, resp := client.GetAccountSummaryRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountSummary

func (*IAM) GetAccountSummaryWithContext

func (c *IAM) GetAccountSummaryWithContext(ctx aws.Context, input *GetAccountSummaryInput, opts ...request.Option) (*GetAccountSummaryOutput, error)

GetAccountSummaryWithContext is the same as GetAccountSummary with the addition of the ability to pass a context and additional request options.

See GetAccountSummary for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetContextKeysForCustomPolicy

func (c *IAM) GetContextKeysForCustomPolicy(input *GetContextKeysForCustomPolicyInput) (*GetContextKeysForPolicyResponse, error)

GetContextKeysForCustomPolicy API operation for AWS Identity and Access Management.

Gets a list of all of the context keys referenced in the input policies. The policies are supplied as a list of one or more strings. To get the context keys from policies associated with an IAM user, group, or role, use GetContextKeysForPrincipalPolicy.

Context keys are variables maintained by Amazon Web Services and its services that provide details about the context of an API query request. Context keys can be evaluated by testing against a value specified in an IAM policy. Use GetContextKeysForCustomPolicy to understand what key names and values you must supply when you call SimulateCustomPolicy. Note that all parameters are shown in unencoded form here for clarity but must be URL encoded to be included as a part of a real HTML request.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetContextKeysForCustomPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForCustomPolicy

func (*IAM) GetContextKeysForCustomPolicyRequest

func (c *IAM) GetContextKeysForCustomPolicyRequest(input *GetContextKeysForCustomPolicyInput) (req *request.Request, output *GetContextKeysForPolicyResponse)

GetContextKeysForCustomPolicyRequest generates a "aws/request.Request" representing the client's request for the GetContextKeysForCustomPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetContextKeysForCustomPolicy for more information on using the GetContextKeysForCustomPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetContextKeysForCustomPolicyRequest method.
req, resp := client.GetContextKeysForCustomPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForCustomPolicy

func (*IAM) GetContextKeysForCustomPolicyWithContext

func (c *IAM) GetContextKeysForCustomPolicyWithContext(ctx aws.Context, input *GetContextKeysForCustomPolicyInput, opts ...request.Option) (*GetContextKeysForPolicyResponse, error)

GetContextKeysForCustomPolicyWithContext is the same as GetContextKeysForCustomPolicy with the addition of the ability to pass a context and additional request options.

See GetContextKeysForCustomPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetContextKeysForPrincipalPolicy

func (c *IAM) GetContextKeysForPrincipalPolicy(input *GetContextKeysForPrincipalPolicyInput) (*GetContextKeysForPolicyResponse, error)

GetContextKeysForPrincipalPolicy API operation for AWS Identity and Access Management.

Gets a list of all of the context keys referenced in all the IAM policies that are attached to the specified IAM entity. The entity can be an IAM user, group, or role. If you specify a user, then the request also includes all of the policies attached to groups that the user is a member of.

You can optionally include a list of one or more additional policies, specified as strings. If you want to include only a list of policies by string, use GetContextKeysForCustomPolicy instead.

Note: This operation discloses information about the permissions granted to other users. If you do not want users to see other user's permissions, then consider allowing them to use GetContextKeysForCustomPolicy instead.

Context keys are variables maintained by Amazon Web Services and its services that provide details about the context of an API query request. Context keys can be evaluated by testing against a value in an IAM policy. Use GetContextKeysForPrincipalPolicy to understand what key names and values you must supply when you call SimulatePrincipalPolicy.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetContextKeysForPrincipalPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForPrincipalPolicy

func (*IAM) GetContextKeysForPrincipalPolicyRequest

func (c *IAM) GetContextKeysForPrincipalPolicyRequest(input *GetContextKeysForPrincipalPolicyInput) (req *request.Request, output *GetContextKeysForPolicyResponse)

GetContextKeysForPrincipalPolicyRequest generates a "aws/request.Request" representing the client's request for the GetContextKeysForPrincipalPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetContextKeysForPrincipalPolicy for more information on using the GetContextKeysForPrincipalPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetContextKeysForPrincipalPolicyRequest method.
req, resp := client.GetContextKeysForPrincipalPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForPrincipalPolicy

func (*IAM) GetContextKeysForPrincipalPolicyWithContext

func (c *IAM) GetContextKeysForPrincipalPolicyWithContext(ctx aws.Context, input *GetContextKeysForPrincipalPolicyInput, opts ...request.Option) (*GetContextKeysForPolicyResponse, error)

GetContextKeysForPrincipalPolicyWithContext is the same as GetContextKeysForPrincipalPolicy with the addition of the ability to pass a context and additional request options.

See GetContextKeysForPrincipalPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetCredentialReport

func (c *IAM) GetCredentialReport(input *GetCredentialReportInput) (*GetCredentialReportOutput, error)

GetCredentialReport API operation for AWS Identity and Access Management.

Retrieves a credential report for the Amazon Web Services account. For more information about the credential report, see Getting credential reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetCredentialReport for usage and error information.

Returned Error Codes:

  • ErrCodeCredentialReportNotPresentException "ReportNotPresent" The request was rejected because the credential report does not exist. To generate a credential report, use GenerateCredentialReport.

  • ErrCodeCredentialReportExpiredException "ReportExpired" The request was rejected because the most recent credential report has expired. To generate a new credential report, use GenerateCredentialReport. For more information about credential report expiration, see Getting credential reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) in the IAM User Guide.

  • ErrCodeCredentialReportNotReadyException "ReportInProgress" The request was rejected because the credential report is still being generated.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetCredentialReport

func (*IAM) GetCredentialReportRequest

func (c *IAM) GetCredentialReportRequest(input *GetCredentialReportInput) (req *request.Request, output *GetCredentialReportOutput)

GetCredentialReportRequest generates a "aws/request.Request" representing the client's request for the GetCredentialReport operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetCredentialReport for more information on using the GetCredentialReport API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetCredentialReportRequest method.
req, resp := client.GetCredentialReportRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetCredentialReport

func (*IAM) GetCredentialReportWithContext

func (c *IAM) GetCredentialReportWithContext(ctx aws.Context, input *GetCredentialReportInput, opts ...request.Option) (*GetCredentialReportOutput, error)

GetCredentialReportWithContext is the same as GetCredentialReport with the addition of the ability to pass a context and additional request options.

See GetCredentialReport for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetGroup

func (c *IAM) GetGroup(input *GetGroupInput) (*GetGroupOutput, error)

GetGroup API operation for AWS Identity and Access Management.

Returns a list of IAM users that are in the specified IAM group. You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetGroup for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroup

func (*IAM) GetGroupPages

func (c *IAM) GetGroupPages(input *GetGroupInput, fn func(*GetGroupOutput, bool) bool) error

GetGroupPages iterates over the pages of a GetGroup operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See GetGroup method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a GetGroup operation.
pageNum := 0
err := client.GetGroupPages(params,
    func(page *iam.GetGroupOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) GetGroupPagesWithContext

func (c *IAM) GetGroupPagesWithContext(ctx aws.Context, input *GetGroupInput, fn func(*GetGroupOutput, bool) bool, opts ...request.Option) error

GetGroupPagesWithContext same as GetGroupPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetGroupPolicy

func (c *IAM) GetGroupPolicy(input *GetGroupPolicyInput) (*GetGroupPolicyOutput, error)

GetGroupPolicy API operation for AWS Identity and Access Management.

Retrieves the specified inline policy document that is embedded in the specified IAM group.

Policies returned by this operation are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

An IAM group can also have managed policies attached to it. To retrieve a managed policy document that is attached to a group, use GetPolicy to determine the policy's default version, then use GetPolicyVersion to retrieve the policy document.

For more information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetGroupPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroupPolicy

func (*IAM) GetGroupPolicyRequest

func (c *IAM) GetGroupPolicyRequest(input *GetGroupPolicyInput) (req *request.Request, output *GetGroupPolicyOutput)

GetGroupPolicyRequest generates a "aws/request.Request" representing the client's request for the GetGroupPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetGroupPolicy for more information on using the GetGroupPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetGroupPolicyRequest method.
req, resp := client.GetGroupPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroupPolicy

func (*IAM) GetGroupPolicyWithContext

func (c *IAM) GetGroupPolicyWithContext(ctx aws.Context, input *GetGroupPolicyInput, opts ...request.Option) (*GetGroupPolicyOutput, error)

GetGroupPolicyWithContext is the same as GetGroupPolicy with the addition of the ability to pass a context and additional request options.

See GetGroupPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetGroupRequest

func (c *IAM) GetGroupRequest(input *GetGroupInput) (req *request.Request, output *GetGroupOutput)

GetGroupRequest generates a "aws/request.Request" representing the client's request for the GetGroup operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetGroup for more information on using the GetGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetGroupRequest method.
req, resp := client.GetGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroup

func (*IAM) GetGroupWithContext

func (c *IAM) GetGroupWithContext(ctx aws.Context, input *GetGroupInput, opts ...request.Option) (*GetGroupOutput, error)

GetGroupWithContext is the same as GetGroup with the addition of the ability to pass a context and additional request options.

See GetGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetInstanceProfile

func (c *IAM) GetInstanceProfile(input *GetInstanceProfileInput) (*GetInstanceProfileOutput, error)

GetInstanceProfile API operation for AWS Identity and Access Management.

Retrieves information about the specified instance profile, including the instance profile's path, GUID, ARN, and role. For more information about instance profiles, see Using instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetInstanceProfile for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetInstanceProfile

Example (Shared00)

To get information about an instance profile The following command gets information about the instance profile named ExampleInstanceProfile.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetInstanceProfileInput{
		InstanceProfileName: aws.String("ExampleInstanceProfile"),
	}

	result, err := svc.GetInstanceProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetInstanceProfileRequest

func (c *IAM) GetInstanceProfileRequest(input *GetInstanceProfileInput) (req *request.Request, output *GetInstanceProfileOutput)

GetInstanceProfileRequest generates a "aws/request.Request" representing the client's request for the GetInstanceProfile operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetInstanceProfile for more information on using the GetInstanceProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetInstanceProfileRequest method.
req, resp := client.GetInstanceProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetInstanceProfile

func (*IAM) GetInstanceProfileWithContext

func (c *IAM) GetInstanceProfileWithContext(ctx aws.Context, input *GetInstanceProfileInput, opts ...request.Option) (*GetInstanceProfileOutput, error)

GetInstanceProfileWithContext is the same as GetInstanceProfile with the addition of the ability to pass a context and additional request options.

See GetInstanceProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetLoginProfile

func (c *IAM) GetLoginProfile(input *GetLoginProfileInput) (*GetLoginProfileOutput, error)

GetLoginProfile API operation for AWS Identity and Access Management.

Retrieves the user name for the specified IAM user. A login profile is created when you create a password for the user to access the Amazon Web Services Management Console. If the user does not exist or does not have a password, the operation returns a 404 (NoSuchEntity) error.

If you create an IAM user with access to the console, the CreateDate reflects the date you created the initial password for the user.

If you create an IAM user with programmatic access, and then later add a password for the user to access the Amazon Web Services Management Console, the CreateDate reflects the initial password creation date. A user with programmatic access does not have a login profile unless you create a password for the user to access the Amazon Web Services Management Console.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetLoginProfile for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetLoginProfile

Example (Shared00)

To get password information for an IAM user The following command gets information about the password for the IAM user named Anika.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetLoginProfileInput{
		UserName: aws.String("Anika"),
	}

	result, err := svc.GetLoginProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetLoginProfileRequest

func (c *IAM) GetLoginProfileRequest(input *GetLoginProfileInput) (req *request.Request, output *GetLoginProfileOutput)

GetLoginProfileRequest generates a "aws/request.Request" representing the client's request for the GetLoginProfile operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetLoginProfile for more information on using the GetLoginProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetLoginProfileRequest method.
req, resp := client.GetLoginProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetLoginProfile

func (*IAM) GetLoginProfileWithContext

func (c *IAM) GetLoginProfileWithContext(ctx aws.Context, input *GetLoginProfileInput, opts ...request.Option) (*GetLoginProfileOutput, error)

GetLoginProfileWithContext is the same as GetLoginProfile with the addition of the ability to pass a context and additional request options.

See GetLoginProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetMFADevice added in v1.42.9

func (c *IAM) GetMFADevice(input *GetMFADeviceInput) (*GetMFADeviceOutput, error)

GetMFADevice API operation for AWS Identity and Access Management.

Retrieves information about an MFA device for a specified user.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetMFADevice for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetMFADevice

func (*IAM) GetMFADeviceRequest added in v1.42.9

func (c *IAM) GetMFADeviceRequest(input *GetMFADeviceInput) (req *request.Request, output *GetMFADeviceOutput)

GetMFADeviceRequest generates a "aws/request.Request" representing the client's request for the GetMFADevice operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetMFADevice for more information on using the GetMFADevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetMFADeviceRequest method.
req, resp := client.GetMFADeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetMFADevice

func (*IAM) GetMFADeviceWithContext added in v1.42.9

func (c *IAM) GetMFADeviceWithContext(ctx aws.Context, input *GetMFADeviceInput, opts ...request.Option) (*GetMFADeviceOutput, error)

GetMFADeviceWithContext is the same as GetMFADevice with the addition of the ability to pass a context and additional request options.

See GetMFADevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetOpenIDConnectProvider

func (c *IAM) GetOpenIDConnectProvider(input *GetOpenIDConnectProviderInput) (*GetOpenIDConnectProviderOutput, error)

GetOpenIDConnectProvider API operation for AWS Identity and Access Management.

Returns information about the specified OpenID Connect (OIDC) provider resource object in IAM.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetOpenIDConnectProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOpenIDConnectProvider

func (*IAM) GetOpenIDConnectProviderRequest

func (c *IAM) GetOpenIDConnectProviderRequest(input *GetOpenIDConnectProviderInput) (req *request.Request, output *GetOpenIDConnectProviderOutput)

GetOpenIDConnectProviderRequest generates a "aws/request.Request" representing the client's request for the GetOpenIDConnectProvider operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetOpenIDConnectProvider for more information on using the GetOpenIDConnectProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetOpenIDConnectProviderRequest method.
req, resp := client.GetOpenIDConnectProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOpenIDConnectProvider

func (*IAM) GetOpenIDConnectProviderWithContext

func (c *IAM) GetOpenIDConnectProviderWithContext(ctx aws.Context, input *GetOpenIDConnectProviderInput, opts ...request.Option) (*GetOpenIDConnectProviderOutput, error)

GetOpenIDConnectProviderWithContext is the same as GetOpenIDConnectProvider with the addition of the ability to pass a context and additional request options.

See GetOpenIDConnectProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetOrganizationsAccessReport

func (c *IAM) GetOrganizationsAccessReport(input *GetOrganizationsAccessReportInput) (*GetOrganizationsAccessReportOutput, error)

GetOrganizationsAccessReport API operation for AWS Identity and Access Management.

Retrieves the service last accessed data report for Organizations that was previously generated using the GenerateOrganizationsAccessReport operation. This operation retrieves the status of your report job and the report contents.

Depending on the parameters that you passed when you generated the report, the data returned could include different information. For details, see GenerateOrganizationsAccessReport.

To call this operation, you must be signed in to the management account in your organization. SCPs must be enabled for your organization root. You must have permissions to perform this operation. For more information, see Refining permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) in the IAM User Guide.

For each service that principals in an account (root user, IAM users, or IAM roles) could access using SCPs, the operation returns details about the most recent access attempt. If there was no attempt, the service is listed without details about the most recent attempt to access the service. If the operation fails, it returns the reason that it failed.

By default, the list is sorted by service namespace.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetOrganizationsAccessReport for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOrganizationsAccessReport

Example (Shared00)

To get details from a previously generated organizational unit report The following operation gets details about the report with the job ID: examplea-1234-b567-cde8-90fg123abcd4

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetOrganizationsAccessReportInput{
		JobId: aws.String("examplea-1234-b567-cde8-90fg123abcd4"),
	}

	result, err := svc.GetOrganizationsAccessReport(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetOrganizationsAccessReportRequest

func (c *IAM) GetOrganizationsAccessReportRequest(input *GetOrganizationsAccessReportInput) (req *request.Request, output *GetOrganizationsAccessReportOutput)

GetOrganizationsAccessReportRequest generates a "aws/request.Request" representing the client's request for the GetOrganizationsAccessReport operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetOrganizationsAccessReport for more information on using the GetOrganizationsAccessReport API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetOrganizationsAccessReportRequest method.
req, resp := client.GetOrganizationsAccessReportRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOrganizationsAccessReport

func (*IAM) GetOrganizationsAccessReportWithContext

func (c *IAM) GetOrganizationsAccessReportWithContext(ctx aws.Context, input *GetOrganizationsAccessReportInput, opts ...request.Option) (*GetOrganizationsAccessReportOutput, error)

GetOrganizationsAccessReportWithContext is the same as GetOrganizationsAccessReport with the addition of the ability to pass a context and additional request options.

See GetOrganizationsAccessReport for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetPolicy

func (c *IAM) GetPolicy(input *GetPolicyInput) (*GetPolicyOutput, error)

GetPolicy API operation for AWS Identity and Access Management.

Retrieves information about the specified managed policy, including the policy's default version and the total number of IAM users, groups, and roles to which the policy is attached. To retrieve the list of the specific users, groups, and roles that the policy is attached to, use ListEntitiesForPolicy. This operation returns metadata about the policy. To retrieve the actual policy document for a specific version of the policy, use GetPolicyVersion.

This operation retrieves information about managed policies. To retrieve information about an inline policy that is embedded with an IAM user, group, or role, use GetUserPolicy, GetGroupPolicy, or GetRolePolicy.

For more information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicy

func (*IAM) GetPolicyRequest

func (c *IAM) GetPolicyRequest(input *GetPolicyInput) (req *request.Request, output *GetPolicyOutput)

GetPolicyRequest generates a "aws/request.Request" representing the client's request for the GetPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetPolicy for more information on using the GetPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetPolicyRequest method.
req, resp := client.GetPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicy

func (*IAM) GetPolicyVersion

func (c *IAM) GetPolicyVersion(input *GetPolicyVersionInput) (*GetPolicyVersionOutput, error)

GetPolicyVersion API operation for AWS Identity and Access Management.

Retrieves information about the specified version of the specified managed policy, including the policy document.

Policies returned by this operation are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

To list the available versions for a policy, use ListPolicyVersions.

This operation retrieves information about managed policies. To retrieve information about an inline policy that is embedded in a user, group, or role, use GetUserPolicy, GetGroupPolicy, or GetRolePolicy.

For more information about the types of policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For more information about managed policy versions, see Versioning for managed policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetPolicyVersion for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicyVersion

func (*IAM) GetPolicyVersionRequest

func (c *IAM) GetPolicyVersionRequest(input *GetPolicyVersionInput) (req *request.Request, output *GetPolicyVersionOutput)

GetPolicyVersionRequest generates a "aws/request.Request" representing the client's request for the GetPolicyVersion operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetPolicyVersion for more information on using the GetPolicyVersion API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetPolicyVersionRequest method.
req, resp := client.GetPolicyVersionRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicyVersion

func (*IAM) GetPolicyVersionWithContext

func (c *IAM) GetPolicyVersionWithContext(ctx aws.Context, input *GetPolicyVersionInput, opts ...request.Option) (*GetPolicyVersionOutput, error)

GetPolicyVersionWithContext is the same as GetPolicyVersion with the addition of the ability to pass a context and additional request options.

See GetPolicyVersion for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetPolicyWithContext

func (c *IAM) GetPolicyWithContext(ctx aws.Context, input *GetPolicyInput, opts ...request.Option) (*GetPolicyOutput, error)

GetPolicyWithContext is the same as GetPolicy with the addition of the ability to pass a context and additional request options.

See GetPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetRole

func (c *IAM) GetRole(input *GetRoleInput) (*GetRoleOutput, error)

GetRole API operation for AWS Identity and Access Management.

Retrieves information about the specified role, including the role's path, GUID, ARN, and the role's trust policy that grants permission to assume the role. For more information about roles, see IAM roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) in the IAM User Guide.

Policies returned by this operation are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetRole for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRole

Example (Shared00)

To get information about an IAM role The following command gets information about the role named Test-Role.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetRoleInput{
		RoleName: aws.String("Test-Role"),
	}

	result, err := svc.GetRole(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetRolePolicy

func (c *IAM) GetRolePolicy(input *GetRolePolicyInput) (*GetRolePolicyOutput, error)

GetRolePolicy API operation for AWS Identity and Access Management.

Retrieves the specified inline policy document that is embedded with the specified IAM role.

Policies returned by this operation are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

An IAM role can also have managed policies attached to it. To retrieve a managed policy document that is attached to a role, use GetPolicy to determine the policy's default version, then use GetPolicyVersion to retrieve the policy document.

For more information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For more information about roles, see IAM roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetRolePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRolePolicy

func (*IAM) GetRolePolicyRequest

func (c *IAM) GetRolePolicyRequest(input *GetRolePolicyInput) (req *request.Request, output *GetRolePolicyOutput)

GetRolePolicyRequest generates a "aws/request.Request" representing the client's request for the GetRolePolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetRolePolicy for more information on using the GetRolePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetRolePolicyRequest method.
req, resp := client.GetRolePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRolePolicy

func (*IAM) GetRolePolicyWithContext

func (c *IAM) GetRolePolicyWithContext(ctx aws.Context, input *GetRolePolicyInput, opts ...request.Option) (*GetRolePolicyOutput, error)

GetRolePolicyWithContext is the same as GetRolePolicy with the addition of the ability to pass a context and additional request options.

See GetRolePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetRoleRequest

func (c *IAM) GetRoleRequest(input *GetRoleInput) (req *request.Request, output *GetRoleOutput)

GetRoleRequest generates a "aws/request.Request" representing the client's request for the GetRole operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetRole for more information on using the GetRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetRoleRequest method.
req, resp := client.GetRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRole

func (*IAM) GetRoleWithContext

func (c *IAM) GetRoleWithContext(ctx aws.Context, input *GetRoleInput, opts ...request.Option) (*GetRoleOutput, error)

GetRoleWithContext is the same as GetRole with the addition of the ability to pass a context and additional request options.

See GetRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetSAMLProvider

func (c *IAM) GetSAMLProvider(input *GetSAMLProviderInput) (*GetSAMLProviderOutput, error)

GetSAMLProvider API operation for AWS Identity and Access Management.

Returns the SAML provider metadocument that was uploaded when the IAM SAML provider resource object was created or updated.

This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetSAMLProvider for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSAMLProvider

func (*IAM) GetSAMLProviderRequest

func (c *IAM) GetSAMLProviderRequest(input *GetSAMLProviderInput) (req *request.Request, output *GetSAMLProviderOutput)

GetSAMLProviderRequest generates a "aws/request.Request" representing the client's request for the GetSAMLProvider operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetSAMLProvider for more information on using the GetSAMLProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetSAMLProviderRequest method.
req, resp := client.GetSAMLProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSAMLProvider

func (*IAM) GetSAMLProviderWithContext

func (c *IAM) GetSAMLProviderWithContext(ctx aws.Context, input *GetSAMLProviderInput, opts ...request.Option) (*GetSAMLProviderOutput, error)

GetSAMLProviderWithContext is the same as GetSAMLProvider with the addition of the ability to pass a context and additional request options.

See GetSAMLProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetSSHPublicKey

func (c *IAM) GetSSHPublicKey(input *GetSSHPublicKeyInput) (*GetSSHPublicKeyOutput, error)

GetSSHPublicKey API operation for AWS Identity and Access Management.

Retrieves the specified SSH public key, including metadata about the key.

The SSH public key retrieved by this operation is used only for authenticating the associated IAM user to an CodeCommit repository. For more information about using SSH keys to authenticate to an CodeCommit repository, see Set up CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the CodeCommit User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetSSHPublicKey for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeUnrecognizedPublicKeyEncodingException "UnrecognizedPublicKeyEncoding" The request was rejected because the public key encoding format is unsupported or unrecognized.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSSHPublicKey

func (*IAM) GetSSHPublicKeyRequest

func (c *IAM) GetSSHPublicKeyRequest(input *GetSSHPublicKeyInput) (req *request.Request, output *GetSSHPublicKeyOutput)

GetSSHPublicKeyRequest generates a "aws/request.Request" representing the client's request for the GetSSHPublicKey operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetSSHPublicKey for more information on using the GetSSHPublicKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetSSHPublicKeyRequest method.
req, resp := client.GetSSHPublicKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSSHPublicKey

func (*IAM) GetSSHPublicKeyWithContext

func (c *IAM) GetSSHPublicKeyWithContext(ctx aws.Context, input *GetSSHPublicKeyInput, opts ...request.Option) (*GetSSHPublicKeyOutput, error)

GetSSHPublicKeyWithContext is the same as GetSSHPublicKey with the addition of the ability to pass a context and additional request options.

See GetSSHPublicKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetServerCertificate

func (c *IAM) GetServerCertificate(input *GetServerCertificateInput) (*GetServerCertificateOutput, error)

GetServerCertificate API operation for AWS Identity and Access Management.

Retrieves information about the specified server certificate stored in IAM.

For more information about working with server certificates, see Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic includes a list of Amazon Web Services services that can use the server certificates that you manage with IAM.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetServerCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServerCertificate

func (*IAM) GetServerCertificateRequest

func (c *IAM) GetServerCertificateRequest(input *GetServerCertificateInput) (req *request.Request, output *GetServerCertificateOutput)

GetServerCertificateRequest generates a "aws/request.Request" representing the client's request for the GetServerCertificate operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetServerCertificate for more information on using the GetServerCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetServerCertificateRequest method.
req, resp := client.GetServerCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServerCertificate

func (*IAM) GetServerCertificateWithContext

func (c *IAM) GetServerCertificateWithContext(ctx aws.Context, input *GetServerCertificateInput, opts ...request.Option) (*GetServerCertificateOutput, error)

GetServerCertificateWithContext is the same as GetServerCertificate with the addition of the ability to pass a context and additional request options.

See GetServerCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetServiceLastAccessedDetails

func (c *IAM) GetServiceLastAccessedDetails(input *GetServiceLastAccessedDetailsInput) (*GetServiceLastAccessedDetailsOutput, error)

GetServiceLastAccessedDetails API operation for AWS Identity and Access Management.

Retrieves a service last accessed report that was created using the GenerateServiceLastAccessedDetails operation. You can use the JobId parameter in GetServiceLastAccessedDetails to retrieve the status of your report job. When the report is complete, you can retrieve the generated report. The report includes a list of Amazon Web Services services that the resource (user, group, role, or managed policy) can access.

Service last accessed data does not use other policy types when determining whether a resource could access a service. These other policy types include resource-based policies, access control lists, Organizations policies, IAM permissions boundaries, and STS assume role policies. It only applies permissions policy logic. For more about the evaluation of policy types, see Evaluating policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics) in the IAM User Guide.

For each service that the resource could access using permissions policies, the operation returns details about the most recent access attempt. If there was no attempt, the service is listed without details about the most recent attempt to access the service. If the operation fails, the GetServiceLastAccessedDetails operation returns the reason that it failed.

The GetServiceLastAccessedDetails operation returns a list of services. This list includes the number of entities that have attempted to access the service and the date and time of the last attempt. It also returns the ARN of the following entity, depending on the resource ARN that you used to generate the report:

  • User – Returns the user ARN that you used to generate the report

  • Group – Returns the ARN of the group member (user) that last attempted to access the service

  • Role – Returns the role ARN that you used to generate the report

  • Policy – Returns the ARN of the user or role that last used the policy to attempt to access the service

By default, the list is sorted by service namespace.

If you specified ACTION_LEVEL granularity when you generated the report, this operation returns service and action last accessed data. This includes the most recent access attempt for each tracked action within a service. Otherwise, this operation returns only service data.

For more information about service and action last accessed data, see Reducing permissions using service last accessed data (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetServiceLastAccessedDetails for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLastAccessedDetails

Example (Shared00)

To get details from a previously-generated report The following operation gets details about the report with the job ID: examplef-1305-c245-eba4-71fe298bcda7

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetServiceLastAccessedDetailsInput{
		JobId: aws.String("examplef-1305-c245-eba4-71fe298bcda7"),
	}

	result, err := svc.GetServiceLastAccessedDetails(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetServiceLastAccessedDetailsRequest

func (c *IAM) GetServiceLastAccessedDetailsRequest(input *GetServiceLastAccessedDetailsInput) (req *request.Request, output *GetServiceLastAccessedDetailsOutput)

GetServiceLastAccessedDetailsRequest generates a "aws/request.Request" representing the client's request for the GetServiceLastAccessedDetails operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetServiceLastAccessedDetails for more information on using the GetServiceLastAccessedDetails API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetServiceLastAccessedDetailsRequest method.
req, resp := client.GetServiceLastAccessedDetailsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLastAccessedDetails

func (*IAM) GetServiceLastAccessedDetailsWithContext

func (c *IAM) GetServiceLastAccessedDetailsWithContext(ctx aws.Context, input *GetServiceLastAccessedDetailsInput, opts ...request.Option) (*GetServiceLastAccessedDetailsOutput, error)

GetServiceLastAccessedDetailsWithContext is the same as GetServiceLastAccessedDetails with the addition of the ability to pass a context and additional request options.

See GetServiceLastAccessedDetails for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetServiceLastAccessedDetailsWithEntities

func (c *IAM) GetServiceLastAccessedDetailsWithEntities(input *GetServiceLastAccessedDetailsWithEntitiesInput) (*GetServiceLastAccessedDetailsWithEntitiesOutput, error)

GetServiceLastAccessedDetailsWithEntities API operation for AWS Identity and Access Management.

After you generate a group or policy report using the GenerateServiceLastAccessedDetails operation, you can use the JobId parameter in GetServiceLastAccessedDetailsWithEntities. This operation retrieves the status of your report job and a list of entities that could have used group or policy permissions to access the specified service.

  • Group – For a group report, this operation returns a list of users in the group that could have used the group’s policies in an attempt to access the service.

  • Policy – For a policy report, this operation returns a list of entities (users or roles) that could have used the policy in an attempt to access the service.

You can also use this operation for user or role reports to retrieve details about those entities.

If the operation fails, the GetServiceLastAccessedDetailsWithEntities operation returns the reason that it failed.

By default, the list of associated entities is sorted by date, with the most recent access listed first.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetServiceLastAccessedDetailsWithEntities for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLastAccessedDetailsWithEntities

Example (Shared00)

To get sntity details from a previously-generated report The following operation returns details about the entities that attempted to access the IAM service.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetServiceLastAccessedDetailsWithEntitiesInput{
		JobId:            aws.String("examplef-1305-c245-eba4-71fe298bcda7"),
		ServiceNamespace: aws.String("iam"),
	}

	result, err := svc.GetServiceLastAccessedDetailsWithEntities(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetServiceLastAccessedDetailsWithEntitiesRequest

func (c *IAM) GetServiceLastAccessedDetailsWithEntitiesRequest(input *GetServiceLastAccessedDetailsWithEntitiesInput) (req *request.Request, output *GetServiceLastAccessedDetailsWithEntitiesOutput)

GetServiceLastAccessedDetailsWithEntitiesRequest generates a "aws/request.Request" representing the client's request for the GetServiceLastAccessedDetailsWithEntities operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetServiceLastAccessedDetailsWithEntities for more information on using the GetServiceLastAccessedDetailsWithEntities API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetServiceLastAccessedDetailsWithEntitiesRequest method.
req, resp := client.GetServiceLastAccessedDetailsWithEntitiesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLastAccessedDetailsWithEntities

func (*IAM) GetServiceLastAccessedDetailsWithEntitiesWithContext

func (c *IAM) GetServiceLastAccessedDetailsWithEntitiesWithContext(ctx aws.Context, input *GetServiceLastAccessedDetailsWithEntitiesInput, opts ...request.Option) (*GetServiceLastAccessedDetailsWithEntitiesOutput, error)

GetServiceLastAccessedDetailsWithEntitiesWithContext is the same as GetServiceLastAccessedDetailsWithEntities with the addition of the ability to pass a context and additional request options.

See GetServiceLastAccessedDetailsWithEntities for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetServiceLinkedRoleDeletionStatus

func (c *IAM) GetServiceLinkedRoleDeletionStatus(input *GetServiceLinkedRoleDeletionStatusInput) (*GetServiceLinkedRoleDeletionStatusOutput, error)

GetServiceLinkedRoleDeletionStatus API operation for AWS Identity and Access Management.

Retrieves the status of your service-linked role deletion. After you use DeleteServiceLinkedRole to submit a service-linked role for deletion, you can use the DeletionTaskId parameter in GetServiceLinkedRoleDeletionStatus to check the status of the deletion. If the deletion fails, this operation returns the reason that it failed, if that information is returned by the service.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetServiceLinkedRoleDeletionStatus for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLinkedRoleDeletionStatus

func (*IAM) GetServiceLinkedRoleDeletionStatusRequest

func (c *IAM) GetServiceLinkedRoleDeletionStatusRequest(input *GetServiceLinkedRoleDeletionStatusInput) (req *request.Request, output *GetServiceLinkedRoleDeletionStatusOutput)

GetServiceLinkedRoleDeletionStatusRequest generates a "aws/request.Request" representing the client's request for the GetServiceLinkedRoleDeletionStatus operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetServiceLinkedRoleDeletionStatus for more information on using the GetServiceLinkedRoleDeletionStatus API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetServiceLinkedRoleDeletionStatusRequest method.
req, resp := client.GetServiceLinkedRoleDeletionStatusRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLinkedRoleDeletionStatus

func (*IAM) GetServiceLinkedRoleDeletionStatusWithContext

func (c *IAM) GetServiceLinkedRoleDeletionStatusWithContext(ctx aws.Context, input *GetServiceLinkedRoleDeletionStatusInput, opts ...request.Option) (*GetServiceLinkedRoleDeletionStatusOutput, error)

GetServiceLinkedRoleDeletionStatusWithContext is the same as GetServiceLinkedRoleDeletionStatus with the addition of the ability to pass a context and additional request options.

See GetServiceLinkedRoleDeletionStatus for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetUser

func (c *IAM) GetUser(input *GetUserInput) (*GetUserOutput, error)

GetUser API operation for AWS Identity and Access Management.

Retrieves information about the specified IAM user, including the user's creation date, path, unique ID, and ARN.

If you do not specify a user name, IAM determines the user name implicitly based on the Amazon Web Services access key ID used to sign the request to this operation.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetUser for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUser

Example (Shared00)

To get information about an IAM user The following command gets information about the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetUserInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.GetUser(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetUserPolicy

func (c *IAM) GetUserPolicy(input *GetUserPolicyInput) (*GetUserPolicyOutput, error)

GetUserPolicy API operation for AWS Identity and Access Management.

Retrieves the specified inline policy document that is embedded in the specified IAM user.

Policies returned by this operation are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

An IAM user can also have managed policies attached to it. To retrieve a managed policy document that is attached to a user, use GetPolicy to determine the policy's default version. Then use GetPolicyVersion to retrieve the policy document.

For more information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetUserPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUserPolicy

func (*IAM) GetUserPolicyRequest

func (c *IAM) GetUserPolicyRequest(input *GetUserPolicyInput) (req *request.Request, output *GetUserPolicyOutput)

GetUserPolicyRequest generates a "aws/request.Request" representing the client's request for the GetUserPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetUserPolicy for more information on using the GetUserPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetUserPolicyRequest method.
req, resp := client.GetUserPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUserPolicy

func (*IAM) GetUserPolicyWithContext

func (c *IAM) GetUserPolicyWithContext(ctx aws.Context, input *GetUserPolicyInput, opts ...request.Option) (*GetUserPolicyOutput, error)

GetUserPolicyWithContext is the same as GetUserPolicy with the addition of the ability to pass a context and additional request options.

See GetUserPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetUserRequest

func (c *IAM) GetUserRequest(input *GetUserInput) (req *request.Request, output *GetUserOutput)

GetUserRequest generates a "aws/request.Request" representing the client's request for the GetUser operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetUser for more information on using the GetUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetUserRequest method.
req, resp := client.GetUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUser

func (*IAM) GetUserWithContext

func (c *IAM) GetUserWithContext(ctx aws.Context, input *GetUserInput, opts ...request.Option) (*GetUserOutput, error)

GetUserWithContext is the same as GetUser with the addition of the ability to pass a context and additional request options.

See GetUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAccessKeys

func (c *IAM) ListAccessKeys(input *ListAccessKeysInput) (*ListAccessKeysOutput, error)

ListAccessKeys API operation for AWS Identity and Access Management.

Returns information about the access key IDs associated with the specified IAM user. If there is none, the operation returns an empty list.

Although each user is limited to a small number of keys, you can still paginate the results using the MaxItems and Marker parameters.

If the UserName is not specified, the user name is determined implicitly based on the Amazon Web Services access key ID used to sign the request. If a temporary access key is used, then UserName is required. If a long-term key is assigned to the user, then UserName is not required. This operation works for access keys under the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root user credentials even if the Amazon Web Services account has no associated users.

To ensure the security of your Amazon Web Services account, the secret access key is accessible only during key and user creation.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListAccessKeys for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccessKeys

Example (Shared00)

To list the access key IDs for an IAM user The following command lists the access keys IDs for the IAM user named Alice.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListAccessKeysInput{
		UserName: aws.String("Alice"),
	}

	result, err := svc.ListAccessKeys(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListAccessKeysPages

func (c *IAM) ListAccessKeysPages(input *ListAccessKeysInput, fn func(*ListAccessKeysOutput, bool) bool) error

ListAccessKeysPages iterates over the pages of a ListAccessKeys operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListAccessKeys method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListAccessKeys operation.
pageNum := 0
err := client.ListAccessKeysPages(params,
    func(page *iam.ListAccessKeysOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListAccessKeysPagesWithContext

func (c *IAM) ListAccessKeysPagesWithContext(ctx aws.Context, input *ListAccessKeysInput, fn func(*ListAccessKeysOutput, bool) bool, opts ...request.Option) error

ListAccessKeysPagesWithContext same as ListAccessKeysPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAccessKeysRequest

func (c *IAM) ListAccessKeysRequest(input *ListAccessKeysInput) (req *request.Request, output *ListAccessKeysOutput)

ListAccessKeysRequest generates a "aws/request.Request" representing the client's request for the ListAccessKeys operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListAccessKeys for more information on using the ListAccessKeys API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListAccessKeysRequest method.
req, resp := client.ListAccessKeysRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccessKeys

func (*IAM) ListAccessKeysWithContext

func (c *IAM) ListAccessKeysWithContext(ctx aws.Context, input *ListAccessKeysInput, opts ...request.Option) (*ListAccessKeysOutput, error)

ListAccessKeysWithContext is the same as ListAccessKeys with the addition of the ability to pass a context and additional request options.

See ListAccessKeys for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAccountAliases

func (c *IAM) ListAccountAliases(input *ListAccountAliasesInput) (*ListAccountAliasesOutput, error)

ListAccountAliases API operation for AWS Identity and Access Management.

Lists the account alias associated with the Amazon Web Services account (Note: you can have only one). For information about using an Amazon Web Services account alias, see Creating, deleting, and listing an Amazon Web Services account alias (https://docs.aws.amazon.com/signin/latest/userguide/CreateAccountAlias.html) in the Amazon Web Services Sign-In User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListAccountAliases for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccountAliases

Example (Shared00)

To list account aliases The following command lists the aliases for the current account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListAccountAliasesInput{}

	result, err := svc.ListAccountAliases(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListAccountAliasesPages

func (c *IAM) ListAccountAliasesPages(input *ListAccountAliasesInput, fn func(*ListAccountAliasesOutput, bool) bool) error

ListAccountAliasesPages iterates over the pages of a ListAccountAliases operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListAccountAliases method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListAccountAliases operation.
pageNum := 0
err := client.ListAccountAliasesPages(params,
    func(page *iam.ListAccountAliasesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListAccountAliasesPagesWithContext

func (c *IAM) ListAccountAliasesPagesWithContext(ctx aws.Context, input *ListAccountAliasesInput, fn func(*ListAccountAliasesOutput, bool) bool, opts ...request.Option) error

ListAccountAliasesPagesWithContext same as ListAccountAliasesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAccountAliasesRequest

func (c *IAM) ListAccountAliasesRequest(input *ListAccountAliasesInput) (req *request.Request, output *ListAccountAliasesOutput)

ListAccountAliasesRequest generates a "aws/request.Request" representing the client's request for the ListAccountAliases operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListAccountAliases for more information on using the ListAccountAliases API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListAccountAliasesRequest method.
req, resp := client.ListAccountAliasesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccountAliases

func (*IAM) ListAccountAliasesWithContext

func (c *IAM) ListAccountAliasesWithContext(ctx aws.Context, input *ListAccountAliasesInput, opts ...request.Option) (*ListAccountAliasesOutput, error)

ListAccountAliasesWithContext is the same as ListAccountAliases with the addition of the ability to pass a context and additional request options.

See ListAccountAliases for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAttachedGroupPolicies

func (c *IAM) ListAttachedGroupPolicies(input *ListAttachedGroupPoliciesInput) (*ListAttachedGroupPoliciesOutput, error)

ListAttachedGroupPolicies API operation for AWS Identity and Access Management.

Lists all managed policies that are attached to the specified IAM group.

An IAM group can also have inline policies embedded with it. To list the inline policies for a group, use ListGroupPolicies. For information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. You can use the PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. If there are no policies attached to the specified group (or none that match the specified path prefix), the operation returns an empty list.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListAttachedGroupPolicies for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedGroupPolicies

func (*IAM) ListAttachedGroupPoliciesPages

func (c *IAM) ListAttachedGroupPoliciesPages(input *ListAttachedGroupPoliciesInput, fn func(*ListAttachedGroupPoliciesOutput, bool) bool) error

ListAttachedGroupPoliciesPages iterates over the pages of a ListAttachedGroupPolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListAttachedGroupPolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListAttachedGroupPolicies operation.
pageNum := 0
err := client.ListAttachedGroupPoliciesPages(params,
    func(page *iam.ListAttachedGroupPoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListAttachedGroupPoliciesPagesWithContext

func (c *IAM) ListAttachedGroupPoliciesPagesWithContext(ctx aws.Context, input *ListAttachedGroupPoliciesInput, fn func(*ListAttachedGroupPoliciesOutput, bool) bool, opts ...request.Option) error

ListAttachedGroupPoliciesPagesWithContext same as ListAttachedGroupPoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAttachedGroupPoliciesRequest

func (c *IAM) ListAttachedGroupPoliciesRequest(input *ListAttachedGroupPoliciesInput) (req *request.Request, output *ListAttachedGroupPoliciesOutput)

ListAttachedGroupPoliciesRequest generates a "aws/request.Request" representing the client's request for the ListAttachedGroupPolicies operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListAttachedGroupPolicies for more information on using the ListAttachedGroupPolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListAttachedGroupPoliciesRequest method.
req, resp := client.ListAttachedGroupPoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedGroupPolicies

func (*IAM) ListAttachedGroupPoliciesWithContext

func (c *IAM) ListAttachedGroupPoliciesWithContext(ctx aws.Context, input *ListAttachedGroupPoliciesInput, opts ...request.Option) (*ListAttachedGroupPoliciesOutput, error)

ListAttachedGroupPoliciesWithContext is the same as ListAttachedGroupPolicies with the addition of the ability to pass a context and additional request options.

See ListAttachedGroupPolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAttachedRolePolicies

func (c *IAM) ListAttachedRolePolicies(input *ListAttachedRolePoliciesInput) (*ListAttachedRolePoliciesOutput, error)

ListAttachedRolePolicies API operation for AWS Identity and Access Management.

Lists all managed policies that are attached to the specified IAM role.

An IAM role can also have inline policies embedded with it. To list the inline policies for a role, use ListRolePolicies. For information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. You can use the PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. If there are no policies attached to the specified role (or none that match the specified path prefix), the operation returns an empty list.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListAttachedRolePolicies for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedRolePolicies

func (*IAM) ListAttachedRolePoliciesPages

func (c *IAM) ListAttachedRolePoliciesPages(input *ListAttachedRolePoliciesInput, fn func(*ListAttachedRolePoliciesOutput, bool) bool) error

ListAttachedRolePoliciesPages iterates over the pages of a ListAttachedRolePolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListAttachedRolePolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListAttachedRolePolicies operation.
pageNum := 0
err := client.ListAttachedRolePoliciesPages(params,
    func(page *iam.ListAttachedRolePoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListAttachedRolePoliciesPagesWithContext

func (c *IAM) ListAttachedRolePoliciesPagesWithContext(ctx aws.Context, input *ListAttachedRolePoliciesInput, fn func(*ListAttachedRolePoliciesOutput, bool) bool, opts ...request.Option) error

ListAttachedRolePoliciesPagesWithContext same as ListAttachedRolePoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAttachedRolePoliciesRequest

func (c *IAM) ListAttachedRolePoliciesRequest(input *ListAttachedRolePoliciesInput) (req *request.Request, output *ListAttachedRolePoliciesOutput)

ListAttachedRolePoliciesRequest generates a "aws/request.Request" representing the client's request for the ListAttachedRolePolicies operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListAttachedRolePolicies for more information on using the ListAttachedRolePolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListAttachedRolePoliciesRequest method.
req, resp := client.ListAttachedRolePoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedRolePolicies

func (*IAM) ListAttachedRolePoliciesWithContext

func (c *IAM) ListAttachedRolePoliciesWithContext(ctx aws.Context, input *ListAttachedRolePoliciesInput, opts ...request.Option) (*ListAttachedRolePoliciesOutput, error)

ListAttachedRolePoliciesWithContext is the same as ListAttachedRolePolicies with the addition of the ability to pass a context and additional request options.

See ListAttachedRolePolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAttachedUserPolicies

func (c *IAM) ListAttachedUserPolicies(input *ListAttachedUserPoliciesInput) (*ListAttachedUserPoliciesOutput, error)

ListAttachedUserPolicies API operation for AWS Identity and Access Management.

Lists all managed policies that are attached to the specified IAM user.

An IAM user can also have inline policies embedded with it. To list the inline policies for a user, use ListUserPolicies. For information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. You can use the PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. If there are no policies attached to the specified group (or none that match the specified path prefix), the operation returns an empty list.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListAttachedUserPolicies for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedUserPolicies

func (*IAM) ListAttachedUserPoliciesPages

func (c *IAM) ListAttachedUserPoliciesPages(input *ListAttachedUserPoliciesInput, fn func(*ListAttachedUserPoliciesOutput, bool) bool) error

ListAttachedUserPoliciesPages iterates over the pages of a ListAttachedUserPolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListAttachedUserPolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListAttachedUserPolicies operation.
pageNum := 0
err := client.ListAttachedUserPoliciesPages(params,
    func(page *iam.ListAttachedUserPoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListAttachedUserPoliciesPagesWithContext

func (c *IAM) ListAttachedUserPoliciesPagesWithContext(ctx aws.Context, input *ListAttachedUserPoliciesInput, fn func(*ListAttachedUserPoliciesOutput, bool) bool, opts ...request.Option) error

ListAttachedUserPoliciesPagesWithContext same as ListAttachedUserPoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAttachedUserPoliciesRequest

func (c *IAM) ListAttachedUserPoliciesRequest(input *ListAttachedUserPoliciesInput) (req *request.Request, output *ListAttachedUserPoliciesOutput)

ListAttachedUserPoliciesRequest generates a "aws/request.Request" representing the client's request for the ListAttachedUserPolicies operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListAttachedUserPolicies for more information on using the ListAttachedUserPolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListAttachedUserPoliciesRequest method.
req, resp := client.ListAttachedUserPoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedUserPolicies

func (*IAM) ListAttachedUserPoliciesWithContext

func (c *IAM) ListAttachedUserPoliciesWithContext(ctx aws.Context, input *ListAttachedUserPoliciesInput, opts ...request.Option) (*ListAttachedUserPoliciesOutput, error)

ListAttachedUserPoliciesWithContext is the same as ListAttachedUserPolicies with the addition of the ability to pass a context and additional request options.

See ListAttachedUserPolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListEntitiesForPolicy

func (c *IAM) ListEntitiesForPolicy(input *ListEntitiesForPolicyInput) (*ListEntitiesForPolicyOutput, error)

ListEntitiesForPolicy API operation for AWS Identity and Access Management.

Lists all IAM users, groups, and roles that the specified managed policy is attached to.

You can use the optional EntityFilter parameter to limit the results to a particular type of entity (users, groups, or roles). For example, to list only the roles that are attached to the specified policy, set EntityFilter to Role.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListEntitiesForPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListEntitiesForPolicy

func (*IAM) ListEntitiesForPolicyPages

func (c *IAM) ListEntitiesForPolicyPages(input *ListEntitiesForPolicyInput, fn func(*ListEntitiesForPolicyOutput, bool) bool) error

ListEntitiesForPolicyPages iterates over the pages of a ListEntitiesForPolicy operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListEntitiesForPolicy method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListEntitiesForPolicy operation.
pageNum := 0
err := client.ListEntitiesForPolicyPages(params,
    func(page *iam.ListEntitiesForPolicyOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListEntitiesForPolicyPagesWithContext

func (c *IAM) ListEntitiesForPolicyPagesWithContext(ctx aws.Context, input *ListEntitiesForPolicyInput, fn func(*ListEntitiesForPolicyOutput, bool) bool, opts ...request.Option) error

ListEntitiesForPolicyPagesWithContext same as ListEntitiesForPolicyPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListEntitiesForPolicyRequest

func (c *IAM) ListEntitiesForPolicyRequest(input *ListEntitiesForPolicyInput) (req *request.Request, output *ListEntitiesForPolicyOutput)

ListEntitiesForPolicyRequest generates a "aws/request.Request" representing the client's request for the ListEntitiesForPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListEntitiesForPolicy for more information on using the ListEntitiesForPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListEntitiesForPolicyRequest method.
req, resp := client.ListEntitiesForPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListEntitiesForPolicy

func (*IAM) ListEntitiesForPolicyWithContext

func (c *IAM) ListEntitiesForPolicyWithContext(ctx aws.Context, input *ListEntitiesForPolicyInput, opts ...request.Option) (*ListEntitiesForPolicyOutput, error)

ListEntitiesForPolicyWithContext is the same as ListEntitiesForPolicy with the addition of the ability to pass a context and additional request options.

See ListEntitiesForPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListGroupPolicies

func (c *IAM) ListGroupPolicies(input *ListGroupPoliciesInput) (*ListGroupPoliciesOutput, error)

ListGroupPolicies API operation for AWS Identity and Access Management.

Lists the names of the inline policies that are embedded in the specified IAM group.

An IAM group can also have managed policies attached to it. To list the managed policies that are attached to a group, use ListAttachedGroupPolicies. For more information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. If there are no inline policies embedded with the specified group, the operation returns an empty list.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListGroupPolicies for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupPolicies

Example (Shared00)

To list the in-line policies for an IAM group The following command lists the names of in-line policies that are embedded in the IAM group named Admins.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListGroupPoliciesInput{
		GroupName: aws.String("Admins"),
	}

	result, err := svc.ListGroupPolicies(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListGroupPoliciesPages

func (c *IAM) ListGroupPoliciesPages(input *ListGroupPoliciesInput, fn func(*ListGroupPoliciesOutput, bool) bool) error

ListGroupPoliciesPages iterates over the pages of a ListGroupPolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListGroupPolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListGroupPolicies operation.
pageNum := 0
err := client.ListGroupPoliciesPages(params,
    func(page *iam.ListGroupPoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListGroupPoliciesPagesWithContext

func (c *IAM) ListGroupPoliciesPagesWithContext(ctx aws.Context, input *ListGroupPoliciesInput, fn func(*ListGroupPoliciesOutput, bool) bool, opts ...request.Option) error

ListGroupPoliciesPagesWithContext same as ListGroupPoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListGroupPoliciesRequest

func (c *IAM) ListGroupPoliciesRequest(input *ListGroupPoliciesInput) (req *request.Request, output *ListGroupPoliciesOutput)

ListGroupPoliciesRequest generates a "aws/request.Request" representing the client's request for the ListGroupPolicies operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListGroupPolicies for more information on using the ListGroupPolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListGroupPoliciesRequest method.
req, resp := client.ListGroupPoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupPolicies

func (*IAM) ListGroupPoliciesWithContext

func (c *IAM) ListGroupPoliciesWithContext(ctx aws.Context, input *ListGroupPoliciesInput, opts ...request.Option) (*ListGroupPoliciesOutput, error)

ListGroupPoliciesWithContext is the same as ListGroupPolicies with the addition of the ability to pass a context and additional request options.

See ListGroupPolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListGroups

func (c *IAM) ListGroups(input *ListGroupsInput) (*ListGroupsOutput, error)

ListGroups API operation for AWS Identity and Access Management.

Lists the IAM groups that have the specified path prefix.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListGroups for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroups

Example (Shared00)

To list the IAM groups for the current account The following command lists the IAM groups in the current account:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListGroupsInput{}

	result, err := svc.ListGroups(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListGroupsForUser

func (c *IAM) ListGroupsForUser(input *ListGroupsForUserInput) (*ListGroupsForUserOutput, error)

ListGroupsForUser API operation for AWS Identity and Access Management.

Lists the IAM groups that the specified IAM user belongs to.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListGroupsForUser for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupsForUser

Example (Shared00)

To list the groups that an IAM user belongs to The following command displays the groups that the IAM user named Bob belongs to.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListGroupsForUserInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.ListGroupsForUser(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListGroupsForUserPages

func (c *IAM) ListGroupsForUserPages(input *ListGroupsForUserInput, fn func(*ListGroupsForUserOutput, bool) bool) error

ListGroupsForUserPages iterates over the pages of a ListGroupsForUser operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListGroupsForUser method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListGroupsForUser operation.
pageNum := 0
err := client.ListGroupsForUserPages(params,
    func(page *iam.ListGroupsForUserOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListGroupsForUserPagesWithContext

func (c *IAM) ListGroupsForUserPagesWithContext(ctx aws.Context, input *ListGroupsForUserInput, fn func(*ListGroupsForUserOutput, bool) bool, opts ...request.Option) error

ListGroupsForUserPagesWithContext same as ListGroupsForUserPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListGroupsForUserRequest

func (c *IAM) ListGroupsForUserRequest(input *ListGroupsForUserInput) (req *request.Request, output *ListGroupsForUserOutput)

ListGroupsForUserRequest generates a "aws/request.Request" representing the client's request for the ListGroupsForUser operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListGroupsForUser for more information on using the ListGroupsForUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListGroupsForUserRequest method.
req, resp := client.ListGroupsForUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupsForUser

func (*IAM) ListGroupsForUserWithContext

func (c *IAM) ListGroupsForUserWithContext(ctx aws.Context, input *ListGroupsForUserInput, opts ...request.Option) (*ListGroupsForUserOutput, error)

ListGroupsForUserWithContext is the same as ListGroupsForUser with the addition of the ability to pass a context and additional request options.

See ListGroupsForUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListGroupsPages

func (c *IAM) ListGroupsPages(input *ListGroupsInput, fn func(*ListGroupsOutput, bool) bool) error

ListGroupsPages iterates over the pages of a ListGroups operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListGroups method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListGroups operation.
pageNum := 0
err := client.ListGroupsPages(params,
    func(page *iam.ListGroupsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListGroupsPagesWithContext

func (c *IAM) ListGroupsPagesWithContext(ctx aws.Context, input *ListGroupsInput, fn func(*ListGroupsOutput, bool) bool, opts ...request.Option) error

ListGroupsPagesWithContext same as ListGroupsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListGroupsRequest

func (c *IAM) ListGroupsRequest(input *ListGroupsInput) (req *request.Request, output *ListGroupsOutput)

ListGroupsRequest generates a "aws/request.Request" representing the client's request for the ListGroups operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListGroups for more information on using the ListGroups API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListGroupsRequest method.
req, resp := client.ListGroupsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroups

func (*IAM) ListGroupsWithContext

func (c *IAM) ListGroupsWithContext(ctx aws.Context, input *ListGroupsInput, opts ...request.Option) (*ListGroupsOutput, error)

ListGroupsWithContext is the same as ListGroups with the addition of the ability to pass a context and additional request options.

See ListGroups for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListInstanceProfileTags

func (c *IAM) ListInstanceProfileTags(input *ListInstanceProfileTagsInput) (*ListInstanceProfileTagsOutput, error)

ListInstanceProfileTags API operation for AWS Identity and Access Management.

Lists the tags that are attached to the specified IAM instance profile. The returned list of tags is sorted by tag key. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListInstanceProfileTags for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfileTags

func (*IAM) ListInstanceProfileTagsPages added in v1.42.9

func (c *IAM) ListInstanceProfileTagsPages(input *ListInstanceProfileTagsInput, fn func(*ListInstanceProfileTagsOutput, bool) bool) error

ListInstanceProfileTagsPages iterates over the pages of a ListInstanceProfileTags operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListInstanceProfileTags method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListInstanceProfileTags operation.
pageNum := 0
err := client.ListInstanceProfileTagsPages(params,
    func(page *iam.ListInstanceProfileTagsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListInstanceProfileTagsPagesWithContext added in v1.42.9

func (c *IAM) ListInstanceProfileTagsPagesWithContext(ctx aws.Context, input *ListInstanceProfileTagsInput, fn func(*ListInstanceProfileTagsOutput, bool) bool, opts ...request.Option) error

ListInstanceProfileTagsPagesWithContext same as ListInstanceProfileTagsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListInstanceProfileTagsRequest

func (c *IAM) ListInstanceProfileTagsRequest(input *ListInstanceProfileTagsInput) (req *request.Request, output *ListInstanceProfileTagsOutput)

ListInstanceProfileTagsRequest generates a "aws/request.Request" representing the client's request for the ListInstanceProfileTags operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListInstanceProfileTags for more information on using the ListInstanceProfileTags API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListInstanceProfileTagsRequest method.
req, resp := client.ListInstanceProfileTagsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfileTags

func (*IAM) ListInstanceProfileTagsWithContext

func (c *IAM) ListInstanceProfileTagsWithContext(ctx aws.Context, input *ListInstanceProfileTagsInput, opts ...request.Option) (*ListInstanceProfileTagsOutput, error)

ListInstanceProfileTagsWithContext is the same as ListInstanceProfileTags with the addition of the ability to pass a context and additional request options.

See ListInstanceProfileTags for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListInstanceProfiles

func (c *IAM) ListInstanceProfiles(input *ListInstanceProfilesInput) (*ListInstanceProfilesOutput, error)

ListInstanceProfiles API operation for AWS Identity and Access Management.

Lists the instance profiles that have the specified path prefix. If there are none, the operation returns an empty list. For more information about instance profiles, see Using instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html) in the IAM User Guide.

IAM resource-listing operations return a subset of the available attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for an instance profile, see GetInstanceProfile.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListInstanceProfiles for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfiles

func (*IAM) ListInstanceProfilesForRole

func (c *IAM) ListInstanceProfilesForRole(input *ListInstanceProfilesForRoleInput) (*ListInstanceProfilesForRoleOutput, error)

ListInstanceProfilesForRole API operation for AWS Identity and Access Management.

Lists the instance profiles that have the specified associated IAM role. If there are none, the operation returns an empty list. For more information about instance profiles, go to Using instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListInstanceProfilesForRole for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfilesForRole

func (*IAM) ListInstanceProfilesForRolePages

func (c *IAM) ListInstanceProfilesForRolePages(input *ListInstanceProfilesForRoleInput, fn func(*ListInstanceProfilesForRoleOutput, bool) bool) error

ListInstanceProfilesForRolePages iterates over the pages of a ListInstanceProfilesForRole operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListInstanceProfilesForRole method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListInstanceProfilesForRole operation.
pageNum := 0
err := client.ListInstanceProfilesForRolePages(params,
    func(page *iam.ListInstanceProfilesForRoleOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListInstanceProfilesForRolePagesWithContext

func (c *IAM) ListInstanceProfilesForRolePagesWithContext(ctx aws.Context, input *ListInstanceProfilesForRoleInput, fn func(*ListInstanceProfilesForRoleOutput, bool) bool, opts ...request.Option) error

ListInstanceProfilesForRolePagesWithContext same as ListInstanceProfilesForRolePages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListInstanceProfilesForRoleRequest

func (c *IAM) ListInstanceProfilesForRoleRequest(input *ListInstanceProfilesForRoleInput) (req *request.Request, output *ListInstanceProfilesForRoleOutput)

ListInstanceProfilesForRoleRequest generates a "aws/request.Request" representing the client's request for the ListInstanceProfilesForRole operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListInstanceProfilesForRole for more information on using the ListInstanceProfilesForRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListInstanceProfilesForRoleRequest method.
req, resp := client.ListInstanceProfilesForRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfilesForRole

func (*IAM) ListInstanceProfilesForRoleWithContext

func (c *IAM) ListInstanceProfilesForRoleWithContext(ctx aws.Context, input *ListInstanceProfilesForRoleInput, opts ...request.Option) (*ListInstanceProfilesForRoleOutput, error)

ListInstanceProfilesForRoleWithContext is the same as ListInstanceProfilesForRole with the addition of the ability to pass a context and additional request options.

See ListInstanceProfilesForRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListInstanceProfilesPages

func (c *IAM) ListInstanceProfilesPages(input *ListInstanceProfilesInput, fn func(*ListInstanceProfilesOutput, bool) bool) error

ListInstanceProfilesPages iterates over the pages of a ListInstanceProfiles operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListInstanceProfiles method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListInstanceProfiles operation.
pageNum := 0
err := client.ListInstanceProfilesPages(params,
    func(page *iam.ListInstanceProfilesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListInstanceProfilesPagesWithContext

func (c *IAM) ListInstanceProfilesPagesWithContext(ctx aws.Context, input *ListInstanceProfilesInput, fn func(*ListInstanceProfilesOutput, bool) bool, opts ...request.Option) error

ListInstanceProfilesPagesWithContext same as ListInstanceProfilesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListInstanceProfilesRequest

func (c *IAM) ListInstanceProfilesRequest(input *ListInstanceProfilesInput) (req *request.Request, output *ListInstanceProfilesOutput)

ListInstanceProfilesRequest generates a "aws/request.Request" representing the client's request for the ListInstanceProfiles operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListInstanceProfiles for more information on using the ListInstanceProfiles API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListInstanceProfilesRequest method.
req, resp := client.ListInstanceProfilesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfiles

func (*IAM) ListInstanceProfilesWithContext

func (c *IAM) ListInstanceProfilesWithContext(ctx aws.Context, input *ListInstanceProfilesInput, opts ...request.Option) (*ListInstanceProfilesOutput, error)

ListInstanceProfilesWithContext is the same as ListInstanceProfiles with the addition of the ability to pass a context and additional request options.

See ListInstanceProfiles for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListMFADeviceTags

func (c *IAM) ListMFADeviceTags(input *ListMFADeviceTagsInput) (*ListMFADeviceTagsOutput, error)

ListMFADeviceTags API operation for AWS Identity and Access Management.

Lists the tags that are attached to the specified IAM virtual multi-factor authentication (MFA) device. The returned list of tags is sorted by tag key. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListMFADeviceTags for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADeviceTags

func (*IAM) ListMFADeviceTagsPages added in v1.42.9

func (c *IAM) ListMFADeviceTagsPages(input *ListMFADeviceTagsInput, fn func(*ListMFADeviceTagsOutput, bool) bool) error

ListMFADeviceTagsPages iterates over the pages of a ListMFADeviceTags operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListMFADeviceTags method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListMFADeviceTags operation.
pageNum := 0
err := client.ListMFADeviceTagsPages(params,
    func(page *iam.ListMFADeviceTagsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListMFADeviceTagsPagesWithContext added in v1.42.9

func (c *IAM) ListMFADeviceTagsPagesWithContext(ctx aws.Context, input *ListMFADeviceTagsInput, fn func(*ListMFADeviceTagsOutput, bool) bool, opts ...request.Option) error

ListMFADeviceTagsPagesWithContext same as ListMFADeviceTagsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListMFADeviceTagsRequest

func (c *IAM) ListMFADeviceTagsRequest(input *ListMFADeviceTagsInput) (req *request.Request, output *ListMFADeviceTagsOutput)

ListMFADeviceTagsRequest generates a "aws/request.Request" representing the client's request for the ListMFADeviceTags operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListMFADeviceTags for more information on using the ListMFADeviceTags API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListMFADeviceTagsRequest method.
req, resp := client.ListMFADeviceTagsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADeviceTags

func (*IAM) ListMFADeviceTagsWithContext

func (c *IAM) ListMFADeviceTagsWithContext(ctx aws.Context, input *ListMFADeviceTagsInput, opts ...request.Option) (*ListMFADeviceTagsOutput, error)

ListMFADeviceTagsWithContext is the same as ListMFADeviceTags with the addition of the ability to pass a context and additional request options.

See ListMFADeviceTags for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListMFADevices

func (c *IAM) ListMFADevices(input *ListMFADevicesInput) (*ListMFADevicesOutput, error)

ListMFADevices API operation for AWS Identity and Access Management.

Lists the MFA devices for an IAM user. If the request includes a IAM user name, then this operation lists all the MFA devices associated with the specified user. If you do not specify a user name, IAM determines the user name implicitly based on the Amazon Web Services access key ID signing the request for this operation.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListMFADevices for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADevices

func (*IAM) ListMFADevicesPages

func (c *IAM) ListMFADevicesPages(input *ListMFADevicesInput, fn func(*ListMFADevicesOutput, bool) bool) error

ListMFADevicesPages iterates over the pages of a ListMFADevices operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListMFADevices method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListMFADevices operation.
pageNum := 0
err := client.ListMFADevicesPages(params,
    func(page *iam.ListMFADevicesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListMFADevicesPagesWithContext

func (c *IAM) ListMFADevicesPagesWithContext(ctx aws.Context, input *ListMFADevicesInput, fn func(*ListMFADevicesOutput, bool) bool, opts ...request.Option) error

ListMFADevicesPagesWithContext same as ListMFADevicesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListMFADevicesRequest

func (c *IAM) ListMFADevicesRequest(input *ListMFADevicesInput) (req *request.Request, output *ListMFADevicesOutput)

ListMFADevicesRequest generates a "aws/request.Request" representing the client's request for the ListMFADevices operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListMFADevices for more information on using the ListMFADevices API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListMFADevicesRequest method.
req, resp := client.ListMFADevicesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADevices

func (*IAM) ListMFADevicesWithContext

func (c *IAM) ListMFADevicesWithContext(ctx aws.Context, input *ListMFADevicesInput, opts ...request.Option) (*ListMFADevicesOutput, error)

ListMFADevicesWithContext is the same as ListMFADevices with the addition of the ability to pass a context and additional request options.

See ListMFADevices for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListOpenIDConnectProviderTags

func (c *IAM) ListOpenIDConnectProviderTags(input *ListOpenIDConnectProviderTagsInput) (*ListOpenIDConnectProviderTagsOutput, error)

ListOpenIDConnectProviderTags API operation for AWS Identity and Access Management.

Lists the tags that are attached to the specified OpenID Connect (OIDC)-compatible identity provider. The returned list of tags is sorted by tag key. For more information, see About web identity federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html).

For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListOpenIDConnectProviderTags for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviderTags

func (*IAM) ListOpenIDConnectProviderTagsPages added in v1.42.9

func (c *IAM) ListOpenIDConnectProviderTagsPages(input *ListOpenIDConnectProviderTagsInput, fn func(*ListOpenIDConnectProviderTagsOutput, bool) bool) error

ListOpenIDConnectProviderTagsPages iterates over the pages of a ListOpenIDConnectProviderTags operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListOpenIDConnectProviderTags method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListOpenIDConnectProviderTags operation.
pageNum := 0
err := client.ListOpenIDConnectProviderTagsPages(params,
    func(page *iam.ListOpenIDConnectProviderTagsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListOpenIDConnectProviderTagsPagesWithContext added in v1.42.9

func (c *IAM) ListOpenIDConnectProviderTagsPagesWithContext(ctx aws.Context, input *ListOpenIDConnectProviderTagsInput, fn func(*ListOpenIDConnectProviderTagsOutput, bool) bool, opts ...request.Option) error

ListOpenIDConnectProviderTagsPagesWithContext same as ListOpenIDConnectProviderTagsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListOpenIDConnectProviderTagsRequest

func (c *IAM) ListOpenIDConnectProviderTagsRequest(input *ListOpenIDConnectProviderTagsInput) (req *request.Request, output *ListOpenIDConnectProviderTagsOutput)

ListOpenIDConnectProviderTagsRequest generates a "aws/request.Request" representing the client's request for the ListOpenIDConnectProviderTags operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListOpenIDConnectProviderTags for more information on using the ListOpenIDConnectProviderTags API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListOpenIDConnectProviderTagsRequest method.
req, resp := client.ListOpenIDConnectProviderTagsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviderTags

func (*IAM) ListOpenIDConnectProviderTagsWithContext

func (c *IAM) ListOpenIDConnectProviderTagsWithContext(ctx aws.Context, input *ListOpenIDConnectProviderTagsInput, opts ...request.Option) (*ListOpenIDConnectProviderTagsOutput, error)

ListOpenIDConnectProviderTagsWithContext is the same as ListOpenIDConnectProviderTags with the addition of the ability to pass a context and additional request options.

See ListOpenIDConnectProviderTags for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListOpenIDConnectProviders

func (c *IAM) ListOpenIDConnectProviders(input *ListOpenIDConnectProvidersInput) (*ListOpenIDConnectProvidersOutput, error)

ListOpenIDConnectProviders API operation for AWS Identity and Access Management.

Lists information about the IAM OpenID Connect (OIDC) provider resource objects defined in the Amazon Web Services account.

IAM resource-listing operations return a subset of the available attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for an OIDC provider, see GetOpenIDConnectProvider.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListOpenIDConnectProviders for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviders

func (*IAM) ListOpenIDConnectProvidersRequest

func (c *IAM) ListOpenIDConnectProvidersRequest(input *ListOpenIDConnectProvidersInput) (req *request.Request, output *ListOpenIDConnectProvidersOutput)

ListOpenIDConnectProvidersRequest generates a "aws/request.Request" representing the client's request for the ListOpenIDConnectProviders operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListOpenIDConnectProviders for more information on using the ListOpenIDConnectProviders API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListOpenIDConnectProvidersRequest method.
req, resp := client.ListOpenIDConnectProvidersRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviders

func (*IAM) ListOpenIDConnectProvidersWithContext

func (c *IAM) ListOpenIDConnectProvidersWithContext(ctx aws.Context, input *ListOpenIDConnectProvidersInput, opts ...request.Option) (*ListOpenIDConnectProvidersOutput, error)

ListOpenIDConnectProvidersWithContext is the same as ListOpenIDConnectProviders with the addition of the ability to pass a context and additional request options.

See ListOpenIDConnectProviders for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListPolicies

func (c *IAM) ListPolicies(input *ListPoliciesInput) (*ListPoliciesOutput, error)

ListPolicies API operation for AWS Identity and Access Management.

Lists all the managed policies that are available in your Amazon Web Services account, including your own customer-defined managed policies and all Amazon Web Services managed policies.

You can filter the list of policies that is returned using the optional OnlyAttached, Scope, and PathPrefix parameters. For example, to list only the customer managed policies in your Amazon Web Services account, set Scope to Local. To list only Amazon Web Services managed policies, set Scope to AWS.

You can paginate the results using the MaxItems and Marker parameters.

For more information about managed policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

IAM resource-listing operations return a subset of the available attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for a customer manged policy, see GetPolicy.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListPolicies for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicies

func (*IAM) ListPoliciesGrantingServiceAccess

func (c *IAM) ListPoliciesGrantingServiceAccess(input *ListPoliciesGrantingServiceAccessInput) (*ListPoliciesGrantingServiceAccessOutput, error)

ListPoliciesGrantingServiceAccess API operation for AWS Identity and Access Management.

Retrieves a list of policies that the IAM identity (user, group, or role) can use to access each specified service.

This operation does not use other policy types when determining whether a resource could access a service. These other policy types include resource-based policies, access control lists, Organizations policies, IAM permissions boundaries, and STS assume role policies. It only applies permissions policy logic. For more about the evaluation of policy types, see Evaluating policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics) in the IAM User Guide.

The list of policies returned by the operation depends on the ARN of the identity that you provide.

  • User – The list of policies includes the managed and inline policies that are attached to the user directly. The list also includes any additional managed and inline policies that are attached to the group to which the user belongs.

  • Group – The list of policies includes only the managed and inline policies that are attached to the group directly. Policies that are attached to the group’s user are not included.

  • Role – The list of policies includes only the managed and inline policies that are attached to the role.

For each managed policy, this operation returns the ARN and policy name. For each inline policy, it returns the policy name and the entity to which it is attached. Inline policies do not have an ARN. For more information about these policy types, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html) in the IAM User Guide.

Policies that are attached to users and roles as permissions boundaries are not returned. To view which managed policy is currently used to set the permissions boundary for a user or role, use the GetUser or GetRole operations.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListPoliciesGrantingServiceAccess for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPoliciesGrantingServiceAccess

Example (Shared00)

To list policies that allow access to a service The following operation lists policies that allow ExampleUser01 to access IAM or EC2.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListPoliciesGrantingServiceAccessInput{
		Arn: aws.String("arn:aws:iam::123456789012:user/ExampleUser01"),
		ServiceNamespaces: []*string{
			aws.String("iam"),
			aws.String("ec2"),
		},
	}

	result, err := svc.ListPoliciesGrantingServiceAccess(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListPoliciesGrantingServiceAccessRequest

func (c *IAM) ListPoliciesGrantingServiceAccessRequest(input *ListPoliciesGrantingServiceAccessInput) (req *request.Request, output *ListPoliciesGrantingServiceAccessOutput)

ListPoliciesGrantingServiceAccessRequest generates a "aws/request.Request" representing the client's request for the ListPoliciesGrantingServiceAccess operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListPoliciesGrantingServiceAccess for more information on using the ListPoliciesGrantingServiceAccess API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListPoliciesGrantingServiceAccessRequest method.
req, resp := client.ListPoliciesGrantingServiceAccessRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPoliciesGrantingServiceAccess

func (*IAM) ListPoliciesGrantingServiceAccessWithContext

func (c *IAM) ListPoliciesGrantingServiceAccessWithContext(ctx aws.Context, input *ListPoliciesGrantingServiceAccessInput, opts ...request.Option) (*ListPoliciesGrantingServiceAccessOutput, error)

ListPoliciesGrantingServiceAccessWithContext is the same as ListPoliciesGrantingServiceAccess with the addition of the ability to pass a context and additional request options.

See ListPoliciesGrantingServiceAccess for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListPoliciesPages

func (c *IAM) ListPoliciesPages(input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool) error

ListPoliciesPages iterates over the pages of a ListPolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListPolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListPolicies operation.
pageNum := 0
err := client.ListPoliciesPages(params,
    func(page *iam.ListPoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListPoliciesPagesWithContext

func (c *IAM) ListPoliciesPagesWithContext(ctx aws.Context, input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool, opts ...request.Option) error

ListPoliciesPagesWithContext same as ListPoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListPoliciesRequest

func (c *IAM) ListPoliciesRequest(input *ListPoliciesInput) (req *request.Request, output *ListPoliciesOutput)

ListPoliciesRequest generates a "aws/request.Request" representing the client's request for the ListPolicies operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListPolicies for more information on using the ListPolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListPoliciesRequest method.
req, resp := client.ListPoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicies

func (*IAM) ListPoliciesWithContext

func (c *IAM) ListPoliciesWithContext(ctx aws.Context, input *ListPoliciesInput, opts ...request.Option) (*ListPoliciesOutput, error)

ListPoliciesWithContext is the same as ListPolicies with the addition of the ability to pass a context and additional request options.

See ListPolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListPolicyTags

func (c *IAM) ListPolicyTags(input *ListPolicyTagsInput) (*ListPolicyTagsOutput, error)

ListPolicyTags API operation for AWS Identity and Access Management.

Lists the tags that are attached to the specified IAM customer managed policy. The returned list of tags is sorted by tag key. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListPolicyTags for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyTags

func (*IAM) ListPolicyTagsPages added in v1.42.9

func (c *IAM) ListPolicyTagsPages(input *ListPolicyTagsInput, fn func(*ListPolicyTagsOutput, bool) bool) error

ListPolicyTagsPages iterates over the pages of a ListPolicyTags operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListPolicyTags method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListPolicyTags operation.
pageNum := 0
err := client.ListPolicyTagsPages(params,
    func(page *iam.ListPolicyTagsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListPolicyTagsPagesWithContext added in v1.42.9

func (c *IAM) ListPolicyTagsPagesWithContext(ctx aws.Context, input *ListPolicyTagsInput, fn func(*ListPolicyTagsOutput, bool) bool, opts ...request.Option) error

ListPolicyTagsPagesWithContext same as ListPolicyTagsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListPolicyTagsRequest

func (c *IAM) ListPolicyTagsRequest(input *ListPolicyTagsInput) (req *request.Request, output *ListPolicyTagsOutput)

ListPolicyTagsRequest generates a "aws/request.Request" representing the client's request for the ListPolicyTags operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListPolicyTags for more information on using the ListPolicyTags API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListPolicyTagsRequest method.
req, resp := client.ListPolicyTagsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyTags

func (*IAM) ListPolicyTagsWithContext

func (c *IAM) ListPolicyTagsWithContext(ctx aws.Context, input *ListPolicyTagsInput, opts ...request.Option) (*ListPolicyTagsOutput, error)

ListPolicyTagsWithContext is the same as ListPolicyTags with the addition of the ability to pass a context and additional request options.

See ListPolicyTags for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListPolicyVersions

func (c *IAM) ListPolicyVersions(input *ListPolicyVersionsInput) (*ListPolicyVersionsOutput, error)

ListPolicyVersions API operation for AWS Identity and Access Management.

Lists information about the versions of the specified managed policy, including the version that is currently set as the policy's default version.

For more information about managed policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListPolicyVersions for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyVersions

func (*IAM) ListPolicyVersionsPages

func (c *IAM) ListPolicyVersionsPages(input *ListPolicyVersionsInput, fn func(*ListPolicyVersionsOutput, bool) bool) error

ListPolicyVersionsPages iterates over the pages of a ListPolicyVersions operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListPolicyVersions method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListPolicyVersions operation.
pageNum := 0
err := client.ListPolicyVersionsPages(params,
    func(page *iam.ListPolicyVersionsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListPolicyVersionsPagesWithContext

func (c *IAM) ListPolicyVersionsPagesWithContext(ctx aws.Context, input *ListPolicyVersionsInput, fn func(*ListPolicyVersionsOutput, bool) bool, opts ...request.Option) error

ListPolicyVersionsPagesWithContext same as ListPolicyVersionsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListPolicyVersionsRequest

func (c *IAM) ListPolicyVersionsRequest(input *ListPolicyVersionsInput) (req *request.Request, output *ListPolicyVersionsOutput)

ListPolicyVersionsRequest generates a "aws/request.Request" representing the client's request for the ListPolicyVersions operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListPolicyVersions for more information on using the ListPolicyVersions API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListPolicyVersionsRequest method.
req, resp := client.ListPolicyVersionsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyVersions

func (*IAM) ListPolicyVersionsWithContext

func (c *IAM) ListPolicyVersionsWithContext(ctx aws.Context, input *ListPolicyVersionsInput, opts ...request.Option) (*ListPolicyVersionsOutput, error)

ListPolicyVersionsWithContext is the same as ListPolicyVersions with the addition of the ability to pass a context and additional request options.

See ListPolicyVersions for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListRolePolicies

func (c *IAM) ListRolePolicies(input *ListRolePoliciesInput) (*ListRolePoliciesOutput, error)

ListRolePolicies API operation for AWS Identity and Access Management.

Lists the names of the inline policies that are embedded in the specified IAM role.

An IAM role can also have managed policies attached to it. To list the managed policies that are attached to a role, use ListAttachedRolePolicies. For more information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. If there are no inline policies embedded with the specified role, the operation returns an empty list.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListRolePolicies for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRolePolicies

func (*IAM) ListRolePoliciesPages

func (c *IAM) ListRolePoliciesPages(input *ListRolePoliciesInput, fn func(*ListRolePoliciesOutput, bool) bool) error

ListRolePoliciesPages iterates over the pages of a ListRolePolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListRolePolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListRolePolicies operation.
pageNum := 0
err := client.ListRolePoliciesPages(params,
    func(page *iam.ListRolePoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListRolePoliciesPagesWithContext

func (c *IAM) ListRolePoliciesPagesWithContext(ctx aws.Context, input *ListRolePoliciesInput, fn func(*ListRolePoliciesOutput, bool) bool, opts ...request.Option) error

ListRolePoliciesPagesWithContext same as ListRolePoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListRolePoliciesRequest

func (c *IAM) ListRolePoliciesRequest(input *ListRolePoliciesInput) (req *request.Request, output *ListRolePoliciesOutput)

ListRolePoliciesRequest generates a "aws/request.Request" representing the client's request for the ListRolePolicies operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListRolePolicies for more information on using the ListRolePolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListRolePoliciesRequest method.
req, resp := client.ListRolePoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRolePolicies

func (*IAM) ListRolePoliciesWithContext

func (c *IAM) ListRolePoliciesWithContext(ctx aws.Context, input *ListRolePoliciesInput, opts ...request.Option) (*ListRolePoliciesOutput, error)

ListRolePoliciesWithContext is the same as ListRolePolicies with the addition of the ability to pass a context and additional request options.

See ListRolePolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListRoleTags

func (c *IAM) ListRoleTags(input *ListRoleTagsInput) (*ListRoleTagsOutput, error)

ListRoleTags API operation for AWS Identity and Access Management.

Lists the tags that are attached to the specified role. The returned list of tags is sorted by tag key. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListRoleTags for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoleTags

Example (Shared00)

To list the tags attached to an IAM role The following example shows how to list the tags attached to a role.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListRoleTagsInput{
		RoleName: aws.String("taggedrole1"),
	}

	result, err := svc.ListRoleTags(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListRoleTagsPages added in v1.42.9

func (c *IAM) ListRoleTagsPages(input *ListRoleTagsInput, fn func(*ListRoleTagsOutput, bool) bool) error

ListRoleTagsPages iterates over the pages of a ListRoleTags operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListRoleTags method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListRoleTags operation.
pageNum := 0
err := client.ListRoleTagsPages(params,
    func(page *iam.ListRoleTagsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListRoleTagsPagesWithContext added in v1.42.9

func (c *IAM) ListRoleTagsPagesWithContext(ctx aws.Context, input *ListRoleTagsInput, fn func(*ListRoleTagsOutput, bool) bool, opts ...request.Option) error

ListRoleTagsPagesWithContext same as ListRoleTagsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListRoleTagsRequest

func (c *IAM) ListRoleTagsRequest(input *ListRoleTagsInput) (req *request.Request, output *ListRoleTagsOutput)

ListRoleTagsRequest generates a "aws/request.Request" representing the client's request for the ListRoleTags operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListRoleTags for more information on using the ListRoleTags API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListRoleTagsRequest method.
req, resp := client.ListRoleTagsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoleTags

func (*IAM) ListRoleTagsWithContext

func (c *IAM) ListRoleTagsWithContext(ctx aws.Context, input *ListRoleTagsInput, opts ...request.Option) (*ListRoleTagsOutput, error)

ListRoleTagsWithContext is the same as ListRoleTags with the addition of the ability to pass a context and additional request options.

See ListRoleTags for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListRoles

func (c *IAM) ListRoles(input *ListRolesInput) (*ListRolesOutput, error)

ListRoles API operation for AWS Identity and Access Management.

Lists the IAM roles that have the specified path prefix. If there are none, the operation returns an empty list. For more information about roles, see IAM roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) in the IAM User Guide.

IAM resource-listing operations return a subset of the available attributes for the resource. This operation does not return the following attributes, even though they are an attribute of the returned object:

  • PermissionsBoundary

  • RoleLastUsed

  • Tags

To view all of the information for a role, see GetRole.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListRoles for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoles

func (*IAM) ListRolesPages

func (c *IAM) ListRolesPages(input *ListRolesInput, fn func(*ListRolesOutput, bool) bool) error

ListRolesPages iterates over the pages of a ListRoles operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListRoles method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListRoles operation.
pageNum := 0
err := client.ListRolesPages(params,
    func(page *iam.ListRolesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListRolesPagesWithContext

func (c *IAM) ListRolesPagesWithContext(ctx aws.Context, input *ListRolesInput, fn func(*ListRolesOutput, bool) bool, opts ...request.Option) error

ListRolesPagesWithContext same as ListRolesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListRolesRequest

func (c *IAM) ListRolesRequest(input *ListRolesInput) (req *request.Request, output *ListRolesOutput)

ListRolesRequest generates a "aws/request.Request" representing the client's request for the ListRoles operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListRoles for more information on using the ListRoles API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListRolesRequest method.
req, resp := client.ListRolesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoles

func (*IAM) ListRolesWithContext

func (c *IAM) ListRolesWithContext(ctx aws.Context, input *ListRolesInput, opts ...request.Option) (*ListRolesOutput, error)

ListRolesWithContext is the same as ListRoles with the addition of the ability to pass a context and additional request options.

See ListRoles for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListSAMLProviderTags

func (c *IAM) ListSAMLProviderTags(input *ListSAMLProviderTagsInput) (*ListSAMLProviderTagsOutput, error)

ListSAMLProviderTags API operation for AWS Identity and Access Management.

Lists the tags that are attached to the specified Security Assertion Markup Language (SAML) identity provider. The returned list of tags is sorted by tag key. For more information, see About SAML 2.0-based federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html).

For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListSAMLProviderTags for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviderTags

func (*IAM) ListSAMLProviderTagsPages added in v1.42.9

func (c *IAM) ListSAMLProviderTagsPages(input *ListSAMLProviderTagsInput, fn func(*ListSAMLProviderTagsOutput, bool) bool) error

ListSAMLProviderTagsPages iterates over the pages of a ListSAMLProviderTags operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListSAMLProviderTags method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListSAMLProviderTags operation.
pageNum := 0
err := client.ListSAMLProviderTagsPages(params,
    func(page *iam.ListSAMLProviderTagsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListSAMLProviderTagsPagesWithContext added in v1.42.9

func (c *IAM) ListSAMLProviderTagsPagesWithContext(ctx aws.Context, input *ListSAMLProviderTagsInput, fn func(*ListSAMLProviderTagsOutput, bool) bool, opts ...request.Option) error

ListSAMLProviderTagsPagesWithContext same as ListSAMLProviderTagsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListSAMLProviderTagsRequest

func (c *IAM) ListSAMLProviderTagsRequest(input *ListSAMLProviderTagsInput) (req *request.Request, output *ListSAMLProviderTagsOutput)

ListSAMLProviderTagsRequest generates a "aws/request.Request" representing the client's request for the ListSAMLProviderTags operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListSAMLProviderTags for more information on using the ListSAMLProviderTags API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListSAMLProviderTagsRequest method.
req, resp := client.ListSAMLProviderTagsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviderTags

func (*IAM) ListSAMLProviderTagsWithContext

func (c *IAM) ListSAMLProviderTagsWithContext(ctx aws.Context, input *ListSAMLProviderTagsInput, opts ...request.Option) (*ListSAMLProviderTagsOutput, error)

ListSAMLProviderTagsWithContext is the same as ListSAMLProviderTags with the addition of the ability to pass a context and additional request options.

See ListSAMLProviderTags for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListSAMLProviders

func (c *IAM) ListSAMLProviders(input *ListSAMLProvidersInput) (*ListSAMLProvidersOutput, error)

ListSAMLProviders API operation for AWS Identity and Access Management.

Lists the SAML provider resource objects defined in IAM in the account. IAM resource-listing operations return a subset of the available attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for a SAML provider, see GetSAMLProvider.

This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListSAMLProviders for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviders

func (*IAM) ListSAMLProvidersRequest

func (c *IAM) ListSAMLProvidersRequest(input *ListSAMLProvidersInput) (req *request.Request, output *ListSAMLProvidersOutput)

ListSAMLProvidersRequest generates a "aws/request.Request" representing the client's request for the ListSAMLProviders operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListSAMLProviders for more information on using the ListSAMLProviders API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListSAMLProvidersRequest method.
req, resp := client.ListSAMLProvidersRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviders

func (*IAM) ListSAMLProvidersWithContext

func (c *IAM) ListSAMLProvidersWithContext(ctx aws.Context, input *ListSAMLProvidersInput, opts ...request.Option) (*ListSAMLProvidersOutput, error)

ListSAMLProvidersWithContext is the same as ListSAMLProviders with the addition of the ability to pass a context and additional request options.

See ListSAMLProviders for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListSSHPublicKeys

func (c *IAM) ListSSHPublicKeys(input *ListSSHPublicKeysInput) (*ListSSHPublicKeysOutput, error)

ListSSHPublicKeys API operation for AWS Identity and Access Management.

Returns information about the SSH public keys associated with the specified IAM user. If none exists, the operation returns an empty list.

The SSH public keys returned by this operation are used only for authenticating the IAM user to an CodeCommit repository. For more information about using SSH keys to authenticate to an CodeCommit repository, see Set up CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the CodeCommit User Guide.

Although each user is limited to a small number of keys, you can still paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListSSHPublicKeys for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSSHPublicKeys

func (*IAM) ListSSHPublicKeysPages

func (c *IAM) ListSSHPublicKeysPages(input *ListSSHPublicKeysInput, fn func(*ListSSHPublicKeysOutput, bool) bool) error

ListSSHPublicKeysPages iterates over the pages of a ListSSHPublicKeys operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListSSHPublicKeys method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListSSHPublicKeys operation.
pageNum := 0
err := client.ListSSHPublicKeysPages(params,
    func(page *iam.ListSSHPublicKeysOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListSSHPublicKeysPagesWithContext

func (c *IAM) ListSSHPublicKeysPagesWithContext(ctx aws.Context, input *ListSSHPublicKeysInput, fn func(*ListSSHPublicKeysOutput, bool) bool, opts ...request.Option) error

ListSSHPublicKeysPagesWithContext same as ListSSHPublicKeysPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListSSHPublicKeysRequest

func (c *IAM) ListSSHPublicKeysRequest(input *ListSSHPublicKeysInput) (req *request.Request, output *ListSSHPublicKeysOutput)

ListSSHPublicKeysRequest generates a "aws/request.Request" representing the client's request for the ListSSHPublicKeys operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListSSHPublicKeys for more information on using the ListSSHPublicKeys API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListSSHPublicKeysRequest method.
req, resp := client.ListSSHPublicKeysRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSSHPublicKeys

func (*IAM) ListSSHPublicKeysWithContext

func (c *IAM) ListSSHPublicKeysWithContext(ctx aws.Context, input *ListSSHPublicKeysInput, opts ...request.Option) (*ListSSHPublicKeysOutput, error)

ListSSHPublicKeysWithContext is the same as ListSSHPublicKeys with the addition of the ability to pass a context and additional request options.

See ListSSHPublicKeys for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListServerCertificateTags

func (c *IAM) ListServerCertificateTags(input *ListServerCertificateTagsInput) (*ListServerCertificateTagsOutput, error)

ListServerCertificateTags API operation for AWS Identity and Access Management.

Lists the tags that are attached to the specified IAM server certificate. The returned list of tags is sorted by tag key. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

For certificates in a Region supported by Certificate Manager (ACM), we recommend that you don't use IAM server certificates. Instead, use ACM to provision, manage, and deploy your server certificates. For more information about IAM server certificates, Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListServerCertificateTags for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificateTags

func (*IAM) ListServerCertificateTagsPages added in v1.42.9

func (c *IAM) ListServerCertificateTagsPages(input *ListServerCertificateTagsInput, fn func(*ListServerCertificateTagsOutput, bool) bool) error

ListServerCertificateTagsPages iterates over the pages of a ListServerCertificateTags operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListServerCertificateTags method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListServerCertificateTags operation.
pageNum := 0
err := client.ListServerCertificateTagsPages(params,
    func(page *iam.ListServerCertificateTagsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListServerCertificateTagsPagesWithContext added in v1.42.9

func (c *IAM) ListServerCertificateTagsPagesWithContext(ctx aws.Context, input *ListServerCertificateTagsInput, fn func(*ListServerCertificateTagsOutput, bool) bool, opts ...request.Option) error

ListServerCertificateTagsPagesWithContext same as ListServerCertificateTagsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListServerCertificateTagsRequest

func (c *IAM) ListServerCertificateTagsRequest(input *ListServerCertificateTagsInput) (req *request.Request, output *ListServerCertificateTagsOutput)

ListServerCertificateTagsRequest generates a "aws/request.Request" representing the client's request for the ListServerCertificateTags operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListServerCertificateTags for more information on using the ListServerCertificateTags API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListServerCertificateTagsRequest method.
req, resp := client.ListServerCertificateTagsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificateTags

func (*IAM) ListServerCertificateTagsWithContext

func (c *IAM) ListServerCertificateTagsWithContext(ctx aws.Context, input *ListServerCertificateTagsInput, opts ...request.Option) (*ListServerCertificateTagsOutput, error)

ListServerCertificateTagsWithContext is the same as ListServerCertificateTags with the addition of the ability to pass a context and additional request options.

See ListServerCertificateTags for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListServerCertificates

func (c *IAM) ListServerCertificates(input *ListServerCertificatesInput) (*ListServerCertificatesOutput, error)

ListServerCertificates API operation for AWS Identity and Access Management.

Lists the server certificates stored in IAM that have the specified path prefix. If none exist, the operation returns an empty list.

You can paginate the results using the MaxItems and Marker parameters.

For more information about working with server certificates, see Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic also includes a list of Amazon Web Services services that can use the server certificates that you manage with IAM.

IAM resource-listing operations return a subset of the available attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view all of the information for a servercertificate, see GetServerCertificate.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListServerCertificates for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificates

func (*IAM) ListServerCertificatesPages

func (c *IAM) ListServerCertificatesPages(input *ListServerCertificatesInput, fn func(*ListServerCertificatesOutput, bool) bool) error

ListServerCertificatesPages iterates over the pages of a ListServerCertificates operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListServerCertificates method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListServerCertificates operation.
pageNum := 0
err := client.ListServerCertificatesPages(params,
    func(page *iam.ListServerCertificatesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListServerCertificatesPagesWithContext

func (c *IAM) ListServerCertificatesPagesWithContext(ctx aws.Context, input *ListServerCertificatesInput, fn func(*ListServerCertificatesOutput, bool) bool, opts ...request.Option) error

ListServerCertificatesPagesWithContext same as ListServerCertificatesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListServerCertificatesRequest

func (c *IAM) ListServerCertificatesRequest(input *ListServerCertificatesInput) (req *request.Request, output *ListServerCertificatesOutput)

ListServerCertificatesRequest generates a "aws/request.Request" representing the client's request for the ListServerCertificates operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListServerCertificates for more information on using the ListServerCertificates API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListServerCertificatesRequest method.
req, resp := client.ListServerCertificatesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificates

func (*IAM) ListServerCertificatesWithContext

func (c *IAM) ListServerCertificatesWithContext(ctx aws.Context, input *ListServerCertificatesInput, opts ...request.Option) (*ListServerCertificatesOutput, error)

ListServerCertificatesWithContext is the same as ListServerCertificates with the addition of the ability to pass a context and additional request options.

See ListServerCertificates for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListServiceSpecificCredentials

func (c *IAM) ListServiceSpecificCredentials(input *ListServiceSpecificCredentialsInput) (*ListServiceSpecificCredentialsOutput, error)

ListServiceSpecificCredentials API operation for AWS Identity and Access Management.

Returns information about the service-specific credentials associated with the specified IAM user. If none exists, the operation returns an empty list. The service-specific credentials returned by this operation are used only for authenticating the IAM user to a specific service. For more information about using service-specific credentials to authenticate to an Amazon Web Services service, see Set up service-specific credentials (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html) in the CodeCommit User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListServiceSpecificCredentials for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceNotSupportedException "NotSupportedService" The specified service does not support service-specific credentials.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServiceSpecificCredentials

func (*IAM) ListServiceSpecificCredentialsRequest

func (c *IAM) ListServiceSpecificCredentialsRequest(input *ListServiceSpecificCredentialsInput) (req *request.Request, output *ListServiceSpecificCredentialsOutput)

ListServiceSpecificCredentialsRequest generates a "aws/request.Request" representing the client's request for the ListServiceSpecificCredentials operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListServiceSpecificCredentials for more information on using the ListServiceSpecificCredentials API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListServiceSpecificCredentialsRequest method.
req, resp := client.ListServiceSpecificCredentialsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServiceSpecificCredentials

func (*IAM) ListServiceSpecificCredentialsWithContext

func (c *IAM) ListServiceSpecificCredentialsWithContext(ctx aws.Context, input *ListServiceSpecificCredentialsInput, opts ...request.Option) (*ListServiceSpecificCredentialsOutput, error)

ListServiceSpecificCredentialsWithContext is the same as ListServiceSpecificCredentials with the addition of the ability to pass a context and additional request options.

See ListServiceSpecificCredentials for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListSigningCertificates

func (c *IAM) ListSigningCertificates(input *ListSigningCertificatesInput) (*ListSigningCertificatesOutput, error)

ListSigningCertificates API operation for AWS Identity and Access Management.

Returns information about the signing certificates associated with the specified IAM user. If none exists, the operation returns an empty list.

Although each user is limited to a small number of signing certificates, you can still paginate the results using the MaxItems and Marker parameters.

If the UserName field is not specified, the user name is determined implicitly based on the Amazon Web Services access key ID used to sign the request for this operation. This operation works for access keys under the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root user credentials even if the Amazon Web Services account has no associated users.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListSigningCertificates for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSigningCertificates

Example (Shared00)

To list the signing certificates for an IAM user The following command lists the signing certificates for the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListSigningCertificatesInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.ListSigningCertificates(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListSigningCertificatesPages

func (c *IAM) ListSigningCertificatesPages(input *ListSigningCertificatesInput, fn func(*ListSigningCertificatesOutput, bool) bool) error

ListSigningCertificatesPages iterates over the pages of a ListSigningCertificates operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListSigningCertificates method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListSigningCertificates operation.
pageNum := 0
err := client.ListSigningCertificatesPages(params,
    func(page *iam.ListSigningCertificatesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListSigningCertificatesPagesWithContext

func (c *IAM) ListSigningCertificatesPagesWithContext(ctx aws.Context, input *ListSigningCertificatesInput, fn func(*ListSigningCertificatesOutput, bool) bool, opts ...request.Option) error

ListSigningCertificatesPagesWithContext same as ListSigningCertificatesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListSigningCertificatesRequest

func (c *IAM) ListSigningCertificatesRequest(input *ListSigningCertificatesInput) (req *request.Request, output *ListSigningCertificatesOutput)

ListSigningCertificatesRequest generates a "aws/request.Request" representing the client's request for the ListSigningCertificates operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListSigningCertificates for more information on using the ListSigningCertificates API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListSigningCertificatesRequest method.
req, resp := client.ListSigningCertificatesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSigningCertificates

func (*IAM) ListSigningCertificatesWithContext

func (c *IAM) ListSigningCertificatesWithContext(ctx aws.Context, input *ListSigningCertificatesInput, opts ...request.Option) (*ListSigningCertificatesOutput, error)

ListSigningCertificatesWithContext is the same as ListSigningCertificates with the addition of the ability to pass a context and additional request options.

See ListSigningCertificates for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListUserPolicies

func (c *IAM) ListUserPolicies(input *ListUserPoliciesInput) (*ListUserPoliciesOutput, error)

ListUserPolicies API operation for AWS Identity and Access Management.

Lists the names of the inline policies embedded in the specified IAM user.

An IAM user can also have managed policies attached to it. To list the managed policies that are attached to a user, use ListAttachedUserPolicies. For more information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. If there are no inline policies embedded with the specified user, the operation returns an empty list.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListUserPolicies for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserPolicies

func (*IAM) ListUserPoliciesPages

func (c *IAM) ListUserPoliciesPages(input *ListUserPoliciesInput, fn func(*ListUserPoliciesOutput, bool) bool) error

ListUserPoliciesPages iterates over the pages of a ListUserPolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListUserPolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListUserPolicies operation.
pageNum := 0
err := client.ListUserPoliciesPages(params,
    func(page *iam.ListUserPoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListUserPoliciesPagesWithContext

func (c *IAM) ListUserPoliciesPagesWithContext(ctx aws.Context, input *ListUserPoliciesInput, fn func(*ListUserPoliciesOutput, bool) bool, opts ...request.Option) error

ListUserPoliciesPagesWithContext same as ListUserPoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListUserPoliciesRequest

func (c *IAM) ListUserPoliciesRequest(input *ListUserPoliciesInput) (req *request.Request, output *ListUserPoliciesOutput)

ListUserPoliciesRequest generates a "aws/request.Request" representing the client's request for the ListUserPolicies operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListUserPolicies for more information on using the ListUserPolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListUserPoliciesRequest method.
req, resp := client.ListUserPoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserPolicies

func (*IAM) ListUserPoliciesWithContext

func (c *IAM) ListUserPoliciesWithContext(ctx aws.Context, input *ListUserPoliciesInput, opts ...request.Option) (*ListUserPoliciesOutput, error)

ListUserPoliciesWithContext is the same as ListUserPolicies with the addition of the ability to pass a context and additional request options.

See ListUserPolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListUserTags

func (c *IAM) ListUserTags(input *ListUserTagsInput) (*ListUserTagsOutput, error)

ListUserTags API operation for AWS Identity and Access Management.

Lists the tags that are attached to the specified IAM user. The returned list of tags is sorted by tag key. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListUserTags for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserTags

Example (Shared00)

To list the tags attached to an IAM user The following example shows how to list the tags attached to a user.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListUserTagsInput{
		UserName: aws.String("anika"),
	}

	result, err := svc.ListUserTags(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListUserTagsPages

func (c *IAM) ListUserTagsPages(input *ListUserTagsInput, fn func(*ListUserTagsOutput, bool) bool) error

ListUserTagsPages iterates over the pages of a ListUserTags operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListUserTags method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListUserTags operation.
pageNum := 0
err := client.ListUserTagsPages(params,
    func(page *iam.ListUserTagsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListUserTagsPagesWithContext

func (c *IAM) ListUserTagsPagesWithContext(ctx aws.Context, input *ListUserTagsInput, fn func(*ListUserTagsOutput, bool) bool, opts ...request.Option) error

ListUserTagsPagesWithContext same as ListUserTagsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListUserTagsRequest

func (c *IAM) ListUserTagsRequest(input *ListUserTagsInput) (req *request.Request, output *ListUserTagsOutput)

ListUserTagsRequest generates a "aws/request.Request" representing the client's request for the ListUserTags operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListUserTags for more information on using the ListUserTags API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListUserTagsRequest method.
req, resp := client.ListUserTagsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserTags

func (*IAM) ListUserTagsWithContext

func (c *IAM) ListUserTagsWithContext(ctx aws.Context, input *ListUserTagsInput, opts ...request.Option) (*ListUserTagsOutput, error)

ListUserTagsWithContext is the same as ListUserTags with the addition of the ability to pass a context and additional request options.

See ListUserTags for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListUsers

func (c *IAM) ListUsers(input *ListUsersInput) (*ListUsersOutput, error)

ListUsers API operation for AWS Identity and Access Management.

Lists the IAM users that have the specified path prefix. If no path prefix is specified, the operation returns all users in the Amazon Web Services account. If there are none, the operation returns an empty list.

IAM resource-listing operations return a subset of the available attributes for the resource. This operation does not return the following attributes, even though they are an attribute of the returned object:

  • PermissionsBoundary

  • Tags

To view all of the information for a user, see GetUser.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListUsers for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUsers

Example (Shared00)

To list IAM users The following command lists the IAM users in the current account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListUsersInput{}

	result, err := svc.ListUsers(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListUsersPages

func (c *IAM) ListUsersPages(input *ListUsersInput, fn func(*ListUsersOutput, bool) bool) error

ListUsersPages iterates over the pages of a ListUsers operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListUsers method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListUsers operation.
pageNum := 0
err := client.ListUsersPages(params,
    func(page *iam.ListUsersOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListUsersPagesWithContext

func (c *IAM) ListUsersPagesWithContext(ctx aws.Context, input *ListUsersInput, fn func(*ListUsersOutput, bool) bool, opts ...request.Option) error

ListUsersPagesWithContext same as ListUsersPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListUsersRequest

func (c *IAM) ListUsersRequest(input *ListUsersInput) (req *request.Request, output *ListUsersOutput)

ListUsersRequest generates a "aws/request.Request" representing the client's request for the ListUsers operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListUsers for more information on using the ListUsers API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListUsersRequest method.
req, resp := client.ListUsersRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUsers

func (*IAM) ListUsersWithContext

func (c *IAM) ListUsersWithContext(ctx aws.Context, input *ListUsersInput, opts ...request.Option) (*ListUsersOutput, error)

ListUsersWithContext is the same as ListUsers with the addition of the ability to pass a context and additional request options.

See ListUsers for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListVirtualMFADevices

func (c *IAM) ListVirtualMFADevices(input *ListVirtualMFADevicesInput) (*ListVirtualMFADevicesOutput, error)

ListVirtualMFADevices API operation for AWS Identity and Access Management.

Lists the virtual MFA devices defined in the Amazon Web Services account by assignment status. If you do not specify an assignment status, the operation returns a list of all virtual MFA devices. Assignment status can be Assigned, Unassigned, or Any.

IAM resource-listing operations return a subset of the available attributes for the resource. For example, this operation does not return tags, even though they are an attribute of the returned object. To view tag information for a virtual MFA device, see ListMFADeviceTags.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListVirtualMFADevices for usage and error information. See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListVirtualMFADevices

Example (Shared00)

To list virtual MFA devices The following command lists the virtual MFA devices that have been configured for the current account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListVirtualMFADevicesInput{}

	result, err := svc.ListVirtualMFADevices(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListVirtualMFADevicesPages

func (c *IAM) ListVirtualMFADevicesPages(input *ListVirtualMFADevicesInput, fn func(*ListVirtualMFADevicesOutput, bool) bool) error

ListVirtualMFADevicesPages iterates over the pages of a ListVirtualMFADevices operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListVirtualMFADevices method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListVirtualMFADevices operation.
pageNum := 0
err := client.ListVirtualMFADevicesPages(params,
    func(page *iam.ListVirtualMFADevicesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListVirtualMFADevicesPagesWithContext

func (c *IAM) ListVirtualMFADevicesPagesWithContext(ctx aws.Context, input *ListVirtualMFADevicesInput, fn func(*ListVirtualMFADevicesOutput, bool) bool, opts ...request.Option) error

ListVirtualMFADevicesPagesWithContext same as ListVirtualMFADevicesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListVirtualMFADevicesRequest

func (c *IAM) ListVirtualMFADevicesRequest(input *ListVirtualMFADevicesInput) (req *request.Request, output *ListVirtualMFADevicesOutput)

ListVirtualMFADevicesRequest generates a "aws/request.Request" representing the client's request for the ListVirtualMFADevices operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListVirtualMFADevices for more information on using the ListVirtualMFADevices API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListVirtualMFADevicesRequest method.
req, resp := client.ListVirtualMFADevicesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListVirtualMFADevices

func (*IAM) ListVirtualMFADevicesWithContext

func (c *IAM) ListVirtualMFADevicesWithContext(ctx aws.Context, input *ListVirtualMFADevicesInput, opts ...request.Option) (*ListVirtualMFADevicesOutput, error)

ListVirtualMFADevicesWithContext is the same as ListVirtualMFADevices with the addition of the ability to pass a context and additional request options.

See ListVirtualMFADevices for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) PutGroupPolicy

func (c *IAM) PutGroupPolicy(input *PutGroupPolicyInput) (*PutGroupPolicyOutput, error)

PutGroupPolicy API operation for AWS Identity and Access Management.

Adds or updates an inline policy document that is embedded in the specified IAM group.

A user can also have managed policies attached to it. To attach a managed policy to a group, use AttachGroupPolicy (https://docs.aws.amazon.com/IAM/latest/APIReference/API_AttachGroupPolicy.html). To create a new managed policy, use CreatePolicy (https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreatePolicy.html). For information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For information about the maximum number of inline policies that you can embed in a group, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutGroupPolicy. For general information about using the Query API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation PutGroupPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutGroupPolicy

Example (Shared00)

To add a policy to a group The following command adds a policy named AllPerms to the IAM group named Admins.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.PutGroupPolicyInput{
		GroupName:      aws.String("Admins"),
		PolicyDocument: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"),
		PolicyName:     aws.String("AllPerms"),
	}

	result, err := svc.PutGroupPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) PutGroupPolicyRequest

func (c *IAM) PutGroupPolicyRequest(input *PutGroupPolicyInput) (req *request.Request, output *PutGroupPolicyOutput)

PutGroupPolicyRequest generates a "aws/request.Request" representing the client's request for the PutGroupPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See PutGroupPolicy for more information on using the PutGroupPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the PutGroupPolicyRequest method.
req, resp := client.PutGroupPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutGroupPolicy

func (*IAM) PutGroupPolicyWithContext

func (c *IAM) PutGroupPolicyWithContext(ctx aws.Context, input *PutGroupPolicyInput, opts ...request.Option) (*PutGroupPolicyOutput, error)

PutGroupPolicyWithContext is the same as PutGroupPolicy with the addition of the ability to pass a context and additional request options.

See PutGroupPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) PutRolePermissionsBoundary

func (c *IAM) PutRolePermissionsBoundary(input *PutRolePermissionsBoundaryInput) (*PutRolePermissionsBoundaryOutput, error)

PutRolePermissionsBoundary API operation for AWS Identity and Access Management.

Adds or updates the policy that is specified as the IAM role's permissions boundary. You can use an Amazon Web Services managed policy or a customer managed policy to set the boundary for a role. Use the boundary to control the maximum permissions that the role can have. Setting a permissions boundary is an advanced feature that can affect the permissions for the role.

You cannot set the boundary for a service-linked role.

Policies used as permissions boundaries do not provide permissions. You must also attach a permissions policy to the role. To learn how the effective permissions for a role are evaluated, see IAM JSON policy evaluation logic (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation PutRolePermissionsBoundary for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because service-linked roles are protected Amazon Web Services resources. Only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodePolicyNotAttachableException "PolicyNotAttachable" The request failed because Amazon Web Services service role policies can only be attached to the service-linked role for that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePermissionsBoundary

func (*IAM) PutRolePermissionsBoundaryRequest

func (c *IAM) PutRolePermissionsBoundaryRequest(input *PutRolePermissionsBoundaryInput) (req *request.Request, output *PutRolePermissionsBoundaryOutput)

PutRolePermissionsBoundaryRequest generates a "aws/request.Request" representing the client's request for the PutRolePermissionsBoundary operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See PutRolePermissionsBoundary for more information on using the PutRolePermissionsBoundary API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the PutRolePermissionsBoundaryRequest method.
req, resp := client.PutRolePermissionsBoundaryRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePermissionsBoundary

func (*IAM) PutRolePermissionsBoundaryWithContext

func (c *IAM) PutRolePermissionsBoundaryWithContext(ctx aws.Context, input *PutRolePermissionsBoundaryInput, opts ...request.Option) (*PutRolePermissionsBoundaryOutput, error)

PutRolePermissionsBoundaryWithContext is the same as PutRolePermissionsBoundary with the addition of the ability to pass a context and additional request options.

See PutRolePermissionsBoundary for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) PutRolePolicy

func (c *IAM) PutRolePolicy(input *PutRolePolicyInput) (*PutRolePolicyOutput, error)

PutRolePolicy API operation for AWS Identity and Access Management.

Adds or updates an inline policy document that is embedded in the specified IAM role.

When you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role, using CreateRole (https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html). You can update a role's trust policy using UpdateAssumeRolePolicy (https://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateAssumeRolePolicy.html). For more information about roles, see IAM roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html) in the IAM User Guide.

A role can also have a managed policy attached to it. To attach a managed policy to a role, use AttachRolePolicy (https://docs.aws.amazon.com/IAM/latest/APIReference/API_AttachRolePolicy.html). To create a new managed policy, use CreatePolicy (https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreatePolicy.html). For information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For information about the maximum number of inline policies that you can embed with a role, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutRolePolicy. For general information about using the Query API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation PutRolePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because service-linked roles are protected Amazon Web Services resources. Only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePolicy

Example (Shared00)

To attach a permissions policy to an IAM role The following command adds a permissions policy to the role named Test-Role.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.PutRolePolicyInput{
		PolicyDocument: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"s3:*\",\"Resource\":\"*\"}}"),
		PolicyName:     aws.String("S3AccessPolicy"),
		RoleName:       aws.String("S3Access"),
	}

	result, err := svc.PutRolePolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) PutRolePolicyRequest

func (c *IAM) PutRolePolicyRequest(input *PutRolePolicyInput) (req *request.Request, output *PutRolePolicyOutput)

PutRolePolicyRequest generates a "aws/request.Request" representing the client's request for the PutRolePolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See PutRolePolicy for more information on using the PutRolePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the PutRolePolicyRequest method.
req, resp := client.PutRolePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePolicy

func (*IAM) PutRolePolicyWithContext

func (c *IAM) PutRolePolicyWithContext(ctx aws.Context, input *PutRolePolicyInput, opts ...request.Option) (*PutRolePolicyOutput, error)

PutRolePolicyWithContext is the same as PutRolePolicy with the addition of the ability to pass a context and additional request options.

See PutRolePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) PutUserPermissionsBoundary

func (c *IAM) PutUserPermissionsBoundary(input *PutUserPermissionsBoundaryInput) (*PutUserPermissionsBoundaryOutput, error)

PutUserPermissionsBoundary API operation for AWS Identity and Access Management.

Adds or updates the policy that is specified as the IAM user's permissions boundary. You can use an Amazon Web Services managed policy or a customer managed policy to set the boundary for a user. Use the boundary to control the maximum permissions that the user can have. Setting a permissions boundary is an advanced feature that can affect the permissions for the user.

Policies that are used as permissions boundaries do not provide permissions. You must also attach a permissions policy to the user. To learn how the effective permissions for a user are evaluated, see IAM JSON policy evaluation logic (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation PutUserPermissionsBoundary for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodePolicyNotAttachableException "PolicyNotAttachable" The request failed because Amazon Web Services service role policies can only be attached to the service-linked role for that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPermissionsBoundary

func (*IAM) PutUserPermissionsBoundaryRequest

func (c *IAM) PutUserPermissionsBoundaryRequest(input *PutUserPermissionsBoundaryInput) (req *request.Request, output *PutUserPermissionsBoundaryOutput)

PutUserPermissionsBoundaryRequest generates a "aws/request.Request" representing the client's request for the PutUserPermissionsBoundary operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See PutUserPermissionsBoundary for more information on using the PutUserPermissionsBoundary API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the PutUserPermissionsBoundaryRequest method.
req, resp := client.PutUserPermissionsBoundaryRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPermissionsBoundary

func (*IAM) PutUserPermissionsBoundaryWithContext

func (c *IAM) PutUserPermissionsBoundaryWithContext(ctx aws.Context, input *PutUserPermissionsBoundaryInput, opts ...request.Option) (*PutUserPermissionsBoundaryOutput, error)

PutUserPermissionsBoundaryWithContext is the same as PutUserPermissionsBoundary with the addition of the ability to pass a context and additional request options.

See PutUserPermissionsBoundary for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) PutUserPolicy

func (c *IAM) PutUserPolicy(input *PutUserPolicyInput) (*PutUserPolicyOutput, error)

PutUserPolicy API operation for AWS Identity and Access Management.

Adds or updates an inline policy document that is embedded in the specified IAM user.

An IAM user can also have a managed policy attached to it. To attach a managed policy to a user, use AttachUserPolicy (https://docs.aws.amazon.com/IAM/latest/APIReference/API_AttachUserPolicy.html). To create a new managed policy, use CreatePolicy (https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreatePolicy.html). For information about policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For information about the maximum number of inline policies that you can embed in a user, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutUserPolicy. For general information about using the Query API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation PutUserPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPolicy

Example (Shared00)

To attach a policy to an IAM user The following command attaches a policy to the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.PutUserPolicyInput{
		PolicyDocument: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"),
		PolicyName:     aws.String("AllAccessPolicy"),
		UserName:       aws.String("Bob"),
	}

	result, err := svc.PutUserPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) PutUserPolicyRequest

func (c *IAM) PutUserPolicyRequest(input *PutUserPolicyInput) (req *request.Request, output *PutUserPolicyOutput)

PutUserPolicyRequest generates a "aws/request.Request" representing the client's request for the PutUserPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See PutUserPolicy for more information on using the PutUserPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the PutUserPolicyRequest method.
req, resp := client.PutUserPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPolicy

func (*IAM) PutUserPolicyWithContext

func (c *IAM) PutUserPolicyWithContext(ctx aws.Context, input *PutUserPolicyInput, opts ...request.Option) (*PutUserPolicyOutput, error)

PutUserPolicyWithContext is the same as PutUserPolicy with the addition of the ability to pass a context and additional request options.

See PutUserPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) RemoveClientIDFromOpenIDConnectProvider

func (c *IAM) RemoveClientIDFromOpenIDConnectProvider(input *RemoveClientIDFromOpenIDConnectProviderInput) (*RemoveClientIDFromOpenIDConnectProviderOutput, error)

RemoveClientIDFromOpenIDConnectProvider API operation for AWS Identity and Access Management.

Removes the specified client ID (also known as audience) from the list of client IDs registered for the specified IAM OpenID Connect (OIDC) provider resource object.

This operation is idempotent; it does not fail or return an error if you try to remove a client ID that does not exist.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation RemoveClientIDFromOpenIDConnectProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveClientIDFromOpenIDConnectProvider

func (*IAM) RemoveClientIDFromOpenIDConnectProviderRequest

func (c *IAM) RemoveClientIDFromOpenIDConnectProviderRequest(input *RemoveClientIDFromOpenIDConnectProviderInput) (req *request.Request, output *RemoveClientIDFromOpenIDConnectProviderOutput)

RemoveClientIDFromOpenIDConnectProviderRequest generates a "aws/request.Request" representing the client's request for the RemoveClientIDFromOpenIDConnectProvider operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See RemoveClientIDFromOpenIDConnectProvider for more information on using the RemoveClientIDFromOpenIDConnectProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the RemoveClientIDFromOpenIDConnectProviderRequest method.
req, resp := client.RemoveClientIDFromOpenIDConnectProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveClientIDFromOpenIDConnectProvider

func (*IAM) RemoveClientIDFromOpenIDConnectProviderWithContext

func (c *IAM) RemoveClientIDFromOpenIDConnectProviderWithContext(ctx aws.Context, input *RemoveClientIDFromOpenIDConnectProviderInput, opts ...request.Option) (*RemoveClientIDFromOpenIDConnectProviderOutput, error)

RemoveClientIDFromOpenIDConnectProviderWithContext is the same as RemoveClientIDFromOpenIDConnectProvider with the addition of the ability to pass a context and additional request options.

See RemoveClientIDFromOpenIDConnectProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) RemoveRoleFromInstanceProfile

func (c *IAM) RemoveRoleFromInstanceProfile(input *RemoveRoleFromInstanceProfileInput) (*RemoveRoleFromInstanceProfileOutput, error)

RemoveRoleFromInstanceProfile API operation for AWS Identity and Access Management.

Removes the specified IAM role from the specified EC2 instance profile.

Make sure that you do not have any Amazon EC2 instances running with the role you are about to remove from the instance profile. Removing a role from an instance profile that is associated with a running instance might break any applications running on the instance.

For more information about roles, see IAM roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) in the IAM User Guide. For more information about instance profiles, see Using instance profiles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_switch-role-ec2_instance-profiles.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation RemoveRoleFromInstanceProfile for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because service-linked roles are protected Amazon Web Services resources. Only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveRoleFromInstanceProfile

Example (Shared00)

To remove a role from an instance profile The following command removes the role named Test-Role from the instance profile named ExampleInstanceProfile.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.RemoveRoleFromInstanceProfileInput{
		InstanceProfileName: aws.String("ExampleInstanceProfile"),
		RoleName:            aws.String("Test-Role"),
	}

	result, err := svc.RemoveRoleFromInstanceProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) RemoveRoleFromInstanceProfileRequest

func (c *IAM) RemoveRoleFromInstanceProfileRequest(input *RemoveRoleFromInstanceProfileInput) (req *request.Request, output *RemoveRoleFromInstanceProfileOutput)

RemoveRoleFromInstanceProfileRequest generates a "aws/request.Request" representing the client's request for the RemoveRoleFromInstanceProfile operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See RemoveRoleFromInstanceProfile for more information on using the RemoveRoleFromInstanceProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the RemoveRoleFromInstanceProfileRequest method.
req, resp := client.RemoveRoleFromInstanceProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveRoleFromInstanceProfile

func (*IAM) RemoveRoleFromInstanceProfileWithContext

func (c *IAM) RemoveRoleFromInstanceProfileWithContext(ctx aws.Context, input *RemoveRoleFromInstanceProfileInput, opts ...request.Option) (*RemoveRoleFromInstanceProfileOutput, error)

RemoveRoleFromInstanceProfileWithContext is the same as RemoveRoleFromInstanceProfile with the addition of the ability to pass a context and additional request options.

See RemoveRoleFromInstanceProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) RemoveUserFromGroup

func (c *IAM) RemoveUserFromGroup(input *RemoveUserFromGroupInput) (*RemoveUserFromGroupOutput, error)

RemoveUserFromGroup API operation for AWS Identity and Access Management.

Removes the specified user from the specified group.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation RemoveUserFromGroup for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveUserFromGroup

Example (Shared00)

To remove a user from an IAM group The following command removes the user named Bob from the IAM group named Admins.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.RemoveUserFromGroupInput{
		GroupName: aws.String("Admins"),
		UserName:  aws.String("Bob"),
	}

	result, err := svc.RemoveUserFromGroup(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) RemoveUserFromGroupRequest

func (c *IAM) RemoveUserFromGroupRequest(input *RemoveUserFromGroupInput) (req *request.Request, output *RemoveUserFromGroupOutput)

RemoveUserFromGroupRequest generates a "aws/request.Request" representing the client's request for the RemoveUserFromGroup operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See RemoveUserFromGroup for more information on using the RemoveUserFromGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the RemoveUserFromGroupRequest method.
req, resp := client.RemoveUserFromGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveUserFromGroup

func (*IAM) RemoveUserFromGroupWithContext

func (c *IAM) RemoveUserFromGroupWithContext(ctx aws.Context, input *RemoveUserFromGroupInput, opts ...request.Option) (*RemoveUserFromGroupOutput, error)

RemoveUserFromGroupWithContext is the same as RemoveUserFromGroup with the addition of the ability to pass a context and additional request options.

See RemoveUserFromGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ResetServiceSpecificCredential

func (c *IAM) ResetServiceSpecificCredential(input *ResetServiceSpecificCredentialInput) (*ResetServiceSpecificCredentialOutput, error)

ResetServiceSpecificCredential API operation for AWS Identity and Access Management.

Resets the password for a service-specific credential. The new password is Amazon Web Services generated and cryptographically strong. It cannot be configured by the user. Resetting the password immediately invalidates the previous password associated with this user.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ResetServiceSpecificCredential for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResetServiceSpecificCredential

func (*IAM) ResetServiceSpecificCredentialRequest

func (c *IAM) ResetServiceSpecificCredentialRequest(input *ResetServiceSpecificCredentialInput) (req *request.Request, output *ResetServiceSpecificCredentialOutput)

ResetServiceSpecificCredentialRequest generates a "aws/request.Request" representing the client's request for the ResetServiceSpecificCredential operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ResetServiceSpecificCredential for more information on using the ResetServiceSpecificCredential API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ResetServiceSpecificCredentialRequest method.
req, resp := client.ResetServiceSpecificCredentialRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResetServiceSpecificCredential

func (*IAM) ResetServiceSpecificCredentialWithContext

func (c *IAM) ResetServiceSpecificCredentialWithContext(ctx aws.Context, input *ResetServiceSpecificCredentialInput, opts ...request.Option) (*ResetServiceSpecificCredentialOutput, error)

ResetServiceSpecificCredentialWithContext is the same as ResetServiceSpecificCredential with the addition of the ability to pass a context and additional request options.

See ResetServiceSpecificCredential for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ResyncMFADevice

func (c *IAM) ResyncMFADevice(input *ResyncMFADeviceInput) (*ResyncMFADeviceOutput, error)

ResyncMFADevice API operation for AWS Identity and Access Management.

Synchronizes the specified MFA device with its IAM resource object on the Amazon Web Services servers.

For more information about creating and working with virtual MFA devices, see Using a virtual MFA device (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ResyncMFADevice for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidAuthenticationCodeException "InvalidAuthenticationCode" The request was rejected because the authentication code was not recognized. The error message describes the specific error.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResyncMFADevice

func (*IAM) ResyncMFADeviceRequest

func (c *IAM) ResyncMFADeviceRequest(input *ResyncMFADeviceInput) (req *request.Request, output *ResyncMFADeviceOutput)

ResyncMFADeviceRequest generates a "aws/request.Request" representing the client's request for the ResyncMFADevice operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ResyncMFADevice for more information on using the ResyncMFADevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ResyncMFADeviceRequest method.
req, resp := client.ResyncMFADeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResyncMFADevice

func (*IAM) ResyncMFADeviceWithContext

func (c *IAM) ResyncMFADeviceWithContext(ctx aws.Context, input *ResyncMFADeviceInput, opts ...request.Option) (*ResyncMFADeviceOutput, error)

ResyncMFADeviceWithContext is the same as ResyncMFADevice with the addition of the ability to pass a context and additional request options.

See ResyncMFADevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) SetDefaultPolicyVersion

func (c *IAM) SetDefaultPolicyVersion(input *SetDefaultPolicyVersionInput) (*SetDefaultPolicyVersionOutput, error)

SetDefaultPolicyVersion API operation for AWS Identity and Access Management.

Sets the specified version of the specified policy as the policy's default (operative) version.

This operation affects all users, groups, and roles that the policy is attached to. To list the users, groups, and roles that the policy is attached to, use ListEntitiesForPolicy.

For information about managed policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation SetDefaultPolicyVersion for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetDefaultPolicyVersion

func (*IAM) SetDefaultPolicyVersionRequest

func (c *IAM) SetDefaultPolicyVersionRequest(input *SetDefaultPolicyVersionInput) (req *request.Request, output *SetDefaultPolicyVersionOutput)

SetDefaultPolicyVersionRequest generates a "aws/request.Request" representing the client's request for the SetDefaultPolicyVersion operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See SetDefaultPolicyVersion for more information on using the SetDefaultPolicyVersion API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the SetDefaultPolicyVersionRequest method.
req, resp := client.SetDefaultPolicyVersionRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetDefaultPolicyVersion

func (*IAM) SetDefaultPolicyVersionWithContext

func (c *IAM) SetDefaultPolicyVersionWithContext(ctx aws.Context, input *SetDefaultPolicyVersionInput, opts ...request.Option) (*SetDefaultPolicyVersionOutput, error)

SetDefaultPolicyVersionWithContext is the same as SetDefaultPolicyVersion with the addition of the ability to pass a context and additional request options.

See SetDefaultPolicyVersion for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) SetSecurityTokenServicePreferences

func (c *IAM) SetSecurityTokenServicePreferences(input *SetSecurityTokenServicePreferencesInput) (*SetSecurityTokenServicePreferencesOutput, error)

SetSecurityTokenServicePreferences API operation for AWS Identity and Access Management.

Sets the specified version of the global endpoint token as the token version used for the Amazon Web Services account.

By default, Security Token Service (STS) is available as a global service, and all STS requests go to a single endpoint at https://sts.amazonaws.com. Amazon Web Services recommends using Regional STS endpoints to reduce latency, build in redundancy, and increase session token availability. For information about Regional endpoints for STS, see Security Token Service endpoints and quotas (https://docs.aws.amazon.com/general/latest/gr/sts.html) in the Amazon Web Services General Reference.

If you make an STS call to the global endpoint, the resulting session tokens might be valid in some Regions but not others. It depends on the version that is set in this operation. Version 1 tokens are valid only in Amazon Web Services Regions that are available by default. These tokens do not work in manually enabled Regions, such as Asia Pacific (Hong Kong). Version 2 tokens are valid in all Regions. However, version 2 tokens are longer and might affect systems where you temporarily store tokens. For information, see Activating and deactivating STS in an Amazon Web Services Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) in the IAM User Guide.

To view the current session token version, see the GlobalEndpointTokenVersion entry in the response of the GetAccountSummary operation.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation SetSecurityTokenServicePreferences for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetSecurityTokenServicePreferences

Example (Shared00)

To delete an access key for an IAM user The following command sets the STS global endpoint token to version 2. Version 2 tokens are valid in all Regions.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.SetSecurityTokenServicePreferencesInput{
		GlobalEndpointTokenVersion: aws.String("v2Token"),
	}

	result, err := svc.SetSecurityTokenServicePreferences(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) SetSecurityTokenServicePreferencesRequest

func (c *IAM) SetSecurityTokenServicePreferencesRequest(input *SetSecurityTokenServicePreferencesInput) (req *request.Request, output *SetSecurityTokenServicePreferencesOutput)

SetSecurityTokenServicePreferencesRequest generates a "aws/request.Request" representing the client's request for the SetSecurityTokenServicePreferences operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See SetSecurityTokenServicePreferences for more information on using the SetSecurityTokenServicePreferences API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the SetSecurityTokenServicePreferencesRequest method.
req, resp := client.SetSecurityTokenServicePreferencesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetSecurityTokenServicePreferences

func (*IAM) SetSecurityTokenServicePreferencesWithContext

func (c *IAM) SetSecurityTokenServicePreferencesWithContext(ctx aws.Context, input *SetSecurityTokenServicePreferencesInput, opts ...request.Option) (*SetSecurityTokenServicePreferencesOutput, error)

SetSecurityTokenServicePreferencesWithContext is the same as SetSecurityTokenServicePreferences with the addition of the ability to pass a context and additional request options.

See SetSecurityTokenServicePreferences for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) SimulateCustomPolicy

func (c *IAM) SimulateCustomPolicy(input *SimulateCustomPolicyInput) (*SimulatePolicyResponse, error)

SimulateCustomPolicy API operation for AWS Identity and Access Management.

Simulate how a set of IAM policies and optionally a resource-based policy works with a list of API operations and Amazon Web Services resources to determine the policies' effective permissions. The policies are provided as strings.

The simulation does not perform the API operations; it only checks the authorization to determine if the simulated policies allow or deny the operations. You can simulate resources that don't exist in your account.

If you want to simulate existing policies that are attached to an IAM user, group, or role, use SimulatePrincipalPolicy instead.

Context keys are variables that are maintained by Amazon Web Services and its services and which provide details about the context of an API query request. You can use the Condition element of an IAM policy to evaluate context keys. To get the list of context keys that the policies require for correct simulation, use GetContextKeysForCustomPolicy.

If the output is long, you can use MaxItems and Marker parameters to paginate the results.

The IAM policy simulator evaluates statements in the identity-based policy and the inputs that you provide during simulation. The policy simulator results can differ from your live Amazon Web Services environment. We recommend that you check your policies against your live Amazon Web Services environment after testing using the policy simulator to confirm that you have the desired results. For more information about using the policy simulator, see Testing IAM policies with the IAM policy simulator (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html)in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation SimulateCustomPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodePolicyEvaluationException "PolicyEvaluation" The request failed because a provided policy could not be successfully evaluated. An additional detailed message indicates the source of the failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulateCustomPolicy

func (*IAM) SimulateCustomPolicyPages

func (c *IAM) SimulateCustomPolicyPages(input *SimulateCustomPolicyInput, fn func(*SimulatePolicyResponse, bool) bool) error

SimulateCustomPolicyPages iterates over the pages of a SimulateCustomPolicy operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See SimulateCustomPolicy method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a SimulateCustomPolicy operation.
pageNum := 0
err := client.SimulateCustomPolicyPages(params,
    func(page *iam.SimulatePolicyResponse, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) SimulateCustomPolicyPagesWithContext

func (c *IAM) SimulateCustomPolicyPagesWithContext(ctx aws.Context, input *SimulateCustomPolicyInput, fn func(*SimulatePolicyResponse, bool) bool, opts ...request.Option) error

SimulateCustomPolicyPagesWithContext same as SimulateCustomPolicyPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) SimulateCustomPolicyRequest

func (c *IAM) SimulateCustomPolicyRequest(input *SimulateCustomPolicyInput) (req *request.Request, output *SimulatePolicyResponse)

SimulateCustomPolicyRequest generates a "aws/request.Request" representing the client's request for the SimulateCustomPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See SimulateCustomPolicy for more information on using the SimulateCustomPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the SimulateCustomPolicyRequest method.
req, resp := client.SimulateCustomPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulateCustomPolicy

func (*IAM) SimulateCustomPolicyWithContext

func (c *IAM) SimulateCustomPolicyWithContext(ctx aws.Context, input *SimulateCustomPolicyInput, opts ...request.Option) (*SimulatePolicyResponse, error)

SimulateCustomPolicyWithContext is the same as SimulateCustomPolicy with the addition of the ability to pass a context and additional request options.

See SimulateCustomPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) SimulatePrincipalPolicy

func (c *IAM) SimulatePrincipalPolicy(input *SimulatePrincipalPolicyInput) (*SimulatePolicyResponse, error)

SimulatePrincipalPolicy API operation for AWS Identity and Access Management.

Simulate how a set of IAM policies attached to an IAM entity works with a list of API operations and Amazon Web Services resources to determine the policies' effective permissions. The entity can be an IAM user, group, or role. If you specify a user, then the simulation also includes all of the policies that are attached to groups that the user belongs to. You can simulate resources that don't exist in your account.

You can optionally include a list of one or more additional policies specified as strings to include in the simulation. If you want to simulate only policies specified as strings, use SimulateCustomPolicy instead.

You can also optionally include one resource-based policy to be evaluated with each of the resources included in the simulation for IAM users only.

The simulation does not perform the API operations; it only checks the authorization to determine if the simulated policies allow or deny the operations.

Note: This operation discloses information about the permissions granted to other users. If you do not want users to see other user's permissions, then consider allowing them to use SimulateCustomPolicy instead.

Context keys are variables maintained by Amazon Web Services and its services that provide details about the context of an API query request. You can use the Condition element of an IAM policy to evaluate context keys. To get the list of context keys that the policies require for correct simulation, use GetContextKeysForPrincipalPolicy.

If the output is long, you can use the MaxItems and Marker parameters to paginate the results.

The IAM policy simulator evaluates statements in the identity-based policy and the inputs that you provide during simulation. The policy simulator results can differ from your live Amazon Web Services environment. We recommend that you check your policies against your live Amazon Web Services environment after testing using the policy simulator to confirm that you have the desired results. For more information about using the policy simulator, see Testing IAM policies with the IAM policy simulator (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html)in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation SimulatePrincipalPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodePolicyEvaluationException "PolicyEvaluation" The request failed because a provided policy could not be successfully evaluated. An additional detailed message indicates the source of the failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulatePrincipalPolicy

func (*IAM) SimulatePrincipalPolicyPages

func (c *IAM) SimulatePrincipalPolicyPages(input *SimulatePrincipalPolicyInput, fn func(*SimulatePolicyResponse, bool) bool) error

SimulatePrincipalPolicyPages iterates over the pages of a SimulatePrincipalPolicy operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See SimulatePrincipalPolicy method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a SimulatePrincipalPolicy operation.
pageNum := 0
err := client.SimulatePrincipalPolicyPages(params,
    func(page *iam.SimulatePolicyResponse, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) SimulatePrincipalPolicyPagesWithContext

func (c *IAM) SimulatePrincipalPolicyPagesWithContext(ctx aws.Context, input *SimulatePrincipalPolicyInput, fn func(*SimulatePolicyResponse, bool) bool, opts ...request.Option) error

SimulatePrincipalPolicyPagesWithContext same as SimulatePrincipalPolicyPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) SimulatePrincipalPolicyRequest

func (c *IAM) SimulatePrincipalPolicyRequest(input *SimulatePrincipalPolicyInput) (req *request.Request, output *SimulatePolicyResponse)

SimulatePrincipalPolicyRequest generates a "aws/request.Request" representing the client's request for the SimulatePrincipalPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See SimulatePrincipalPolicy for more information on using the SimulatePrincipalPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the SimulatePrincipalPolicyRequest method.
req, resp := client.SimulatePrincipalPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulatePrincipalPolicy

func (*IAM) SimulatePrincipalPolicyWithContext

func (c *IAM) SimulatePrincipalPolicyWithContext(ctx aws.Context, input *SimulatePrincipalPolicyInput, opts ...request.Option) (*SimulatePolicyResponse, error)

SimulatePrincipalPolicyWithContext is the same as SimulatePrincipalPolicy with the addition of the ability to pass a context and additional request options.

See SimulatePrincipalPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) TagInstanceProfile

func (c *IAM) TagInstanceProfile(input *TagInstanceProfileInput) (*TagInstanceProfileOutput, error)

TagInstanceProfile API operation for AWS Identity and Access Management.

Adds one or more tags to an IAM instance profile. If a tag with the same key name already exists, then that tag is overwritten with the new value.

Each tag consists of a key name and an associated value. By assigning tags to your resources, you can do the following:

  • Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For example, you could search for all resources with the key name Project and the value MyImportantProject. Or search for all resources with the key name Cost Center and the value 41200.

  • Access control - Include tags in IAM user-based and resource-based policies. You can use tags to restrict access to only an IAM instance profile that has a specified tag attached. For examples of policies that show how to use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) in the IAM User Guide.

  • If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

  • Amazon Web Services always interprets the tag Value as a single string. If you need to store an array, you can store comma-separated values in the string. However, you must interpret the value in your code.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation TagInstanceProfile for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagInstanceProfile

func (*IAM) TagInstanceProfileRequest

func (c *IAM) TagInstanceProfileRequest(input *TagInstanceProfileInput) (req *request.Request, output *TagInstanceProfileOutput)

TagInstanceProfileRequest generates a "aws/request.Request" representing the client's request for the TagInstanceProfile operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See TagInstanceProfile for more information on using the TagInstanceProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the TagInstanceProfileRequest method.
req, resp := client.TagInstanceProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagInstanceProfile

func (*IAM) TagInstanceProfileWithContext

func (c *IAM) TagInstanceProfileWithContext(ctx aws.Context, input *TagInstanceProfileInput, opts ...request.Option) (*TagInstanceProfileOutput, error)

TagInstanceProfileWithContext is the same as TagInstanceProfile with the addition of the ability to pass a context and additional request options.

See TagInstanceProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) TagMFADevice

func (c *IAM) TagMFADevice(input *TagMFADeviceInput) (*TagMFADeviceOutput, error)

TagMFADevice API operation for AWS Identity and Access Management.

Adds one or more tags to an IAM virtual multi-factor authentication (MFA) device. If a tag with the same key name already exists, then that tag is overwritten with the new value.

A tag consists of a key name and an associated value. By assigning tags to your resources, you can do the following:

  • Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For example, you could search for all resources with the key name Project and the value MyImportantProject. Or search for all resources with the key name Cost Center and the value 41200.

  • Access control - Include tags in IAM user-based and resource-based policies. You can use tags to restrict access to only an IAM virtual MFA device that has a specified tag attached. For examples of policies that show how to use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) in the IAM User Guide.

  • If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

  • Amazon Web Services always interprets the tag Value as a single string. If you need to store an array, you can store comma-separated values in the string. However, you must interpret the value in your code.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation TagMFADevice for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagMFADevice

func (*IAM) TagMFADeviceRequest

func (c *IAM) TagMFADeviceRequest(input *TagMFADeviceInput) (req *request.Request, output *TagMFADeviceOutput)

TagMFADeviceRequest generates a "aws/request.Request" representing the client's request for the TagMFADevice operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See TagMFADevice for more information on using the TagMFADevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the TagMFADeviceRequest method.
req, resp := client.TagMFADeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagMFADevice

func (*IAM) TagMFADeviceWithContext

func (c *IAM) TagMFADeviceWithContext(ctx aws.Context, input *TagMFADeviceInput, opts ...request.Option) (*TagMFADeviceOutput, error)

TagMFADeviceWithContext is the same as TagMFADevice with the addition of the ability to pass a context and additional request options.

See TagMFADevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) TagOpenIDConnectProvider

func (c *IAM) TagOpenIDConnectProvider(input *TagOpenIDConnectProviderInput) (*TagOpenIDConnectProviderOutput, error)

TagOpenIDConnectProvider API operation for AWS Identity and Access Management.

Adds one or more tags to an OpenID Connect (OIDC)-compatible identity provider. For more information about these providers, see About web identity federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html). If a tag with the same key name already exists, then that tag is overwritten with the new value.

A tag consists of a key name and an associated value. By assigning tags to your resources, you can do the following:

  • Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For example, you could search for all resources with the key name Project and the value MyImportantProject. Or search for all resources with the key name Cost Center and the value 41200.

  • Access control - Include tags in IAM identity-based and resource-based policies. You can use tags to restrict access to only an OIDC provider that has a specified tag attached. For examples of policies that show how to use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) in the IAM User Guide.

  • If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

  • Amazon Web Services always interprets the tag Value as a single string. If you need to store an array, you can store comma-separated values in the string. However, you must interpret the value in your code.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation TagOpenIDConnectProvider for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagOpenIDConnectProvider

func (*IAM) TagOpenIDConnectProviderRequest

func (c *IAM) TagOpenIDConnectProviderRequest(input *TagOpenIDConnectProviderInput) (req *request.Request, output *TagOpenIDConnectProviderOutput)

TagOpenIDConnectProviderRequest generates a "aws/request.Request" representing the client's request for the TagOpenIDConnectProvider operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See TagOpenIDConnectProvider for more information on using the TagOpenIDConnectProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the TagOpenIDConnectProviderRequest method.
req, resp := client.TagOpenIDConnectProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagOpenIDConnectProvider

func (*IAM) TagOpenIDConnectProviderWithContext

func (c *IAM) TagOpenIDConnectProviderWithContext(ctx aws.Context, input *TagOpenIDConnectProviderInput, opts ...request.Option) (*TagOpenIDConnectProviderOutput, error)

TagOpenIDConnectProviderWithContext is the same as TagOpenIDConnectProvider with the addition of the ability to pass a context and additional request options.

See TagOpenIDConnectProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) TagPolicy

func (c *IAM) TagPolicy(input *TagPolicyInput) (*TagPolicyOutput, error)

TagPolicy API operation for AWS Identity and Access Management.

Adds one or more tags to an IAM customer managed policy. If a tag with the same key name already exists, then that tag is overwritten with the new value.

A tag consists of a key name and an associated value. By assigning tags to your resources, you can do the following:

  • Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For example, you could search for all resources with the key name Project and the value MyImportantProject. Or search for all resources with the key name Cost Center and the value 41200.

  • Access control - Include tags in IAM user-based and resource-based policies. You can use tags to restrict access to only an IAM customer managed policy that has a specified tag attached. For examples of policies that show how to use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) in the IAM User Guide.

  • If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

  • Amazon Web Services always interprets the tag Value as a single string. If you need to store an array, you can store comma-separated values in the string. However, you must interpret the value in your code.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation TagPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagPolicy

func (*IAM) TagPolicyRequest

func (c *IAM) TagPolicyRequest(input *TagPolicyInput) (req *request.Request, output *TagPolicyOutput)

TagPolicyRequest generates a "aws/request.Request" representing the client's request for the TagPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See TagPolicy for more information on using the TagPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the TagPolicyRequest method.
req, resp := client.TagPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagPolicy

func (*IAM) TagPolicyWithContext

func (c *IAM) TagPolicyWithContext(ctx aws.Context, input *TagPolicyInput, opts ...request.Option) (*TagPolicyOutput, error)

TagPolicyWithContext is the same as TagPolicy with the addition of the ability to pass a context and additional request options.

See TagPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) TagRole

func (c *IAM) TagRole(input *TagRoleInput) (*TagRoleOutput, error)

TagRole API operation for AWS Identity and Access Management.

Adds one or more tags to an IAM role. The role can be a regular role or a service-linked role. If a tag with the same key name already exists, then that tag is overwritten with the new value.

A tag consists of a key name and an associated value. By assigning tags to your resources, you can do the following:

  • Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For example, you could search for all resources with the key name Project and the value MyImportantProject. Or search for all resources with the key name Cost Center and the value 41200.

  • Access control - Include tags in IAM user-based and resource-based policies. You can use tags to restrict access to only an IAM role that has a specified tag attached. You can also restrict access to only those resources that have a certain tag attached. For examples of policies that show how to use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) in the IAM User Guide.

  • Cost allocation - Use tags to help track which individuals and teams are using which Amazon Web Services resources.

  • If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

  • Amazon Web Services always interprets the tag Value as a single string. If you need to store an array, you can store comma-separated values in the string. However, you must interpret the value in your code.

For more information about tagging, see Tagging IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation TagRole for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagRole

Example (Shared00)

To add a tag key and value to an IAM role The following example shows how to add tags to an existing role.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.TagRoleInput{
		RoleName: aws.String("taggedrole"),
		Tags: []*iam.Tag{
			{
				Key:   aws.String("Dept"),
				Value: aws.String("Accounting"),
			},
			{
				Key:   aws.String("CostCenter"),
				Value: aws.String("12345"),
			},
		},
	}

	result, err := svc.TagRole(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) TagRoleRequest

func (c *IAM) TagRoleRequest(input *TagRoleInput) (req *request.Request, output *TagRoleOutput)

TagRoleRequest generates a "aws/request.Request" representing the client's request for the TagRole operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See TagRole for more information on using the TagRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the TagRoleRequest method.
req, resp := client.TagRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagRole

func (*IAM) TagRoleWithContext

func (c *IAM) TagRoleWithContext(ctx aws.Context, input *TagRoleInput, opts ...request.Option) (*TagRoleOutput, error)

TagRoleWithContext is the same as TagRole with the addition of the ability to pass a context and additional request options.

See TagRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) TagSAMLProvider

func (c *IAM) TagSAMLProvider(input *TagSAMLProviderInput) (*TagSAMLProviderOutput, error)

TagSAMLProvider API operation for AWS Identity and Access Management.

Adds one or more tags to a Security Assertion Markup Language (SAML) identity provider. For more information about these providers, see About SAML 2.0-based federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html). If a tag with the same key name already exists, then that tag is overwritten with the new value.

A tag consists of a key name and an associated value. By assigning tags to your resources, you can do the following:

  • Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For example, you could search for all resources with the key name Project and the value MyImportantProject. Or search for all resources with the key name Cost Center and the value 41200.

  • Access control - Include tags in IAM user-based and resource-based policies. You can use tags to restrict access to only a SAML identity provider that has a specified tag attached. For examples of policies that show how to use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) in the IAM User Guide.

  • If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

  • Amazon Web Services always interprets the tag Value as a single string. If you need to store an array, you can store comma-separated values in the string. However, you must interpret the value in your code.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation TagSAMLProvider for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagSAMLProvider

func (*IAM) TagSAMLProviderRequest

func (c *IAM) TagSAMLProviderRequest(input *TagSAMLProviderInput) (req *request.Request, output *TagSAMLProviderOutput)

TagSAMLProviderRequest generates a "aws/request.Request" representing the client's request for the TagSAMLProvider operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See TagSAMLProvider for more information on using the TagSAMLProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the TagSAMLProviderRequest method.
req, resp := client.TagSAMLProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagSAMLProvider

func (*IAM) TagSAMLProviderWithContext

func (c *IAM) TagSAMLProviderWithContext(ctx aws.Context, input *TagSAMLProviderInput, opts ...request.Option) (*TagSAMLProviderOutput, error)

TagSAMLProviderWithContext is the same as TagSAMLProvider with the addition of the ability to pass a context and additional request options.

See TagSAMLProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) TagServerCertificate

func (c *IAM) TagServerCertificate(input *TagServerCertificateInput) (*TagServerCertificateOutput, error)

TagServerCertificate API operation for AWS Identity and Access Management.

Adds one or more tags to an IAM server certificate. If a tag with the same key name already exists, then that tag is overwritten with the new value.

For certificates in a Region supported by Certificate Manager (ACM), we recommend that you don't use IAM server certificates. Instead, use ACM to provision, manage, and deploy your server certificates. For more information about IAM server certificates, Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide.

A tag consists of a key name and an associated value. By assigning tags to your resources, you can do the following:

  • Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For example, you could search for all resources with the key name Project and the value MyImportantProject. Or search for all resources with the key name Cost Center and the value 41200.

  • Access control - Include tags in IAM user-based and resource-based policies. You can use tags to restrict access to only a server certificate that has a specified tag attached. For examples of policies that show how to use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) in the IAM User Guide.

  • Cost allocation - Use tags to help track which individuals and teams are using which Amazon Web Services resources.

  • If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

  • Amazon Web Services always interprets the tag Value as a single string. If you need to store an array, you can store comma-separated values in the string. However, you must interpret the value in your code.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation TagServerCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagServerCertificate

func (*IAM) TagServerCertificateRequest

func (c *IAM) TagServerCertificateRequest(input *TagServerCertificateInput) (req *request.Request, output *TagServerCertificateOutput)

TagServerCertificateRequest generates a "aws/request.Request" representing the client's request for the TagServerCertificate operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See TagServerCertificate for more information on using the TagServerCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the TagServerCertificateRequest method.
req, resp := client.TagServerCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagServerCertificate

func (*IAM) TagServerCertificateWithContext

func (c *IAM) TagServerCertificateWithContext(ctx aws.Context, input *TagServerCertificateInput, opts ...request.Option) (*TagServerCertificateOutput, error)

TagServerCertificateWithContext is the same as TagServerCertificate with the addition of the ability to pass a context and additional request options.

See TagServerCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) TagUser

func (c *IAM) TagUser(input *TagUserInput) (*TagUserOutput, error)

TagUser API operation for AWS Identity and Access Management.

Adds one or more tags to an IAM user. If a tag with the same key name already exists, then that tag is overwritten with the new value.

A tag consists of a key name and an associated value. By assigning tags to your resources, you can do the following:

  • Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For example, you could search for all resources with the key name Project and the value MyImportantProject. Or search for all resources with the key name Cost Center and the value 41200.

  • Access control - Include tags in IAM identity-based and resource-based policies. You can use tags to restrict access to only an IAM requesting user that has a specified tag attached. You can also restrict access to only those resources that have a certain tag attached. For examples of policies that show how to use tags to control access, see Control access using IAM tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html) in the IAM User Guide.

  • Cost allocation - Use tags to help track which individuals and teams are using which Amazon Web Services resources.

  • If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

  • Amazon Web Services always interprets the tag Value as a single string. If you need to store an array, you can store comma-separated values in the string. However, you must interpret the value in your code.

For more information about tagging, see Tagging IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation TagUser for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagUser

Example (Shared00)

To add a tag key and value to an IAM user The following example shows how to add tags to an existing user.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.TagUserInput{
		Tags: []*iam.Tag{
			{
				Key:   aws.String("Dept"),
				Value: aws.String("Accounting"),
			},
			{
				Key:   aws.String("CostCenter"),
				Value: aws.String("12345"),
			},
		},
		UserName: aws.String("anika"),
	}

	result, err := svc.TagUser(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) TagUserRequest

func (c *IAM) TagUserRequest(input *TagUserInput) (req *request.Request, output *TagUserOutput)

TagUserRequest generates a "aws/request.Request" representing the client's request for the TagUser operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See TagUser for more information on using the TagUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the TagUserRequest method.
req, resp := client.TagUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/TagUser

func (*IAM) TagUserWithContext

func (c *IAM) TagUserWithContext(ctx aws.Context, input *TagUserInput, opts ...request.Option) (*TagUserOutput, error)

TagUserWithContext is the same as TagUser with the addition of the ability to pass a context and additional request options.

See TagUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UntagInstanceProfile

func (c *IAM) UntagInstanceProfile(input *UntagInstanceProfileInput) (*UntagInstanceProfileOutput, error)

UntagInstanceProfile API operation for AWS Identity and Access Management.

Removes the specified tags from the IAM instance profile. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UntagInstanceProfile for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagInstanceProfile

func (*IAM) UntagInstanceProfileRequest

func (c *IAM) UntagInstanceProfileRequest(input *UntagInstanceProfileInput) (req *request.Request, output *UntagInstanceProfileOutput)

UntagInstanceProfileRequest generates a "aws/request.Request" representing the client's request for the UntagInstanceProfile operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UntagInstanceProfile for more information on using the UntagInstanceProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UntagInstanceProfileRequest method.
req, resp := client.UntagInstanceProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagInstanceProfile

func (*IAM) UntagInstanceProfileWithContext

func (c *IAM) UntagInstanceProfileWithContext(ctx aws.Context, input *UntagInstanceProfileInput, opts ...request.Option) (*UntagInstanceProfileOutput, error)

UntagInstanceProfileWithContext is the same as UntagInstanceProfile with the addition of the ability to pass a context and additional request options.

See UntagInstanceProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UntagMFADevice

func (c *IAM) UntagMFADevice(input *UntagMFADeviceInput) (*UntagMFADeviceOutput, error)

UntagMFADevice API operation for AWS Identity and Access Management.

Removes the specified tags from the IAM virtual multi-factor authentication (MFA) device. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UntagMFADevice for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagMFADevice

func (*IAM) UntagMFADeviceRequest

func (c *IAM) UntagMFADeviceRequest(input *UntagMFADeviceInput) (req *request.Request, output *UntagMFADeviceOutput)

UntagMFADeviceRequest generates a "aws/request.Request" representing the client's request for the UntagMFADevice operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UntagMFADevice for more information on using the UntagMFADevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UntagMFADeviceRequest method.
req, resp := client.UntagMFADeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagMFADevice

func (*IAM) UntagMFADeviceWithContext

func (c *IAM) UntagMFADeviceWithContext(ctx aws.Context, input *UntagMFADeviceInput, opts ...request.Option) (*UntagMFADeviceOutput, error)

UntagMFADeviceWithContext is the same as UntagMFADevice with the addition of the ability to pass a context and additional request options.

See UntagMFADevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UntagOpenIDConnectProvider

func (c *IAM) UntagOpenIDConnectProvider(input *UntagOpenIDConnectProviderInput) (*UntagOpenIDConnectProviderOutput, error)

UntagOpenIDConnectProvider API operation for AWS Identity and Access Management.

Removes the specified tags from the specified OpenID Connect (OIDC)-compatible identity provider in IAM. For more information about OIDC providers, see About web identity federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html). For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UntagOpenIDConnectProvider for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagOpenIDConnectProvider

func (*IAM) UntagOpenIDConnectProviderRequest

func (c *IAM) UntagOpenIDConnectProviderRequest(input *UntagOpenIDConnectProviderInput) (req *request.Request, output *UntagOpenIDConnectProviderOutput)

UntagOpenIDConnectProviderRequest generates a "aws/request.Request" representing the client's request for the UntagOpenIDConnectProvider operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UntagOpenIDConnectProvider for more information on using the UntagOpenIDConnectProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UntagOpenIDConnectProviderRequest method.
req, resp := client.UntagOpenIDConnectProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagOpenIDConnectProvider

func (*IAM) UntagOpenIDConnectProviderWithContext

func (c *IAM) UntagOpenIDConnectProviderWithContext(ctx aws.Context, input *UntagOpenIDConnectProviderInput, opts ...request.Option) (*UntagOpenIDConnectProviderOutput, error)

UntagOpenIDConnectProviderWithContext is the same as UntagOpenIDConnectProvider with the addition of the ability to pass a context and additional request options.

See UntagOpenIDConnectProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UntagPolicy

func (c *IAM) UntagPolicy(input *UntagPolicyInput) (*UntagPolicyOutput, error)

UntagPolicy API operation for AWS Identity and Access Management.

Removes the specified tags from the customer managed policy. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UntagPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagPolicy

func (*IAM) UntagPolicyRequest

func (c *IAM) UntagPolicyRequest(input *UntagPolicyInput) (req *request.Request, output *UntagPolicyOutput)

UntagPolicyRequest generates a "aws/request.Request" representing the client's request for the UntagPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UntagPolicy for more information on using the UntagPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UntagPolicyRequest method.
req, resp := client.UntagPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagPolicy

func (*IAM) UntagPolicyWithContext

func (c *IAM) UntagPolicyWithContext(ctx aws.Context, input *UntagPolicyInput, opts ...request.Option) (*UntagPolicyOutput, error)

UntagPolicyWithContext is the same as UntagPolicy with the addition of the ability to pass a context and additional request options.

See UntagPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UntagRole

func (c *IAM) UntagRole(input *UntagRoleInput) (*UntagRoleOutput, error)

UntagRole API operation for AWS Identity and Access Management.

Removes the specified tags from the role. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UntagRole for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagRole

Example (Shared00)

To remove a tag from an IAM role The following example shows how to remove a tag with the key 'Dept' from a role named 'taggedrole'.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UntagRoleInput{
		RoleName: aws.String("taggedrole"),
		TagKeys: []*string{
			aws.String("Dept"),
		},
	}

	result, err := svc.UntagRole(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UntagRoleRequest

func (c *IAM) UntagRoleRequest(input *UntagRoleInput) (req *request.Request, output *UntagRoleOutput)

UntagRoleRequest generates a "aws/request.Request" representing the client's request for the UntagRole operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UntagRole for more information on using the UntagRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UntagRoleRequest method.
req, resp := client.UntagRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagRole

func (*IAM) UntagRoleWithContext

func (c *IAM) UntagRoleWithContext(ctx aws.Context, input *UntagRoleInput, opts ...request.Option) (*UntagRoleOutput, error)

UntagRoleWithContext is the same as UntagRole with the addition of the ability to pass a context and additional request options.

See UntagRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UntagSAMLProvider

func (c *IAM) UntagSAMLProvider(input *UntagSAMLProviderInput) (*UntagSAMLProviderOutput, error)

UntagSAMLProvider API operation for AWS Identity and Access Management.

Removes the specified tags from the specified Security Assertion Markup Language (SAML) identity provider in IAM. For more information about these providers, see About web identity federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc.html). For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UntagSAMLProvider for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagSAMLProvider

func (*IAM) UntagSAMLProviderRequest

func (c *IAM) UntagSAMLProviderRequest(input *UntagSAMLProviderInput) (req *request.Request, output *UntagSAMLProviderOutput)

UntagSAMLProviderRequest generates a "aws/request.Request" representing the client's request for the UntagSAMLProvider operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UntagSAMLProvider for more information on using the UntagSAMLProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UntagSAMLProviderRequest method.
req, resp := client.UntagSAMLProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagSAMLProvider

func (*IAM) UntagSAMLProviderWithContext

func (c *IAM) UntagSAMLProviderWithContext(ctx aws.Context, input *UntagSAMLProviderInput, opts ...request.Option) (*UntagSAMLProviderOutput, error)

UntagSAMLProviderWithContext is the same as UntagSAMLProvider with the addition of the ability to pass a context and additional request options.

See UntagSAMLProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UntagServerCertificate

func (c *IAM) UntagServerCertificate(input *UntagServerCertificateInput) (*UntagServerCertificateOutput, error)

UntagServerCertificate API operation for AWS Identity and Access Management.

Removes the specified tags from the IAM server certificate. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

For certificates in a Region supported by Certificate Manager (ACM), we recommend that you don't use IAM server certificates. Instead, use ACM to provision, manage, and deploy your server certificates. For more information about IAM server certificates, Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UntagServerCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagServerCertificate

func (*IAM) UntagServerCertificateRequest

func (c *IAM) UntagServerCertificateRequest(input *UntagServerCertificateInput) (req *request.Request, output *UntagServerCertificateOutput)

UntagServerCertificateRequest generates a "aws/request.Request" representing the client's request for the UntagServerCertificate operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UntagServerCertificate for more information on using the UntagServerCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UntagServerCertificateRequest method.
req, resp := client.UntagServerCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagServerCertificate

func (*IAM) UntagServerCertificateWithContext

func (c *IAM) UntagServerCertificateWithContext(ctx aws.Context, input *UntagServerCertificateInput, opts ...request.Option) (*UntagServerCertificateOutput, error)

UntagServerCertificateWithContext is the same as UntagServerCertificate with the addition of the ability to pass a context and additional request options.

See UntagServerCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UntagUser

func (c *IAM) UntagUser(input *UntagUserInput) (*UntagUserOutput, error)

UntagUser API operation for AWS Identity and Access Management.

Removes the specified tags from the user. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UntagUser for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagUser

Example (Shared00)

To remove a tag from an IAM user The following example shows how to remove tags that are attached to a user named 'anika'.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UntagUserInput{
		TagKeys: []*string{
			aws.String("Dept"),
		},
		UserName: aws.String("anika"),
	}

	result, err := svc.UntagUser(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UntagUserRequest

func (c *IAM) UntagUserRequest(input *UntagUserInput) (req *request.Request, output *UntagUserOutput)

UntagUserRequest generates a "aws/request.Request" representing the client's request for the UntagUser operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UntagUser for more information on using the UntagUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UntagUserRequest method.
req, resp := client.UntagUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UntagUser

func (*IAM) UntagUserWithContext

func (c *IAM) UntagUserWithContext(ctx aws.Context, input *UntagUserInput, opts ...request.Option) (*UntagUserOutput, error)

UntagUserWithContext is the same as UntagUser with the addition of the ability to pass a context and additional request options.

See UntagUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateAccessKey

func (c *IAM) UpdateAccessKey(input *UpdateAccessKeyInput) (*UpdateAccessKeyOutput, error)

UpdateAccessKey API operation for AWS Identity and Access Management.

Changes the status of the specified access key from Active to Inactive, or vice versa. This operation can be used to disable a user's key as part of a key rotation workflow.

If the UserName is not specified, the user name is determined implicitly based on the Amazon Web Services access key ID used to sign the request. If a temporary access key is used, then UserName is required. If a long-term key is assigned to the user, then UserName is not required. This operation works for access keys under the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root user credentials even if the Amazon Web Services account has no associated users.

For information about rotating keys, see Managing keys and certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingCredentials.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateAccessKey for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccessKey

Example (Shared00)

To activate or deactivate an access key for an IAM user The following command deactivates the specified access key (access key ID and secret access key) for the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateAccessKeyInput{
		AccessKeyId: aws.String("AKIAIOSFODNN7EXAMPLE"),
		Status:      aws.String("Inactive"),
		UserName:    aws.String("Bob"),
	}

	result, err := svc.UpdateAccessKey(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateAccessKeyRequest

func (c *IAM) UpdateAccessKeyRequest(input *UpdateAccessKeyInput) (req *request.Request, output *UpdateAccessKeyOutput)

UpdateAccessKeyRequest generates a "aws/request.Request" representing the client's request for the UpdateAccessKey operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateAccessKey for more information on using the UpdateAccessKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateAccessKeyRequest method.
req, resp := client.UpdateAccessKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccessKey

func (*IAM) UpdateAccessKeyWithContext

func (c *IAM) UpdateAccessKeyWithContext(ctx aws.Context, input *UpdateAccessKeyInput, opts ...request.Option) (*UpdateAccessKeyOutput, error)

UpdateAccessKeyWithContext is the same as UpdateAccessKey with the addition of the ability to pass a context and additional request options.

See UpdateAccessKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateAccountPasswordPolicy

func (c *IAM) UpdateAccountPasswordPolicy(input *UpdateAccountPasswordPolicyInput) (*UpdateAccountPasswordPolicyOutput, error)

UpdateAccountPasswordPolicy API operation for AWS Identity and Access Management.

Updates the password policy settings for the Amazon Web Services account.

This operation does not support partial updates. No parameters are required, but if you do not specify a parameter, that parameter's value reverts to its default value. See the Request Parameters section for each parameter's default value. Also note that some parameters do not allow the default parameter to be explicitly set. Instead, to invoke the default value, do not include that parameter when you invoke the operation.

For more information about using a password policy, see Managing an IAM password policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateAccountPasswordPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccountPasswordPolicy

Example (Shared00)

To set or change the current account password policy The following command sets the password policy to require a minimum length of eight characters and to require one or more numbers in the password:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateAccountPasswordPolicyInput{
		MinimumPasswordLength: aws.Int64(8),
		RequireNumbers:        aws.Bool(true),
	}

	result, err := svc.UpdateAccountPasswordPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateAccountPasswordPolicyRequest

func (c *IAM) UpdateAccountPasswordPolicyRequest(input *UpdateAccountPasswordPolicyInput) (req *request.Request, output *UpdateAccountPasswordPolicyOutput)

UpdateAccountPasswordPolicyRequest generates a "aws/request.Request" representing the client's request for the UpdateAccountPasswordPolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateAccountPasswordPolicy for more information on using the UpdateAccountPasswordPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateAccountPasswordPolicyRequest method.
req, resp := client.UpdateAccountPasswordPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccountPasswordPolicy

func (*IAM) UpdateAccountPasswordPolicyWithContext

func (c *IAM) UpdateAccountPasswordPolicyWithContext(ctx aws.Context, input *UpdateAccountPasswordPolicyInput, opts ...request.Option) (*UpdateAccountPasswordPolicyOutput, error)

UpdateAccountPasswordPolicyWithContext is the same as UpdateAccountPasswordPolicy with the addition of the ability to pass a context and additional request options.

See UpdateAccountPasswordPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateAssumeRolePolicy

func (c *IAM) UpdateAssumeRolePolicy(input *UpdateAssumeRolePolicyInput) (*UpdateAssumeRolePolicyOutput, error)

UpdateAssumeRolePolicy API operation for AWS Identity and Access Management.

Updates the policy that grants an IAM entity permission to assume a role. This is typically referred to as the "role trust policy". For more information about roles, see Using roles to delegate permissions and federate identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateAssumeRolePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because service-linked roles are protected Amazon Web Services resources. Only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAssumeRolePolicy

Example (Shared00)

To update the trust policy for an IAM role The following command updates the role trust policy for the role named Test-Role:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateAssumeRolePolicyInput{
		PolicyDocument: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}"),
		RoleName:       aws.String("S3AccessForEC2Instances"),
	}

	result, err := svc.UpdateAssumeRolePolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateAssumeRolePolicyRequest

func (c *IAM) UpdateAssumeRolePolicyRequest(input *UpdateAssumeRolePolicyInput) (req *request.Request, output *UpdateAssumeRolePolicyOutput)

UpdateAssumeRolePolicyRequest generates a "aws/request.Request" representing the client's request for the UpdateAssumeRolePolicy operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateAssumeRolePolicy for more information on using the UpdateAssumeRolePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateAssumeRolePolicyRequest method.
req, resp := client.UpdateAssumeRolePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAssumeRolePolicy

func (*IAM) UpdateAssumeRolePolicyWithContext

func (c *IAM) UpdateAssumeRolePolicyWithContext(ctx aws.Context, input *UpdateAssumeRolePolicyInput, opts ...request.Option) (*UpdateAssumeRolePolicyOutput, error)

UpdateAssumeRolePolicyWithContext is the same as UpdateAssumeRolePolicy with the addition of the ability to pass a context and additional request options.

See UpdateAssumeRolePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateGroup

func (c *IAM) UpdateGroup(input *UpdateGroupInput) (*UpdateGroupOutput, error)

UpdateGroup API operation for AWS Identity and Access Management.

Updates the name and/or the path of the specified IAM group.

You should understand the implications of changing a group's path or name. For more information, see Renaming users and groups (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_WorkingWithGroupsAndUsers.html) in the IAM User Guide.

The person making the request (the principal), must have permission to change the role group with the old name and the new name. For example, to change the group named Managers to MGRs, the principal must have a policy that allows them to update both groups. If the principal has permission to update the Managers group, but not the MGRs group, then the update fails. For more information about permissions, see Access management (https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateGroup for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateGroup

Example (Shared00)

To rename an IAM group The following command changes the name of the IAM group Test to Test-1.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateGroupInput{
		GroupName:    aws.String("Test"),
		NewGroupName: aws.String("Test-1"),
	}

	result, err := svc.UpdateGroup(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateGroupRequest

func (c *IAM) UpdateGroupRequest(input *UpdateGroupInput) (req *request.Request, output *UpdateGroupOutput)

UpdateGroupRequest generates a "aws/request.Request" representing the client's request for the UpdateGroup operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateGroup for more information on using the UpdateGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateGroupRequest method.
req, resp := client.UpdateGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateGroup

func (*IAM) UpdateGroupWithContext

func (c *IAM) UpdateGroupWithContext(ctx aws.Context, input *UpdateGroupInput, opts ...request.Option) (*UpdateGroupOutput, error)

UpdateGroupWithContext is the same as UpdateGroup with the addition of the ability to pass a context and additional request options.

See UpdateGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateLoginProfile

func (c *IAM) UpdateLoginProfile(input *UpdateLoginProfileInput) (*UpdateLoginProfileOutput, error)

UpdateLoginProfile API operation for AWS Identity and Access Management.

Changes the password for the specified IAM user. You can use the CLI, the Amazon Web Services API, or the Users page in the IAM console to change the password for any IAM user. Use ChangePassword to change your own password in the My Security Credentials page in the Amazon Web Services Management Console.

For more information about modifying passwords, see Managing passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateLoginProfile for usage and error information.

Returned Error Codes:

  • ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable" The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodePasswordPolicyViolationException "PasswordPolicyViolation" The request was rejected because the provided password did not meet the requirements imposed by the account password policy.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateLoginProfile

Example (Shared00)

To change the password for an IAM user The following command creates or changes the password for the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateLoginProfileInput{
		Password: aws.String("SomeKindOfPassword123!@#"),
		UserName: aws.String("Bob"),
	}

	result, err := svc.UpdateLoginProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeEntityTemporarilyUnmodifiableException:
				fmt.Println(iam.ErrCodeEntityTemporarilyUnmodifiableException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodePasswordPolicyViolationException:
				fmt.Println(iam.ErrCodePasswordPolicyViolationException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateLoginProfileRequest

func (c *IAM) UpdateLoginProfileRequest(input *UpdateLoginProfileInput) (req *request.Request, output *UpdateLoginProfileOutput)

UpdateLoginProfileRequest generates a "aws/request.Request" representing the client's request for the UpdateLoginProfile operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateLoginProfile for more information on using the UpdateLoginProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateLoginProfileRequest method.
req, resp := client.UpdateLoginProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateLoginProfile

func (*IAM) UpdateLoginProfileWithContext

func (c *IAM) UpdateLoginProfileWithContext(ctx aws.Context, input *UpdateLoginProfileInput, opts ...request.Option) (*UpdateLoginProfileOutput, error)

UpdateLoginProfileWithContext is the same as UpdateLoginProfile with the addition of the ability to pass a context and additional request options.

See UpdateLoginProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateOpenIDConnectProviderThumbprint

func (c *IAM) UpdateOpenIDConnectProviderThumbprint(input *UpdateOpenIDConnectProviderThumbprintInput) (*UpdateOpenIDConnectProviderThumbprintOutput, error)

UpdateOpenIDConnectProviderThumbprint API operation for AWS Identity and Access Management.

Replaces the existing list of server certificate thumbprints associated with an OpenID Connect (OIDC) provider resource object with a new list of thumbprints.

The list that you pass with this operation completely replaces the existing list of thumbprints. (The lists are not merged.)

Typically, you need to update a thumbprint only when the identity provider certificate changes, which occurs rarely. However, if the provider's certificate does change, any attempt to assume an IAM role that specifies the OIDC provider as a principal fails until the certificate thumbprint is updated.

Amazon Web Services secures communication with some OIDC identity providers (IdPs) through our library of trusted root certificate authorities (CAs) instead of using a certificate thumbprint to verify your IdP server certificate. These OIDC IdPs include Auth0, GitHub, Google, and those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these cases, your legacy thumbprint remains in your configuration, but is no longer used for validation.

Trust for the OIDC provider is derived from the provider certificate and is validated by the thumbprint. Therefore, it is best to limit access to the UpdateOpenIDConnectProviderThumbprint operation to highly privileged users.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateOpenIDConnectProviderThumbprint for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateOpenIDConnectProviderThumbprint

func (*IAM) UpdateOpenIDConnectProviderThumbprintRequest

func (c *IAM) UpdateOpenIDConnectProviderThumbprintRequest(input *UpdateOpenIDConnectProviderThumbprintInput) (req *request.Request, output *UpdateOpenIDConnectProviderThumbprintOutput)

UpdateOpenIDConnectProviderThumbprintRequest generates a "aws/request.Request" representing the client's request for the UpdateOpenIDConnectProviderThumbprint operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateOpenIDConnectProviderThumbprint for more information on using the UpdateOpenIDConnectProviderThumbprint API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateOpenIDConnectProviderThumbprintRequest method.
req, resp := client.UpdateOpenIDConnectProviderThumbprintRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateOpenIDConnectProviderThumbprint

func (*IAM) UpdateOpenIDConnectProviderThumbprintWithContext

func (c *IAM) UpdateOpenIDConnectProviderThumbprintWithContext(ctx aws.Context, input *UpdateOpenIDConnectProviderThumbprintInput, opts ...request.Option) (*UpdateOpenIDConnectProviderThumbprintOutput, error)

UpdateOpenIDConnectProviderThumbprintWithContext is the same as UpdateOpenIDConnectProviderThumbprint with the addition of the ability to pass a context and additional request options.

See UpdateOpenIDConnectProviderThumbprint for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateRole

func (c *IAM) UpdateRole(input *UpdateRoleInput) (*UpdateRoleOutput, error)

UpdateRole API operation for AWS Identity and Access Management.

Updates the description or maximum session duration setting of a role.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateRole for usage and error information.

Returned Error Codes:

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because service-linked roles are protected Amazon Web Services resources. Only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRole

func (*IAM) UpdateRoleDescription

func (c *IAM) UpdateRoleDescription(input *UpdateRoleDescriptionInput) (*UpdateRoleDescriptionOutput, error)

UpdateRoleDescription API operation for AWS Identity and Access Management.

Use UpdateRole instead.

Modifies only the description of a role. This operation performs the same function as the Description parameter in the UpdateRole operation.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateRoleDescription for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because service-linked roles are protected Amazon Web Services resources. Only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRoleDescription

func (*IAM) UpdateRoleDescriptionRequest

func (c *IAM) UpdateRoleDescriptionRequest(input *UpdateRoleDescriptionInput) (req *request.Request, output *UpdateRoleDescriptionOutput)

UpdateRoleDescriptionRequest generates a "aws/request.Request" representing the client's request for the UpdateRoleDescription operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateRoleDescription for more information on using the UpdateRoleDescription API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateRoleDescriptionRequest method.
req, resp := client.UpdateRoleDescriptionRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRoleDescription

func (*IAM) UpdateRoleDescriptionWithContext

func (c *IAM) UpdateRoleDescriptionWithContext(ctx aws.Context, input *UpdateRoleDescriptionInput, opts ...request.Option) (*UpdateRoleDescriptionOutput, error)

UpdateRoleDescriptionWithContext is the same as UpdateRoleDescription with the addition of the ability to pass a context and additional request options.

See UpdateRoleDescription for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateRoleRequest

func (c *IAM) UpdateRoleRequest(input *UpdateRoleInput) (req *request.Request, output *UpdateRoleOutput)

UpdateRoleRequest generates a "aws/request.Request" representing the client's request for the UpdateRole operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateRole for more information on using the UpdateRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateRoleRequest method.
req, resp := client.UpdateRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRole

func (*IAM) UpdateRoleWithContext

func (c *IAM) UpdateRoleWithContext(ctx aws.Context, input *UpdateRoleInput, opts ...request.Option) (*UpdateRoleOutput, error)

UpdateRoleWithContext is the same as UpdateRole with the addition of the ability to pass a context and additional request options.

See UpdateRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateSAMLProvider

func (c *IAM) UpdateSAMLProvider(input *UpdateSAMLProviderInput) (*UpdateSAMLProviderOutput, error)

UpdateSAMLProvider API operation for AWS Identity and Access Management.

Updates the metadata document for an existing SAML provider resource object.

This operation requires Signature Version 4 (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateSAMLProvider for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSAMLProvider

func (*IAM) UpdateSAMLProviderRequest

func (c *IAM) UpdateSAMLProviderRequest(input *UpdateSAMLProviderInput) (req *request.Request, output *UpdateSAMLProviderOutput)

UpdateSAMLProviderRequest generates a "aws/request.Request" representing the client's request for the UpdateSAMLProvider operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateSAMLProvider for more information on using the UpdateSAMLProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateSAMLProviderRequest method.
req, resp := client.UpdateSAMLProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSAMLProvider

func (*IAM) UpdateSAMLProviderWithContext

func (c *IAM) UpdateSAMLProviderWithContext(ctx aws.Context, input *UpdateSAMLProviderInput, opts ...request.Option) (*UpdateSAMLProviderOutput, error)

UpdateSAMLProviderWithContext is the same as UpdateSAMLProvider with the addition of the ability to pass a context and additional request options.

See UpdateSAMLProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateSSHPublicKey

func (c *IAM) UpdateSSHPublicKey(input *UpdateSSHPublicKeyInput) (*UpdateSSHPublicKeyOutput, error)

UpdateSSHPublicKey API operation for AWS Identity and Access Management.

Sets the status of an IAM user's SSH public key to active or inactive. SSH public keys that are inactive cannot be used for authentication. This operation can be used to disable a user's SSH public key as part of a key rotation work flow.

The SSH public key affected by this operation is used only for authenticating the associated IAM user to an CodeCommit repository. For more information about using SSH keys to authenticate to an CodeCommit repository, see Set up CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the CodeCommit User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateSSHPublicKey for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSSHPublicKey

func (*IAM) UpdateSSHPublicKeyRequest

func (c *IAM) UpdateSSHPublicKeyRequest(input *UpdateSSHPublicKeyInput) (req *request.Request, output *UpdateSSHPublicKeyOutput)

UpdateSSHPublicKeyRequest generates a "aws/request.Request" representing the client's request for the UpdateSSHPublicKey operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateSSHPublicKey for more information on using the UpdateSSHPublicKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateSSHPublicKeyRequest method.
req, resp := client.UpdateSSHPublicKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSSHPublicKey

func (*IAM) UpdateSSHPublicKeyWithContext

func (c *IAM) UpdateSSHPublicKeyWithContext(ctx aws.Context, input *UpdateSSHPublicKeyInput, opts ...request.Option) (*UpdateSSHPublicKeyOutput, error)

UpdateSSHPublicKeyWithContext is the same as UpdateSSHPublicKey with the addition of the ability to pass a context and additional request options.

See UpdateSSHPublicKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateServerCertificate

func (c *IAM) UpdateServerCertificate(input *UpdateServerCertificateInput) (*UpdateServerCertificateOutput, error)

UpdateServerCertificate API operation for AWS Identity and Access Management.

Updates the name and/or the path of the specified server certificate stored in IAM.

For more information about working with server certificates, see Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic also includes a list of Amazon Web Services services that can use the server certificates that you manage with IAM.

You should understand the implications of changing a server certificate's path or name. For more information, see Renaming a server certificate (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs_manage.html#RenamingServerCerts) in the IAM User Guide.

The person making the request (the principal), must have permission to change the server certificate with the old name and the new name. For example, to change the certificate named ProductionCert to ProdCert, the principal must have a policy that allows them to update both certificates. If the principal has permission to update the ProductionCert group, but not the ProdCert certificate, then the update fails. For more information about permissions, see Access management (https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateServerCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServerCertificate

func (*IAM) UpdateServerCertificateRequest

func (c *IAM) UpdateServerCertificateRequest(input *UpdateServerCertificateInput) (req *request.Request, output *UpdateServerCertificateOutput)

UpdateServerCertificateRequest generates a "aws/request.Request" representing the client's request for the UpdateServerCertificate operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateServerCertificate for more information on using the UpdateServerCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateServerCertificateRequest method.
req, resp := client.UpdateServerCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServerCertificate

func (*IAM) UpdateServerCertificateWithContext

func (c *IAM) UpdateServerCertificateWithContext(ctx aws.Context, input *UpdateServerCertificateInput, opts ...request.Option) (*UpdateServerCertificateOutput, error)

UpdateServerCertificateWithContext is the same as UpdateServerCertificate with the addition of the ability to pass a context and additional request options.

See UpdateServerCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateServiceSpecificCredential

func (c *IAM) UpdateServiceSpecificCredential(input *UpdateServiceSpecificCredentialInput) (*UpdateServiceSpecificCredentialOutput, error)

UpdateServiceSpecificCredential API operation for AWS Identity and Access Management.

Sets the status of a service-specific credential to Active or Inactive. Service-specific credentials that are inactive cannot be used for authentication to the service. This operation can be used to disable a user's service-specific credential as part of a credential rotation work flow.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateServiceSpecificCredential for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServiceSpecificCredential

func (*IAM) UpdateServiceSpecificCredentialRequest

func (c *IAM) UpdateServiceSpecificCredentialRequest(input *UpdateServiceSpecificCredentialInput) (req *request.Request, output *UpdateServiceSpecificCredentialOutput)

UpdateServiceSpecificCredentialRequest generates a "aws/request.Request" representing the client's request for the UpdateServiceSpecificCredential operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateServiceSpecificCredential for more information on using the UpdateServiceSpecificCredential API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateServiceSpecificCredentialRequest method.
req, resp := client.UpdateServiceSpecificCredentialRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServiceSpecificCredential

func (*IAM) UpdateServiceSpecificCredentialWithContext

func (c *IAM) UpdateServiceSpecificCredentialWithContext(ctx aws.Context, input *UpdateServiceSpecificCredentialInput, opts ...request.Option) (*UpdateServiceSpecificCredentialOutput, error)

UpdateServiceSpecificCredentialWithContext is the same as UpdateServiceSpecificCredential with the addition of the ability to pass a context and additional request options.

See UpdateServiceSpecificCredential for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateSigningCertificate

func (c *IAM) UpdateSigningCertificate(input *UpdateSigningCertificateInput) (*UpdateSigningCertificateOutput, error)

UpdateSigningCertificate API operation for AWS Identity and Access Management.

Changes the status of the specified user signing certificate from active to disabled, or vice versa. This operation can be used to disable an IAM user's signing certificate as part of a certificate rotation work flow.

If the UserName field is not specified, the user name is determined implicitly based on the Amazon Web Services access key ID used to sign the request. This operation works for access keys under the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root user credentials even if the Amazon Web Services account has no associated users.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateSigningCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSigningCertificate

Example (Shared00)

To change the active status of a signing certificate for an IAM user The following command changes the status of a signing certificate for a user named Bob to Inactive.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateSigningCertificateInput{
		CertificateId: aws.String("TA7SMP42TDN5Z26OBPJE7EXAMPLE"),
		Status:        aws.String("Inactive"),
		UserName:      aws.String("Bob"),
	}

	result, err := svc.UpdateSigningCertificate(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateSigningCertificateRequest

func (c *IAM) UpdateSigningCertificateRequest(input *UpdateSigningCertificateInput) (req *request.Request, output *UpdateSigningCertificateOutput)

UpdateSigningCertificateRequest generates a "aws/request.Request" representing the client's request for the UpdateSigningCertificate operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateSigningCertificate for more information on using the UpdateSigningCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateSigningCertificateRequest method.
req, resp := client.UpdateSigningCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSigningCertificate

func (*IAM) UpdateSigningCertificateWithContext

func (c *IAM) UpdateSigningCertificateWithContext(ctx aws.Context, input *UpdateSigningCertificateInput, opts ...request.Option) (*UpdateSigningCertificateOutput, error)

UpdateSigningCertificateWithContext is the same as UpdateSigningCertificate with the addition of the ability to pass a context and additional request options.

See UpdateSigningCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateUser

func (c *IAM) UpdateUser(input *UpdateUserInput) (*UpdateUserOutput, error)

UpdateUser API operation for AWS Identity and Access Management.

Updates the name and/or the path of the specified IAM user.

You should understand the implications of changing an IAM user's path or name. For more information, see Renaming an IAM user (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_manage.html#id_users_renaming) and Renaming an IAM group (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_groups_manage_rename.html) in the IAM User Guide.

To change a user name, the requester must have appropriate permissions on both the source object and the target object. For example, to change Bob to Robert, the entity making the request must have permission on Bob and Robert, or must have permission on all (*). For more information about permissions, see Permissions and policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/PermissionsAndPolicies.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateUser for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable" The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateUser

Example (Shared00)

To change an IAM user's name The following command changes the name of the IAM user Bob to Robert. It does not change the user's path.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateUserInput{
		NewUserName: aws.String("Robert"),
		UserName:    aws.String("Bob"),
	}

	result, err := svc.UpdateUser(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeEntityTemporarilyUnmodifiableException:
				fmt.Println(iam.ErrCodeEntityTemporarilyUnmodifiableException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateUserRequest

func (c *IAM) UpdateUserRequest(input *UpdateUserInput) (req *request.Request, output *UpdateUserOutput)

UpdateUserRequest generates a "aws/request.Request" representing the client's request for the UpdateUser operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateUser for more information on using the UpdateUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateUserRequest method.
req, resp := client.UpdateUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateUser

func (*IAM) UpdateUserWithContext

func (c *IAM) UpdateUserWithContext(ctx aws.Context, input *UpdateUserInput, opts ...request.Option) (*UpdateUserOutput, error)

UpdateUserWithContext is the same as UpdateUser with the addition of the ability to pass a context and additional request options.

See UpdateUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UploadSSHPublicKey

func (c *IAM) UploadSSHPublicKey(input *UploadSSHPublicKeyInput) (*UploadSSHPublicKeyOutput, error)

UploadSSHPublicKey API operation for AWS Identity and Access Management.

Uploads an SSH public key and associates it with the specified IAM user.

The SSH public key uploaded by this operation can be used only for authenticating the associated IAM user to an CodeCommit repository. For more information about using SSH keys to authenticate to an CodeCommit repository, see Set up CodeCommit for SSH connections (https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the CodeCommit User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UploadSSHPublicKey for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeInvalidPublicKeyException "InvalidPublicKey" The request was rejected because the public key is malformed or otherwise invalid.

  • ErrCodeDuplicateSSHPublicKeyException "DuplicateSSHPublicKey" The request was rejected because the SSH public key is already associated with the specified IAM user.

  • ErrCodeUnrecognizedPublicKeyEncodingException "UnrecognizedPublicKeyEncoding" The request was rejected because the public key encoding format is unsupported or unrecognized.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSSHPublicKey

func (*IAM) UploadSSHPublicKeyRequest

func (c *IAM) UploadSSHPublicKeyRequest(input *UploadSSHPublicKeyInput) (req *request.Request, output *UploadSSHPublicKeyOutput)

UploadSSHPublicKeyRequest generates a "aws/request.Request" representing the client's request for the UploadSSHPublicKey operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UploadSSHPublicKey for more information on using the UploadSSHPublicKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UploadSSHPublicKeyRequest method.
req, resp := client.UploadSSHPublicKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSSHPublicKey

func (*IAM) UploadSSHPublicKeyWithContext

func (c *IAM) UploadSSHPublicKeyWithContext(ctx aws.Context, input *UploadSSHPublicKeyInput, opts ...request.Option) (*UploadSSHPublicKeyOutput, error)

UploadSSHPublicKeyWithContext is the same as UploadSSHPublicKey with the addition of the ability to pass a context and additional request options.

See UploadSSHPublicKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UploadServerCertificate

func (c *IAM) UploadServerCertificate(input *UploadServerCertificateInput) (*UploadServerCertificateOutput, error)

UploadServerCertificate API operation for AWS Identity and Access Management.

Uploads a server certificate entity for the Amazon Web Services account. The server certificate entity includes a public key certificate, a private key, and an optional certificate chain, which should all be PEM-encoded.

We recommend that you use Certificate Manager (https://docs.aws.amazon.com/acm/) to provision, manage, and deploy your server certificates. With ACM you can request a certificate, deploy it to Amazon Web Services resources, and let ACM handle certificate renewals for you. Certificates provided by ACM are free. For more information about using ACM, see the Certificate Manager User Guide (https://docs.aws.amazon.com/acm/latest/userguide/).

For more information about working with server certificates, see Working with server certificates (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic includes a list of Amazon Web Services services that can use the server certificates that you manage with IAM.

For information about the number of server certificates you can upload, see IAM and STS quotas (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html) in the IAM User Guide.

Because the body of the public key certificate, private key, and the certificate chain can be large, you should use POST rather than GET when calling UploadServerCertificate. For information about setting up signatures and authorization through the API, see Signing Amazon Web Services API requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html) in the Amazon Web Services General Reference. For general information about using the Query API with IAM, see Calling the API by making HTTP query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/programming.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UploadServerCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeMalformedCertificateException "MalformedCertificate" The request was rejected because the certificate was malformed or expired. The error message describes the specific error.

  • ErrCodeKeyPairMismatchException "KeyPairMismatch" The request was rejected because the public key certificate and the private key do not match.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadServerCertificate

Example (Shared00)

To upload a server certificate to your AWS account The following upload-server-certificate command uploads a server certificate to your AWS account:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UploadServerCertificateInput{
		CertificateBody:       aws.String("-----BEGIN CERTIFICATE-----<a very long certificate text string>-----END CERTIFICATE-----"),
		Path:                  aws.String("/company/servercerts/"),
		PrivateKey:            aws.String("-----BEGIN DSA PRIVATE KEY-----<a very long private key string>-----END DSA PRIVATE KEY-----"),
		ServerCertificateName: aws.String("ProdServerCert"),
	}

	result, err := svc.UploadServerCertificate(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeMalformedCertificateException:
				fmt.Println(iam.ErrCodeMalformedCertificateException, aerr.Error())
			case iam.ErrCodeKeyPairMismatchException:
				fmt.Println(iam.ErrCodeKeyPairMismatchException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UploadServerCertificateRequest

func (c *IAM) UploadServerCertificateRequest(input *UploadServerCertificateInput) (req *request.Request, output *UploadServerCertificateOutput)

UploadServerCertificateRequest generates a "aws/request.Request" representing the client's request for the UploadServerCertificate operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UploadServerCertificate for more information on using the UploadServerCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UploadServerCertificateRequest method.
req, resp := client.UploadServerCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadServerCertificate

func (*IAM) UploadServerCertificateWithContext

func (c *IAM) UploadServerCertificateWithContext(ctx aws.Context, input *UploadServerCertificateInput, opts ...request.Option) (*UploadServerCertificateOutput, error)

UploadServerCertificateWithContext is the same as UploadServerCertificate with the addition of the ability to pass a context and additional request options.

See UploadServerCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UploadSigningCertificate

func (c *IAM) UploadSigningCertificate(input *UploadSigningCertificateInput) (*UploadSigningCertificateOutput, error)

UploadSigningCertificate API operation for AWS Identity and Access Management.

Uploads an X.509 signing certificate and associates it with the specified IAM user. Some Amazon Web Services services require you to use certificates to validate requests that are signed with a corresponding private key. When you upload the certificate, its default status is Active.

For information about when you would use an X.509 signing certificate, see Managing server certificates in IAM (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide.

If the UserName is not specified, the IAM user name is determined implicitly based on the Amazon Web Services access key ID used to sign the request. This operation works for access keys under the Amazon Web Services account. Consequently, you can use this operation to manage Amazon Web Services account root user credentials even if the Amazon Web Services account has no associated users.

Because the body of an X.509 certificate can be large, you should use POST rather than GET when calling UploadSigningCertificate. For information about setting up signatures and authorization through the API, see Signing Amazon Web Services API requests (https://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html) in the Amazon Web Services General Reference. For general information about using the Query API with IAM, see Making query requests (https://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UploadSigningCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeMalformedCertificateException "MalformedCertificate" The request was rejected because the certificate was malformed or expired. The error message describes the specific error.

  • ErrCodeInvalidCertificateException "InvalidCertificate" The request was rejected because the certificate is invalid.

  • ErrCodeDuplicateCertificateException "DuplicateCertificate" The request was rejected because the same certificate is associated with an IAM user in the account.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

  • ErrCodeConcurrentModificationException "ConcurrentModification" The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSigningCertificate

Example (Shared00)

To upload a signing certificate for an IAM user The following command uploads a signing certificate for the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UploadSigningCertificateInput{
		CertificateBody: aws.String("-----BEGIN CERTIFICATE-----<certificate-body>-----END CERTIFICATE-----"),
		UserName:        aws.String("Bob"),
	}

	result, err := svc.UploadSigningCertificate(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeMalformedCertificateException:
				fmt.Println(iam.ErrCodeMalformedCertificateException, aerr.Error())
			case iam.ErrCodeInvalidCertificateException:
				fmt.Println(iam.ErrCodeInvalidCertificateException, aerr.Error())
			case iam.ErrCodeDuplicateCertificateException:
				fmt.Println(iam.ErrCodeDuplicateCertificateException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeConcurrentModificationException:
				fmt.Println(iam.ErrCodeConcurrentModificationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UploadSigningCertificateRequest

func (c *IAM) UploadSigningCertificateRequest(input *UploadSigningCertificateInput) (req *request.Request, output *UploadSigningCertificateOutput)

UploadSigningCertificateRequest generates a "aws/request.Request" representing the client's request for the UploadSigningCertificate operation. The "output" return value will be populated with the request's response once the request completes successfully.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UploadSigningCertificate for more information on using the UploadSigningCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UploadSigningCertificateRequest method.
req, resp := client.UploadSigningCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSigningCertificate

func (*IAM) UploadSigningCertificateWithContext

func (c *IAM) UploadSigningCertificateWithContext(ctx aws.Context, input *UploadSigningCertificateInput, opts ...request.Option) (*UploadSigningCertificateOutput, error)

UploadSigningCertificateWithContext is the same as UploadSigningCertificate with the addition of the ability to pass a context and additional request options.

See UploadSigningCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) WaitUntilInstanceProfileExists

func (c *IAM) WaitUntilInstanceProfileExists(input *GetInstanceProfileInput) error

WaitUntilInstanceProfileExists uses the IAM API operation GetInstanceProfile to wait for a condition to be met before returning. If the condition is not met within the max attempt window, an error will be returned.

func (*IAM) WaitUntilInstanceProfileExistsWithContext

func (c *IAM) WaitUntilInstanceProfileExistsWithContext(ctx aws.Context, input *GetInstanceProfileInput, opts ...request.WaiterOption) error

WaitUntilInstanceProfileExistsWithContext is an extended version of WaitUntilInstanceProfileExists. With the support for passing in a context and options to configure the Waiter and the underlying request options.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) WaitUntilPolicyExists

func (c *IAM) WaitUntilPolicyExists(input *GetPolicyInput) error

WaitUntilPolicyExists uses the IAM API operation GetPolicy to wait for a condition to be met before returning. If the condition is not met within the max attempt window, an error will be returned.

func (*IAM) WaitUntilPolicyExistsWithContext

func (c *IAM) WaitUntilPolicyExistsWithContext(ctx aws.Context, input *GetPolicyInput, opts ...request.WaiterOption) error

WaitUntilPolicyExistsWithContext is an extended version of WaitUntilPolicyExists. With the support for passing in a context and options to configure the Waiter and the underlying request options.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) WaitUntilRoleExists

func (c *IAM) WaitUntilRoleExists(input *GetRoleInput) error

WaitUntilRoleExists uses the IAM API operation GetRole to wait for a condition to be met before returning. If the condition is not met within the max attempt window, an error will be returned.

func (*IAM) WaitUntilRoleExistsWithContext

func (c *IAM) WaitUntilRoleExistsWithContext(ctx aws.Context, input *GetRoleInput, opts ...request.WaiterOption) error

WaitUntilRoleExistsWithContext is an extended version of WaitUntilRoleExists. With the support for passing in a context and options to configure the Waiter and the underlying request options.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) WaitUntilUserExists

func (c *IAM) WaitUntilUserExists(input *GetUserInput) error

WaitUntilUserExists uses the IAM API operation GetUser to wait for a condition to be met before returning. If the condition is not met within the max attempt window, an error will be returned.

func (*IAM) WaitUntilUserExistsWithContext

func (c *IAM) WaitUntilUserExistsWithContext(ctx aws.Context, input *GetUserInput, opts ...request.WaiterOption) error

WaitUntilUserExistsWithContext is an extended version of WaitUntilUserExists. With the support for passing in a context and options to configure the Waiter and the underlying request options.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

type InstanceProfile

type InstanceProfile struct {

	// The Amazon Resource Name (ARN) specifying the instance profile. For more
	// information about ARNs and how to use them in policies, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The date when the instance profile was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" required:"true"`

	// The stable and unique string identifying the instance profile. For more information
	// about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// InstanceProfileId is a required field
	InstanceProfileId *string `min:"16" type:"string" required:"true"`

	// The name identifying the instance profile.
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`

	// The path to the instance profile. For more information about paths, see IAM
	// identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`

	// The role associated with the instance profile.
	//
	// Roles is a required field
	Roles []*Role `type:"list" required:"true"`

	// A list of tags that are attached to the instance profile. For more information
	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	Tags []*Tag `type:"list"`
	// contains filtered or unexported fields
}

Contains information about an instance profile.

This data type is used as a response element in the following operations:

  • CreateInstanceProfile

  • GetInstanceProfile

  • ListInstanceProfiles

  • ListInstanceProfilesForRole

func (InstanceProfile) GoString

func (s InstanceProfile) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*InstanceProfile) SetArn

func (s *InstanceProfile) SetArn(v string) *InstanceProfile

SetArn sets the Arn field's value.

func (*InstanceProfile) SetCreateDate

func (s *InstanceProfile) SetCreateDate(v time.Time) *InstanceProfile

SetCreateDate sets the CreateDate field's value.

func (*InstanceProfile) SetInstanceProfileId

func (s *InstanceProfile) SetInstanceProfileId(v string) *InstanceProfile

SetInstanceProfileId sets the InstanceProfileId field's value.

func (*InstanceProfile) SetInstanceProfileName

func (s *InstanceProfile) SetInstanceProfileName(v string) *InstanceProfile

SetInstanceProfileName sets the InstanceProfileName field's value.

func (*InstanceProfile) SetPath

func (s *InstanceProfile) SetPath(v string) *InstanceProfile

SetPath sets the Path field's value.

func (*InstanceProfile) SetRoles

func (s *InstanceProfile) SetRoles(v []*Role) *InstanceProfile

SetRoles sets the Roles field's value.

func (*InstanceProfile) SetTags

func (s *InstanceProfile) SetTags(v []*Tag) *InstanceProfile

SetTags sets the Tags field's value.

func (InstanceProfile) String

func (s InstanceProfile) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListAccessKeysInput

type ListAccessKeysInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the user.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListAccessKeysInput) GoString

func (s ListAccessKeysInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListAccessKeysInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListAccessKeysInput) SetMaxItems

func (s *ListAccessKeysInput) SetMaxItems(v int64) *ListAccessKeysInput

SetMaxItems sets the MaxItems field's value.

func (*ListAccessKeysInput) SetUserName

func (s *ListAccessKeysInput) SetUserName(v string) *ListAccessKeysInput

SetUserName sets the UserName field's value.

func (ListAccessKeysInput) String

func (s ListAccessKeysInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListAccessKeysInput) Validate

func (s *ListAccessKeysInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAccessKeysOutput

type ListAccessKeysOutput struct {

	// A list of objects containing metadata about the access keys.
	//
	// AccessKeyMetadata is a required field
	AccessKeyMetadata []*AccessKeyMetadata `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAccessKeys request.

func (ListAccessKeysOutput) GoString

func (s ListAccessKeysOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListAccessKeysOutput) SetAccessKeyMetadata

func (s *ListAccessKeysOutput) SetAccessKeyMetadata(v []*AccessKeyMetadata) *ListAccessKeysOutput

SetAccessKeyMetadata sets the AccessKeyMetadata field's value.

func (*ListAccessKeysOutput) SetIsTruncated

func (s *ListAccessKeysOutput) SetIsTruncated(v bool) *ListAccessKeysOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListAccessKeysOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListAccessKeysOutput) String

func (s ListAccessKeysOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListAccountAliasesInput

type ListAccountAliasesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (ListAccountAliasesInput) GoString

func (s ListAccountAliasesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListAccountAliasesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListAccountAliasesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (ListAccountAliasesInput) String

func (s ListAccountAliasesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListAccountAliasesInput) Validate

func (s *ListAccountAliasesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAccountAliasesOutput

type ListAccountAliasesOutput struct {

	// A list of aliases associated with the account. Amazon Web Services supports
	// only one alias per account.
	//
	// AccountAliases is a required field
	AccountAliases []*string `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAccountAliases request.

func (ListAccountAliasesOutput) GoString

func (s ListAccountAliasesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListAccountAliasesOutput) SetAccountAliases

func (s *ListAccountAliasesOutput) SetAccountAliases(v []*string) *ListAccountAliasesOutput

SetAccountAliases sets the AccountAliases field's value.

func (*ListAccountAliasesOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListAccountAliasesOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListAccountAliasesOutput) String

func (s ListAccountAliasesOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListAttachedGroupPoliciesInput

type ListAttachedGroupPoliciesInput struct {

	// The name (friendly name, not ARN) of the group to list attached policies
	// for.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all policies.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListAttachedGroupPoliciesInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListAttachedGroupPoliciesInput) SetGroupName

SetGroupName sets the GroupName field's value.

func (*ListAttachedGroupPoliciesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListAttachedGroupPoliciesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListAttachedGroupPoliciesInput) SetPathPrefix

SetPathPrefix sets the PathPrefix field's value.

func (ListAttachedGroupPoliciesInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListAttachedGroupPoliciesInput) Validate

func (s *ListAttachedGroupPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAttachedGroupPoliciesOutput

type ListAttachedGroupPoliciesOutput struct {

	// A list of the attached policies.
	AttachedPolicies []*AttachedPolicy `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAttachedGroupPolicies request.

func (ListAttachedGroupPoliciesOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListAttachedGroupPoliciesOutput) SetAttachedPolicies

SetAttachedPolicies sets the AttachedPolicies field's value.

func (*ListAttachedGroupPoliciesOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListAttachedGroupPoliciesOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListAttachedGroupPoliciesOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListAttachedRolePoliciesInput

type ListAttachedRolePoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all policies.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `min:"1" type:"string"`

	// The name (friendly name, not ARN) of the role to list attached policies for.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListAttachedRolePoliciesInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListAttachedRolePoliciesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListAttachedRolePoliciesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListAttachedRolePoliciesInput) SetPathPrefix

SetPathPrefix sets the PathPrefix field's value.

func (*ListAttachedRolePoliciesInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (ListAttachedRolePoliciesInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListAttachedRolePoliciesInput) Validate

func (s *ListAttachedRolePoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAttachedRolePoliciesOutput

type ListAttachedRolePoliciesOutput struct {

	// A list of the attached policies.
	AttachedPolicies []*AttachedPolicy `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAttachedRolePolicies request.

func (ListAttachedRolePoliciesOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListAttachedRolePoliciesOutput) SetAttachedPolicies

SetAttachedPolicies sets the AttachedPolicies field's value.

func (*ListAttachedRolePoliciesOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListAttachedRolePoliciesOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListAttachedRolePoliciesOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListAttachedUserPoliciesInput

type ListAttachedUserPoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all policies.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `min:"1" type:"string"`

	// The name (friendly name, not ARN) of the user to list attached policies for.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListAttachedUserPoliciesInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListAttachedUserPoliciesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListAttachedUserPoliciesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListAttachedUserPoliciesInput) SetPathPrefix

SetPathPrefix sets the PathPrefix field's value.

func (*ListAttachedUserPoliciesInput) SetUserName

SetUserName sets the UserName field's value.

func (ListAttachedUserPoliciesInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListAttachedUserPoliciesInput) Validate

func (s *ListAttachedUserPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAttachedUserPoliciesOutput

type ListAttachedUserPoliciesOutput struct {

	// A list of the attached policies.
	AttachedPolicies []*AttachedPolicy `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAttachedUserPolicies request.

func (ListAttachedUserPoliciesOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListAttachedUserPoliciesOutput) SetAttachedPolicies

SetAttachedPolicies sets the AttachedPolicies field's value.

func (*ListAttachedUserPoliciesOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListAttachedUserPoliciesOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListAttachedUserPoliciesOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListEntitiesForPolicyInput

type ListEntitiesForPolicyInput struct {

	// The entity type to use for filtering the results.
	//
	// For example, when EntityFilter is Role, only the roles that are attached
	// to the specified policy are returned. This parameter is optional. If it is
	// not included, all attached entities (users, groups, and roles) are returned.
	// The argument for this parameter must be one of the valid values listed below.
	EntityFilter *string `type:"string" enum:"EntityType"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all entities.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `min:"1" type:"string"`

	// The Amazon Resource Name (ARN) of the IAM policy for which you want the versions.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The policy usage method to use for filtering the results.
	//
	// To list only permissions policies, set PolicyUsageFilter to PermissionsPolicy.
	// To list only the policies used to set permissions boundaries, set the value
	// to PermissionsBoundary.
	//
	// This parameter is optional. If it is not included, all policies are returned.
	PolicyUsageFilter *string `type:"string" enum:"PolicyUsageType"`
	// contains filtered or unexported fields
}

func (ListEntitiesForPolicyInput) GoString

func (s ListEntitiesForPolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListEntitiesForPolicyInput) SetEntityFilter

SetEntityFilter sets the EntityFilter field's value.

func (*ListEntitiesForPolicyInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListEntitiesForPolicyInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListEntitiesForPolicyInput) SetPathPrefix

SetPathPrefix sets the PathPrefix field's value.

func (*ListEntitiesForPolicyInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (*ListEntitiesForPolicyInput) SetPolicyUsageFilter

func (s *ListEntitiesForPolicyInput) SetPolicyUsageFilter(v string) *ListEntitiesForPolicyInput

SetPolicyUsageFilter sets the PolicyUsageFilter field's value.

func (ListEntitiesForPolicyInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListEntitiesForPolicyInput) Validate

func (s *ListEntitiesForPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListEntitiesForPolicyOutput

type ListEntitiesForPolicyOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of IAM groups that the policy is attached to.
	PolicyGroups []*PolicyGroup `type:"list"`

	// A list of IAM roles that the policy is attached to.
	PolicyRoles []*PolicyRole `type:"list"`

	// A list of IAM users that the policy is attached to.
	PolicyUsers []*PolicyUser `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListEntitiesForPolicy request.

func (ListEntitiesForPolicyOutput) GoString

func (s ListEntitiesForPolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListEntitiesForPolicyOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListEntitiesForPolicyOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListEntitiesForPolicyOutput) SetPolicyGroups

SetPolicyGroups sets the PolicyGroups field's value.

func (*ListEntitiesForPolicyOutput) SetPolicyRoles

SetPolicyRoles sets the PolicyRoles field's value.

func (*ListEntitiesForPolicyOutput) SetPolicyUsers

SetPolicyUsers sets the PolicyUsers field's value.

func (ListEntitiesForPolicyOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListGroupPoliciesInput

type ListGroupPoliciesInput struct {

	// The name of the group to list policies for.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (ListGroupPoliciesInput) GoString

func (s ListGroupPoliciesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListGroupPoliciesInput) SetGroupName

SetGroupName sets the GroupName field's value.

func (*ListGroupPoliciesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListGroupPoliciesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (ListGroupPoliciesInput) String

func (s ListGroupPoliciesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListGroupPoliciesInput) Validate

func (s *ListGroupPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListGroupPoliciesOutput

type ListGroupPoliciesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of policy names.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyNames is a required field
	PolicyNames []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListGroupPolicies request.

func (ListGroupPoliciesOutput) GoString

func (s ListGroupPoliciesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListGroupPoliciesOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListGroupPoliciesOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListGroupPoliciesOutput) SetPolicyNames

func (s *ListGroupPoliciesOutput) SetPolicyNames(v []*string) *ListGroupPoliciesOutput

SetPolicyNames sets the PolicyNames field's value.

func (ListGroupPoliciesOutput) String

func (s ListGroupPoliciesOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListGroupsForUserInput

type ListGroupsForUserInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the user to list groups for.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListGroupsForUserInput) GoString

func (s ListGroupsForUserInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListGroupsForUserInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListGroupsForUserInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListGroupsForUserInput) SetUserName

SetUserName sets the UserName field's value.

func (ListGroupsForUserInput) String

func (s ListGroupsForUserInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListGroupsForUserInput) Validate

func (s *ListGroupsForUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListGroupsForUserOutput

type ListGroupsForUserOutput struct {

	// A list of groups.
	//
	// Groups is a required field
	Groups []*Group `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListGroupsForUser request.

func (ListGroupsForUserOutput) GoString

func (s ListGroupsForUserOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListGroupsForUserOutput) SetGroups

SetGroups sets the Groups field's value.

func (*ListGroupsForUserOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListGroupsForUserOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListGroupsForUserOutput) String

func (s ListGroupsForUserOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListGroupsInput

type ListGroupsInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example, the prefix /division_abc/subdivision_xyz/
	// gets all groups whose path starts with /division_abc/subdivision_xyz/.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all groups. This parameter allows (through its regex pattern
	// (http://wikipedia.org/wiki/regex)) a string of characters consisting of either
	// a forward slash (/) by itself or a string that must begin and end with forward
	// slashes. In addition, it can contain any ASCII character from the ! (\u0021)
	// through the DEL character (\u007F), including most punctuation characters,
	// digits, and upper and lowercased letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListGroupsInput) GoString

func (s ListGroupsInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListGroupsInput) SetMarker

func (s *ListGroupsInput) SetMarker(v string) *ListGroupsInput

SetMarker sets the Marker field's value.

func (*ListGroupsInput) SetMaxItems

func (s *ListGroupsInput) SetMaxItems(v int64) *ListGroupsInput

SetMaxItems sets the MaxItems field's value.

func (*ListGroupsInput) SetPathPrefix

func (s *ListGroupsInput) SetPathPrefix(v string) *ListGroupsInput

SetPathPrefix sets the PathPrefix field's value.

func (ListGroupsInput) String

func (s ListGroupsInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListGroupsInput) Validate

func (s *ListGroupsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListGroupsOutput

type ListGroupsOutput struct {

	// A list of groups.
	//
	// Groups is a required field
	Groups []*Group `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListGroups request.

func (ListGroupsOutput) GoString

func (s ListGroupsOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListGroupsOutput) SetGroups

func (s *ListGroupsOutput) SetGroups(v []*Group) *ListGroupsOutput

SetGroups sets the Groups field's value.

func (*ListGroupsOutput) SetIsTruncated

func (s *ListGroupsOutput) SetIsTruncated(v bool) *ListGroupsOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListGroupsOutput) SetMarker

func (s *ListGroupsOutput) SetMarker(v string) *ListGroupsOutput

SetMarker sets the Marker field's value.

func (ListGroupsOutput) String

func (s ListGroupsOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListInstanceProfileTagsInput

type ListInstanceProfileTagsInput struct {

	// The name of the IAM instance profile whose tags you want to see.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (ListInstanceProfileTagsInput) GoString

func (s ListInstanceProfileTagsInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListInstanceProfileTagsInput) SetInstanceProfileName

SetInstanceProfileName sets the InstanceProfileName field's value.

func (*ListInstanceProfileTagsInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListInstanceProfileTagsInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (ListInstanceProfileTagsInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListInstanceProfileTagsInput) Validate

func (s *ListInstanceProfileTagsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListInstanceProfileTagsOutput

type ListInstanceProfileTagsOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// The list of tags that are currently attached to the IAM instance profile.
	// Each tag consists of a key name and an associated value. If no tags are attached
	// to the specified resource, the response contains an empty list.
	//
	// Tags is a required field
	Tags []*Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListInstanceProfileTagsOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListInstanceProfileTagsOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListInstanceProfileTagsOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListInstanceProfileTagsOutput) SetTags

SetTags sets the Tags field's value.

func (ListInstanceProfileTagsOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListInstanceProfilesForRoleInput

type ListInstanceProfilesForRoleInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the role to list instance profiles for.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListInstanceProfilesForRoleInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListInstanceProfilesForRoleInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListInstanceProfilesForRoleInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListInstanceProfilesForRoleInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (ListInstanceProfilesForRoleInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListInstanceProfilesForRoleInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type ListInstanceProfilesForRoleOutput

type ListInstanceProfilesForRoleOutput struct {

	// A list of instance profiles.
	//
	// InstanceProfiles is a required field
	InstanceProfiles []*InstanceProfile `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListInstanceProfilesForRole request.

func (ListInstanceProfilesForRoleOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListInstanceProfilesForRoleOutput) SetInstanceProfiles

SetInstanceProfiles sets the InstanceProfiles field's value.

func (*ListInstanceProfilesForRoleOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListInstanceProfilesForRoleOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListInstanceProfilesForRoleOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListInstanceProfilesInput

type ListInstanceProfilesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example, the prefix /application_abc/component_xyz/
	// gets all instance profiles whose path starts with /application_abc/component_xyz/.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all instance profiles. This parameter allows (through its regex
	// pattern (http://wikipedia.org/wiki/regex)) a string of characters consisting
	// of either a forward slash (/) by itself or a string that must begin and end
	// with forward slashes. In addition, it can contain any ASCII character from
	// the ! (\u0021) through the DEL character (\u007F), including most punctuation
	// characters, digits, and upper and lowercased letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListInstanceProfilesInput) GoString

func (s ListInstanceProfilesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListInstanceProfilesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListInstanceProfilesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListInstanceProfilesInput) SetPathPrefix

SetPathPrefix sets the PathPrefix field's value.

func (ListInstanceProfilesInput) String

func (s ListInstanceProfilesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListInstanceProfilesInput) Validate

func (s *ListInstanceProfilesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListInstanceProfilesOutput

type ListInstanceProfilesOutput struct {

	// A list of instance profiles.
	//
	// InstanceProfiles is a required field
	InstanceProfiles []*InstanceProfile `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListInstanceProfiles request.

func (ListInstanceProfilesOutput) GoString

func (s ListInstanceProfilesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListInstanceProfilesOutput) SetInstanceProfiles

SetInstanceProfiles sets the InstanceProfiles field's value.

func (*ListInstanceProfilesOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListInstanceProfilesOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListInstanceProfilesOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListMFADeviceTagsInput

type ListMFADeviceTagsInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The unique identifier for the IAM virtual MFA device whose tags you want
	// to see. For virtual MFA devices, the serial number is the same as the ARN.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListMFADeviceTagsInput) GoString

func (s ListMFADeviceTagsInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListMFADeviceTagsInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListMFADeviceTagsInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListMFADeviceTagsInput) SetSerialNumber

func (s *ListMFADeviceTagsInput) SetSerialNumber(v string) *ListMFADeviceTagsInput

SetSerialNumber sets the SerialNumber field's value.

func (ListMFADeviceTagsInput) String

func (s ListMFADeviceTagsInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListMFADeviceTagsInput) Validate

func (s *ListMFADeviceTagsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListMFADeviceTagsOutput

type ListMFADeviceTagsOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// The list of tags that are currently attached to the virtual MFA device. Each
	// tag consists of a key name and an associated value. If no tags are attached
	// to the specified resource, the response contains an empty list.
	//
	// Tags is a required field
	Tags []*Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListMFADeviceTagsOutput) GoString

func (s ListMFADeviceTagsOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListMFADeviceTagsOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListMFADeviceTagsOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListMFADeviceTagsOutput) SetTags

SetTags sets the Tags field's value.

func (ListMFADeviceTagsOutput) String

func (s ListMFADeviceTagsOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListMFADevicesInput

type ListMFADevicesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the user whose MFA devices you want to list.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListMFADevicesInput) GoString

func (s ListMFADevicesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListMFADevicesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListMFADevicesInput) SetMaxItems

func (s *ListMFADevicesInput) SetMaxItems(v int64) *ListMFADevicesInput

SetMaxItems sets the MaxItems field's value.

func (*ListMFADevicesInput) SetUserName

func (s *ListMFADevicesInput) SetUserName(v string) *ListMFADevicesInput

SetUserName sets the UserName field's value.

func (ListMFADevicesInput) String

func (s ListMFADevicesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListMFADevicesInput) Validate

func (s *ListMFADevicesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListMFADevicesOutput

type ListMFADevicesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// A list of MFA devices.
	//
	// MFADevices is a required field
	MFADevices []*MFADevice `type:"list" required:"true"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListMFADevices request.

func (ListMFADevicesOutput) GoString

func (s ListMFADevicesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListMFADevicesOutput) SetIsTruncated

func (s *ListMFADevicesOutput) SetIsTruncated(v bool) *ListMFADevicesOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListMFADevicesOutput) SetMFADevices

func (s *ListMFADevicesOutput) SetMFADevices(v []*MFADevice) *ListMFADevicesOutput

SetMFADevices sets the MFADevices field's value.

func (*ListMFADevicesOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListMFADevicesOutput) String

func (s ListMFADevicesOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListOpenIDConnectProviderTagsInput

type ListOpenIDConnectProviderTagsInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The ARN of the OpenID Connect (OIDC) identity provider whose tags you want
	// to see.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListOpenIDConnectProviderTagsInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListOpenIDConnectProviderTagsInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListOpenIDConnectProviderTagsInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListOpenIDConnectProviderTagsInput) SetOpenIDConnectProviderArn

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (ListOpenIDConnectProviderTagsInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListOpenIDConnectProviderTagsInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type ListOpenIDConnectProviderTagsOutput

type ListOpenIDConnectProviderTagsOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// The list of tags that are currently attached to the OpenID Connect (OIDC)
	// identity provider. Each tag consists of a key name and an associated value.
	// If no tags are attached to the specified resource, the response contains
	// an empty list.
	//
	// Tags is a required field
	Tags []*Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListOpenIDConnectProviderTagsOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListOpenIDConnectProviderTagsOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListOpenIDConnectProviderTagsOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListOpenIDConnectProviderTagsOutput) SetTags

SetTags sets the Tags field's value.

func (ListOpenIDConnectProviderTagsOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListOpenIDConnectProvidersInput

type ListOpenIDConnectProvidersInput struct {
	// contains filtered or unexported fields
}

func (ListOpenIDConnectProvidersInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (ListOpenIDConnectProvidersInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListOpenIDConnectProvidersOutput

type ListOpenIDConnectProvidersOutput struct {

	// The list of IAM OIDC provider resource objects defined in the Amazon Web
	// Services account.
	OpenIDConnectProviderList []*OpenIDConnectProviderListEntry `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListOpenIDConnectProviders request.

func (ListOpenIDConnectProvidersOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListOpenIDConnectProvidersOutput) SetOpenIDConnectProviderList

SetOpenIDConnectProviderList sets the OpenIDConnectProviderList field's value.

func (ListOpenIDConnectProvidersOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListPoliciesGrantingServiceAccessEntry

type ListPoliciesGrantingServiceAccessEntry struct {

	// The PoliciesGrantingServiceAccess object that contains details about the
	// policy.
	Policies []*PolicyGrantingServiceAccess `type:"list"`

	// The namespace of the service that was accessed.
	//
	// To learn the service namespace of a service, see Actions, resources, and
	// condition keys for Amazon Web Services services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
	// in the Service Authorization Reference. Choose the name of the service to
	// view details for that service. In the first paragraph, find the service prefix.
	// For example, (service prefix: a4b). For more information about service namespaces,
	// see Amazon Web Services service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
	// in the Amazon Web Services General Reference.
	ServiceNamespace *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains details about the permissions policies that are attached to the specified identity (user, group, or role).

This data type is used as a response element in the ListPoliciesGrantingServiceAccess operation.

func (ListPoliciesGrantingServiceAccessEntry) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPoliciesGrantingServiceAccessEntry) SetPolicies

SetPolicies sets the Policies field's value.

func (*ListPoliciesGrantingServiceAccessEntry) SetServiceNamespace

SetServiceNamespace sets the ServiceNamespace field's value.

func (ListPoliciesGrantingServiceAccessEntry) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListPoliciesGrantingServiceAccessInput

type ListPoliciesGrantingServiceAccessInput struct {

	// The ARN of the IAM identity (user, group, or role) whose policies you want
	// to list.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// The service namespace for the Amazon Web Services services whose policies
	// you want to list.
	//
	// To learn the service namespace for a service, see Actions, resources, and
	// condition keys for Amazon Web Services services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
	// in the IAM User Guide. Choose the name of the service to view details for
	// that service. In the first paragraph, find the service prefix. For example,
	// (service prefix: a4b). For more information about service namespaces, see
	// Amazon Web Services service namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
	// in the Amazon Web Services General Reference.
	//
	// ServiceNamespaces is a required field
	ServiceNamespaces []*string `min:"1" type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListPoliciesGrantingServiceAccessInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPoliciesGrantingServiceAccessInput) SetArn

SetArn sets the Arn field's value.

func (*ListPoliciesGrantingServiceAccessInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListPoliciesGrantingServiceAccessInput) SetServiceNamespaces

SetServiceNamespaces sets the ServiceNamespaces field's value.

func (ListPoliciesGrantingServiceAccessInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPoliciesGrantingServiceAccessInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type ListPoliciesGrantingServiceAccessOutput

type ListPoliciesGrantingServiceAccessOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. We recommend that you check IsTruncated
	// after every call to ensure that you receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A ListPoliciesGrantingServiceAccess object that contains details about the
	// permissions policies attached to the specified identity (user, group, or
	// role).
	//
	// PoliciesGrantingServiceAccess is a required field
	PoliciesGrantingServiceAccess []*ListPoliciesGrantingServiceAccessEntry `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListPoliciesGrantingServiceAccessOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPoliciesGrantingServiceAccessOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListPoliciesGrantingServiceAccessOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListPoliciesGrantingServiceAccessOutput) SetPoliciesGrantingServiceAccess

SetPoliciesGrantingServiceAccess sets the PoliciesGrantingServiceAccess field's value.

func (ListPoliciesGrantingServiceAccessOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListPoliciesInput

type ListPoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// A flag to filter the results to only the attached policies.
	//
	// When OnlyAttached is true, the returned list contains only the policies that
	// are attached to an IAM user, group, or role. When OnlyAttached is false,
	// or when the parameter is not included, all policies are returned.
	OnlyAttached *bool `type:"boolean"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all policies. This
	// parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `min:"1" type:"string"`

	// The policy usage method to use for filtering the results.
	//
	// To list only permissions policies, set PolicyUsageFilter to PermissionsPolicy.
	// To list only the policies used to set permissions boundaries, set the value
	// to PermissionsBoundary.
	//
	// This parameter is optional. If it is not included, all policies are returned.
	PolicyUsageFilter *string `type:"string" enum:"PolicyUsageType"`

	// The scope to use for filtering the results.
	//
	// To list only Amazon Web Services managed policies, set Scope to AWS. To list
	// only the customer managed policies in your Amazon Web Services account, set
	// Scope to Local.
	//
	// This parameter is optional. If it is not included, or if it is set to All,
	// all policies are returned.
	Scope *string `type:"string" enum:"PolicyScopeType"`
	// contains filtered or unexported fields
}

func (ListPoliciesInput) GoString

func (s ListPoliciesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPoliciesInput) SetMarker

func (s *ListPoliciesInput) SetMarker(v string) *ListPoliciesInput

SetMarker sets the Marker field's value.

func (*ListPoliciesInput) SetMaxItems

func (s *ListPoliciesInput) SetMaxItems(v int64) *ListPoliciesInput

SetMaxItems sets the MaxItems field's value.

func (*ListPoliciesInput) SetOnlyAttached

func (s *ListPoliciesInput) SetOnlyAttached(v bool) *ListPoliciesInput

SetOnlyAttached sets the OnlyAttached field's value.

func (*ListPoliciesInput) SetPathPrefix

func (s *ListPoliciesInput) SetPathPrefix(v string) *ListPoliciesInput

SetPathPrefix sets the PathPrefix field's value.

func (*ListPoliciesInput) SetPolicyUsageFilter

func (s *ListPoliciesInput) SetPolicyUsageFilter(v string) *ListPoliciesInput

SetPolicyUsageFilter sets the PolicyUsageFilter field's value.

func (*ListPoliciesInput) SetScope

func (s *ListPoliciesInput) SetScope(v string) *ListPoliciesInput

SetScope sets the Scope field's value.

func (ListPoliciesInput) String

func (s ListPoliciesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPoliciesInput) Validate

func (s *ListPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListPoliciesOutput

type ListPoliciesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of policies.
	Policies []*Policy `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListPolicies request.

func (ListPoliciesOutput) GoString

func (s ListPoliciesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPoliciesOutput) SetIsTruncated

func (s *ListPoliciesOutput) SetIsTruncated(v bool) *ListPoliciesOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListPoliciesOutput) SetMarker

func (s *ListPoliciesOutput) SetMarker(v string) *ListPoliciesOutput

SetMarker sets the Marker field's value.

func (*ListPoliciesOutput) SetPolicies

func (s *ListPoliciesOutput) SetPolicies(v []*Policy) *ListPoliciesOutput

SetPolicies sets the Policies field's value.

func (ListPoliciesOutput) String

func (s ListPoliciesOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListPolicyTagsInput

type ListPolicyTagsInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The ARN of the IAM customer managed policy whose tags you want to see.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListPolicyTagsInput) GoString

func (s ListPolicyTagsInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPolicyTagsInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListPolicyTagsInput) SetMaxItems

func (s *ListPolicyTagsInput) SetMaxItems(v int64) *ListPolicyTagsInput

SetMaxItems sets the MaxItems field's value.

func (*ListPolicyTagsInput) SetPolicyArn

func (s *ListPolicyTagsInput) SetPolicyArn(v string) *ListPolicyTagsInput

SetPolicyArn sets the PolicyArn field's value.

func (ListPolicyTagsInput) String

func (s ListPolicyTagsInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPolicyTagsInput) Validate

func (s *ListPolicyTagsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListPolicyTagsOutput

type ListPolicyTagsOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// The list of tags that are currently attached to the IAM customer managed
	// policy. Each tag consists of a key name and an associated value. If no tags
	// are attached to the specified resource, the response contains an empty list.
	//
	// Tags is a required field
	Tags []*Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListPolicyTagsOutput) GoString

func (s ListPolicyTagsOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPolicyTagsOutput) SetIsTruncated

func (s *ListPolicyTagsOutput) SetIsTruncated(v bool) *ListPolicyTagsOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListPolicyTagsOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListPolicyTagsOutput) SetTags

func (s *ListPolicyTagsOutput) SetTags(v []*Tag) *ListPolicyTagsOutput

SetTags sets the Tags field's value.

func (ListPolicyTagsOutput) String

func (s ListPolicyTagsOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListPolicyVersionsInput

type ListPolicyVersionsInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The Amazon Resource Name (ARN) of the IAM policy for which you want the versions.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListPolicyVersionsInput) GoString

func (s ListPolicyVersionsInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPolicyVersionsInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListPolicyVersionsInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListPolicyVersionsInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (ListPolicyVersionsInput) String

func (s ListPolicyVersionsInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPolicyVersionsInput) Validate

func (s *ListPolicyVersionsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListPolicyVersionsOutput

type ListPolicyVersionsOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of policy versions.
	//
	// For more information about managed policy versions, see Versioning for managed
	// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the IAM User Guide.
	Versions []*PolicyVersion `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListPolicyVersions request.

func (ListPolicyVersionsOutput) GoString

func (s ListPolicyVersionsOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListPolicyVersionsOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListPolicyVersionsOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListPolicyVersionsOutput) SetVersions

SetVersions sets the Versions field's value.

func (ListPolicyVersionsOutput) String

func (s ListPolicyVersionsOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListRolePoliciesInput

type ListRolePoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the role to list policies for.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListRolePoliciesInput) GoString

func (s ListRolePoliciesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListRolePoliciesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListRolePoliciesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListRolePoliciesInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (ListRolePoliciesInput) String

func (s ListRolePoliciesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListRolePoliciesInput) Validate

func (s *ListRolePoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListRolePoliciesOutput

type ListRolePoliciesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of policy names.
	//
	// PolicyNames is a required field
	PolicyNames []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListRolePolicies request.

func (ListRolePoliciesOutput) GoString

func (s ListRolePoliciesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListRolePoliciesOutput) SetIsTruncated

func (s *ListRolePoliciesOutput) SetIsTruncated(v bool) *ListRolePoliciesOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListRolePoliciesOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListRolePoliciesOutput) SetPolicyNames

func (s *ListRolePoliciesOutput) SetPolicyNames(v []*string) *ListRolePoliciesOutput

SetPolicyNames sets the PolicyNames field's value.

func (ListRolePoliciesOutput) String

func (s ListRolePoliciesOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListRoleTagsInput

type ListRoleTagsInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the IAM role for which you want to see the list of tags.
	//
	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that consist of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListRoleTagsInput) GoString

func (s ListRoleTagsInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListRoleTagsInput) SetMarker

func (s *ListRoleTagsInput) SetMarker(v string) *ListRoleTagsInput

SetMarker sets the Marker field's value.

func (*ListRoleTagsInput) SetMaxItems

func (s *ListRoleTagsInput) SetMaxItems(v int64) *ListRoleTagsInput

SetMaxItems sets the MaxItems field's value.

func (*ListRoleTagsInput) SetRoleName

func (s *ListRoleTagsInput) SetRoleName(v string) *ListRoleTagsInput

SetRoleName sets the RoleName field's value.

func (ListRoleTagsInput) String

func (s ListRoleTagsInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListRoleTagsInput) Validate

func (s *ListRoleTagsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListRoleTagsOutput

type ListRoleTagsOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// The list of tags that are currently attached to the role. Each tag consists
	// of a key name and an associated value. If no tags are attached to the specified
	// resource, the response contains an empty list.
	//
	// Tags is a required field
	Tags []*Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListRoleTagsOutput) GoString

func (s ListRoleTagsOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListRoleTagsOutput) SetIsTruncated

func (s *ListRoleTagsOutput) SetIsTruncated(v bool) *ListRoleTagsOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListRoleTagsOutput) SetMarker

func (s *ListRoleTagsOutput) SetMarker(v string) *ListRoleTagsOutput

SetMarker sets the Marker field's value.

func (*ListRoleTagsOutput) SetTags

func (s *ListRoleTagsOutput) SetTags(v []*Tag) *ListRoleTagsOutput

SetTags sets the Tags field's value.

func (ListRoleTagsOutput) String

func (s ListRoleTagsOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListRolesInput

type ListRolesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example, the prefix /application_abc/component_xyz/
	// gets all roles whose path starts with /application_abc/component_xyz/.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all roles. This parameter allows (through its regex pattern
	// (http://wikipedia.org/wiki/regex)) a string of characters consisting of either
	// a forward slash (/) by itself or a string that must begin and end with forward
	// slashes. In addition, it can contain any ASCII character from the ! (\u0021)
	// through the DEL character (\u007F), including most punctuation characters,
	// digits, and upper and lowercased letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListRolesInput) GoString

func (s ListRolesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListRolesInput) SetMarker

func (s *ListRolesInput) SetMarker(v string) *ListRolesInput

SetMarker sets the Marker field's value.

func (*ListRolesInput) SetMaxItems

func (s *ListRolesInput) SetMaxItems(v int64) *ListRolesInput

SetMaxItems sets the MaxItems field's value.

func (*ListRolesInput) SetPathPrefix

func (s *ListRolesInput) SetPathPrefix(v string) *ListRolesInput

SetPathPrefix sets the PathPrefix field's value.

func (ListRolesInput) String

func (s ListRolesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListRolesInput) Validate

func (s *ListRolesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListRolesOutput

type ListRolesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of roles.
	//
	// Roles is a required field
	Roles []*Role `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListRoles request.

func (ListRolesOutput) GoString

func (s ListRolesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListRolesOutput) SetIsTruncated

func (s *ListRolesOutput) SetIsTruncated(v bool) *ListRolesOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListRolesOutput) SetMarker

func (s *ListRolesOutput) SetMarker(v string) *ListRolesOutput

SetMarker sets the Marker field's value.

func (*ListRolesOutput) SetRoles

func (s *ListRolesOutput) SetRoles(v []*Role) *ListRolesOutput

SetRoles sets the Roles field's value.

func (ListRolesOutput) String

func (s ListRolesOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListSAMLProviderTagsInput

type ListSAMLProviderTagsInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The ARN of the Security Assertion Markup Language (SAML) identity provider
	// whose tags you want to see.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// SAMLProviderArn is a required field
	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListSAMLProviderTagsInput) GoString

func (s ListSAMLProviderTagsInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListSAMLProviderTagsInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListSAMLProviderTagsInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListSAMLProviderTagsInput) SetSAMLProviderArn

SetSAMLProviderArn sets the SAMLProviderArn field's value.

func (ListSAMLProviderTagsInput) String

func (s ListSAMLProviderTagsInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListSAMLProviderTagsInput) Validate

func (s *ListSAMLProviderTagsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListSAMLProviderTagsOutput

type ListSAMLProviderTagsOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// The list of tags that are currently attached to the Security Assertion Markup
	// Language (SAML) identity provider. Each tag consists of a key name and an
	// associated value. If no tags are attached to the specified resource, the
	// response contains an empty list.
	//
	// Tags is a required field
	Tags []*Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListSAMLProviderTagsOutput) GoString

func (s ListSAMLProviderTagsOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListSAMLProviderTagsOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListSAMLProviderTagsOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListSAMLProviderTagsOutput) SetTags

SetTags sets the Tags field's value.

func (ListSAMLProviderTagsOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListSAMLProvidersInput

type ListSAMLProvidersInput struct {
	// contains filtered or unexported fields
}

func (ListSAMLProvidersInput) GoString

func (s ListSAMLProvidersInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (ListSAMLProvidersInput) String

func (s ListSAMLProvidersInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListSAMLProvidersOutput

type ListSAMLProvidersOutput struct {

	// The list of SAML provider resource objects defined in IAM for this Amazon
	// Web Services account.
	SAMLProviderList []*SAMLProviderListEntry `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListSAMLProviders request.

func (ListSAMLProvidersOutput) GoString

func (s ListSAMLProvidersOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListSAMLProvidersOutput) SetSAMLProviderList

SetSAMLProviderList sets the SAMLProviderList field's value.

func (ListSAMLProvidersOutput) String

func (s ListSAMLProvidersOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListSSHPublicKeysInput

type ListSSHPublicKeysInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the IAM user to list SSH public keys for. If none is specified,
	// the UserName field is determined implicitly based on the Amazon Web Services
	// access key used to sign the request.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListSSHPublicKeysInput) GoString

func (s ListSSHPublicKeysInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListSSHPublicKeysInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListSSHPublicKeysInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListSSHPublicKeysInput) SetUserName

SetUserName sets the UserName field's value.

func (ListSSHPublicKeysInput) String

func (s ListSSHPublicKeysInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListSSHPublicKeysInput) Validate

func (s *ListSSHPublicKeysInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListSSHPublicKeysOutput

type ListSSHPublicKeysOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of the SSH public keys assigned to IAM user.
	SSHPublicKeys []*SSHPublicKeyMetadata `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListSSHPublicKeys request.

func (ListSSHPublicKeysOutput) GoString

func (s ListSSHPublicKeysOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListSSHPublicKeysOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListSSHPublicKeysOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListSSHPublicKeysOutput) SetSSHPublicKeys

SetSSHPublicKeys sets the SSHPublicKeys field's value.

func (ListSSHPublicKeysOutput) String

func (s ListSSHPublicKeysOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListServerCertificateTagsInput

type ListServerCertificateTagsInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the IAM server certificate whose tags you want to see.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListServerCertificateTagsInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListServerCertificateTagsInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListServerCertificateTagsInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListServerCertificateTagsInput) SetServerCertificateName

SetServerCertificateName sets the ServerCertificateName field's value.

func (ListServerCertificateTagsInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListServerCertificateTagsInput) Validate

func (s *ListServerCertificateTagsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListServerCertificateTagsOutput

type ListServerCertificateTagsOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// The list of tags that are currently attached to the IAM server certificate.
	// Each tag consists of a key name and an associated value. If no tags are attached
	// to the specified resource, the response contains an empty list.
	//
	// Tags is a required field
	Tags []*Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListServerCertificateTagsOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListServerCertificateTagsOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListServerCertificateTagsOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListServerCertificateTagsOutput) SetTags

SetTags sets the Tags field's value.

func (ListServerCertificateTagsOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListServerCertificatesInput

type ListServerCertificatesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example: /company/servercerts
	// would get all server certificates for which the path starts with /company/servercerts.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all server certificates. This parameter allows (through its
	// regex pattern (http://wikipedia.org/wiki/regex)) a string of characters consisting
	// of either a forward slash (/) by itself or a string that must begin and end
	// with forward slashes. In addition, it can contain any ASCII character from
	// the ! (\u0021) through the DEL character (\u007F), including most punctuation
	// characters, digits, and upper and lowercased letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListServerCertificatesInput) GoString

func (s ListServerCertificatesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListServerCertificatesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListServerCertificatesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListServerCertificatesInput) SetPathPrefix

SetPathPrefix sets the PathPrefix field's value.

func (ListServerCertificatesInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListServerCertificatesInput) Validate

func (s *ListServerCertificatesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListServerCertificatesOutput

type ListServerCertificatesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of server certificates.
	//
	// ServerCertificateMetadataList is a required field
	ServerCertificateMetadataList []*ServerCertificateMetadata `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListServerCertificates request.

func (ListServerCertificatesOutput) GoString

func (s ListServerCertificatesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListServerCertificatesOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListServerCertificatesOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListServerCertificatesOutput) SetServerCertificateMetadataList

func (s *ListServerCertificatesOutput) SetServerCertificateMetadataList(v []*ServerCertificateMetadata) *ListServerCertificatesOutput

SetServerCertificateMetadataList sets the ServerCertificateMetadataList field's value.

func (ListServerCertificatesOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListServiceSpecificCredentialsInput

type ListServiceSpecificCredentialsInput struct {

	// Filters the returned results to only those for the specified Amazon Web Services
	// service. If not specified, then Amazon Web Services returns service-specific
	// credentials for all services.
	ServiceName *string `type:"string"`

	// The name of the user whose service-specific credentials you want information
	// about. If this value is not specified, then the operation assumes the user
	// whose credentials are used to call the operation.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListServiceSpecificCredentialsInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListServiceSpecificCredentialsInput) SetServiceName

SetServiceName sets the ServiceName field's value.

func (*ListServiceSpecificCredentialsInput) SetUserName

SetUserName sets the UserName field's value.

func (ListServiceSpecificCredentialsInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListServiceSpecificCredentialsInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type ListServiceSpecificCredentialsOutput

type ListServiceSpecificCredentialsOutput struct {

	// A list of structures that each contain details about a service-specific credential.
	ServiceSpecificCredentials []*ServiceSpecificCredentialMetadata `type:"list"`
	// contains filtered or unexported fields
}

func (ListServiceSpecificCredentialsOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListServiceSpecificCredentialsOutput) SetServiceSpecificCredentials

SetServiceSpecificCredentials sets the ServiceSpecificCredentials field's value.

func (ListServiceSpecificCredentialsOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListSigningCertificatesInput

type ListSigningCertificatesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the IAM user whose signing certificates you want to examine.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListSigningCertificatesInput) GoString

func (s ListSigningCertificatesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListSigningCertificatesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListSigningCertificatesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListSigningCertificatesInput) SetUserName

SetUserName sets the UserName field's value.

func (ListSigningCertificatesInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListSigningCertificatesInput) Validate

func (s *ListSigningCertificatesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListSigningCertificatesOutput

type ListSigningCertificatesOutput struct {

	// A list of the user's signing certificate information.
	//
	// Certificates is a required field
	Certificates []*SigningCertificate `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListSigningCertificates request.

func (ListSigningCertificatesOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListSigningCertificatesOutput) SetCertificates

SetCertificates sets the Certificates field's value.

func (*ListSigningCertificatesOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListSigningCertificatesOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListSigningCertificatesOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListUserPoliciesInput

type ListUserPoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the user to list policies for.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListUserPoliciesInput) GoString

func (s ListUserPoliciesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUserPoliciesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListUserPoliciesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListUserPoliciesInput) SetUserName

SetUserName sets the UserName field's value.

func (ListUserPoliciesInput) String

func (s ListUserPoliciesInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUserPoliciesInput) Validate

func (s *ListUserPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListUserPoliciesOutput

type ListUserPoliciesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of policy names.
	//
	// PolicyNames is a required field
	PolicyNames []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListUserPolicies request.

func (ListUserPoliciesOutput) GoString

func (s ListUserPoliciesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUserPoliciesOutput) SetIsTruncated

func (s *ListUserPoliciesOutput) SetIsTruncated(v bool) *ListUserPoliciesOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListUserPoliciesOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListUserPoliciesOutput) SetPolicyNames

func (s *ListUserPoliciesOutput) SetPolicyNames(v []*string) *ListUserPoliciesOutput

SetPolicyNames sets the PolicyNames field's value.

func (ListUserPoliciesOutput) String

func (s ListUserPoliciesOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListUserTagsInput

type ListUserTagsInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the IAM user whose tags you want to see.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListUserTagsInput) GoString

func (s ListUserTagsInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUserTagsInput) SetMarker

func (s *ListUserTagsInput) SetMarker(v string) *ListUserTagsInput

SetMarker sets the Marker field's value.

func (*ListUserTagsInput) SetMaxItems

func (s *ListUserTagsInput) SetMaxItems(v int64) *ListUserTagsInput

SetMaxItems sets the MaxItems field's value.

func (*ListUserTagsInput) SetUserName

func (s *ListUserTagsInput) SetUserName(v string) *ListUserTagsInput

SetUserName sets the UserName field's value.

func (ListUserTagsInput) String

func (s ListUserTagsInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUserTagsInput) Validate

func (s *ListUserTagsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListUserTagsOutput

type ListUserTagsOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// The list of tags that are currently attached to the user. Each tag consists
	// of a key name and an associated value. If no tags are attached to the specified
	// resource, the response contains an empty list.
	//
	// Tags is a required field
	Tags []*Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (ListUserTagsOutput) GoString

func (s ListUserTagsOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUserTagsOutput) SetIsTruncated

func (s *ListUserTagsOutput) SetIsTruncated(v bool) *ListUserTagsOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListUserTagsOutput) SetMarker

func (s *ListUserTagsOutput) SetMarker(v string) *ListUserTagsOutput

SetMarker sets the Marker field's value.

func (*ListUserTagsOutput) SetTags

func (s *ListUserTagsOutput) SetTags(v []*Tag) *ListUserTagsOutput

SetTags sets the Tags field's value.

func (ListUserTagsOutput) String

func (s ListUserTagsOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListUsersInput

type ListUsersInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example: /division_abc/subdivision_xyz/,
	// which would get all user names whose path starts with /division_abc/subdivision_xyz/.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all user names. This parameter allows (through its regex pattern
	// (http://wikipedia.org/wiki/regex)) a string of characters consisting of either
	// a forward slash (/) by itself or a string that must begin and end with forward
	// slashes. In addition, it can contain any ASCII character from the ! (\u0021)
	// through the DEL character (\u007F), including most punctuation characters,
	// digits, and upper and lowercased letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListUsersInput) GoString

func (s ListUsersInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUsersInput) SetMarker

func (s *ListUsersInput) SetMarker(v string) *ListUsersInput

SetMarker sets the Marker field's value.

func (*ListUsersInput) SetMaxItems

func (s *ListUsersInput) SetMaxItems(v int64) *ListUsersInput

SetMaxItems sets the MaxItems field's value.

func (*ListUsersInput) SetPathPrefix

func (s *ListUsersInput) SetPathPrefix(v string) *ListUsersInput

SetPathPrefix sets the PathPrefix field's value.

func (ListUsersInput) String

func (s ListUsersInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUsersInput) Validate

func (s *ListUsersInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListUsersOutput

type ListUsersOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// A list of users.
	//
	// Users is a required field
	Users []*User `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListUsers request.

func (ListUsersOutput) GoString

func (s ListUsersOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListUsersOutput) SetIsTruncated

func (s *ListUsersOutput) SetIsTruncated(v bool) *ListUsersOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListUsersOutput) SetMarker

func (s *ListUsersOutput) SetMarker(v string) *ListUsersOutput

SetMarker sets the Marker field's value.

func (*ListUsersOutput) SetUsers

func (s *ListUsersOutput) SetUsers(v []*User) *ListUsersOutput

SetUsers sets the Users field's value.

func (ListUsersOutput) String

func (s ListUsersOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ListVirtualMFADevicesInput

type ListVirtualMFADevicesInput struct {

	// The status (Unassigned or Assigned) of the devices to list. If you do not
	// specify an AssignmentStatus, the operation defaults to Any, which lists both
	// assigned and unassigned virtual MFA devices.,
	AssignmentStatus *string `type:"string" enum:"AssignmentStatusType"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (ListVirtualMFADevicesInput) GoString

func (s ListVirtualMFADevicesInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListVirtualMFADevicesInput) SetAssignmentStatus

SetAssignmentStatus sets the AssignmentStatus field's value.

func (*ListVirtualMFADevicesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListVirtualMFADevicesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (ListVirtualMFADevicesInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListVirtualMFADevicesInput) Validate

func (s *ListVirtualMFADevicesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListVirtualMFADevicesOutput

type ListVirtualMFADevicesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`

	// The list of virtual MFA devices in the current account that match the AssignmentStatus
	// value that was passed in the request.
	//
	// VirtualMFADevices is a required field
	VirtualMFADevices []*VirtualMFADevice `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListVirtualMFADevices request.

func (ListVirtualMFADevicesOutput) GoString

func (s ListVirtualMFADevicesOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ListVirtualMFADevicesOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListVirtualMFADevicesOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListVirtualMFADevicesOutput) SetVirtualMFADevices

SetVirtualMFADevices sets the VirtualMFADevices field's value.

func (ListVirtualMFADevicesOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type LoginProfile

type LoginProfile struct {

	// The date when the password for the user was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" required:"true"`

	// Specifies whether the user is required to set a new password on next sign-in.
	PasswordResetRequired *bool `type:"boolean"`

	// The name of the user, which can be used for signing in to the Amazon Web
	// Services Management Console.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the user name and password create date for a user.

This data type is used as a response element in the CreateLoginProfile and GetLoginProfile operations.

func (LoginProfile) GoString

func (s LoginProfile) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*LoginProfile) SetCreateDate

func (s *LoginProfile) SetCreateDate(v time.Time) *LoginProfile

SetCreateDate sets the CreateDate field's value.

func (*LoginProfile) SetPasswordResetRequired

func (s *LoginProfile) SetPasswordResetRequired(v bool) *LoginProfile

SetPasswordResetRequired sets the PasswordResetRequired field's value.

func (*LoginProfile) SetUserName

func (s *LoginProfile) SetUserName(v string) *LoginProfile

SetUserName sets the UserName field's value.

func (LoginProfile) String

func (s LoginProfile) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type MFADevice

type MFADevice struct {

	// The date when the MFA device was enabled for the user.
	//
	// EnableDate is a required field
	EnableDate *time.Time `type:"timestamp" required:"true"`

	// The serial number that uniquely identifies the MFA device. For virtual MFA
	// devices, the serial number is the device ARN.
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The user with whom the MFA device is associated.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an MFA device.

This data type is used as a response element in the ListMFADevices operation.

func (MFADevice) GoString

func (s MFADevice) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*MFADevice) SetEnableDate

func (s *MFADevice) SetEnableDate(v time.Time) *MFADevice

SetEnableDate sets the EnableDate field's value.

func (*MFADevice) SetSerialNumber

func (s *MFADevice) SetSerialNumber(v string) *MFADevice

SetSerialNumber sets the SerialNumber field's value.

func (*MFADevice) SetUserName

func (s *MFADevice) SetUserName(v string) *MFADevice

SetUserName sets the UserName field's value.

func (MFADevice) String

func (s MFADevice) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ManagedPolicyDetail

type ManagedPolicyDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	Arn *string `min:"20" type:"string"`

	// The number of principal entities (users, groups, and roles) that the policy
	// is attached to.
	AttachmentCount *int64 `type:"integer"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy was created.
	CreateDate *time.Time `type:"timestamp"`

	// The identifier for the version of the policy that is set as the default (operative)
	// version.
	//
	// For more information about policy versions, see Versioning for managed policies
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the IAM User Guide.
	DefaultVersionId *string `type:"string"`

	// A friendly description of the policy.
	Description *string `type:"string"`

	// Specifies whether the policy can be attached to an IAM user, group, or role.
	IsAttachable *bool `type:"boolean"`

	// The path to the policy.
	//
	// For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	Path *string `min:"1" type:"string"`

	// The number of entities (users and roles) for which the policy is used as
	// the permissions boundary.
	//
	// For more information about permissions boundaries, see Permissions boundaries
	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundaryUsageCount *int64 `type:"integer"`

	// The stable and unique string identifying the policy.
	//
	// For more information about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	PolicyId *string `min:"16" type:"string"`

	// The friendly name (not ARN) identifying the policy.
	PolicyName *string `min:"1" type:"string"`

	// A list containing information about the versions of the policy.
	PolicyVersionList []*PolicyVersion `type:"list"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy was last updated.
	//
	// When a policy has only one version, this field contains the date and time
	// when the policy was created. When a policy has more than one version, this
	// field contains the date and time when the most recent policy version was
	// created.
	UpdateDate *time.Time `type:"timestamp"`
	// contains filtered or unexported fields
}

Contains information about a managed policy, including the policy's ARN, versions, and the number of principal entities (users, groups, and roles) that the policy is attached to.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

For more information about managed policies, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

func (ManagedPolicyDetail) GoString

func (s ManagedPolicyDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ManagedPolicyDetail) SetArn

SetArn sets the Arn field's value.

func (*ManagedPolicyDetail) SetAttachmentCount

func (s *ManagedPolicyDetail) SetAttachmentCount(v int64) *ManagedPolicyDetail

SetAttachmentCount sets the AttachmentCount field's value.

func (*ManagedPolicyDetail) SetCreateDate

func (s *ManagedPolicyDetail) SetCreateDate(v time.Time) *ManagedPolicyDetail

SetCreateDate sets the CreateDate field's value.

func (*ManagedPolicyDetail) SetDefaultVersionId

func (s *ManagedPolicyDetail) SetDefaultVersionId(v string) *ManagedPolicyDetail

SetDefaultVersionId sets the DefaultVersionId field's value.

func (*ManagedPolicyDetail) SetDescription

func (s *ManagedPolicyDetail) SetDescription(v string) *ManagedPolicyDetail

SetDescription sets the Description field's value.

func (*ManagedPolicyDetail) SetIsAttachable

func (s *ManagedPolicyDetail) SetIsAttachable(v bool) *ManagedPolicyDetail

SetIsAttachable sets the IsAttachable field's value.

func (*ManagedPolicyDetail) SetPath

SetPath sets the Path field's value.

func (*ManagedPolicyDetail) SetPermissionsBoundaryUsageCount

func (s *ManagedPolicyDetail) SetPermissionsBoundaryUsageCount(v int64) *ManagedPolicyDetail

SetPermissionsBoundaryUsageCount sets the PermissionsBoundaryUsageCount field's value.

func (*ManagedPolicyDetail) SetPolicyId

func (s *ManagedPolicyDetail) SetPolicyId(v string) *ManagedPolicyDetail

SetPolicyId sets the PolicyId field's value.

func (*ManagedPolicyDetail) SetPolicyName

func (s *ManagedPolicyDetail) SetPolicyName(v string) *ManagedPolicyDetail

SetPolicyName sets the PolicyName field's value.

func (*ManagedPolicyDetail) SetPolicyVersionList

func (s *ManagedPolicyDetail) SetPolicyVersionList(v []*PolicyVersion) *ManagedPolicyDetail

SetPolicyVersionList sets the PolicyVersionList field's value.

func (*ManagedPolicyDetail) SetUpdateDate

func (s *ManagedPolicyDetail) SetUpdateDate(v time.Time) *ManagedPolicyDetail

SetUpdateDate sets the UpdateDate field's value.

func (ManagedPolicyDetail) String

func (s ManagedPolicyDetail) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type OpenIDConnectProviderListEntry

type OpenIDConnectProviderListEntry struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	Arn *string `min:"20" type:"string"`
	// contains filtered or unexported fields
}

Contains the Amazon Resource Name (ARN) for an IAM OpenID Connect provider.

func (OpenIDConnectProviderListEntry) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OpenIDConnectProviderListEntry) SetArn

SetArn sets the Arn field's value.

func (OpenIDConnectProviderListEntry) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type OrganizationsDecisionDetail

type OrganizationsDecisionDetail struct {

	// Specifies whether the simulated operation is allowed by the Organizations
	// service control policies that impact the simulated user's account.
	AllowedByOrganizations *bool `type:"boolean"`
	// contains filtered or unexported fields
}

Contains information about the effect that Organizations has on a policy simulation.

func (OrganizationsDecisionDetail) GoString

func (s OrganizationsDecisionDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*OrganizationsDecisionDetail) SetAllowedByOrganizations

func (s *OrganizationsDecisionDetail) SetAllowedByOrganizations(v bool) *OrganizationsDecisionDetail

SetAllowedByOrganizations sets the AllowedByOrganizations field's value.

func (OrganizationsDecisionDetail) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PasswordPolicy

type PasswordPolicy struct {

	// Specifies whether IAM users are allowed to change their own password. Gives
	// IAM users permissions to iam:ChangePassword for only their user and to the
	// iam:GetAccountPasswordPolicy action. This option does not attach a permissions
	// policy to each user, rather the permissions are applied at the account-level
	// for all users by IAM.
	AllowUsersToChangePassword *bool `type:"boolean"`

	// Indicates whether passwords in the account expire. Returns true if MaxPasswordAge
	// contains a value greater than 0. Returns false if MaxPasswordAge is 0 or
	// not present.
	ExpirePasswords *bool `type:"boolean"`

	// Specifies whether IAM users are prevented from setting a new password via
	// the Amazon Web Services Management Console after their password has expired.
	// The IAM user cannot access the console until an administrator resets the
	// password. IAM users with iam:ChangePassword permission and active access
	// keys can reset their own expired console password using the CLI or API.
	HardExpiry *bool `type:"boolean"`

	// The number of days that an IAM user password is valid.
	MaxPasswordAge *int64 `min:"1" type:"integer"`

	// Minimum length to require for IAM user passwords.
	MinimumPasswordLength *int64 `min:"6" type:"integer"`

	// Specifies the number of previous passwords that IAM users are prevented from
	// reusing.
	PasswordReusePrevention *int64 `min:"1" type:"integer"`

	// Specifies whether IAM user passwords must contain at least one lowercase
	// character (a to z).
	RequireLowercaseCharacters *bool `type:"boolean"`

	// Specifies whether IAM user passwords must contain at least one numeric character
	// (0 to 9).
	RequireNumbers *bool `type:"boolean"`

	// Specifies whether IAM user passwords must contain at least one of the following
	// symbols:
	//
	// ! @ # $ % ^ & * ( ) _ + - = [ ] { } | '
	RequireSymbols *bool `type:"boolean"`

	// Specifies whether IAM user passwords must contain at least one uppercase
	// character (A to Z).
	RequireUppercaseCharacters *bool `type:"boolean"`
	// contains filtered or unexported fields
}

Contains information about the account password policy.

This data type is used as a response element in the GetAccountPasswordPolicy operation.

func (PasswordPolicy) GoString

func (s PasswordPolicy) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PasswordPolicy) SetAllowUsersToChangePassword

func (s *PasswordPolicy) SetAllowUsersToChangePassword(v bool) *PasswordPolicy

SetAllowUsersToChangePassword sets the AllowUsersToChangePassword field's value.

func (*PasswordPolicy) SetExpirePasswords

func (s *PasswordPolicy) SetExpirePasswords(v bool) *PasswordPolicy

SetExpirePasswords sets the ExpirePasswords field's value.

func (*PasswordPolicy) SetHardExpiry

func (s *PasswordPolicy) SetHardExpiry(v bool) *PasswordPolicy

SetHardExpiry sets the HardExpiry field's value.

func (*PasswordPolicy) SetMaxPasswordAge

func (s *PasswordPolicy) SetMaxPasswordAge(v int64) *PasswordPolicy

SetMaxPasswordAge sets the MaxPasswordAge field's value.

func (*PasswordPolicy) SetMinimumPasswordLength

func (s *PasswordPolicy) SetMinimumPasswordLength(v int64) *PasswordPolicy

SetMinimumPasswordLength sets the MinimumPasswordLength field's value.

func (*PasswordPolicy) SetPasswordReusePrevention

func (s *PasswordPolicy) SetPasswordReusePrevention(v int64) *PasswordPolicy

SetPasswordReusePrevention sets the PasswordReusePrevention field's value.

func (*PasswordPolicy) SetRequireLowercaseCharacters

func (s *PasswordPolicy) SetRequireLowercaseCharacters(v bool) *PasswordPolicy

SetRequireLowercaseCharacters sets the RequireLowercaseCharacters field's value.

func (*PasswordPolicy) SetRequireNumbers

func (s *PasswordPolicy) SetRequireNumbers(v bool) *PasswordPolicy

SetRequireNumbers sets the RequireNumbers field's value.

func (*PasswordPolicy) SetRequireSymbols

func (s *PasswordPolicy) SetRequireSymbols(v bool) *PasswordPolicy

SetRequireSymbols sets the RequireSymbols field's value.

func (*PasswordPolicy) SetRequireUppercaseCharacters

func (s *PasswordPolicy) SetRequireUppercaseCharacters(v bool) *PasswordPolicy

SetRequireUppercaseCharacters sets the RequireUppercaseCharacters field's value.

func (PasswordPolicy) String

func (s PasswordPolicy) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PermissionsBoundaryDecisionDetail

type PermissionsBoundaryDecisionDetail struct {

	// Specifies whether an action is allowed by a permissions boundary that is
	// applied to an IAM entity (user or role). A value of true means that the permissions
	// boundary does not deny the action. This means that the policy includes an
	// Allow statement that matches the request. In this case, if an identity-based
	// policy also allows the action, the request is allowed. A value of false means
	// that either the requested action is not allowed (implicitly denied) or that
	// the action is explicitly denied by the permissions boundary. In both of these
	// cases, the action is not allowed, regardless of the identity-based policy.
	AllowedByPermissionsBoundary *bool `type:"boolean"`
	// contains filtered or unexported fields
}

Contains information about the effect that a permissions boundary has on a policy simulation when the boundary is applied to an IAM entity.

func (PermissionsBoundaryDecisionDetail) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PermissionsBoundaryDecisionDetail) SetAllowedByPermissionsBoundary

func (s *PermissionsBoundaryDecisionDetail) SetAllowedByPermissionsBoundary(v bool) *PermissionsBoundaryDecisionDetail

SetAllowedByPermissionsBoundary sets the AllowedByPermissionsBoundary field's value.

func (PermissionsBoundaryDecisionDetail) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type Policy

type Policy struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	Arn *string `min:"20" type:"string"`

	// The number of entities (users, groups, and roles) that the policy is attached
	// to.
	AttachmentCount *int64 `type:"integer"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy was created.
	CreateDate *time.Time `type:"timestamp"`

	// The identifier for the version of the policy that is set as the default version.
	DefaultVersionId *string `type:"string"`

	// A friendly description of the policy.
	//
	// This element is included in the response to the GetPolicy operation. It is
	// not included in the response to the ListPolicies operation.
	Description *string `type:"string"`

	// Specifies whether the policy can be attached to an IAM user, group, or role.
	IsAttachable *bool `type:"boolean"`

	// The path to the policy.
	//
	// For more information about paths, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	Path *string `min:"1" type:"string"`

	// The number of entities (users and roles) for which the policy is used to
	// set the permissions boundary.
	//
	// For more information about permissions boundaries, see Permissions boundaries
	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundaryUsageCount *int64 `type:"integer"`

	// The stable and unique string identifying the policy.
	//
	// For more information about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	PolicyId *string `min:"16" type:"string"`

	// The friendly name (not ARN) identifying the policy.
	PolicyName *string `min:"1" type:"string"`

	// A list of tags that are attached to the instance profile. For more information
	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	Tags []*Tag `type:"list"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy was last updated.
	//
	// When a policy has only one version, this field contains the date and time
	// when the policy was created. When a policy has more than one version, this
	// field contains the date and time when the most recent policy version was
	// created.
	UpdateDate *time.Time `type:"timestamp"`
	// contains filtered or unexported fields
}

Contains information about a managed policy.

This data type is used as a response element in the CreatePolicy, GetPolicy, and ListPolicies operations.

For more information about managed policies, refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

func (Policy) GoString

func (s Policy) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*Policy) SetArn

func (s *Policy) SetArn(v string) *Policy

SetArn sets the Arn field's value.

func (*Policy) SetAttachmentCount

func (s *Policy) SetAttachmentCount(v int64) *Policy

SetAttachmentCount sets the AttachmentCount field's value.

func (*Policy) SetCreateDate

func (s *Policy) SetCreateDate(v time.Time) *Policy

SetCreateDate sets the CreateDate field's value.

func (*Policy) SetDefaultVersionId

func (s *Policy) SetDefaultVersionId(v string) *Policy

SetDefaultVersionId sets the DefaultVersionId field's value.

func (*Policy) SetDescription

func (s *Policy) SetDescription(v string) *Policy

SetDescription sets the Description field's value.

func (*Policy) SetIsAttachable

func (s *Policy) SetIsAttachable(v bool) *Policy

SetIsAttachable sets the IsAttachable field's value.

func (*Policy) SetPath

func (s *Policy) SetPath(v string) *Policy

SetPath sets the Path field's value.

func (*Policy) SetPermissionsBoundaryUsageCount

func (s *Policy) SetPermissionsBoundaryUsageCount(v int64) *Policy

SetPermissionsBoundaryUsageCount sets the PermissionsBoundaryUsageCount field's value.

func (*Policy) SetPolicyId

func (s *Policy) SetPolicyId(v string) *Policy

SetPolicyId sets the PolicyId field's value.

func (*Policy) SetPolicyName

func (s *Policy) SetPolicyName(v string) *Policy

SetPolicyName sets the PolicyName field's value.

func (*Policy) SetTags

func (s *Policy) SetTags(v []*Tag) *Policy

SetTags sets the Tags field's value.

func (*Policy) SetUpdateDate

func (s *Policy) SetUpdateDate(v time.Time) *Policy

SetUpdateDate sets the UpdateDate field's value.

func (Policy) String

func (s Policy) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PolicyDetail

type PolicyDetail struct {

	// The policy document.
	PolicyDocument *string `min:"1" type:"string"`

	// The name of the policy.
	PolicyName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about an IAM policy, including the policy document.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

func (PolicyDetail) GoString

func (s PolicyDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyDetail) SetPolicyDocument

func (s *PolicyDetail) SetPolicyDocument(v string) *PolicyDetail

SetPolicyDocument sets the PolicyDocument field's value.

func (*PolicyDetail) SetPolicyName

func (s *PolicyDetail) SetPolicyName(v string) *PolicyDetail

SetPolicyName sets the PolicyName field's value.

func (PolicyDetail) String

func (s PolicyDetail) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PolicyGrantingServiceAccess

type PolicyGrantingServiceAccess struct {

	// The name of the entity (user or role) to which the inline policy is attached.
	//
	// This field is null for managed policies. For more information about these
	// policy types, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
	// in the IAM User Guide.
	EntityName *string `min:"1" type:"string"`

	// The type of entity (user or role) that used the policy to access the service
	// to which the inline policy is attached.
	//
	// This field is null for managed policies. For more information about these
	// policy types, see Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
	// in the IAM User Guide.
	EntityType *string `type:"string" enum:"PolicyOwnerEntityType"`

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	PolicyArn *string `min:"20" type:"string"`

	// The policy name.
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The policy type. For more information about these policy types, see Managed
	// policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
	// in the IAM User Guide.
	//
	// PolicyType is a required field
	PolicyType *string `type:"string" required:"true" enum:"PolicyType"`
	// contains filtered or unexported fields
}

Contains details about the permissions policies that are attached to the specified identity (user, group, or role).

This data type is an element of the ListPoliciesGrantingServiceAccessEntry object.

func (PolicyGrantingServiceAccess) GoString

func (s PolicyGrantingServiceAccess) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyGrantingServiceAccess) SetEntityName

SetEntityName sets the EntityName field's value.

func (*PolicyGrantingServiceAccess) SetEntityType

SetEntityType sets the EntityType field's value.

func (*PolicyGrantingServiceAccess) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (*PolicyGrantingServiceAccess) SetPolicyName

SetPolicyName sets the PolicyName field's value.

func (*PolicyGrantingServiceAccess) SetPolicyType

SetPolicyType sets the PolicyType field's value.

func (PolicyGrantingServiceAccess) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PolicyGroup

type PolicyGroup struct {

	// The stable and unique string identifying the group. For more information
	// about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
	// in the IAM User Guide.
	GroupId *string `min:"16" type:"string"`

	// The name (friendly name, not ARN) identifying the group.
	GroupName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about a group that a managed policy is attached to.

This data type is used as a response element in the ListEntitiesForPolicy operation.

For more information about managed policies, refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

func (PolicyGroup) GoString

func (s PolicyGroup) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyGroup) SetGroupId

func (s *PolicyGroup) SetGroupId(v string) *PolicyGroup

SetGroupId sets the GroupId field's value.

func (*PolicyGroup) SetGroupName

func (s *PolicyGroup) SetGroupName(v string) *PolicyGroup

SetGroupName sets the GroupName field's value.

func (PolicyGroup) String

func (s PolicyGroup) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PolicyRole

type PolicyRole struct {

	// The stable and unique string identifying the role. For more information about
	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
	// in the IAM User Guide.
	RoleId *string `min:"16" type:"string"`

	// The name (friendly name, not ARN) identifying the role.
	RoleName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about a role that a managed policy is attached to.

This data type is used as a response element in the ListEntitiesForPolicy operation.

For more information about managed policies, refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

func (PolicyRole) GoString

func (s PolicyRole) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyRole) SetRoleId

func (s *PolicyRole) SetRoleId(v string) *PolicyRole

SetRoleId sets the RoleId field's value.

func (*PolicyRole) SetRoleName

func (s *PolicyRole) SetRoleName(v string) *PolicyRole

SetRoleName sets the RoleName field's value.

func (PolicyRole) String

func (s PolicyRole) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PolicyUser

type PolicyUser struct {

	// The stable and unique string identifying the user. For more information about
	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
	// in the IAM User Guide.
	UserId *string `min:"16" type:"string"`

	// The name (friendly name, not ARN) identifying the user.
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about a user that a managed policy is attached to.

This data type is used as a response element in the ListEntitiesForPolicy operation.

For more information about managed policies, refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

func (PolicyUser) GoString

func (s PolicyUser) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyUser) SetUserId

func (s *PolicyUser) SetUserId(v string) *PolicyUser

SetUserId sets the UserId field's value.

func (*PolicyUser) SetUserName

func (s *PolicyUser) SetUserName(v string) *PolicyUser

SetUserName sets the UserName field's value.

func (PolicyUser) String

func (s PolicyUser) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PolicyVersion

type PolicyVersion struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy version was created.
	CreateDate *time.Time `type:"timestamp"`

	// The policy document.
	//
	// The policy document is returned in the response to the GetPolicyVersion and
	// GetAccountAuthorizationDetails operations. It is not returned in the response
	// to the CreatePolicyVersion or ListPolicyVersions operations.
	//
	// The policy document returned in this structure is URL-encoded compliant with
	// RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding
	// method to convert the policy back to plain JSON text. For example, if you
	// use Java, you can use the decode method of the java.net.URLDecoder utility
	// class in the Java SDK. Other languages and SDKs provide similar functionality.
	Document *string `min:"1" type:"string"`

	// Specifies whether the policy version is set as the policy's default version.
	IsDefaultVersion *bool `type:"boolean"`

	// The identifier for the policy version.
	//
	// Policy version identifiers always begin with v (always lowercase). When a
	// policy is created, the first policy version is v1.
	VersionId *string `type:"string"`
	// contains filtered or unexported fields
}

Contains information about a version of a managed policy.

This data type is used as a response element in the CreatePolicyVersion, GetPolicyVersion, ListPolicyVersions, and GetAccountAuthorizationDetails operations.

For more information about managed policies, refer to Managed policies and inline policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

func (PolicyVersion) GoString

func (s PolicyVersion) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PolicyVersion) SetCreateDate

func (s *PolicyVersion) SetCreateDate(v time.Time) *PolicyVersion

SetCreateDate sets the CreateDate field's value.

func (*PolicyVersion) SetDocument

func (s *PolicyVersion) SetDocument(v string) *PolicyVersion

SetDocument sets the Document field's value.

func (*PolicyVersion) SetIsDefaultVersion

func (s *PolicyVersion) SetIsDefaultVersion(v bool) *PolicyVersion

SetIsDefaultVersion sets the IsDefaultVersion field's value.

func (*PolicyVersion) SetVersionId

func (s *PolicyVersion) SetVersionId(v string) *PolicyVersion

SetVersionId sets the VersionId field's value.

func (PolicyVersion) String

func (s PolicyVersion) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type Position

type Position struct {

	// The column in the line containing the specified position in the document.
	Column *int64 `type:"integer"`

	// The line containing the specified position in the document.
	Line *int64 `type:"integer"`
	// contains filtered or unexported fields
}

Contains the row and column of a location of a Statement element in a policy document.

This data type is used as a member of the Statement type.

func (Position) GoString

func (s Position) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*Position) SetColumn

func (s *Position) SetColumn(v int64) *Position

SetColumn sets the Column field's value.

func (*Position) SetLine

func (s *Position) SetLine(v int64) *Position

SetLine sets the Line field's value.

func (Position) String

func (s Position) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PutGroupPolicyInput

type PutGroupPolicyInput struct {

	// The name of the group to associate the policy with.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The policy document.
	//
	// You must provide policies in JSON format in IAM. However, for CloudFormation
	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
	// CloudFormation always converts a YAML policy to JSON format before submitting
	// it to IAM.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy document.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutGroupPolicyInput) GoString

func (s PutGroupPolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PutGroupPolicyInput) SetGroupName

func (s *PutGroupPolicyInput) SetGroupName(v string) *PutGroupPolicyInput

SetGroupName sets the GroupName field's value.

func (*PutGroupPolicyInput) SetPolicyDocument

func (s *PutGroupPolicyInput) SetPolicyDocument(v string) *PutGroupPolicyInput

SetPolicyDocument sets the PolicyDocument field's value.

func (*PutGroupPolicyInput) SetPolicyName

func (s *PutGroupPolicyInput) SetPolicyName(v string) *PutGroupPolicyInput

SetPolicyName sets the PolicyName field's value.

func (PutGroupPolicyInput) String

func (s PutGroupPolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PutGroupPolicyInput) Validate

func (s *PutGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PutGroupPolicyOutput

type PutGroupPolicyOutput struct {
	// contains filtered or unexported fields
}

func (PutGroupPolicyOutput) GoString

func (s PutGroupPolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (PutGroupPolicyOutput) String

func (s PutGroupPolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PutRolePermissionsBoundaryInput

type PutRolePermissionsBoundaryInput struct {

	// The ARN of the managed policy that is used to set the permissions boundary
	// for the role.
	//
	// A permissions boundary policy defines the maximum permissions that identity-based
	// policies can grant to an entity, but does not grant permissions. Permissions
	// boundaries do not define the maximum permissions that a resource-based policy
	// can grant to an entity. To learn more, see Permissions boundaries for IAM
	// entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	//
	// For more information about policy types, see Policy types (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types)
	// in the IAM User Guide.
	//
	// PermissionsBoundary is a required field
	PermissionsBoundary *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the IAM role for which you want to set
	// the permissions boundary.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutRolePermissionsBoundaryInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PutRolePermissionsBoundaryInput) SetPermissionsBoundary

SetPermissionsBoundary sets the PermissionsBoundary field's value.

func (*PutRolePermissionsBoundaryInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (PutRolePermissionsBoundaryInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PutRolePermissionsBoundaryInput) Validate

func (s *PutRolePermissionsBoundaryInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PutRolePermissionsBoundaryOutput

type PutRolePermissionsBoundaryOutput struct {
	// contains filtered or unexported fields
}

func (PutRolePermissionsBoundaryOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (PutRolePermissionsBoundaryOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PutRolePolicyInput

type PutRolePolicyInput struct {

	// The policy document.
	//
	// You must provide policies in JSON format in IAM. However, for CloudFormation
	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
	// CloudFormation always converts a YAML policy to JSON format before submitting
	// it to IAM.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy document.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name of the role to associate the policy with.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutRolePolicyInput) GoString

func (s PutRolePolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PutRolePolicyInput) SetPolicyDocument

func (s *PutRolePolicyInput) SetPolicyDocument(v string) *PutRolePolicyInput

SetPolicyDocument sets the PolicyDocument field's value.

func (*PutRolePolicyInput) SetPolicyName

func (s *PutRolePolicyInput) SetPolicyName(v string) *PutRolePolicyInput

SetPolicyName sets the PolicyName field's value.

func (*PutRolePolicyInput) SetRoleName

func (s *PutRolePolicyInput) SetRoleName(v string) *PutRolePolicyInput

SetRoleName sets the RoleName field's value.

func (PutRolePolicyInput) String

func (s PutRolePolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PutRolePolicyInput) Validate

func (s *PutRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PutRolePolicyOutput

type PutRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (PutRolePolicyOutput) GoString

func (s PutRolePolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (PutRolePolicyOutput) String

func (s PutRolePolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PutUserPermissionsBoundaryInput

type PutUserPermissionsBoundaryInput struct {

	// The ARN of the managed policy that is used to set the permissions boundary
	// for the user.
	//
	// A permissions boundary policy defines the maximum permissions that identity-based
	// policies can grant to an entity, but does not grant permissions. Permissions
	// boundaries do not define the maximum permissions that a resource-based policy
	// can grant to an entity. To learn more, see Permissions boundaries for IAM
	// entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	//
	// For more information about policy types, see Policy types (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types)
	// in the IAM User Guide.
	//
	// PermissionsBoundary is a required field
	PermissionsBoundary *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the IAM user for which you want to set
	// the permissions boundary.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutUserPermissionsBoundaryInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PutUserPermissionsBoundaryInput) SetPermissionsBoundary

SetPermissionsBoundary sets the PermissionsBoundary field's value.

func (*PutUserPermissionsBoundaryInput) SetUserName

SetUserName sets the UserName field's value.

func (PutUserPermissionsBoundaryInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PutUserPermissionsBoundaryInput) Validate

func (s *PutUserPermissionsBoundaryInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PutUserPermissionsBoundaryOutput

type PutUserPermissionsBoundaryOutput struct {
	// contains filtered or unexported fields
}

func (PutUserPermissionsBoundaryOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (PutUserPermissionsBoundaryOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type PutUserPolicyInput

type PutUserPolicyInput struct {

	// The policy document.
	//
	// You must provide policies in JSON format in IAM. However, for CloudFormation
	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
	// CloudFormation always converts a YAML policy to JSON format before submitting
	// it to IAM.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy document.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name of the user to associate the policy with.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutUserPolicyInput) GoString

func (s PutUserPolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PutUserPolicyInput) SetPolicyDocument

func (s *PutUserPolicyInput) SetPolicyDocument(v string) *PutUserPolicyInput

SetPolicyDocument sets the PolicyDocument field's value.

func (*PutUserPolicyInput) SetPolicyName

func (s *PutUserPolicyInput) SetPolicyName(v string) *PutUserPolicyInput

SetPolicyName sets the PolicyName field's value.

func (*PutUserPolicyInput) SetUserName

func (s *PutUserPolicyInput) SetUserName(v string) *PutUserPolicyInput

SetUserName sets the UserName field's value.

func (PutUserPolicyInput) String

func (s PutUserPolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*PutUserPolicyInput) Validate

func (s *PutUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PutUserPolicyOutput

type PutUserPolicyOutput struct {
	// contains filtered or unexported fields
}

func (PutUserPolicyOutput) GoString

func (s PutUserPolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (PutUserPolicyOutput) String

func (s PutUserPolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type RemoveClientIDFromOpenIDConnectProviderInput

type RemoveClientIDFromOpenIDConnectProviderInput struct {

	// The client ID (also known as audience) to remove from the IAM OIDC provider
	// resource. For more information about client IDs, see CreateOpenIDConnectProvider.
	//
	// ClientID is a required field
	ClientID *string `min:"1" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the IAM OIDC provider resource to remove
	// the client ID from. You can get a list of OIDC provider ARNs by using the
	// ListOpenIDConnectProviders operation.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (RemoveClientIDFromOpenIDConnectProviderInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RemoveClientIDFromOpenIDConnectProviderInput) SetClientID

SetClientID sets the ClientID field's value.

func (*RemoveClientIDFromOpenIDConnectProviderInput) SetOpenIDConnectProviderArn

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (RemoveClientIDFromOpenIDConnectProviderInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RemoveClientIDFromOpenIDConnectProviderInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type RemoveClientIDFromOpenIDConnectProviderOutput

type RemoveClientIDFromOpenIDConnectProviderOutput struct {
	// contains filtered or unexported fields
}

func (RemoveClientIDFromOpenIDConnectProviderOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (RemoveClientIDFromOpenIDConnectProviderOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type RemoveRoleFromInstanceProfileInput

type RemoveRoleFromInstanceProfileInput struct {

	// The name of the instance profile to update.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`

	// The name of the role to remove.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (RemoveRoleFromInstanceProfileInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RemoveRoleFromInstanceProfileInput) SetInstanceProfileName

SetInstanceProfileName sets the InstanceProfileName field's value.

func (*RemoveRoleFromInstanceProfileInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (RemoveRoleFromInstanceProfileInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RemoveRoleFromInstanceProfileInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type RemoveRoleFromInstanceProfileOutput

type RemoveRoleFromInstanceProfileOutput struct {
	// contains filtered or unexported fields
}

func (RemoveRoleFromInstanceProfileOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (RemoveRoleFromInstanceProfileOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type RemoveUserFromGroupInput

type RemoveUserFromGroupInput struct {

	// The name of the group to update.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The name of the user to remove.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (RemoveUserFromGroupInput) GoString

func (s RemoveUserFromGroupInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RemoveUserFromGroupInput) SetGroupName

SetGroupName sets the GroupName field's value.

func (*RemoveUserFromGroupInput) SetUserName

SetUserName sets the UserName field's value.

func (RemoveUserFromGroupInput) String

func (s RemoveUserFromGroupInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RemoveUserFromGroupInput) Validate

func (s *RemoveUserFromGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type RemoveUserFromGroupOutput

type RemoveUserFromGroupOutput struct {
	// contains filtered or unexported fields
}

func (RemoveUserFromGroupOutput) GoString

func (s RemoveUserFromGroupOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (RemoveUserFromGroupOutput) String

func (s RemoveUserFromGroupOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ResetServiceSpecificCredentialInput

type ResetServiceSpecificCredentialInput struct {

	// The unique identifier of the service-specific credential.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The name of the IAM user associated with the service-specific credential.
	// If this value is not specified, then the operation assumes the user whose
	// credentials are used to call the operation.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ResetServiceSpecificCredentialInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ResetServiceSpecificCredentialInput) SetServiceSpecificCredentialId

SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.

func (*ResetServiceSpecificCredentialInput) SetUserName

SetUserName sets the UserName field's value.

func (ResetServiceSpecificCredentialInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ResetServiceSpecificCredentialInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type ResetServiceSpecificCredentialOutput

type ResetServiceSpecificCredentialOutput struct {

	// A structure with details about the updated service-specific credential, including
	// the new password.
	//
	// This is the only time that you can access the password. You cannot recover
	// the password later, but you can reset it again.
	ServiceSpecificCredential *ServiceSpecificCredential `type:"structure"`
	// contains filtered or unexported fields
}

func (ResetServiceSpecificCredentialOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ResetServiceSpecificCredentialOutput) SetServiceSpecificCredential

SetServiceSpecificCredential sets the ServiceSpecificCredential field's value.

func (ResetServiceSpecificCredentialOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ResourceSpecificResult

type ResourceSpecificResult struct {

	// Additional details about the results of the evaluation decision on a single
	// resource. This parameter is returned only for cross-account simulations.
	// This parameter explains how each policy type contributes to the resource-specific
	// evaluation decision.
	EvalDecisionDetails map[string]*string `type:"map"`

	// The result of the simulation of the simulated API operation on the resource
	// specified in EvalResourceName.
	//
	// EvalResourceDecision is a required field
	EvalResourceDecision *string `type:"string" required:"true" enum:"PolicyEvaluationDecisionType"`

	// The name of the simulated resource, in Amazon Resource Name (ARN) format.
	//
	// EvalResourceName is a required field
	EvalResourceName *string `min:"1" type:"string" required:"true"`

	// A list of the statements in the input policies that determine the result
	// for this part of the simulation. Remember that even if multiple statements
	// allow the operation on the resource, if any statement denies that operation,
	// then the explicit deny overrides any allow. In addition, the deny statement
	// is the only entry included in the result.
	MatchedStatements []*Statement `type:"list"`

	// A list of context keys that are required by the included input policies but
	// that were not provided by one of the input parameters. This list is used
	// when a list of ARNs is included in the ResourceArns parameter instead of
	// "*". If you do not specify individual resources, by setting ResourceArns
	// to "*" or by not including the ResourceArns parameter, then any missing context
	// values are instead included under the EvaluationResults section. To discover
	// the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy
	// or GetContextKeysForPrincipalPolicy.
	MissingContextValues []*string `type:"list"`

	// Contains information about the effect that a permissions boundary has on
	// a policy simulation when that boundary is applied to an IAM entity.
	PermissionsBoundaryDecisionDetail *PermissionsBoundaryDecisionDetail `type:"structure"`
	// contains filtered or unexported fields
}

Contains the result of the simulation of a single API operation call on a single resource.

This data type is used by a member of the EvaluationResult data type.

func (ResourceSpecificResult) GoString

func (s ResourceSpecificResult) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ResourceSpecificResult) SetEvalDecisionDetails

func (s *ResourceSpecificResult) SetEvalDecisionDetails(v map[string]*string) *ResourceSpecificResult

SetEvalDecisionDetails sets the EvalDecisionDetails field's value.

func (*ResourceSpecificResult) SetEvalResourceDecision

func (s *ResourceSpecificResult) SetEvalResourceDecision(v string) *ResourceSpecificResult

SetEvalResourceDecision sets the EvalResourceDecision field's value.

func (*ResourceSpecificResult) SetEvalResourceName

func (s *ResourceSpecificResult) SetEvalResourceName(v string) *ResourceSpecificResult

SetEvalResourceName sets the EvalResourceName field's value.

func (*ResourceSpecificResult) SetMatchedStatements

func (s *ResourceSpecificResult) SetMatchedStatements(v []*Statement) *ResourceSpecificResult

SetMatchedStatements sets the MatchedStatements field's value.

func (*ResourceSpecificResult) SetMissingContextValues

func (s *ResourceSpecificResult) SetMissingContextValues(v []*string) *ResourceSpecificResult

SetMissingContextValues sets the MissingContextValues field's value.

func (*ResourceSpecificResult) SetPermissionsBoundaryDecisionDetail

func (s *ResourceSpecificResult) SetPermissionsBoundaryDecisionDetail(v *PermissionsBoundaryDecisionDetail) *ResourceSpecificResult

SetPermissionsBoundaryDecisionDetail sets the PermissionsBoundaryDecisionDetail field's value.

func (ResourceSpecificResult) String

func (s ResourceSpecificResult) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ResyncMFADeviceInput

type ResyncMFADeviceInput struct {

	// An authentication code emitted by the device.
	//
	// The format for this parameter is a sequence of six digits.
	//
	// AuthenticationCode1 is a required field
	AuthenticationCode1 *string `min:"6" type:"string" required:"true"`

	// A subsequent authentication code emitted by the device.
	//
	// The format for this parameter is a sequence of six digits.
	//
	// AuthenticationCode2 is a required field
	AuthenticationCode2 *string `min:"6" type:"string" required:"true"`

	// Serial number that uniquely identifies the MFA device.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The name of the user whose MFA device you want to resynchronize.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ResyncMFADeviceInput) GoString

func (s ResyncMFADeviceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ResyncMFADeviceInput) SetAuthenticationCode1

func (s *ResyncMFADeviceInput) SetAuthenticationCode1(v string) *ResyncMFADeviceInput

SetAuthenticationCode1 sets the AuthenticationCode1 field's value.

func (*ResyncMFADeviceInput) SetAuthenticationCode2

func (s *ResyncMFADeviceInput) SetAuthenticationCode2(v string) *ResyncMFADeviceInput

SetAuthenticationCode2 sets the AuthenticationCode2 field's value.

func (*ResyncMFADeviceInput) SetSerialNumber

func (s *ResyncMFADeviceInput) SetSerialNumber(v string) *ResyncMFADeviceInput

SetSerialNumber sets the SerialNumber field's value.

func (*ResyncMFADeviceInput) SetUserName

SetUserName sets the UserName field's value.

func (ResyncMFADeviceInput) String

func (s ResyncMFADeviceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ResyncMFADeviceInput) Validate

func (s *ResyncMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ResyncMFADeviceOutput

type ResyncMFADeviceOutput struct {
	// contains filtered or unexported fields
}

func (ResyncMFADeviceOutput) GoString

func (s ResyncMFADeviceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (ResyncMFADeviceOutput) String

func (s ResyncMFADeviceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type Role

type Role struct {

	// The Amazon Resource Name (ARN) specifying the role. For more information
	// about ARNs and how to use them in policies, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The policy that grants an entity permission to assume the role.
	AssumeRolePolicyDocument *string `min:"1" type:"string"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the role was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" required:"true"`

	// A description of the role that you provide.
	Description *string `type:"string"`

	// The maximum session duration (in seconds) for the specified role. Anyone
	// who uses the CLI, or API to assume the role can specify the duration using
	// the optional DurationSeconds API parameter or duration-seconds CLI parameter.
	MaxSessionDuration *int64 `min:"3600" type:"integer"`

	// The path to the role. For more information about paths, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`

	// The ARN of the policy used to set the permissions boundary for the role.
	//
	// For more information about permissions boundaries, see Permissions boundaries
	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`

	// The stable and unique string identifying the role. For more information about
	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// RoleId is a required field
	RoleId *string `min:"16" type:"string" required:"true"`

	// Contains information about the last time that an IAM role was used. This
	// includes the date and time and the Region in which the role was last used.
	// Activity is only reported for the trailing 400 days. This period can be shorter
	// if your Region began supporting these features within the last year. The
	// role might have been used more than 400 days ago. For more information, see
	// Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
	// in the IAM user Guide.
	RoleLastUsed *RoleLastUsed `type:"structure"`

	// The friendly name that identifies the role.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`

	// A list of tags that are attached to the role. For more information about
	// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	Tags []*Tag `type:"list"`
	// contains filtered or unexported fields
}

Contains information about an IAM role. This structure is returned as a response element in several API operations that interact with roles.

func (Role) GoString

func (s Role) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*Role) SetArn

func (s *Role) SetArn(v string) *Role

SetArn sets the Arn field's value.

func (*Role) SetAssumeRolePolicyDocument

func (s *Role) SetAssumeRolePolicyDocument(v string) *Role

SetAssumeRolePolicyDocument sets the AssumeRolePolicyDocument field's value.

func (*Role) SetCreateDate

func (s *Role) SetCreateDate(v time.Time) *Role

SetCreateDate sets the CreateDate field's value.

func (*Role) SetDescription

func (s *Role) SetDescription(v string) *Role

SetDescription sets the Description field's value.

func (*Role) SetMaxSessionDuration

func (s *Role) SetMaxSessionDuration(v int64) *Role

SetMaxSessionDuration sets the MaxSessionDuration field's value.

func (*Role) SetPath

func (s *Role) SetPath(v string) *Role

SetPath sets the Path field's value.

func (*Role) SetPermissionsBoundary

func (s *Role) SetPermissionsBoundary(v *AttachedPermissionsBoundary) *Role

SetPermissionsBoundary sets the PermissionsBoundary field's value.

func (*Role) SetRoleId

func (s *Role) SetRoleId(v string) *Role

SetRoleId sets the RoleId field's value.

func (*Role) SetRoleLastUsed

func (s *Role) SetRoleLastUsed(v *RoleLastUsed) *Role

SetRoleLastUsed sets the RoleLastUsed field's value.

func (*Role) SetRoleName

func (s *Role) SetRoleName(v string) *Role

SetRoleName sets the RoleName field's value.

func (*Role) SetTags

func (s *Role) SetTags(v []*Tag) *Role

SetTags sets the Tags field's value.

func (Role) String

func (s Role) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type RoleDetail

type RoleDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	Arn *string `min:"20" type:"string"`

	// The trust policy that grants permission to assume the role.
	AssumeRolePolicyDocument *string `min:"1" type:"string"`

	// A list of managed policies attached to the role. These policies are the role's
	// access (permissions) policies.
	AttachedManagedPolicies []*AttachedPolicy `type:"list"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the role was created.
	CreateDate *time.Time `type:"timestamp"`

	// A list of instance profiles that contain this role.
	InstanceProfileList []*InstanceProfile `type:"list"`

	// The path to the role. For more information about paths, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	Path *string `min:"1" type:"string"`

	// The ARN of the policy used to set the permissions boundary for the role.
	//
	// For more information about permissions boundaries, see Permissions boundaries
	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`

	// The stable and unique string identifying the role. For more information about
	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	RoleId *string `min:"16" type:"string"`

	// Contains information about the last time that an IAM role was used. This
	// includes the date and time and the Region in which the role was last used.
	// Activity is only reported for the trailing 400 days. This period can be shorter
	// if your Region began supporting these features within the last year. The
	// role might have been used more than 400 days ago. For more information, see
	// Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
	// in the IAM User Guide.
	RoleLastUsed *RoleLastUsed `type:"structure"`

	// The friendly name that identifies the role.
	RoleName *string `min:"1" type:"string"`

	// A list of inline policies embedded in the role. These policies are the role's
	// access (permissions) policies.
	RolePolicyList []*PolicyDetail `type:"list"`

	// A list of tags that are attached to the role. For more information about
	// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	Tags []*Tag `type:"list"`
	// contains filtered or unexported fields
}

Contains information about an IAM role, including all of the role's policies.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

func (RoleDetail) GoString

func (s RoleDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RoleDetail) SetArn

func (s *RoleDetail) SetArn(v string) *RoleDetail

SetArn sets the Arn field's value.

func (*RoleDetail) SetAssumeRolePolicyDocument

func (s *RoleDetail) SetAssumeRolePolicyDocument(v string) *RoleDetail

SetAssumeRolePolicyDocument sets the AssumeRolePolicyDocument field's value.

func (*RoleDetail) SetAttachedManagedPolicies

func (s *RoleDetail) SetAttachedManagedPolicies(v []*AttachedPolicy) *RoleDetail

SetAttachedManagedPolicies sets the AttachedManagedPolicies field's value.

func (*RoleDetail) SetCreateDate

func (s *RoleDetail) SetCreateDate(v time.Time) *RoleDetail

SetCreateDate sets the CreateDate field's value.

func (*RoleDetail) SetInstanceProfileList

func (s *RoleDetail) SetInstanceProfileList(v []*InstanceProfile) *RoleDetail

SetInstanceProfileList sets the InstanceProfileList field's value.

func (*RoleDetail) SetPath

func (s *RoleDetail) SetPath(v string) *RoleDetail

SetPath sets the Path field's value.

func (*RoleDetail) SetPermissionsBoundary

func (s *RoleDetail) SetPermissionsBoundary(v *AttachedPermissionsBoundary) *RoleDetail

SetPermissionsBoundary sets the PermissionsBoundary field's value.

func (*RoleDetail) SetRoleId

func (s *RoleDetail) SetRoleId(v string) *RoleDetail

SetRoleId sets the RoleId field's value.

func (*RoleDetail) SetRoleLastUsed

func (s *RoleDetail) SetRoleLastUsed(v *RoleLastUsed) *RoleDetail

SetRoleLastUsed sets the RoleLastUsed field's value.

func (*RoleDetail) SetRoleName

func (s *RoleDetail) SetRoleName(v string) *RoleDetail

SetRoleName sets the RoleName field's value.

func (*RoleDetail) SetRolePolicyList

func (s *RoleDetail) SetRolePolicyList(v []*PolicyDetail) *RoleDetail

SetRolePolicyList sets the RolePolicyList field's value.

func (*RoleDetail) SetTags

func (s *RoleDetail) SetTags(v []*Tag) *RoleDetail

SetTags sets the Tags field's value.

func (RoleDetail) String

func (s RoleDetail) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type RoleLastUsed

type RoleLastUsed struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601)
	// that the role was last used.
	//
	// This field is null if the role has not been used within the IAM tracking
	// period. For more information about the tracking period, see Regions where
	// data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
	// in the IAM User Guide.
	LastUsedDate *time.Time `type:"timestamp"`

	// The name of the Amazon Web Services Region in which the role was last used.
	Region *string `type:"string"`
	// contains filtered or unexported fields
}

Contains information about the last time that an IAM role was used. This includes the date and time and the Region in which the role was last used. Activity is only reported for the trailing 400 days. This period can be shorter if your Region began supporting these features within the last year. The role might have been used more than 400 days ago. For more information, see Regions where data is tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period) in the IAM user Guide.

This data type is returned as a response element in the GetRole and GetAccountAuthorizationDetails operations.

func (RoleLastUsed) GoString

func (s RoleLastUsed) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RoleLastUsed) SetLastUsedDate

func (s *RoleLastUsed) SetLastUsedDate(v time.Time) *RoleLastUsed

SetLastUsedDate sets the LastUsedDate field's value.

func (*RoleLastUsed) SetRegion

func (s *RoleLastUsed) SetRegion(v string) *RoleLastUsed

SetRegion sets the Region field's value.

func (RoleLastUsed) String

func (s RoleLastUsed) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type RoleUsageType

type RoleUsageType struct {

	// The name of the Region where the service-linked role is being used.
	Region *string `min:"1" type:"string"`

	// The name of the resource that is using the service-linked role.
	Resources []*string `type:"list"`
	// contains filtered or unexported fields
}

An object that contains details about how a service-linked role is used, if that information is returned by the service.

This data type is used as a response element in the GetServiceLinkedRoleDeletionStatus operation.

func (RoleUsageType) GoString

func (s RoleUsageType) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*RoleUsageType) SetRegion

func (s *RoleUsageType) SetRegion(v string) *RoleUsageType

SetRegion sets the Region field's value.

func (*RoleUsageType) SetResources

func (s *RoleUsageType) SetResources(v []*string) *RoleUsageType

SetResources sets the Resources field's value.

func (RoleUsageType) String

func (s RoleUsageType) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SAMLProviderListEntry

type SAMLProviderListEntry struct {

	// The Amazon Resource Name (ARN) of the SAML provider.
	Arn *string `min:"20" type:"string"`

	// The date and time when the SAML provider was created.
	CreateDate *time.Time `type:"timestamp"`

	// The expiration date and time for the SAML provider.
	ValidUntil *time.Time `type:"timestamp"`
	// contains filtered or unexported fields
}

Contains the list of SAML providers for this account.

func (SAMLProviderListEntry) GoString

func (s SAMLProviderListEntry) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SAMLProviderListEntry) SetArn

SetArn sets the Arn field's value.

func (*SAMLProviderListEntry) SetCreateDate

SetCreateDate sets the CreateDate field's value.

func (*SAMLProviderListEntry) SetValidUntil

SetValidUntil sets the ValidUntil field's value.

func (SAMLProviderListEntry) String

func (s SAMLProviderListEntry) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SSHPublicKey

type SSHPublicKey struct {

	// The MD5 message digest of the SSH public key.
	//
	// Fingerprint is a required field
	Fingerprint *string `min:"48" type:"string" required:"true"`

	// The SSH public key.
	//
	// SSHPublicKeyBody is a required field
	SSHPublicKeyBody *string `min:"1" type:"string" required:"true"`

	// The unique identifier for the SSH public key.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The status of the SSH public key. Active means that the key can be used for
	// authentication with an CodeCommit repository. Inactive means that the key
	// cannot be used.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"StatusType"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the SSH public key was uploaded.
	UploadDate *time.Time `type:"timestamp"`

	// The name of the IAM user associated with the SSH public key.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an SSH public key.

This data type is used as a response element in the GetSSHPublicKey and UploadSSHPublicKey operations.

func (SSHPublicKey) GoString

func (s SSHPublicKey) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SSHPublicKey) SetFingerprint

func (s *SSHPublicKey) SetFingerprint(v string) *SSHPublicKey

SetFingerprint sets the Fingerprint field's value.

func (*SSHPublicKey) SetSSHPublicKeyBody

func (s *SSHPublicKey) SetSSHPublicKeyBody(v string) *SSHPublicKey

SetSSHPublicKeyBody sets the SSHPublicKeyBody field's value.

func (*SSHPublicKey) SetSSHPublicKeyId

func (s *SSHPublicKey) SetSSHPublicKeyId(v string) *SSHPublicKey

SetSSHPublicKeyId sets the SSHPublicKeyId field's value.

func (*SSHPublicKey) SetStatus

func (s *SSHPublicKey) SetStatus(v string) *SSHPublicKey

SetStatus sets the Status field's value.

func (*SSHPublicKey) SetUploadDate

func (s *SSHPublicKey) SetUploadDate(v time.Time) *SSHPublicKey

SetUploadDate sets the UploadDate field's value.

func (*SSHPublicKey) SetUserName

func (s *SSHPublicKey) SetUserName(v string) *SSHPublicKey

SetUserName sets the UserName field's value.

func (SSHPublicKey) String

func (s SSHPublicKey) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SSHPublicKeyMetadata

type SSHPublicKeyMetadata struct {

	// The unique identifier for the SSH public key.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The status of the SSH public key. Active means that the key can be used for
	// authentication with an CodeCommit repository. Inactive means that the key
	// cannot be used.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"StatusType"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the SSH public key was uploaded.
	//
	// UploadDate is a required field
	UploadDate *time.Time `type:"timestamp" required:"true"`

	// The name of the IAM user associated with the SSH public key.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an SSH public key, without the key's body or fingerprint.

This data type is used as a response element in the ListSSHPublicKeys operation.

func (SSHPublicKeyMetadata) GoString

func (s SSHPublicKeyMetadata) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SSHPublicKeyMetadata) SetSSHPublicKeyId

func (s *SSHPublicKeyMetadata) SetSSHPublicKeyId(v string) *SSHPublicKeyMetadata

SetSSHPublicKeyId sets the SSHPublicKeyId field's value.

func (*SSHPublicKeyMetadata) SetStatus

SetStatus sets the Status field's value.

func (*SSHPublicKeyMetadata) SetUploadDate

func (s *SSHPublicKeyMetadata) SetUploadDate(v time.Time) *SSHPublicKeyMetadata

SetUploadDate sets the UploadDate field's value.

func (*SSHPublicKeyMetadata) SetUserName

SetUserName sets the UserName field's value.

func (SSHPublicKeyMetadata) String

func (s SSHPublicKeyMetadata) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ServerCertificate

type ServerCertificate struct {

	// The contents of the public key certificate.
	//
	// CertificateBody is a required field
	CertificateBody *string `min:"1" type:"string" required:"true"`

	// The contents of the public key certificate chain.
	CertificateChain *string `min:"1" type:"string"`

	// The meta information of the server certificate, such as its name, path, ID,
	// and ARN.
	//
	// ServerCertificateMetadata is a required field
	ServerCertificateMetadata *ServerCertificateMetadata `type:"structure" required:"true"`

	// A list of tags that are attached to the server certificate. For more information
	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	Tags []*Tag `type:"list"`
	// contains filtered or unexported fields
}

Contains information about a server certificate.

This data type is used as a response element in the GetServerCertificate operation.

func (ServerCertificate) GoString

func (s ServerCertificate) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ServerCertificate) SetCertificateBody

func (s *ServerCertificate) SetCertificateBody(v string) *ServerCertificate

SetCertificateBody sets the CertificateBody field's value.

func (*ServerCertificate) SetCertificateChain

func (s *ServerCertificate) SetCertificateChain(v string) *ServerCertificate

SetCertificateChain sets the CertificateChain field's value.

func (*ServerCertificate) SetServerCertificateMetadata

func (s *ServerCertificate) SetServerCertificateMetadata(v *ServerCertificateMetadata) *ServerCertificate

SetServerCertificateMetadata sets the ServerCertificateMetadata field's value.

func (*ServerCertificate) SetTags

func (s *ServerCertificate) SetTags(v []*Tag) *ServerCertificate

SetTags sets the Tags field's value.

func (ServerCertificate) String

func (s ServerCertificate) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ServerCertificateMetadata

type ServerCertificateMetadata struct {

	// The Amazon Resource Name (ARN) specifying the server certificate. For more
	// information about ARNs and how to use them in policies, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The date on which the certificate is set to expire.
	Expiration *time.Time `type:"timestamp"`

	// The path to the server certificate. For more information about paths, see
	// IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`

	// The stable and unique string identifying the server certificate. For more
	// information about IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// ServerCertificateId is a required field
	ServerCertificateId *string `min:"16" type:"string" required:"true"`

	// The name that identifies the server certificate.
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`

	// The date when the server certificate was uploaded.
	UploadDate *time.Time `type:"timestamp"`
	// contains filtered or unexported fields
}

Contains information about a server certificate without its certificate body, certificate chain, and private key.

This data type is used as a response element in the UploadServerCertificate and ListServerCertificates operations.

func (ServerCertificateMetadata) GoString

func (s ServerCertificateMetadata) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ServerCertificateMetadata) SetArn

SetArn sets the Arn field's value.

func (*ServerCertificateMetadata) SetExpiration

SetExpiration sets the Expiration field's value.

func (*ServerCertificateMetadata) SetPath

SetPath sets the Path field's value.

func (*ServerCertificateMetadata) SetServerCertificateId

func (s *ServerCertificateMetadata) SetServerCertificateId(v string) *ServerCertificateMetadata

SetServerCertificateId sets the ServerCertificateId field's value.

func (*ServerCertificateMetadata) SetServerCertificateName

func (s *ServerCertificateMetadata) SetServerCertificateName(v string) *ServerCertificateMetadata

SetServerCertificateName sets the ServerCertificateName field's value.

func (*ServerCertificateMetadata) SetUploadDate

SetUploadDate sets the UploadDate field's value.

func (ServerCertificateMetadata) String

func (s ServerCertificateMetadata) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ServiceLastAccessed

type ServiceLastAccessed struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when an authenticated entity most recently attempted to access the service.
	// Amazon Web Services does not report unauthenticated requests.
	//
	// This field is null if no IAM entities attempted to access the service within
	// the tracking period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAuthenticated *time.Time `type:"timestamp"`

	// The ARN of the authenticated entity (user or role) that last attempted to
	// access the service. Amazon Web Services does not report unauthenticated requests.
	//
	// This field is null if no IAM entities attempted to access the service within
	// the tracking period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAuthenticatedEntity *string `min:"20" type:"string"`

	// The Region from which the authenticated entity (user or role) last attempted
	// to access the service. Amazon Web Services does not report unauthenticated
	// requests.
	//
	// This field is null if no IAM entities attempted to access the service within
	// the tracking period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAuthenticatedRegion *string `type:"string"`

	// The name of the service in which access was attempted.
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`

	// The namespace of the service in which access was attempted.
	//
	// To learn the service namespace of a service, see Actions, resources, and
	// condition keys for Amazon Web Services services (https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html)
	// in the Service Authorization Reference. Choose the name of the service to
	// view details for that service. In the first paragraph, find the service prefix.
	// For example, (service prefix: a4b). For more information about service namespaces,
	// see Amazon Web Services Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
	// in the Amazon Web Services General Reference.
	//
	// ServiceNamespace is a required field
	ServiceNamespace *string `min:"1" type:"string" required:"true"`

	// The total number of authenticated principals (root user, IAM users, or IAM
	// roles) that have attempted to access the service.
	//
	// This field is null if no principals attempted to access the service within
	// the tracking period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	TotalAuthenticatedEntities *int64 `type:"integer"`

	// An object that contains details about the most recent attempt to access a
	// tracked action within the service.
	//
	// This field is null if there no tracked actions or if the principal did not
	// use the tracked actions within the tracking period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	// This field is also null if the report was generated at the service level
	// and not the action level. For more information, see the Granularity field
	// in GenerateServiceLastAccessedDetails.
	TrackedActionsLastAccessed []*TrackedActionLastAccessed `type:"list"`
	// contains filtered or unexported fields
}

Contains details about the most recent attempt to access the service.

This data type is used as a response element in the GetServiceLastAccessedDetails operation.

func (ServiceLastAccessed) GoString

func (s ServiceLastAccessed) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ServiceLastAccessed) SetLastAuthenticated

func (s *ServiceLastAccessed) SetLastAuthenticated(v time.Time) *ServiceLastAccessed

SetLastAuthenticated sets the LastAuthenticated field's value.

func (*ServiceLastAccessed) SetLastAuthenticatedEntity

func (s *ServiceLastAccessed) SetLastAuthenticatedEntity(v string) *ServiceLastAccessed

SetLastAuthenticatedEntity sets the LastAuthenticatedEntity field's value.

func (*ServiceLastAccessed) SetLastAuthenticatedRegion

func (s *ServiceLastAccessed) SetLastAuthenticatedRegion(v string) *ServiceLastAccessed

SetLastAuthenticatedRegion sets the LastAuthenticatedRegion field's value.

func (*ServiceLastAccessed) SetServiceName

func (s *ServiceLastAccessed) SetServiceName(v string) *ServiceLastAccessed

SetServiceName sets the ServiceName field's value.

func (*ServiceLastAccessed) SetServiceNamespace

func (s *ServiceLastAccessed) SetServiceNamespace(v string) *ServiceLastAccessed

SetServiceNamespace sets the ServiceNamespace field's value.

func (*ServiceLastAccessed) SetTotalAuthenticatedEntities

func (s *ServiceLastAccessed) SetTotalAuthenticatedEntities(v int64) *ServiceLastAccessed

SetTotalAuthenticatedEntities sets the TotalAuthenticatedEntities field's value.

func (*ServiceLastAccessed) SetTrackedActionsLastAccessed

func (s *ServiceLastAccessed) SetTrackedActionsLastAccessed(v []*TrackedActionLastAccessed) *ServiceLastAccessed

SetTrackedActionsLastAccessed sets the TrackedActionsLastAccessed field's value.

func (ServiceLastAccessed) String

func (s ServiceLastAccessed) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ServiceSpecificCredential

type ServiceSpecificCredential struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the service-specific credential were created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" required:"true"`

	// The name of the service associated with the service-specific credential.
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`

	// The generated password for the service-specific credential.
	//
	// ServicePassword is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by ServiceSpecificCredential's
	// String and GoString methods.
	//
	// ServicePassword is a required field
	ServicePassword *string `type:"string" required:"true" sensitive:"true"`

	// The unique identifier for the service-specific credential.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The generated user name for the service-specific credential. This value is
	// generated by combining the IAM user's name combined with the ID number of
	// the Amazon Web Services account, as in jane-at-123456789012, for example.
	// This value cannot be configured by the user.
	//
	// ServiceUserName is a required field
	ServiceUserName *string `min:"17" type:"string" required:"true"`

	// The status of the service-specific credential. Active means that the key
	// is valid for API calls, while Inactive means it is not.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"StatusType"`

	// The name of the IAM user associated with the service-specific credential.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the details of a service-specific credential.

func (ServiceSpecificCredential) GoString

func (s ServiceSpecificCredential) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ServiceSpecificCredential) SetCreateDate

SetCreateDate sets the CreateDate field's value.

func (*ServiceSpecificCredential) SetServiceName

SetServiceName sets the ServiceName field's value.

func (*ServiceSpecificCredential) SetServicePassword

SetServicePassword sets the ServicePassword field's value.

func (*ServiceSpecificCredential) SetServiceSpecificCredentialId

func (s *ServiceSpecificCredential) SetServiceSpecificCredentialId(v string) *ServiceSpecificCredential

SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.

func (*ServiceSpecificCredential) SetServiceUserName

SetServiceUserName sets the ServiceUserName field's value.

func (*ServiceSpecificCredential) SetStatus

SetStatus sets the Status field's value.

func (*ServiceSpecificCredential) SetUserName

SetUserName sets the UserName field's value.

func (ServiceSpecificCredential) String

func (s ServiceSpecificCredential) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type ServiceSpecificCredentialMetadata

type ServiceSpecificCredentialMetadata struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the service-specific credential were created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" required:"true"`

	// The name of the service associated with the service-specific credential.
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`

	// The unique identifier for the service-specific credential.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The generated user name for the service-specific credential.
	//
	// ServiceUserName is a required field
	ServiceUserName *string `min:"17" type:"string" required:"true"`

	// The status of the service-specific credential. Active means that the key
	// is valid for API calls, while Inactive means it is not.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"StatusType"`

	// The name of the IAM user associated with the service-specific credential.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains additional details about a service-specific credential.

func (ServiceSpecificCredentialMetadata) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*ServiceSpecificCredentialMetadata) SetCreateDate

SetCreateDate sets the CreateDate field's value.

func (*ServiceSpecificCredentialMetadata) SetServiceName

SetServiceName sets the ServiceName field's value.

func (*ServiceSpecificCredentialMetadata) SetServiceSpecificCredentialId

func (s *ServiceSpecificCredentialMetadata) SetServiceSpecificCredentialId(v string) *ServiceSpecificCredentialMetadata

SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.

func (*ServiceSpecificCredentialMetadata) SetServiceUserName

SetServiceUserName sets the ServiceUserName field's value.

func (*ServiceSpecificCredentialMetadata) SetStatus

SetStatus sets the Status field's value.

func (*ServiceSpecificCredentialMetadata) SetUserName

SetUserName sets the UserName field's value.

func (ServiceSpecificCredentialMetadata) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SetDefaultPolicyVersionInput

type SetDefaultPolicyVersionInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy whose default version you
	// want to set.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The version of the policy to set as the default (operative) version.
	//
	// For more information about managed policy versions, see Versioning for managed
	// policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the IAM User Guide.
	//
	// VersionId is a required field
	VersionId *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (SetDefaultPolicyVersionInput) GoString

func (s SetDefaultPolicyVersionInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetDefaultPolicyVersionInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (*SetDefaultPolicyVersionInput) SetVersionId

SetVersionId sets the VersionId field's value.

func (SetDefaultPolicyVersionInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetDefaultPolicyVersionInput) Validate

func (s *SetDefaultPolicyVersionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type SetDefaultPolicyVersionOutput

type SetDefaultPolicyVersionOutput struct {
	// contains filtered or unexported fields
}

func (SetDefaultPolicyVersionOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (SetDefaultPolicyVersionOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SetSecurityTokenServicePreferencesInput

type SetSecurityTokenServicePreferencesInput struct {

	// The version of the global endpoint token. Version 1 tokens are valid only
	// in Amazon Web Services Regions that are available by default. These tokens
	// do not work in manually enabled Regions, such as Asia Pacific (Hong Kong).
	// Version 2 tokens are valid in all Regions. However, version 2 tokens are
	// longer and might affect systems where you temporarily store tokens.
	//
	// For information, see Activating and deactivating STS in an Amazon Web Services
	// Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html)
	// in the IAM User Guide.
	//
	// GlobalEndpointTokenVersion is a required field
	GlobalEndpointTokenVersion *string `type:"string" required:"true" enum:"GlobalEndpointTokenVersion"`
	// contains filtered or unexported fields
}

func (SetSecurityTokenServicePreferencesInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetSecurityTokenServicePreferencesInput) SetGlobalEndpointTokenVersion

SetGlobalEndpointTokenVersion sets the GlobalEndpointTokenVersion field's value.

func (SetSecurityTokenServicePreferencesInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SetSecurityTokenServicePreferencesInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type SetSecurityTokenServicePreferencesOutput

type SetSecurityTokenServicePreferencesOutput struct {
	// contains filtered or unexported fields
}

func (SetSecurityTokenServicePreferencesOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (SetSecurityTokenServicePreferencesOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SigningCertificate

type SigningCertificate struct {

	// The contents of the signing certificate.
	//
	// CertificateBody is a required field
	CertificateBody *string `min:"1" type:"string" required:"true"`

	// The ID for the signing certificate.
	//
	// CertificateId is a required field
	CertificateId *string `min:"24" type:"string" required:"true"`

	// The status of the signing certificate. Active means that the key is valid
	// for API calls, while Inactive means it is not.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"StatusType"`

	// The date when the signing certificate was uploaded.
	UploadDate *time.Time `type:"timestamp"`

	// The name of the user the signing certificate is associated with.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an X.509 signing certificate.

This data type is used as a response element in the UploadSigningCertificate and ListSigningCertificates operations.

func (SigningCertificate) GoString

func (s SigningCertificate) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SigningCertificate) SetCertificateBody

func (s *SigningCertificate) SetCertificateBody(v string) *SigningCertificate

SetCertificateBody sets the CertificateBody field's value.

func (*SigningCertificate) SetCertificateId

func (s *SigningCertificate) SetCertificateId(v string) *SigningCertificate

SetCertificateId sets the CertificateId field's value.

func (*SigningCertificate) SetStatus

func (s *SigningCertificate) SetStatus(v string) *SigningCertificate

SetStatus sets the Status field's value.

func (*SigningCertificate) SetUploadDate

func (s *SigningCertificate) SetUploadDate(v time.Time) *SigningCertificate

SetUploadDate sets the UploadDate field's value.

func (*SigningCertificate) SetUserName

func (s *SigningCertificate) SetUserName(v string) *SigningCertificate

SetUserName sets the UserName field's value.

func (SigningCertificate) String

func (s SigningCertificate) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SimulateCustomPolicyInput

type SimulateCustomPolicyInput struct {

	// A list of names of API operations to evaluate in the simulation. Each operation
	// is evaluated against each resource. Each operation must include the service
	// identifier, such as iam:CreateUser. This operation does not support using
	// wildcards (*) in an action name.
	//
	// ActionNames is a required field
	ActionNames []*string `type:"list" required:"true"`

	// The ARN of the IAM user that you want to use as the simulated caller of the
	// API operations. CallerArn is required if you include a ResourcePolicy so
	// that the policy's Principal element has a value to use in evaluating the
	// policy.
	//
	// You can specify only the ARN of an IAM user. You cannot specify the ARN of
	// an assumed role, federated user, or a service principal.
	CallerArn *string `min:"1" type:"string"`

	// A list of context keys and corresponding values for the simulation to use.
	// Whenever a context key is evaluated in one of the simulated IAM permissions
	// policies, the corresponding value is supplied.
	ContextEntries []*ContextEntry `type:"list"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The IAM permissions boundary policy to simulate. The permissions boundary
	// sets the maximum permissions that an IAM entity can have. You can input only
	// one permissions boundary when you pass a policy to this operation. For more
	// information about permissions boundaries, see Permissions boundaries for
	// IAM entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide. The policy input is specified as a string that contains
	// the complete, valid JSON text of a permissions boundary policy.
	//
	// The maximum length of the policy document that you can pass in this operation,
	// including whitespace, is listed below. To view the maximum character counts
	// of a managed policy with no whitespaces, see IAM and STS character quotas
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	PermissionsBoundaryPolicyInputList []*string `type:"list"`

	// A list of policy documents to include in the simulation. Each document is
	// specified as a string containing the complete, valid JSON text of an IAM
	// policy. Do not include any resource-based policies in this parameter. Any
	// resource-based policy must be submitted with the ResourcePolicy parameter.
	// The policies cannot be "scope-down" policies, such as you could include in
	// a call to GetFederationToken (https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetFederationToken.html)
	// or one of the AssumeRole (https://docs.aws.amazon.com/IAM/latest/APIReference/API_AssumeRole.html)
	// API operations. In other words, do not use policies designed to restrict
	// what a user can do while using the temporary credentials.
	//
	// The maximum length of the policy document that you can pass in this operation,
	// including whitespace, is listed below. To view the maximum character counts
	// of a managed policy with no whitespaces, see IAM and STS character quotas
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyInputList is a required field
	PolicyInputList []*string `type:"list" required:"true"`

	// A list of ARNs of Amazon Web Services resources to include in the simulation.
	// If this parameter is not provided, then the value defaults to * (all resources).
	// Each API in the ActionNames parameter is evaluated for each resource in this
	// list. The simulation determines the access result (allowed or denied) of
	// each combination and reports it in the response. You can simulate resources
	// that don't exist in your account.
	//
	// The simulation does not automatically retrieve policies for the specified
	// resources. If you want to include a resource policy in the simulation, then
	// you must include the policy as a string in the ResourcePolicy parameter.
	//
	// If you include a ResourcePolicy, then it must be applicable to all of the
	// resources included in the simulation or you receive an invalid input error.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// Simulation of resource-based policies isn't supported for IAM roles.
	ResourceArns []*string `type:"list"`

	// Specifies the type of simulation to run. Different API operations that support
	// resource-based policies require different combinations of resources. By specifying
	// the type of simulation to run, you enable the policy simulator to enforce
	// the presence of the required resources to ensure reliable simulation results.
	// If your simulation does not match one of the following scenarios, then you
	// can omit this parameter. The following list shows each of the supported scenario
	// values and the resources that you must define to run the simulation.
	//
	// Each of the EC2 scenarios requires that you specify instance, image, and
	// security group resources. If your scenario includes an EBS volume, then you
	// must specify that volume as a resource. If the EC2 scenario includes VPC,
	// then you must supply the network interface resource. If it includes an IP
	// subnet, then you must specify the subnet resource. For more information on
	// the EC2 scenario options, see Supported platforms (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html)
	// in the Amazon EC2 User Guide.
	//
	//    * EC2-VPC-InstanceStore instance, image, security group, network interface
	//
	//    * EC2-VPC-InstanceStore-Subnet instance, image, security group, network
	//    interface, subnet
	//
	//    * EC2-VPC-EBS instance, image, security group, network interface, volume
	//
	//    * EC2-VPC-EBS-Subnet instance, image, security group, network interface,
	//    subnet, volume
	ResourceHandlingOption *string `min:"1" type:"string"`

	// An ARN representing the Amazon Web Services account ID that specifies the
	// owner of any simulated resource that does not identify its owner in the resource
	// ARN. Examples of resource ARNs include an S3 bucket or object. If ResourceOwner
	// is specified, it is also used as the account owner of any ResourcePolicy
	// included in the simulation. If the ResourceOwner parameter is not specified,
	// then the owner of the resources and the resource policy defaults to the account
	// of the identity provided in CallerArn. This parameter is required only if
	// you specify a resource-based policy and account that owns the resource is
	// different from the account that owns the simulated calling user CallerArn.
	//
	// The ARN for an account uses the following syntax: arn:aws:iam::AWS-account-ID:root.
	// For example, to represent the account with the 112233445566 ID, use the following
	// ARN: arn:aws:iam::112233445566-ID:root.
	ResourceOwner *string `min:"1" type:"string"`

	// A resource-based policy to include in the simulation provided as a string.
	// Each resource in the simulation is treated as if it had this policy attached.
	// You can include only one resource-based policy in a simulation.
	//
	// The maximum length of the policy document that you can pass in this operation,
	// including whitespace, is listed below. To view the maximum character counts
	// of a managed policy with no whitespaces, see IAM and STS character quotas
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// Simulation of resource-based policies isn't supported for IAM roles.
	ResourcePolicy *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (SimulateCustomPolicyInput) GoString

func (s SimulateCustomPolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SimulateCustomPolicyInput) SetActionNames

SetActionNames sets the ActionNames field's value.

func (*SimulateCustomPolicyInput) SetCallerArn

SetCallerArn sets the CallerArn field's value.

func (*SimulateCustomPolicyInput) SetContextEntries

SetContextEntries sets the ContextEntries field's value.

func (*SimulateCustomPolicyInput) SetMarker

SetMarker sets the Marker field's value.

func (*SimulateCustomPolicyInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*SimulateCustomPolicyInput) SetPermissionsBoundaryPolicyInputList

func (s *SimulateCustomPolicyInput) SetPermissionsBoundaryPolicyInputList(v []*string) *SimulateCustomPolicyInput

SetPermissionsBoundaryPolicyInputList sets the PermissionsBoundaryPolicyInputList field's value.

func (*SimulateCustomPolicyInput) SetPolicyInputList

func (s *SimulateCustomPolicyInput) SetPolicyInputList(v []*string) *SimulateCustomPolicyInput

SetPolicyInputList sets the PolicyInputList field's value.

func (*SimulateCustomPolicyInput) SetResourceArns

SetResourceArns sets the ResourceArns field's value.

func (*SimulateCustomPolicyInput) SetResourceHandlingOption

func (s *SimulateCustomPolicyInput) SetResourceHandlingOption(v string) *SimulateCustomPolicyInput

SetResourceHandlingOption sets the ResourceHandlingOption field's value.

func (*SimulateCustomPolicyInput) SetResourceOwner

SetResourceOwner sets the ResourceOwner field's value.

func (*SimulateCustomPolicyInput) SetResourcePolicy

SetResourcePolicy sets the ResourcePolicy field's value.

func (SimulateCustomPolicyInput) String

func (s SimulateCustomPolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SimulateCustomPolicyInput) Validate

func (s *SimulateCustomPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type SimulatePolicyResponse

type SimulatePolicyResponse struct {

	// The results of the simulation.
	EvaluationResults []*EvaluationResult `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful SimulatePrincipalPolicy or SimulateCustomPolicy request.

func (SimulatePolicyResponse) GoString

func (s SimulatePolicyResponse) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SimulatePolicyResponse) SetEvaluationResults

func (s *SimulatePolicyResponse) SetEvaluationResults(v []*EvaluationResult) *SimulatePolicyResponse

SetEvaluationResults sets the EvaluationResults field's value.

func (*SimulatePolicyResponse) SetIsTruncated

func (s *SimulatePolicyResponse) SetIsTruncated(v bool) *SimulatePolicyResponse

SetIsTruncated sets the IsTruncated field's value.

func (*SimulatePolicyResponse) SetMarker

SetMarker sets the Marker field's value.

func (SimulatePolicyResponse) String

func (s SimulatePolicyResponse) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type SimulatePrincipalPolicyInput

type SimulatePrincipalPolicyInput struct {

	// A list of names of API operations to evaluate in the simulation. Each operation
	// is evaluated for each resource. Each operation must include the service identifier,
	// such as iam:CreateUser.
	//
	// ActionNames is a required field
	ActionNames []*string `type:"list" required:"true"`

	// The ARN of the IAM user that you want to specify as the simulated caller
	// of the API operations. If you do not specify a CallerArn, it defaults to
	// the ARN of the user that you specify in PolicySourceArn, if you specified
	// a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David)
	// and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result
	// is that you simulate calling the API operations as Bob, as if Bob had David's
	// policies.
	//
	// You can specify only the ARN of an IAM user. You cannot specify the ARN of
	// an assumed role, federated user, or a service principal.
	//
	// CallerArn is required if you include a ResourcePolicy and the PolicySourceArn
	// is not the ARN for an IAM user. This is required so that the resource-based
	// policy's Principal element has a value to use in evaluating the policy.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	CallerArn *string `min:"1" type:"string"`

	// A list of context keys and corresponding values for the simulation to use.
	// Whenever a context key is evaluated in one of the simulated IAM permissions
	// policies, the corresponding value is supplied.
	ContextEntries []*ContextEntry `type:"list"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// Use this only when paginating results to indicate the maximum number of items
	// you want in the response. If additional items exist beyond the maximum you
	// specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, the number of items defaults to 100.
	// Note that IAM might return fewer results, even when there are more results
	// available. In that case, the IsTruncated response element returns true, and
	// Marker contains a value to include in the subsequent call that tells the
	// service where to continue from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The IAM permissions boundary policy to simulate. The permissions boundary
	// sets the maximum permissions that the entity can have. You can input only
	// one permissions boundary when you pass a policy to this operation. An IAM
	// entity can only have one permissions boundary in effect at a time. For example,
	// if a permissions boundary is attached to an entity and you pass in a different
	// permissions boundary policy using this parameter, then the new permissions
	// boundary policy is used for the simulation. For more information about permissions
	// boundaries, see Permissions boundaries for IAM entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide. The policy input is specified as a string containing
	// the complete, valid JSON text of a permissions boundary policy.
	//
	// The maximum length of the policy document that you can pass in this operation,
	// including whitespace, is listed below. To view the maximum character counts
	// of a managed policy with no whitespaces, see IAM and STS character quotas
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	PermissionsBoundaryPolicyInputList []*string `type:"list"`

	// An optional list of additional policy documents to include in the simulation.
	// Each document is specified as a string containing the complete, valid JSON
	// text of an IAM policy.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	PolicyInputList []*string `type:"list"`

	// The Amazon Resource Name (ARN) of a user, group, or role whose policies you
	// want to include in the simulation. If you specify a user, group, or role,
	// the simulation includes all policies that are associated with that entity.
	// If you specify a user, the simulation also includes all policies that are
	// attached to any groups the user belongs to.
	//
	// The maximum length of the policy document that you can pass in this operation,
	// including whitespace, is listed below. To view the maximum character counts
	// of a managed policy with no whitespaces, see IAM and STS character quotas
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// PolicySourceArn is a required field
	PolicySourceArn *string `min:"20" type:"string" required:"true"`

	// A list of ARNs of Amazon Web Services resources to include in the simulation.
	// If this parameter is not provided, then the value defaults to * (all resources).
	// Each API in the ActionNames parameter is evaluated for each resource in this
	// list. The simulation determines the access result (allowed or denied) of
	// each combination and reports it in the response. You can simulate resources
	// that don't exist in your account.
	//
	// The simulation does not automatically retrieve policies for the specified
	// resources. If you want to include a resource policy in the simulation, then
	// you must include the policy as a string in the ResourcePolicy parameter.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// Simulation of resource-based policies isn't supported for IAM roles.
	ResourceArns []*string `type:"list"`

	// Specifies the type of simulation to run. Different API operations that support
	// resource-based policies require different combinations of resources. By specifying
	// the type of simulation to run, you enable the policy simulator to enforce
	// the presence of the required resources to ensure reliable simulation results.
	// If your simulation does not match one of the following scenarios, then you
	// can omit this parameter. The following list shows each of the supported scenario
	// values and the resources that you must define to run the simulation.
	//
	// Each of the EC2 scenarios requires that you specify instance, image, and
	// security group resources. If your scenario includes an EBS volume, then you
	// must specify that volume as a resource. If the EC2 scenario includes VPC,
	// then you must supply the network interface resource. If it includes an IP
	// subnet, then you must specify the subnet resource. For more information on
	// the EC2 scenario options, see Supported platforms (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html)
	// in the Amazon EC2 User Guide.
	//
	//    * EC2-VPC-InstanceStore instance, image, security group, network interface
	//
	//    * EC2-VPC-InstanceStore-Subnet instance, image, security group, network
	//    interface, subnet
	//
	//    * EC2-VPC-EBS instance, image, security group, network interface, volume
	//
	//    * EC2-VPC-EBS-Subnet instance, image, security group, network interface,
	//    subnet, volume
	ResourceHandlingOption *string `min:"1" type:"string"`

	// An Amazon Web Services account ID that specifies the owner of any simulated
	// resource that does not identify its owner in the resource ARN. Examples of
	// resource ARNs include an S3 bucket or object. If ResourceOwner is specified,
	// it is also used as the account owner of any ResourcePolicy included in the
	// simulation. If the ResourceOwner parameter is not specified, then the owner
	// of the resources and the resource policy defaults to the account of the identity
	// provided in CallerArn. This parameter is required only if you specify a resource-based
	// policy and account that owns the resource is different from the account that
	// owns the simulated calling user CallerArn.
	ResourceOwner *string `min:"1" type:"string"`

	// A resource-based policy to include in the simulation provided as a string.
	// Each resource in the simulation is treated as if it had this policy attached.
	// You can include only one resource-based policy in a simulation.
	//
	// The maximum length of the policy document that you can pass in this operation,
	// including whitespace, is listed below. To view the maximum character counts
	// of a managed policy with no whitespaces, see IAM and STS character quotas
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length).
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// Simulation of resource-based policies isn't supported for IAM roles.
	ResourcePolicy *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (SimulatePrincipalPolicyInput) GoString

func (s SimulatePrincipalPolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SimulatePrincipalPolicyInput) SetActionNames

SetActionNames sets the ActionNames field's value.

func (*SimulatePrincipalPolicyInput) SetCallerArn

SetCallerArn sets the CallerArn field's value.

func (*SimulatePrincipalPolicyInput) SetContextEntries

SetContextEntries sets the ContextEntries field's value.

func (*SimulatePrincipalPolicyInput) SetMarker

SetMarker sets the Marker field's value.

func (*SimulatePrincipalPolicyInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*SimulatePrincipalPolicyInput) SetPermissionsBoundaryPolicyInputList

func (s *SimulatePrincipalPolicyInput) SetPermissionsBoundaryPolicyInputList(v []*string) *SimulatePrincipalPolicyInput

SetPermissionsBoundaryPolicyInputList sets the PermissionsBoundaryPolicyInputList field's value.

func (*SimulatePrincipalPolicyInput) SetPolicyInputList

SetPolicyInputList sets the PolicyInputList field's value.

func (*SimulatePrincipalPolicyInput) SetPolicySourceArn

SetPolicySourceArn sets the PolicySourceArn field's value.

func (*SimulatePrincipalPolicyInput) SetResourceArns

SetResourceArns sets the ResourceArns field's value.

func (*SimulatePrincipalPolicyInput) SetResourceHandlingOption

func (s *SimulatePrincipalPolicyInput) SetResourceHandlingOption(v string) *SimulatePrincipalPolicyInput

SetResourceHandlingOption sets the ResourceHandlingOption field's value.

func (*SimulatePrincipalPolicyInput) SetResourceOwner

SetResourceOwner sets the ResourceOwner field's value.

func (*SimulatePrincipalPolicyInput) SetResourcePolicy

SetResourcePolicy sets the ResourcePolicy field's value.

func (SimulatePrincipalPolicyInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*SimulatePrincipalPolicyInput) Validate

func (s *SimulatePrincipalPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type Statement

type Statement struct {

	// The row and column of the end of a Statement in an IAM policy.
	EndPosition *Position `type:"structure"`

	// The identifier of the policy that was provided as an input.
	SourcePolicyId *string `type:"string"`

	// The type of the policy.
	SourcePolicyType *string `type:"string" enum:"PolicySourceType"`

	// The row and column of the beginning of the Statement in an IAM policy.
	StartPosition *Position `type:"structure"`
	// contains filtered or unexported fields
}

Contains a reference to a Statement element in a policy document that determines the result of the simulation.

This data type is used by the MatchedStatements member of the EvaluationResult type.

func (Statement) GoString

func (s Statement) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*Statement) SetEndPosition

func (s *Statement) SetEndPosition(v *Position) *Statement

SetEndPosition sets the EndPosition field's value.

func (*Statement) SetSourcePolicyId

func (s *Statement) SetSourcePolicyId(v string) *Statement

SetSourcePolicyId sets the SourcePolicyId field's value.

func (*Statement) SetSourcePolicyType

func (s *Statement) SetSourcePolicyType(v string) *Statement

SetSourcePolicyType sets the SourcePolicyType field's value.

func (*Statement) SetStartPosition

func (s *Statement) SetStartPosition(v *Position) *Statement

SetStartPosition sets the StartPosition field's value.

func (Statement) String

func (s Statement) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type Tag

type Tag struct {

	// The key name that can be used to look up or retrieve the associated value.
	// For example, Department or Cost Center are common choices.
	//
	// Key is a required field
	Key *string `min:"1" type:"string" required:"true"`

	// The value associated with this tag. For example, tags with a key name of
	// Department could have values such as Human Resources, Accounting, and Support.
	// Tags with a key name of Cost Center might have values that consist of the
	// number associated with the different cost centers in your company. Typically,
	// many resources have tags with the same key name but with different values.
	//
	// Amazon Web Services always interprets the tag Value as a single string. If
	// you need to store an array, you can store comma-separated values in the string.
	// However, you must interpret the value in your code.
	//
	// Value is a required field
	Value *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

A structure that represents user-provided metadata that can be associated with an IAM resource. For more information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

func (Tag) GoString

func (s Tag) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*Tag) SetKey

func (s *Tag) SetKey(v string) *Tag

SetKey sets the Key field's value.

func (*Tag) SetValue

func (s *Tag) SetValue(v string) *Tag

SetValue sets the Value field's value.

func (Tag) String

func (s Tag) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*Tag) Validate

func (s *Tag) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type TagInstanceProfileInput

type TagInstanceProfileInput struct {

	// The name of the IAM instance profile to which you want to add tags.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`

	// The list of tags that you want to attach to the IAM instance profile. Each
	// tag consists of a key name and an associated value.
	//
	// Tags is a required field
	Tags []*Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (TagInstanceProfileInput) GoString

func (s TagInstanceProfileInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagInstanceProfileInput) SetInstanceProfileName

func (s *TagInstanceProfileInput) SetInstanceProfileName(v string) *TagInstanceProfileInput

SetInstanceProfileName sets the InstanceProfileName field's value.

func (*TagInstanceProfileInput) SetTags

SetTags sets the Tags field's value.

func (TagInstanceProfileInput) String

func (s TagInstanceProfileInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagInstanceProfileInput) Validate

func (s *TagInstanceProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type TagInstanceProfileOutput

type TagInstanceProfileOutput struct {
	// contains filtered or unexported fields
}

func (TagInstanceProfileOutput) GoString

func (s TagInstanceProfileOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (TagInstanceProfileOutput) String

func (s TagInstanceProfileOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type TagMFADeviceInput

type TagMFADeviceInput struct {

	// The unique identifier for the IAM virtual MFA device to which you want to
	// add tags. For virtual MFA devices, the serial number is the same as the ARN.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The list of tags that you want to attach to the IAM virtual MFA device. Each
	// tag consists of a key name and an associated value.
	//
	// Tags is a required field
	Tags []*Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (TagMFADeviceInput) GoString

func (s TagMFADeviceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagMFADeviceInput) SetSerialNumber

func (s *TagMFADeviceInput) SetSerialNumber(v string) *TagMFADeviceInput

SetSerialNumber sets the SerialNumber field's value.

func (*TagMFADeviceInput) SetTags

func (s *TagMFADeviceInput) SetTags(v []*Tag) *TagMFADeviceInput

SetTags sets the Tags field's value.

func (TagMFADeviceInput) String

func (s TagMFADeviceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagMFADeviceInput) Validate

func (s *TagMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type TagMFADeviceOutput

type TagMFADeviceOutput struct {
	// contains filtered or unexported fields
}

func (TagMFADeviceOutput) GoString

func (s TagMFADeviceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (TagMFADeviceOutput) String

func (s TagMFADeviceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type TagOpenIDConnectProviderInput

type TagOpenIDConnectProviderInput struct {

	// The ARN of the OIDC identity provider in IAM to which you want to add tags.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`

	// The list of tags that you want to attach to the OIDC identity provider in
	// IAM. Each tag consists of a key name and an associated value.
	//
	// Tags is a required field
	Tags []*Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (TagOpenIDConnectProviderInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagOpenIDConnectProviderInput) SetOpenIDConnectProviderArn

func (s *TagOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *TagOpenIDConnectProviderInput

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (*TagOpenIDConnectProviderInput) SetTags

SetTags sets the Tags field's value.

func (TagOpenIDConnectProviderInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagOpenIDConnectProviderInput) Validate

func (s *TagOpenIDConnectProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type TagOpenIDConnectProviderOutput

type TagOpenIDConnectProviderOutput struct {
	// contains filtered or unexported fields
}

func (TagOpenIDConnectProviderOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (TagOpenIDConnectProviderOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type TagPolicyInput

type TagPolicyInput struct {

	// The ARN of the IAM customer managed policy to which you want to add tags.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The list of tags that you want to attach to the IAM customer managed policy.
	// Each tag consists of a key name and an associated value.
	//
	// Tags is a required field
	Tags []*Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (TagPolicyInput) GoString

func (s TagPolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagPolicyInput) SetPolicyArn

func (s *TagPolicyInput) SetPolicyArn(v string) *TagPolicyInput

SetPolicyArn sets the PolicyArn field's value.

func (*TagPolicyInput) SetTags

func (s *TagPolicyInput) SetTags(v []*Tag) *TagPolicyInput

SetTags sets the Tags field's value.

func (TagPolicyInput) String

func (s TagPolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagPolicyInput) Validate

func (s *TagPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type TagPolicyOutput

type TagPolicyOutput struct {
	// contains filtered or unexported fields
}

func (TagPolicyOutput) GoString

func (s TagPolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (TagPolicyOutput) String

func (s TagPolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type TagRoleInput

type TagRoleInput struct {

	// The name of the IAM role to which you want to add tags.
	//
	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that consist of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`

	// The list of tags that you want to attach to the IAM role. Each tag consists
	// of a key name and an associated value.
	//
	// Tags is a required field
	Tags []*Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (TagRoleInput) GoString

func (s TagRoleInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagRoleInput) SetRoleName

func (s *TagRoleInput) SetRoleName(v string) *TagRoleInput

SetRoleName sets the RoleName field's value.

func (*TagRoleInput) SetTags

func (s *TagRoleInput) SetTags(v []*Tag) *TagRoleInput

SetTags sets the Tags field's value.

func (TagRoleInput) String

func (s TagRoleInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagRoleInput) Validate

func (s *TagRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type TagRoleOutput

type TagRoleOutput struct {
	// contains filtered or unexported fields
}

func (TagRoleOutput) GoString

func (s TagRoleOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (TagRoleOutput) String

func (s TagRoleOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type TagSAMLProviderInput

type TagSAMLProviderInput struct {

	// The ARN of the SAML identity provider in IAM to which you want to add tags.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// SAMLProviderArn is a required field
	SAMLProviderArn *string `min:"20" type:"string" required:"true"`

	// The list of tags that you want to attach to the SAML identity provider in
	// IAM. Each tag consists of a key name and an associated value.
	//
	// Tags is a required field
	Tags []*Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (TagSAMLProviderInput) GoString

func (s TagSAMLProviderInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagSAMLProviderInput) SetSAMLProviderArn

func (s *TagSAMLProviderInput) SetSAMLProviderArn(v string) *TagSAMLProviderInput

SetSAMLProviderArn sets the SAMLProviderArn field's value.

func (*TagSAMLProviderInput) SetTags

func (s *TagSAMLProviderInput) SetTags(v []*Tag) *TagSAMLProviderInput

SetTags sets the Tags field's value.

func (TagSAMLProviderInput) String

func (s TagSAMLProviderInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagSAMLProviderInput) Validate

func (s *TagSAMLProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type TagSAMLProviderOutput

type TagSAMLProviderOutput struct {
	// contains filtered or unexported fields
}

func (TagSAMLProviderOutput) GoString

func (s TagSAMLProviderOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (TagSAMLProviderOutput) String

func (s TagSAMLProviderOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type TagServerCertificateInput

type TagServerCertificateInput struct {

	// The name of the IAM server certificate to which you want to add tags.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`

	// The list of tags that you want to attach to the IAM server certificate. Each
	// tag consists of a key name and an associated value.
	//
	// Tags is a required field
	Tags []*Tag `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (TagServerCertificateInput) GoString

func (s TagServerCertificateInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagServerCertificateInput) SetServerCertificateName

func (s *TagServerCertificateInput) SetServerCertificateName(v string) *TagServerCertificateInput

SetServerCertificateName sets the ServerCertificateName field's value.

func (*TagServerCertificateInput) SetTags

SetTags sets the Tags field's value.

func (TagServerCertificateInput) String

func (s TagServerCertificateInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagServerCertificateInput) Validate

func (s *TagServerCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type TagServerCertificateOutput

type TagServerCertificateOutput struct {
	// contains filtered or unexported fields
}

func (TagServerCertificateOutput) GoString

func (s TagServerCertificateOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (TagServerCertificateOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type TagUserInput

type TagUserInput struct {

	// The list of tags that you want to attach to the IAM user. Each tag consists
	// of a key name and an associated value.
	//
	// Tags is a required field
	Tags []*Tag `type:"list" required:"true"`

	// The name of the IAM user to which you want to add tags.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (TagUserInput) GoString

func (s TagUserInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagUserInput) SetTags

func (s *TagUserInput) SetTags(v []*Tag) *TagUserInput

SetTags sets the Tags field's value.

func (*TagUserInput) SetUserName

func (s *TagUserInput) SetUserName(v string) *TagUserInput

SetUserName sets the UserName field's value.

func (TagUserInput) String

func (s TagUserInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TagUserInput) Validate

func (s *TagUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type TagUserOutput

type TagUserOutput struct {
	// contains filtered or unexported fields
}

func (TagUserOutput) GoString

func (s TagUserOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (TagUserOutput) String

func (s TagUserOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type TrackedActionLastAccessed

type TrackedActionLastAccessed struct {

	// The name of the tracked action to which access was attempted. Tracked actions
	// are actions that report activity to IAM.
	ActionName *string `type:"string"`

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	LastAccessedEntity *string `min:"20" type:"string"`

	// The Region from which the authenticated entity (user or role) last attempted
	// to access the tracked action. Amazon Web Services does not report unauthenticated
	// requests.
	//
	// This field is null if no IAM entities attempted to access the service within
	// the tracking period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAccessedRegion *string `type:"string"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when an authenticated entity most recently attempted to access the tracked
	// service. Amazon Web Services does not report unauthenticated requests.
	//
	// This field is null if no IAM entities attempted to access the service within
	// the tracking period (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAccessedTime *time.Time `type:"timestamp"`
	// contains filtered or unexported fields
}

Contains details about the most recent attempt to access an action within the service.

This data type is used as a response element in the GetServiceLastAccessedDetails operation.

func (TrackedActionLastAccessed) GoString

func (s TrackedActionLastAccessed) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*TrackedActionLastAccessed) SetActionName

SetActionName sets the ActionName field's value.

func (*TrackedActionLastAccessed) SetLastAccessedEntity

func (s *TrackedActionLastAccessed) SetLastAccessedEntity(v string) *TrackedActionLastAccessed

SetLastAccessedEntity sets the LastAccessedEntity field's value.

func (*TrackedActionLastAccessed) SetLastAccessedRegion

func (s *TrackedActionLastAccessed) SetLastAccessedRegion(v string) *TrackedActionLastAccessed

SetLastAccessedRegion sets the LastAccessedRegion field's value.

func (*TrackedActionLastAccessed) SetLastAccessedTime

func (s *TrackedActionLastAccessed) SetLastAccessedTime(v time.Time) *TrackedActionLastAccessed

SetLastAccessedTime sets the LastAccessedTime field's value.

func (TrackedActionLastAccessed) String

func (s TrackedActionLastAccessed) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UntagInstanceProfileInput

type UntagInstanceProfileInput struct {

	// The name of the IAM instance profile from which you want to remove tags.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`

	// A list of key names as a simple array of strings. The tags with matching
	// keys are removed from the specified instance profile.
	//
	// TagKeys is a required field
	TagKeys []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (UntagInstanceProfileInput) GoString

func (s UntagInstanceProfileInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagInstanceProfileInput) SetInstanceProfileName

func (s *UntagInstanceProfileInput) SetInstanceProfileName(v string) *UntagInstanceProfileInput

SetInstanceProfileName sets the InstanceProfileName field's value.

func (*UntagInstanceProfileInput) SetTagKeys

SetTagKeys sets the TagKeys field's value.

func (UntagInstanceProfileInput) String

func (s UntagInstanceProfileInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagInstanceProfileInput) Validate

func (s *UntagInstanceProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UntagInstanceProfileOutput

type UntagInstanceProfileOutput struct {
	// contains filtered or unexported fields
}

func (UntagInstanceProfileOutput) GoString

func (s UntagInstanceProfileOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UntagInstanceProfileOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UntagMFADeviceInput

type UntagMFADeviceInput struct {

	// The unique identifier for the IAM virtual MFA device from which you want
	// to remove tags. For virtual MFA devices, the serial number is the same as
	// the ARN.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// A list of key names as a simple array of strings. The tags with matching
	// keys are removed from the specified instance profile.
	//
	// TagKeys is a required field
	TagKeys []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (UntagMFADeviceInput) GoString

func (s UntagMFADeviceInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagMFADeviceInput) SetSerialNumber

func (s *UntagMFADeviceInput) SetSerialNumber(v string) *UntagMFADeviceInput

SetSerialNumber sets the SerialNumber field's value.

func (*UntagMFADeviceInput) SetTagKeys

func (s *UntagMFADeviceInput) SetTagKeys(v []*string) *UntagMFADeviceInput

SetTagKeys sets the TagKeys field's value.

func (UntagMFADeviceInput) String

func (s UntagMFADeviceInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagMFADeviceInput) Validate

func (s *UntagMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UntagMFADeviceOutput

type UntagMFADeviceOutput struct {
	// contains filtered or unexported fields
}

func (UntagMFADeviceOutput) GoString

func (s UntagMFADeviceOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UntagMFADeviceOutput) String

func (s UntagMFADeviceOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UntagOpenIDConnectProviderInput

type UntagOpenIDConnectProviderInput struct {

	// The ARN of the OIDC provider in IAM from which you want to remove tags.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`

	// A list of key names as a simple array of strings. The tags with matching
	// keys are removed from the specified OIDC provider.
	//
	// TagKeys is a required field
	TagKeys []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (UntagOpenIDConnectProviderInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagOpenIDConnectProviderInput) SetOpenIDConnectProviderArn

func (s *UntagOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *UntagOpenIDConnectProviderInput

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (*UntagOpenIDConnectProviderInput) SetTagKeys

SetTagKeys sets the TagKeys field's value.

func (UntagOpenIDConnectProviderInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagOpenIDConnectProviderInput) Validate

func (s *UntagOpenIDConnectProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UntagOpenIDConnectProviderOutput

type UntagOpenIDConnectProviderOutput struct {
	// contains filtered or unexported fields
}

func (UntagOpenIDConnectProviderOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UntagOpenIDConnectProviderOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UntagPolicyInput

type UntagPolicyInput struct {

	// The ARN of the IAM customer managed policy from which you want to remove
	// tags.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// A list of key names as a simple array of strings. The tags with matching
	// keys are removed from the specified policy.
	//
	// TagKeys is a required field
	TagKeys []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (UntagPolicyInput) GoString

func (s UntagPolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagPolicyInput) SetPolicyArn

func (s *UntagPolicyInput) SetPolicyArn(v string) *UntagPolicyInput

SetPolicyArn sets the PolicyArn field's value.

func (*UntagPolicyInput) SetTagKeys

func (s *UntagPolicyInput) SetTagKeys(v []*string) *UntagPolicyInput

SetTagKeys sets the TagKeys field's value.

func (UntagPolicyInput) String

func (s UntagPolicyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagPolicyInput) Validate

func (s *UntagPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UntagPolicyOutput

type UntagPolicyOutput struct {
	// contains filtered or unexported fields
}

func (UntagPolicyOutput) GoString

func (s UntagPolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UntagPolicyOutput) String

func (s UntagPolicyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UntagRoleInput

type UntagRoleInput struct {

	// The name of the IAM role from which you want to remove tags.
	//
	// This parameter accepts (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that consist of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`

	// A list of key names as a simple array of strings. The tags with matching
	// keys are removed from the specified role.
	//
	// TagKeys is a required field
	TagKeys []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (UntagRoleInput) GoString

func (s UntagRoleInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagRoleInput) SetRoleName

func (s *UntagRoleInput) SetRoleName(v string) *UntagRoleInput

SetRoleName sets the RoleName field's value.

func (*UntagRoleInput) SetTagKeys

func (s *UntagRoleInput) SetTagKeys(v []*string) *UntagRoleInput

SetTagKeys sets the TagKeys field's value.

func (UntagRoleInput) String

func (s UntagRoleInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagRoleInput) Validate

func (s *UntagRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UntagRoleOutput

type UntagRoleOutput struct {
	// contains filtered or unexported fields
}

func (UntagRoleOutput) GoString

func (s UntagRoleOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UntagRoleOutput) String

func (s UntagRoleOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UntagSAMLProviderInput

type UntagSAMLProviderInput struct {

	// The ARN of the SAML identity provider in IAM from which you want to remove
	// tags.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// SAMLProviderArn is a required field
	SAMLProviderArn *string `min:"20" type:"string" required:"true"`

	// A list of key names as a simple array of strings. The tags with matching
	// keys are removed from the specified SAML identity provider.
	//
	// TagKeys is a required field
	TagKeys []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (UntagSAMLProviderInput) GoString

func (s UntagSAMLProviderInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagSAMLProviderInput) SetSAMLProviderArn

func (s *UntagSAMLProviderInput) SetSAMLProviderArn(v string) *UntagSAMLProviderInput

SetSAMLProviderArn sets the SAMLProviderArn field's value.

func (*UntagSAMLProviderInput) SetTagKeys

SetTagKeys sets the TagKeys field's value.

func (UntagSAMLProviderInput) String

func (s UntagSAMLProviderInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagSAMLProviderInput) Validate

func (s *UntagSAMLProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UntagSAMLProviderOutput

type UntagSAMLProviderOutput struct {
	// contains filtered or unexported fields
}

func (UntagSAMLProviderOutput) GoString

func (s UntagSAMLProviderOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UntagSAMLProviderOutput) String

func (s UntagSAMLProviderOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UntagServerCertificateInput

type UntagServerCertificateInput struct {

	// The name of the IAM server certificate from which you want to remove tags.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`

	// A list of key names as a simple array of strings. The tags with matching
	// keys are removed from the specified IAM server certificate.
	//
	// TagKeys is a required field
	TagKeys []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (UntagServerCertificateInput) GoString

func (s UntagServerCertificateInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagServerCertificateInput) SetServerCertificateName

func (s *UntagServerCertificateInput) SetServerCertificateName(v string) *UntagServerCertificateInput

SetServerCertificateName sets the ServerCertificateName field's value.

func (*UntagServerCertificateInput) SetTagKeys

SetTagKeys sets the TagKeys field's value.

func (UntagServerCertificateInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagServerCertificateInput) Validate

func (s *UntagServerCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UntagServerCertificateOutput

type UntagServerCertificateOutput struct {
	// contains filtered or unexported fields
}

func (UntagServerCertificateOutput) GoString

func (s UntagServerCertificateOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UntagServerCertificateOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UntagUserInput

type UntagUserInput struct {

	// A list of key names as a simple array of strings. The tags with matching
	// keys are removed from the specified user.
	//
	// TagKeys is a required field
	TagKeys []*string `type:"list" required:"true"`

	// The name of the IAM user from which you want to remove tags.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UntagUserInput) GoString

func (s UntagUserInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagUserInput) SetTagKeys

func (s *UntagUserInput) SetTagKeys(v []*string) *UntagUserInput

SetTagKeys sets the TagKeys field's value.

func (*UntagUserInput) SetUserName

func (s *UntagUserInput) SetUserName(v string) *UntagUserInput

SetUserName sets the UserName field's value.

func (UntagUserInput) String

func (s UntagUserInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UntagUserInput) Validate

func (s *UntagUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UntagUserOutput

type UntagUserOutput struct {
	// contains filtered or unexported fields
}

func (UntagUserOutput) GoString

func (s UntagUserOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UntagUserOutput) String

func (s UntagUserOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateAccessKeyInput

type UpdateAccessKeyInput struct {

	// The access key ID of the secret access key you want to update.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// AccessKeyId is a required field
	AccessKeyId *string `min:"16" type:"string" required:"true"`

	// The status you want to assign to the secret access key. Active means that
	// the key can be used for programmatic calls to Amazon Web Services, while
	// Inactive means that the key cannot be used.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"StatusType"`

	// The name of the user whose key you want to update.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UpdateAccessKeyInput) GoString

func (s UpdateAccessKeyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateAccessKeyInput) SetAccessKeyId

func (s *UpdateAccessKeyInput) SetAccessKeyId(v string) *UpdateAccessKeyInput

SetAccessKeyId sets the AccessKeyId field's value.

func (*UpdateAccessKeyInput) SetStatus

SetStatus sets the Status field's value.

func (*UpdateAccessKeyInput) SetUserName

SetUserName sets the UserName field's value.

func (UpdateAccessKeyInput) String

func (s UpdateAccessKeyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateAccessKeyInput) Validate

func (s *UpdateAccessKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateAccessKeyOutput

type UpdateAccessKeyOutput struct {
	// contains filtered or unexported fields
}

func (UpdateAccessKeyOutput) GoString

func (s UpdateAccessKeyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UpdateAccessKeyOutput) String

func (s UpdateAccessKeyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateAccountPasswordPolicyInput

type UpdateAccountPasswordPolicyInput struct {

	// Allows all IAM users in your account to use the Amazon Web Services Management
	// Console to change their own passwords. For more information, see Permitting
	// IAM users to change their own passwords (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_enable-user-change.html)
	// in the IAM User Guide.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that IAM users in the account do
	// not automatically have permissions to change their own password.
	AllowUsersToChangePassword *bool `type:"boolean"`

	// Prevents IAM users who are accessing the account via the Amazon Web Services
	// Management Console from setting a new console password after their password
	// has expired. The IAM user cannot access the console until an administrator
	// resets the password.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that IAM users can change their
	// passwords after they expire and continue to sign in as the user.
	//
	// In the Amazon Web Services Management Console, the custom password policy
	// option Allow users to change their own password gives IAM users permissions
	// to iam:ChangePassword for only their user and to the iam:GetAccountPasswordPolicy
	// action. This option does not attach a permissions policy to each user, rather
	// the permissions are applied at the account-level for all users by IAM. IAM
	// users with iam:ChangePassword permission and active access keys can reset
	// their own expired console password using the CLI or API.
	HardExpiry *bool `type:"boolean"`

	// The number of days that an IAM user password is valid.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of 0. The result is that IAM user passwords never expire.
	MaxPasswordAge *int64 `min:"1" type:"integer"`

	// The minimum number of characters allowed in an IAM user password.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of 6.
	MinimumPasswordLength *int64 `min:"6" type:"integer"`

	// Specifies the number of previous passwords that IAM users are prevented from
	// reusing.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of 0. The result is that IAM users are not prevented from
	// reusing previous passwords.
	PasswordReusePrevention *int64 `min:"1" type:"integer"`

	// Specifies whether IAM user passwords must contain at least one lowercase
	// character from the ISO basic Latin alphabet (a to z).
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that passwords do not require at
	// least one lowercase character.
	RequireLowercaseCharacters *bool `type:"boolean"`

	// Specifies whether IAM user passwords must contain at least one numeric character
	// (0 to 9).
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that passwords do not require at
	// least one numeric character.
	RequireNumbers *bool `type:"boolean"`

	// Specifies whether IAM user passwords must contain at least one of the following
	// non-alphanumeric characters:
	//
	// ! @ # $ % ^ & * ( ) _ + - = [ ] { } | '
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that passwords do not require at
	// least one symbol character.
	RequireSymbols *bool `type:"boolean"`

	// Specifies whether IAM user passwords must contain at least one uppercase
	// character from the ISO basic Latin alphabet (A to Z).
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that passwords do not require at
	// least one uppercase character.
	RequireUppercaseCharacters *bool `type:"boolean"`
	// contains filtered or unexported fields
}

func (UpdateAccountPasswordPolicyInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateAccountPasswordPolicyInput) SetAllowUsersToChangePassword

func (s *UpdateAccountPasswordPolicyInput) SetAllowUsersToChangePassword(v bool) *UpdateAccountPasswordPolicyInput

SetAllowUsersToChangePassword sets the AllowUsersToChangePassword field's value.

func (*UpdateAccountPasswordPolicyInput) SetHardExpiry

SetHardExpiry sets the HardExpiry field's value.

func (*UpdateAccountPasswordPolicyInput) SetMaxPasswordAge

SetMaxPasswordAge sets the MaxPasswordAge field's value.

func (*UpdateAccountPasswordPolicyInput) SetMinimumPasswordLength

SetMinimumPasswordLength sets the MinimumPasswordLength field's value.

func (*UpdateAccountPasswordPolicyInput) SetPasswordReusePrevention

SetPasswordReusePrevention sets the PasswordReusePrevention field's value.

func (*UpdateAccountPasswordPolicyInput) SetRequireLowercaseCharacters

func (s *UpdateAccountPasswordPolicyInput) SetRequireLowercaseCharacters(v bool) *UpdateAccountPasswordPolicyInput

SetRequireLowercaseCharacters sets the RequireLowercaseCharacters field's value.

func (*UpdateAccountPasswordPolicyInput) SetRequireNumbers

SetRequireNumbers sets the RequireNumbers field's value.

func (*UpdateAccountPasswordPolicyInput) SetRequireSymbols

SetRequireSymbols sets the RequireSymbols field's value.

func (*UpdateAccountPasswordPolicyInput) SetRequireUppercaseCharacters

func (s *UpdateAccountPasswordPolicyInput) SetRequireUppercaseCharacters(v bool) *UpdateAccountPasswordPolicyInput

SetRequireUppercaseCharacters sets the RequireUppercaseCharacters field's value.

func (UpdateAccountPasswordPolicyInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateAccountPasswordPolicyInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type UpdateAccountPasswordPolicyOutput

type UpdateAccountPasswordPolicyOutput struct {
	// contains filtered or unexported fields
}

func (UpdateAccountPasswordPolicyOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UpdateAccountPasswordPolicyOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateAssumeRolePolicyInput

type UpdateAssumeRolePolicyInput struct {

	// The policy that grants an entity permission to assume the role.
	//
	// You must provide policies in JSON format in IAM. However, for CloudFormation
	// templates formatted in YAML, you can provide the policy in JSON or YAML format.
	// CloudFormation always converts a YAML policy to JSON format before submitting
	// it to IAM.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the role to update with the new policy.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateAssumeRolePolicyInput) GoString

func (s UpdateAssumeRolePolicyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateAssumeRolePolicyInput) SetPolicyDocument

SetPolicyDocument sets the PolicyDocument field's value.

func (*UpdateAssumeRolePolicyInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (UpdateAssumeRolePolicyInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateAssumeRolePolicyInput) Validate

func (s *UpdateAssumeRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateAssumeRolePolicyOutput

type UpdateAssumeRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (UpdateAssumeRolePolicyOutput) GoString

func (s UpdateAssumeRolePolicyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UpdateAssumeRolePolicyOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateGroupInput

type UpdateGroupInput struct {

	// Name of the IAM group to update. If you're changing the name of the group,
	// this is the original name.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// New name for the IAM group. Only include this if changing the group's name.
	//
	// IAM user, group, role, and policy names must be unique within the account.
	// Names are not distinguished by case. For example, you cannot create resources
	// named both "MyResource" and "myresource".
	NewGroupName *string `min:"1" type:"string"`

	// New path for the IAM group. Only include this if changing the group's path.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	NewPath *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UpdateGroupInput) GoString

func (s UpdateGroupInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateGroupInput) SetGroupName

func (s *UpdateGroupInput) SetGroupName(v string) *UpdateGroupInput

SetGroupName sets the GroupName field's value.

func (*UpdateGroupInput) SetNewGroupName

func (s *UpdateGroupInput) SetNewGroupName(v string) *UpdateGroupInput

SetNewGroupName sets the NewGroupName field's value.

func (*UpdateGroupInput) SetNewPath

func (s *UpdateGroupInput) SetNewPath(v string) *UpdateGroupInput

SetNewPath sets the NewPath field's value.

func (UpdateGroupInput) String

func (s UpdateGroupInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateGroupInput) Validate

func (s *UpdateGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateGroupOutput

type UpdateGroupOutput struct {
	// contains filtered or unexported fields
}

func (UpdateGroupOutput) GoString

func (s UpdateGroupOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UpdateGroupOutput) String

func (s UpdateGroupOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateLoginProfileInput

type UpdateLoginProfileInput struct {

	// The new password for the specified IAM user.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// However, the format can be further restricted by the account administrator
	// by setting a password policy on the Amazon Web Services account. For more
	// information, see UpdateAccountPasswordPolicy.
	//
	// Password is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UpdateLoginProfileInput's
	// String and GoString methods.
	Password *string `min:"1" type:"string" sensitive:"true"`

	// Allows this new password to be used only once by requiring the specified
	// IAM user to set a new password on next sign-in.
	PasswordResetRequired *bool `type:"boolean"`

	// The name of the user whose password you want to update.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateLoginProfileInput) GoString

func (s UpdateLoginProfileInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateLoginProfileInput) SetPassword

SetPassword sets the Password field's value.

func (*UpdateLoginProfileInput) SetPasswordResetRequired

func (s *UpdateLoginProfileInput) SetPasswordResetRequired(v bool) *UpdateLoginProfileInput

SetPasswordResetRequired sets the PasswordResetRequired field's value.

func (*UpdateLoginProfileInput) SetUserName

SetUserName sets the UserName field's value.

func (UpdateLoginProfileInput) String

func (s UpdateLoginProfileInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateLoginProfileInput) Validate

func (s *UpdateLoginProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateLoginProfileOutput

type UpdateLoginProfileOutput struct {
	// contains filtered or unexported fields
}

func (UpdateLoginProfileOutput) GoString

func (s UpdateLoginProfileOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UpdateLoginProfileOutput) String

func (s UpdateLoginProfileOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateOpenIDConnectProviderThumbprintInput

type UpdateOpenIDConnectProviderThumbprintInput struct {

	// The Amazon Resource Name (ARN) of the IAM OIDC provider resource object for
	// which you want to update the thumbprint. You can get a list of OIDC provider
	// ARNs by using the ListOpenIDConnectProviders operation.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`

	// A list of certificate thumbprints that are associated with the specified
	// IAM OpenID Connect provider. For more information, see CreateOpenIDConnectProvider.
	//
	// ThumbprintList is a required field
	ThumbprintList []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateOpenIDConnectProviderThumbprintInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateOpenIDConnectProviderThumbprintInput) SetOpenIDConnectProviderArn

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (*UpdateOpenIDConnectProviderThumbprintInput) SetThumbprintList

SetThumbprintList sets the ThumbprintList field's value.

func (UpdateOpenIDConnectProviderThumbprintInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateOpenIDConnectProviderThumbprintInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type UpdateOpenIDConnectProviderThumbprintOutput

type UpdateOpenIDConnectProviderThumbprintOutput struct {
	// contains filtered or unexported fields
}

func (UpdateOpenIDConnectProviderThumbprintOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UpdateOpenIDConnectProviderThumbprintOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateRoleDescriptionInput

type UpdateRoleDescriptionInput struct {

	// The new description that you want to apply to the specified role.
	//
	// Description is a required field
	Description *string `type:"string" required:"true"`

	// The name of the role that you want to modify.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateRoleDescriptionInput) GoString

func (s UpdateRoleDescriptionInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateRoleDescriptionInput) SetDescription

SetDescription sets the Description field's value.

func (*UpdateRoleDescriptionInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (UpdateRoleDescriptionInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateRoleDescriptionInput) Validate

func (s *UpdateRoleDescriptionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateRoleDescriptionOutput

type UpdateRoleDescriptionOutput struct {

	// A structure that contains details about the modified role.
	Role *Role `type:"structure"`
	// contains filtered or unexported fields
}

func (UpdateRoleDescriptionOutput) GoString

func (s UpdateRoleDescriptionOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateRoleDescriptionOutput) SetRole

SetRole sets the Role field's value.

func (UpdateRoleDescriptionOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateRoleInput

type UpdateRoleInput struct {

	// The new description that you want to apply to the specified role.
	Description *string `type:"string"`

	// The maximum session duration (in seconds) that you want to set for the specified
	// role. If you do not specify a value for this setting, the default value of
	// one hour is applied. This setting can have a value from 1 hour to 12 hours.
	//
	// Anyone who assumes the role from the CLI or API can use the DurationSeconds
	// API parameter or the duration-seconds CLI parameter to request a longer session.
	// The MaxSessionDuration setting determines the maximum duration that can be
	// requested using the DurationSeconds parameter. If users don't specify a value
	// for the DurationSeconds parameter, their security credentials are valid for
	// one hour by default. This applies when you use the AssumeRole* API operations
	// or the assume-role* CLI operations but does not apply when you use those
	// operations to create a console URL. For more information, see Using IAM roles
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the
	// IAM User Guide.
	MaxSessionDuration *int64 `min:"3600" type:"integer"`

	// The name of the role that you want to modify.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateRoleInput) GoString

func (s UpdateRoleInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateRoleInput) SetDescription

func (s *UpdateRoleInput) SetDescription(v string) *UpdateRoleInput

SetDescription sets the Description field's value.

func (*UpdateRoleInput) SetMaxSessionDuration

func (s *UpdateRoleInput) SetMaxSessionDuration(v int64) *UpdateRoleInput

SetMaxSessionDuration sets the MaxSessionDuration field's value.

func (*UpdateRoleInput) SetRoleName

func (s *UpdateRoleInput) SetRoleName(v string) *UpdateRoleInput

SetRoleName sets the RoleName field's value.

func (UpdateRoleInput) String

func (s UpdateRoleInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateRoleInput) Validate

func (s *UpdateRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateRoleOutput

type UpdateRoleOutput struct {
	// contains filtered or unexported fields
}

func (UpdateRoleOutput) GoString

func (s UpdateRoleOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UpdateRoleOutput) String

func (s UpdateRoleOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateSAMLProviderInput

type UpdateSAMLProviderInput struct {

	// An XML document generated by an identity provider (IdP) that supports SAML
	// 2.0. The document includes the issuer's name, expiration information, and
	// keys that can be used to validate the SAML authentication response (assertions)
	// that are received from the IdP. You must generate the metadata document using
	// the identity management software that is used as your organization's IdP.
	//
	// SAMLMetadataDocument is a required field
	SAMLMetadataDocument *string `min:"1000" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the SAML provider to update.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	//
	// SAMLProviderArn is a required field
	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateSAMLProviderInput) GoString

func (s UpdateSAMLProviderInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateSAMLProviderInput) SetSAMLMetadataDocument

func (s *UpdateSAMLProviderInput) SetSAMLMetadataDocument(v string) *UpdateSAMLProviderInput

SetSAMLMetadataDocument sets the SAMLMetadataDocument field's value.

func (*UpdateSAMLProviderInput) SetSAMLProviderArn

func (s *UpdateSAMLProviderInput) SetSAMLProviderArn(v string) *UpdateSAMLProviderInput

SetSAMLProviderArn sets the SAMLProviderArn field's value.

func (UpdateSAMLProviderInput) String

func (s UpdateSAMLProviderInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateSAMLProviderInput) Validate

func (s *UpdateSAMLProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateSAMLProviderOutput

type UpdateSAMLProviderOutput struct {

	// The Amazon Resource Name (ARN) of the SAML provider that was updated.
	SAMLProviderArn *string `min:"20" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful UpdateSAMLProvider request.

func (UpdateSAMLProviderOutput) GoString

func (s UpdateSAMLProviderOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateSAMLProviderOutput) SetSAMLProviderArn

func (s *UpdateSAMLProviderOutput) SetSAMLProviderArn(v string) *UpdateSAMLProviderOutput

SetSAMLProviderArn sets the SAMLProviderArn field's value.

func (UpdateSAMLProviderOutput) String

func (s UpdateSAMLProviderOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateSSHPublicKeyInput

type UpdateSSHPublicKeyInput struct {

	// The unique identifier for the SSH public key.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The status to assign to the SSH public key. Active means that the key can
	// be used for authentication with an CodeCommit repository. Inactive means
	// that the key cannot be used.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"StatusType"`

	// The name of the IAM user associated with the SSH public key.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateSSHPublicKeyInput) GoString

func (s UpdateSSHPublicKeyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateSSHPublicKeyInput) SetSSHPublicKeyId

func (s *UpdateSSHPublicKeyInput) SetSSHPublicKeyId(v string) *UpdateSSHPublicKeyInput

SetSSHPublicKeyId sets the SSHPublicKeyId field's value.

func (*UpdateSSHPublicKeyInput) SetStatus

SetStatus sets the Status field's value.

func (*UpdateSSHPublicKeyInput) SetUserName

SetUserName sets the UserName field's value.

func (UpdateSSHPublicKeyInput) String

func (s UpdateSSHPublicKeyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateSSHPublicKeyInput) Validate

func (s *UpdateSSHPublicKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateSSHPublicKeyOutput

type UpdateSSHPublicKeyOutput struct {
	// contains filtered or unexported fields
}

func (UpdateSSHPublicKeyOutput) GoString

func (s UpdateSSHPublicKeyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UpdateSSHPublicKeyOutput) String

func (s UpdateSSHPublicKeyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateServerCertificateInput

type UpdateServerCertificateInput struct {

	// The new path for the server certificate. Include this only if you are updating
	// the server certificate's path.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	NewPath *string `min:"1" type:"string"`

	// The new name for the server certificate. Include this only if you are updating
	// the server certificate's name. The name of the certificate cannot contain
	// any spaces.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	NewServerCertificateName *string `min:"1" type:"string"`

	// The name of the server certificate that you want to update.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateServerCertificateInput) GoString

func (s UpdateServerCertificateInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateServerCertificateInput) SetNewPath

SetNewPath sets the NewPath field's value.

func (*UpdateServerCertificateInput) SetNewServerCertificateName

func (s *UpdateServerCertificateInput) SetNewServerCertificateName(v string) *UpdateServerCertificateInput

SetNewServerCertificateName sets the NewServerCertificateName field's value.

func (*UpdateServerCertificateInput) SetServerCertificateName

func (s *UpdateServerCertificateInput) SetServerCertificateName(v string) *UpdateServerCertificateInput

SetServerCertificateName sets the ServerCertificateName field's value.

func (UpdateServerCertificateInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateServerCertificateInput) Validate

func (s *UpdateServerCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateServerCertificateOutput

type UpdateServerCertificateOutput struct {
	// contains filtered or unexported fields
}

func (UpdateServerCertificateOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UpdateServerCertificateOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateServiceSpecificCredentialInput

type UpdateServiceSpecificCredentialInput struct {

	// The unique identifier of the service-specific credential.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The status to be assigned to the service-specific credential.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"StatusType"`

	// The name of the IAM user associated with the service-specific credential.
	// If you do not specify this value, then the operation assumes the user whose
	// credentials are used to call the operation.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UpdateServiceSpecificCredentialInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateServiceSpecificCredentialInput) SetServiceSpecificCredentialId

SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.

func (*UpdateServiceSpecificCredentialInput) SetStatus

SetStatus sets the Status field's value.

func (*UpdateServiceSpecificCredentialInput) SetUserName

SetUserName sets the UserName field's value.

func (UpdateServiceSpecificCredentialInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateServiceSpecificCredentialInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type UpdateServiceSpecificCredentialOutput

type UpdateServiceSpecificCredentialOutput struct {
	// contains filtered or unexported fields
}

func (UpdateServiceSpecificCredentialOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UpdateServiceSpecificCredentialOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateSigningCertificateInput

type UpdateSigningCertificateInput struct {

	// The ID of the signing certificate you want to update.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// CertificateId is a required field
	CertificateId *string `min:"24" type:"string" required:"true"`

	// The status you want to assign to the certificate. Active means that the certificate
	// can be used for programmatic calls to Amazon Web Services Inactive means
	// that the certificate cannot be used.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"StatusType"`

	// The name of the IAM user the signing certificate belongs to.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UpdateSigningCertificateInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateSigningCertificateInput) SetCertificateId

SetCertificateId sets the CertificateId field's value.

func (*UpdateSigningCertificateInput) SetStatus

SetStatus sets the Status field's value.

func (*UpdateSigningCertificateInput) SetUserName

SetUserName sets the UserName field's value.

func (UpdateSigningCertificateInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateSigningCertificateInput) Validate

func (s *UpdateSigningCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateSigningCertificateOutput

type UpdateSigningCertificateOutput struct {
	// contains filtered or unexported fields
}

func (UpdateSigningCertificateOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UpdateSigningCertificateOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UpdateUserInput

type UpdateUserInput struct {

	// New path for the IAM user. Include this parameter only if you're changing
	// the user's path.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	NewPath *string `min:"1" type:"string"`

	// New name for the user. Include this parameter only if you're changing the
	// user's name.
	//
	// IAM user, group, role, and policy names must be unique within the account.
	// Names are not distinguished by case. For example, you cannot create resources
	// named both "MyResource" and "myresource".
	NewUserName *string `min:"1" type:"string"`

	// Name of the user to update. If you're changing the name of the user, this
	// is the original user name.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateUserInput) GoString

func (s UpdateUserInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateUserInput) SetNewPath

func (s *UpdateUserInput) SetNewPath(v string) *UpdateUserInput

SetNewPath sets the NewPath field's value.

func (*UpdateUserInput) SetNewUserName

func (s *UpdateUserInput) SetNewUserName(v string) *UpdateUserInput

SetNewUserName sets the NewUserName field's value.

func (*UpdateUserInput) SetUserName

func (s *UpdateUserInput) SetUserName(v string) *UpdateUserInput

SetUserName sets the UserName field's value.

func (UpdateUserInput) String

func (s UpdateUserInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UpdateUserInput) Validate

func (s *UpdateUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateUserOutput

type UpdateUserOutput struct {
	// contains filtered or unexported fields
}

func (UpdateUserOutput) GoString

func (s UpdateUserOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (UpdateUserOutput) String

func (s UpdateUserOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UploadSSHPublicKeyInput

type UploadSSHPublicKeyInput struct {

	// The SSH public key. The public key must be encoded in ssh-rsa format or PEM
	// format. The minimum bit-length of the public key is 2048 bits. For example,
	// you can generate a 2048-bit key, and the resulting PEM file is 1679 bytes
	// long.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// SSHPublicKeyBody is a required field
	SSHPublicKeyBody *string `min:"1" type:"string" required:"true"`

	// The name of the IAM user to associate the SSH public key with.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UploadSSHPublicKeyInput) GoString

func (s UploadSSHPublicKeyInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UploadSSHPublicKeyInput) SetSSHPublicKeyBody

func (s *UploadSSHPublicKeyInput) SetSSHPublicKeyBody(v string) *UploadSSHPublicKeyInput

SetSSHPublicKeyBody sets the SSHPublicKeyBody field's value.

func (*UploadSSHPublicKeyInput) SetUserName

SetUserName sets the UserName field's value.

func (UploadSSHPublicKeyInput) String

func (s UploadSSHPublicKeyInput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UploadSSHPublicKeyInput) Validate

func (s *UploadSSHPublicKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UploadSSHPublicKeyOutput

type UploadSSHPublicKeyOutput struct {

	// Contains information about the SSH public key.
	SSHPublicKey *SSHPublicKey `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful UploadSSHPublicKey request.

func (UploadSSHPublicKeyOutput) GoString

func (s UploadSSHPublicKeyOutput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UploadSSHPublicKeyOutput) SetSSHPublicKey

SetSSHPublicKey sets the SSHPublicKey field's value.

func (UploadSSHPublicKeyOutput) String

func (s UploadSSHPublicKeyOutput) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UploadServerCertificateInput

type UploadServerCertificateInput struct {

	// The contents of the public key certificate in PEM-encoded format.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// CertificateBody is a required field
	CertificateBody *string `min:"1" type:"string" required:"true"`

	// The contents of the certificate chain. This is typically a concatenation
	// of the PEM-encoded public key certificates of the chain.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	CertificateChain *string `min:"1" type:"string"`

	// The path for the server certificate. For more information about paths, see
	// IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/). This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	//
	// If you are uploading a server certificate specifically for use with Amazon
	// CloudFront distributions, you must specify a path using the path parameter.
	// The path must begin with /cloudfront and must include a trailing slash (for
	// example, /cloudfront/test/).
	Path *string `min:"1" type:"string"`

	// The contents of the private key in PEM-encoded format.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PrivateKey is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by UploadServerCertificateInput's
	// String and GoString methods.
	//
	// PrivateKey is a required field
	PrivateKey *string `min:"1" type:"string" required:"true" sensitive:"true"`

	// The name for the server certificate. Do not include the path in this value.
	// The name of the certificate cannot contain any spaces.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`

	// A list of tags that you want to attach to the new IAM server certificate
	// resource. Each tag consists of a key name and an associated value. For more
	// information about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	//
	// If any one of the tags is invalid or if you exceed the allowed maximum number
	// of tags, then the entire request fails and the resource is not created.
	Tags []*Tag `type:"list"`
	// contains filtered or unexported fields
}

func (UploadServerCertificateInput) GoString

func (s UploadServerCertificateInput) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UploadServerCertificateInput) SetCertificateBody

SetCertificateBody sets the CertificateBody field's value.

func (*UploadServerCertificateInput) SetCertificateChain

SetCertificateChain sets the CertificateChain field's value.

func (*UploadServerCertificateInput) SetPath

SetPath sets the Path field's value.

func (*UploadServerCertificateInput) SetPrivateKey

SetPrivateKey sets the PrivateKey field's value.

func (*UploadServerCertificateInput) SetServerCertificateName

func (s *UploadServerCertificateInput) SetServerCertificateName(v string) *UploadServerCertificateInput

SetServerCertificateName sets the ServerCertificateName field's value.

func (*UploadServerCertificateInput) SetTags

SetTags sets the Tags field's value.

func (UploadServerCertificateInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UploadServerCertificateInput) Validate

func (s *UploadServerCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UploadServerCertificateOutput

type UploadServerCertificateOutput struct {

	// The meta information of the uploaded server certificate without its certificate
	// body, certificate chain, and private key.
	ServerCertificateMetadata *ServerCertificateMetadata `type:"structure"`

	// A list of tags that are attached to the new IAM server certificate. The returned
	// list of tags is sorted by tag key. For more information about tagging, see
	// Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	Tags []*Tag `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful UploadServerCertificate request.

func (UploadServerCertificateOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UploadServerCertificateOutput) SetServerCertificateMetadata

SetServerCertificateMetadata sets the ServerCertificateMetadata field's value.

func (*UploadServerCertificateOutput) SetTags

SetTags sets the Tags field's value.

func (UploadServerCertificateOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UploadSigningCertificateInput

type UploadSigningCertificateInput struct {

	// The contents of the signing certificate.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// CertificateBody is a required field
	CertificateBody *string `min:"1" type:"string" required:"true"`

	// The name of the user the signing certificate is for.
	//
	// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UploadSigningCertificateInput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UploadSigningCertificateInput) SetCertificateBody

SetCertificateBody sets the CertificateBody field's value.

func (*UploadSigningCertificateInput) SetUserName

SetUserName sets the UserName field's value.

func (UploadSigningCertificateInput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UploadSigningCertificateInput) Validate

func (s *UploadSigningCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UploadSigningCertificateOutput

type UploadSigningCertificateOutput struct {

	// Information about the certificate.
	//
	// Certificate is a required field
	Certificate *SigningCertificate `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful UploadSigningCertificate request.

func (UploadSigningCertificateOutput) GoString

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UploadSigningCertificateOutput) SetCertificate

SetCertificate sets the Certificate field's value.

func (UploadSigningCertificateOutput) String

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type User

type User struct {

	// The Amazon Resource Name (ARN) that identifies the user. For more information
	// about ARNs and how to use ARNs in policies, see IAM Identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the user was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" required:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the user's password was last used to sign in to an Amazon Web Services
	// website. For a list of Amazon Web Services websites that capture a user's
	// last sign-in time, see the Credential reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
	// topic in the IAM User Guide. If a password is used more than once in a five-minute
	// span, only the first use is returned in this field. If the field is null
	// (no value), then it indicates that they never signed in with a password.
	// This can be because:
	//
	//    * The user never had a password.
	//
	//    * A password exists but has not been used since IAM started tracking this
	//    information on October 20, 2014.
	//
	// A null value does not mean that the user never had a password. Also, if the
	// user does not currently have a password but had one in the past, then this
	// field contains the date and time the most recent password was used.
	//
	// This value is returned only in the GetUser and ListUsers operations.
	PasswordLastUsed *time.Time `type:"timestamp"`

	// The path to the user. For more information about paths, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// The ARN of the policy used to set the permissions boundary for the user.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`

	// For more information about permissions boundaries, see Permissions boundaries
	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`

	// A list of tags that are associated with the user. For more information about
	// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	Tags []*Tag `type:"list"`

	// The stable and unique string identifying the user. For more information about
	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// UserId is a required field
	UserId *string `min:"16" type:"string" required:"true"`

	// The friendly name identifying the user.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an IAM user entity.

This data type is used as a response element in the following operations:

  • CreateUser

  • GetUser

  • ListUsers

func (User) GoString

func (s User) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*User) SetArn

func (s *User) SetArn(v string) *User

SetArn sets the Arn field's value.

func (*User) SetCreateDate

func (s *User) SetCreateDate(v time.Time) *User

SetCreateDate sets the CreateDate field's value.

func (*User) SetPasswordLastUsed

func (s *User) SetPasswordLastUsed(v time.Time) *User

SetPasswordLastUsed sets the PasswordLastUsed field's value.

func (*User) SetPath

func (s *User) SetPath(v string) *User

SetPath sets the Path field's value.

func (*User) SetPermissionsBoundary

func (s *User) SetPermissionsBoundary(v *AttachedPermissionsBoundary) *User

SetPermissionsBoundary sets the PermissionsBoundary field's value.

func (*User) SetTags

func (s *User) SetTags(v []*Tag) *User

SetTags sets the Tags field's value.

func (*User) SetUserId

func (s *User) SetUserId(v string) *User

SetUserId sets the UserId field's value.

func (*User) SetUserName

func (s *User) SetUserName(v string) *User

SetUserName sets the UserName field's value.

func (User) String

func (s User) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type UserDetail

type UserDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for Amazon Web
	// Services resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the Amazon Web Services General Reference.
	Arn *string `min:"20" type:"string"`

	// A list of the managed policies attached to the user.
	AttachedManagedPolicies []*AttachedPolicy `type:"list"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the user was created.
	CreateDate *time.Time `type:"timestamp"`

	// A list of IAM groups that the user is in.
	GroupList []*string `type:"list"`

	// The path to the user. For more information about paths, see IAM identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	Path *string `min:"1" type:"string"`

	// The ARN of the policy used to set the permissions boundary for the user.
	//
	// For more information about permissions boundaries, see Permissions boundaries
	// for IAM identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundary *AttachedPermissionsBoundary `type:"structure"`

	// A list of tags that are associated with the user. For more information about
	// tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	Tags []*Tag `type:"list"`

	// The stable and unique string identifying the user. For more information about
	// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	UserId *string `min:"16" type:"string"`

	// The friendly name identifying the user.
	UserName *string `min:"1" type:"string"`

	// A list of the inline policies embedded in the user.
	UserPolicyList []*PolicyDetail `type:"list"`
	// contains filtered or unexported fields
}

Contains information about an IAM user, including all the user's policies and all the IAM groups the user is in.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

func (UserDetail) GoString

func (s UserDetail) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*UserDetail) SetArn

func (s *UserDetail) SetArn(v string) *UserDetail

SetArn sets the Arn field's value.

func (*UserDetail) SetAttachedManagedPolicies

func (s *UserDetail) SetAttachedManagedPolicies(v []*AttachedPolicy) *UserDetail

SetAttachedManagedPolicies sets the AttachedManagedPolicies field's value.

func (*UserDetail) SetCreateDate

func (s *UserDetail) SetCreateDate(v time.Time) *UserDetail

SetCreateDate sets the CreateDate field's value.

func (*UserDetail) SetGroupList

func (s *UserDetail) SetGroupList(v []*string) *UserDetail

SetGroupList sets the GroupList field's value.

func (*UserDetail) SetPath

func (s *UserDetail) SetPath(v string) *UserDetail

SetPath sets the Path field's value.

func (*UserDetail) SetPermissionsBoundary

func (s *UserDetail) SetPermissionsBoundary(v *AttachedPermissionsBoundary) *UserDetail

SetPermissionsBoundary sets the PermissionsBoundary field's value.

func (*UserDetail) SetTags

func (s *UserDetail) SetTags(v []*Tag) *UserDetail

SetTags sets the Tags field's value.

func (*UserDetail) SetUserId

func (s *UserDetail) SetUserId(v string) *UserDetail

SetUserId sets the UserId field's value.

func (*UserDetail) SetUserName

func (s *UserDetail) SetUserName(v string) *UserDetail

SetUserName sets the UserName field's value.

func (*UserDetail) SetUserPolicyList

func (s *UserDetail) SetUserPolicyList(v []*PolicyDetail) *UserDetail

SetUserPolicyList sets the UserPolicyList field's value.

func (UserDetail) String

func (s UserDetail) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

type VirtualMFADevice

type VirtualMFADevice struct {

	// The base32 seed defined as specified in RFC3548 (https://tools.ietf.org/html/rfc3548.txt).
	// The Base32StringSeed is base32-encoded.
	//
	// Base32StringSeed is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by VirtualMFADevice's
	// String and GoString methods.
	//
	// Base32StringSeed is automatically base64 encoded/decoded by the SDK.
	Base32StringSeed []byte `type:"blob" sensitive:"true"`

	// The date and time on which the virtual MFA device was enabled.
	EnableDate *time.Time `type:"timestamp"`

	// A QR code PNG image that encodes otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String
	// where $virtualMFADeviceName is one of the create call arguments. AccountName
	// is the user name if set (otherwise, the account ID otherwise), and Base32String
	// is the seed in base32 format. The Base32String value is base64-encoded.
	//
	// QRCodePNG is a sensitive parameter and its value will be
	// replaced with "sensitive" in string returned by VirtualMFADevice's
	// String and GoString methods.
	//
	// QRCodePNG is automatically base64 encoded/decoded by the SDK.
	QRCodePNG []byte `type:"blob" sensitive:"true"`

	// The serial number associated with VirtualMFADevice.
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// A list of tags that are attached to the virtual MFA device. For more information
	// about tagging, see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
	// in the IAM User Guide.
	Tags []*Tag `type:"list"`

	// The IAM user associated with this virtual MFA device.
	User *User `type:"structure"`
	// contains filtered or unexported fields
}

Contains information about a virtual MFA device.

func (VirtualMFADevice) GoString

func (s VirtualMFADevice) GoString() string

GoString returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

func (*VirtualMFADevice) SetBase32StringSeed

func (s *VirtualMFADevice) SetBase32StringSeed(v []byte) *VirtualMFADevice

SetBase32StringSeed sets the Base32StringSeed field's value.

func (*VirtualMFADevice) SetEnableDate

func (s *VirtualMFADevice) SetEnableDate(v time.Time) *VirtualMFADevice

SetEnableDate sets the EnableDate field's value.

func (*VirtualMFADevice) SetQRCodePNG

func (s *VirtualMFADevice) SetQRCodePNG(v []byte) *VirtualMFADevice

SetQRCodePNG sets the QRCodePNG field's value.

func (*VirtualMFADevice) SetSerialNumber

func (s *VirtualMFADevice) SetSerialNumber(v string) *VirtualMFADevice

SetSerialNumber sets the SerialNumber field's value.

func (*VirtualMFADevice) SetTags

func (s *VirtualMFADevice) SetTags(v []*Tag) *VirtualMFADevice

SetTags sets the Tags field's value.

func (*VirtualMFADevice) SetUser

func (s *VirtualMFADevice) SetUser(v *User) *VirtualMFADevice

SetUser sets the User field's value.

func (VirtualMFADevice) String

func (s VirtualMFADevice) String() string

String returns the string representation.

API parameter values that are decorated as "sensitive" in the API will not be included in the string output. The member name will be present, but the value will be replaced with "sensitive".

Directories

Path Synopsis
Package iamiface provides an interface to enable mocking the AWS Identity and Access Management service client for testing your code.
Package iamiface provides an interface to enable mocking the AWS Identity and Access Management service client for testing your code.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL