dprevot/python-botocore
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
python-botocore/botocore/data/aws/iam/2010-05-08.json
SVN-Git Migration 64176dc7cc Imported Upstream version 0.62.0
2015-10-08 11:15:54 -07:00

7061 lines
476 KiB
JSON
Raw Blame History

{
"api_version": "2010-05-08",
"type": "query",
"result_wrapped": true,
"signature_version": "v4",
"service_full_name": "AWS Identity and Access Management",
"service_abbreviation": "IAM",
"global_endpoint": "iam.amazonaws.com",
"endpoint_prefix": "iam",
"xmlnamespace": "https://iam.amazonaws.com/doc/2010-05-08/",
"documentation": "\n\t\t<fullname>AWS Identity and Access Management</fullname>\n\n\t\t<p>AWS Identity and Access Management (IAM) is a web service that you can use to manage users and user permissions\n\t\t\tunder your AWS account. This guide provides descriptions of the IAM API. For general\n\t\t\tinformation about IAM, see <a href=\"http://aws.amazon.com/iam/\">AWS Identity\n\t\t\t\tand Access Management (IAM)</a>. For the user guide for IAM, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/\">Using IAM</a>. </p>\n\n\t\t<note>AWS provides SDKs that consist of libraries and sample code for various programming\n\t\t\tlanguages and platforms (Java, Ruby, .NET, iOS, Android, etc.). The SDKs provide a convenient\n\t\t\tway to create programmatic access to IAM and AWS. For example, the SDKs take care of tasks\n\t\t\tsuch as cryptographically signing requests (see below), managing errors, and retrying requests\n\t\t\tautomatically. For information about the AWS SDKs, including how to download and install them,\n\t\t\tsee the <a href=\"http://aws.amazon.com/tools/\">Tools for Amazon Web Services</a> page. </note>\n\n\t\t<p> Using the IAM Query API, you make direct calls to the IAM web service. IAM supports\n\t\t\tGET and POST requests for all actions. That is, the API does not require you to use GET for\n\t\t\tsome actions and POST for others. However, GET requests are subject to the limitation size of\n\t\t\ta URL. Therefore, for operations that require larger sizes, use a POST request. </p>\n\n\t\t<p><b>Signing Requests</b></p>\n\t\t<p>Requests must be signed using an access key ID and a secret\n\t\taccess key. We strongly recommend that you do not use your AWS account access key ID and\n\t\tsecret access key for everyday work with IAM. You can use the access key ID and secret access\n\t\tkey for an IAM user or you can use the AWS Security Token Service to generate temporary security credentials\n\t\tand use those to sign requests.\n\t\t</p>\n\n\t\t<p>To sign requests, we recommend that you use <a href=\"http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html\">Signature Version 4</a>. If\n\t\t\tyou have an existing application that uses Signature Version 2, you do not have to update it\n\t\t\tto use Signature Version 4. However, some operations now require Signature Version 4. The\n\t\t\tdocumentation for operations that require version 4 indicate this requirement. </p>\n\n\t\t<p><b>Recording API requests</b></p>\n\t\t<p>\n\t\t\tIAM supports AWS CloudTrail, which is a service that records AWS calls for your AWS account and delivers\n\t\t\tlog files to an Amazon S3 bucket. By using information collected by CloudTrail, you can determine what\n\t\t\trequests were successfully made to IAM, who made the request, when it was made, and so on. To learn more about\n\t\t\tCloudTrail, including how to turn it on and find your log files, see the\n\t\t\t<a href=\"http://docs.aws.amazon.com/awscloudtrail/latest/userguide/whatisawscloudtrail.html\">AWS CloudTrail User Guide</a>.\n\t\t</p>\n\n\t\t<p><b>Additional Resources</b></p>\n\t\t<p>For more information, see the following:</p>\n\t\t<ul>\n\t\t\t<li>\n<a href=\"http://docs.aws.amazon.com/general/latest/gr/aws-security-credentials.html\">AWS Security Credentials</a>. This topic provides general information about the types of\n\t\t\t\tcredentials used for accessing AWS.</li>\n\t\t\t<li>\n<a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/IAMBestPractices.html\">IAM\n\t\t\t\t\tBest Practices</a>. This topic presents a list of suggestions for using the IAM service\n\t\t\t\tto help secure your AWS resources.</li>\n\t\t\t<li>\n<a href=\"http://docs.aws.amazon.com/STS/latest/UsingSTS/\">AWS Security Token Service</a>. This guide\n\t\t\t\tdescribes how to create and use temporary security credentials.</li>\n\t\t\t<li>\n<a href=\"http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html\">Signing AWS API Requests</a>. This set of topics walk you through the process of signing\n\t\t\t\ta request using an access key ID and secret access key.</li>\n\t\t</ul>\n\t",
"operations": {
"AddRoleToInstanceProfile": {
"name": "AddRoleToInstanceProfile",
"input": {
"shape_name": "AddRoleToInstanceProfileRequest",
"type": "structure",
"members": {
"InstanceProfileName": {
"shape_name": "instanceProfileNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the instance profile to update.</p>\n\t",
"required": true
},
"RoleName": {
"shape_name": "roleNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the role to add.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "EntityAlreadyExistsException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityAlreadyExistsMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create a resource that already exists.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Adds the specified role to the specified instance profile. For more information about roles,\n\t\t\tgo to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html\">Working with\n\t\t\t\tRoles</a>. For more information about instance profiles, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html\">About Instance\n\t\t\t\tProfiles</a>.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=AddRoleToInstanceProfile\n&InstanceProfileName=Webserver\n&RoleName=S3Access\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<ResponseMetadata> </ResponseMetadata>\n\t\t\t<queryresponse>\n<AddRoleToInstanceProfileResponse xmlns=\"https://iam.amazonaws.com/doc/2010-05-08/\">\n <ResponseMetadata>\n <RequestId>12657608-99f2-11e1-a4c3-27EXAMPLE804</RequestId>\n </ResponseMetadata>\n</AddRoleToInstanceProfileResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"AddUserToGroup": {
"name": "AddUserToGroup",
"input": {
"shape_name": "AddUserToGroupRequest",
"type": "structure",
"members": {
"GroupName": {
"shape_name": "groupNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the group to update.</p>\n\t",
"required": true
},
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user to add.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Adds the specified user to the specified group.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=AddUserToGroup\n&GroupName=Managers\n&UserName=Bob\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<AddUserToGroupResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</AddUserToGroupResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"ChangePassword": {
"name": "ChangePassword",
"input": {
"shape_name": "ChangePasswordRequest",
"type": "structure",
"members": {
"OldPassword": {
"shape_name": "passwordType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"sensitive": true,
"documentation": "\n <p>The IAM users's current password.</p> \n ",
"required": true
},
"NewPassword": {
"shape_name": "passwordType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"sensitive": true,
"documentation": "\n <p>The new password. The new password must conform to the AWS account's password policy, if one exists.</p>\n ",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "InvalidUserTypeException",
"type": "structure",
"members": {
"message": {
"shape_name": "invalidUserTypeMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because the type of user for the transaction was incorrect.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
},
{
"shape_name": "EntityTemporarilyUnmodifiableException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityTemporarilyUnmodifiableMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that is temporarily unmodifiable,\n\t\t\tsuch as a user name that was deleted and then recreated. The error indicates that the request\n\t\t\tis likely to succeed if you try again after waiting several minutes. The error message\n\t\t\tdescribes the entity.</p>\n\t"
},
{
"shape_name": "PasswordPolicyViolationException",
"type": "structure",
"members": {
"message": {
"shape_name": "passwordPolicyViolationMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because the provided password did not meet the requirements imposed\n\t\t\tby the account password policy.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Changes the password of the IAM user calling <code>ChangePassword</code>. The root account\n\t\t\tpassword is not affected by this action. For information about modifying passwords, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html\">Managing Passwords</a> in the <i>Using IAM</i> guide.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=ChangePassword\n&OldPassword=U79}kgds4?\n&NewPassword=Lb0*1(9xpN\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<ChangePasswordResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</ChangePasswordResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"CreateAccessKey": {
"name": "CreateAccessKey",
"input": {
"shape_name": "CreateAccessKeyRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The user name that the new key will belong to.</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "CreateAccessKeyResponse",
"type": "structure",
"members": {
"AccessKey": {
"shape_name": "AccessKey",
"type": "structure",
"members": {
"UserName": {
"shape_name": "userNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user the key is associated with.</p>\n\t",
"required": true
},
"AccessKeyId": {
"shape_name": "accessKeyIdType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The ID for this access key.</p>\n\t",
"required": true
},
"Status": {
"shape_name": "statusType",
"type": "string",
"enum": [
"Active",
"Inactive"
],
"documentation": "\n\t\t<p>The status of the access key. <code>Active</code> means the key is valid for API calls, while\n\t\t\t\t<code>Inactive</code> means it is not.</p>\n\t",
"required": true
},
"SecretAccessKey": {
"shape_name": "accessKeySecretType",
"type": "string",
"sensitive": true,
"documentation": "\n\t\t<p>The secret key used to sign requests.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the access key was created.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Information about the access key.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>CreateAccessKey</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Creates a new AWS secret access key and corresponding AWS access key ID for the specified\n\t\t\tuser. The default status for new keys is <code>Active</code>.</p>\n\t\t<p>If you do not specify a user name, IAM determines the user name implicitly based on the AWS\n\t\t\taccess key ID signing the request. Because this action works for access keys under the AWS\n\t\t\taccount, you can use this API to manage root credentials even if the AWS account has no\n\t\t\tassociated users.</p>\n\t\t<p>For information about limits on the number of keys you can create, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html\">Limitations on IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t\t<important>To ensure the security of your AWS account, the secret access key is accessible only\n\t\t\tduring key and user creation. You must save the key (for example, in a text file) if you want\n\t\t\tto be able to access it again. If a secret key is lost, you can delete the access keys for the\n\t\t\tassociated user and then create new keys.</important>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=CreateAccessKey\n&UserName=Bob\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<CreateAccessKeyResponse>\n <CreateAccessKeyResult>\n <AccessKey>\n <UserName>Bob</UserName>\n <AccessKeyId>AKIAIOSFODNN7EXAMPLE</AccessKeyId>\n <Status>Active</Status>\n <SecretAccessKey>wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY\n </SecretAccessKey>\n </AccessKey>\n </CreateAccessKeyResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</CreateAccessKeyResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"CreateAccountAlias": {
"name": "CreateAccountAlias",
"input": {
"shape_name": "CreateAccountAliasRequest",
"type": "structure",
"members": {
"AccountAlias": {
"shape_name": "accountAliasType",
"type": "string",
"min_length": 3,
"max_length": 63,
"pattern": "^[a-z0-9](([a-z0-9]|-(?!-))*[a-z0-9])?$",
"documentation": "\n\t\t<p>Name of the account alias to create.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "EntityAlreadyExistsException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityAlreadyExistsMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create a resource that already exists.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>This action creates an alias for your AWS account. For information about using an AWS account\n\t\t\talias, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html\">Using an Alias for Your AWS Account ID</a> in the <i>Using IAM</i> guide.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=CreateAccountAlias\n&AccountAlias=foocorporation\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<CreateAccountAliasResponse>\n <ResponseMetadata>\n <RequestId>36b5db08-f1b0-11df-8fbe-45274EXAMPLE</RequestId>\n </ResponseMetadata>\n</CreateAccountAliasResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"CreateGroup": {
"name": "CreateGroup",
"input": {
"shape_name": "CreateGroupRequest",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>The path to the group. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t\t<p>This parameter is optional. If it is not included, it defaults to a slash (/).</p>\n\t"
},
"GroupName": {
"shape_name": "groupNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the group to create. Do not include the path in this value.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": {
"shape_name": "CreateGroupResponse",
"type": "structure",
"members": {
"Group": {
"shape_name": "Group",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the group. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"GroupName": {
"shape_name": "groupNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name that identifies the group.</p>\n\t",
"required": true
},
"GroupId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the group. For more information about IDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the group. For more information about ARNs and how\n\t\t\tto use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the group was created.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Information about the group.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>CreateGroup</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
},
{
"shape_name": "EntityAlreadyExistsException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityAlreadyExistsMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create a resource that already exists.</p>\n\t"
},
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Creates a new group.</p>\n\t\t<p>For information about the number of groups you can create, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html\">Limitations on IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=CreateGroup\n&Path=/\n&GroupName=Admins\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<CreateGroupResponse>\n <CreateGroupResult>\n <Group>\n <Path>/</Path>\n <GroupName>Admins</GroupName>\n <GroupId>AGPACKCEVSQ6C2EXAMPLE</GroupId>\n <Arn>arn:aws:iam::123456789012:group/Admins</Arn>\n </Group>\n </CreateGroupResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</CreateGroupResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"CreateInstanceProfile": {
"name": "CreateInstanceProfile",
"input": {
"shape_name": "CreateInstanceProfileRequest",
"type": "structure",
"members": {
"InstanceProfileName": {
"shape_name": "instanceProfileNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the instance profile to create.</p>\n\t",
"required": true
},
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>The path to the instance profile. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t\t<p>This parameter is optional. If it is not included, it defaults to a slash (/).</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "CreateInstanceProfileResponse",
"type": "structure",
"members": {
"InstanceProfile": {
"shape_name": "InstanceProfile",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the instance profile. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"InstanceProfileName": {
"shape_name": "instanceProfileNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name identifying the instance profile.</p>\n\t",
"required": true
},
"InstanceProfileId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the instance profile. For more information about\n\t\t\tIDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the instance profile. For more information about\n\t\t\tARNs and how to use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the instance profile was created.</p>\n\t",
"required": true
},
"Roles": {
"shape_name": "roleListType",
"type": "list",
"members": {
"shape_name": "Role",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the role. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"RoleName": {
"shape_name": "roleNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name identifying the role.</p>\n\t",
"required": true
},
"RoleId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the role. For more information about IDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the role. For more information about ARNs and how\n\t\t\tto use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the role was created.</p>\n\t",
"required": true
},
"AssumeRolePolicyDocument": {
"shape_name": "policyDocumentType",
"type": "string",
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"min_length": 1,
"max_length": 131072,
"documentation": "\n\t\t<p>The policy that grants an entity permission to assume the role.</p>\n\t\t<p>The returned policy is URL-encoded according to RFC 3986. For more information about RFC\n\t\t\t3986, go to <a href=\"http://www.faqs.org/rfcs/rfc3986.html\">http://www.faqs.org/rfcs/rfc3986.html</a>.</p>\n\t"
}
},
"documentation": "\n\t\t<p>The Role data type contains information about a role.</p>\n\t\t<p> This data type is used as a response element in the following actions:</p>\n\t\t<ul>\n\t\t\t<li><p><a>CreateRole</a></p></li>\n\t\t\t<li><p><a>GetRole</a></p></li>\n\t\t\t<li><p><a>ListRoles</a></p></li>\n\t\t</ul>\n\t"
},
"documentation": "\n\t\t<p>The role associated with the instance profile.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Information about the instance profile.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>CreateInstanceProfile</a>\n\t\t\taction.</p>\n\t"
},
"errors": [
{
"shape_name": "EntityAlreadyExistsException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityAlreadyExistsMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create a resource that already exists.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Creates a new instance profile. For information about instance profiles, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html\">About Instance\n\t\t\t\tProfiles</a>.</p>\n\t\t<p>For information about the number of instance profiles you can create, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html\">Limitations on IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=CreateInstanceProfile\n&InstanceProfileName=Webserver\n&Path=/application_abc/component_xyz/\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<CreateInstanceProfileResponse xmlns=\"https://iam.amazonaws.com/doc/2010-05-08/\">\n <CreateInstanceProfileResult>\n <InstanceProfile>\n <InstanceProfileId>AIPAD5ARO2C5EXAMPLE3G</InstanceProfileId>\n <Roles/>\n <InstanceProfileName>Webserver</InstanceProfileName>\n <Path>/application_abc/component_xyz/</Path>\n <Arn>arn:aws:iam::123456789012:instance-profile/application_abc/component_xyz/Webserver</Arn>\n <CreateDate>2012-05-09T16:11:10.222Z</CreateDate>\n </InstanceProfile>\n </CreateInstanceProfileResult>\n <ResponseMetadata>\n <RequestId>974142ee-99f1-11e1-a4c3-27EXAMPLE804</RequestId>\n </ResponseMetadata>\n</CreateInstanceProfileResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"CreateLoginProfile": {
"name": "CreateLoginProfile",
"input": {
"shape_name": "CreateLoginProfileRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "userNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user to create a password for.</p>\n\t",
"required": true
},
"Password": {
"shape_name": "passwordType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"sensitive": true,
"documentation": "\n\t\t<p>The new password for the user.</p>\n\t",
"required": true
},
"PasswordResetRequired": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n <p>Specifies whether the user is required to set a new password on next sign-in.</p>\n "
}
},
"documentation": " "
},
"output": {
"shape_name": "CreateLoginProfileResponse",
"type": "structure",
"members": {
"LoginProfile": {
"shape_name": "LoginProfile",
"type": "structure",
"members": {
"UserName": {
"shape_name": "userNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name of the user, which can be used for signing in to the AWS Management Console.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the password for the user was created.</p>\n\t",
"required": true
},
"PasswordResetRequired": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n <p>Specifies whether the user is required to set a new password on next sign-in.</p>\n "
}
},
"documentation": "\n\t\t<p>The user name and password create date.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>CreateLoginProfile</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "EntityAlreadyExistsException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityAlreadyExistsMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create a resource that already exists.</p>\n\t"
},
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "PasswordPolicyViolationException",
"type": "structure",
"members": {
"message": {
"shape_name": "passwordPolicyViolationMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because the provided password did not meet the requirements imposed\n\t\t\tby the account password policy.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Creates a password for the specified user, giving the user the ability to access AWS services\n\t\t\tthrough the AWS Management Console. For more information about managing passwords, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html\">Managing Passwords</a> in the <i>Using IAM</i> guide.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=CreateLoginProfile\n&UserName=Bob\n&Password=Password1\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<CreateLoginProfileResponse>\n <CreateUserResult>\n <LoginProfile>\n <UserName>Bob</UserName>\n <CreateDate>2011-09-19T23:00:56Z</CreateDate>\n </LoginProfile>\n </CreateUserResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</CreateLoginProfileResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"CreateRole": {
"name": "CreateRole",
"input": {
"shape_name": "CreateRoleRequest",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>The path to the role. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t\t<p>This parameter is optional. If it is not included, it defaults to a slash (/).</p>\n\t"
},
"RoleName": {
"shape_name": "roleNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the role to create.</p>\n\t",
"required": true
},
"AssumeRolePolicyDocument": {
"shape_name": "policyDocumentType",
"type": "string",
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"min_length": 1,
"max_length": 131072,
"documentation": "\n\t\t<p>The policy that grants an entity permission to assume the role.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": {
"shape_name": "CreateRoleResponse",
"type": "structure",
"members": {
"Role": {
"shape_name": "Role",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the role. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"RoleName": {
"shape_name": "roleNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name identifying the role.</p>\n\t",
"required": true
},
"RoleId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the role. For more information about IDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the role. For more information about ARNs and how\n\t\t\tto use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the role was created.</p>\n\t",
"required": true
},
"AssumeRolePolicyDocument": {
"shape_name": "policyDocumentType",
"type": "string",
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"min_length": 1,
"max_length": 131072,
"documentation": "\n\t\t<p>The policy that grants an entity permission to assume the role.</p>\n\t\t<p>The returned policy is URL-encoded according to RFC 3986. For more information about RFC\n\t\t\t3986, go to <a href=\"http://www.faqs.org/rfcs/rfc3986.html\">http://www.faqs.org/rfcs/rfc3986.html</a>.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Information about the role.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>CreateRole</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
},
{
"shape_name": "EntityAlreadyExistsException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityAlreadyExistsMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create a resource that already exists.</p>\n\t"
},
{
"shape_name": "MalformedPolicyDocumentException",
"type": "structure",
"members": {
"message": {
"shape_name": "malformedPolicyDocumentMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because the policy document was malformed. The error message\n\t\t\tdescribes the specific error.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Creates a new role for your AWS account. For more information about roles, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html\">Working with Roles</a>.\n\t\t\tFor information about limitations on role names and the number of roles you can create, go to\n\t\t\t\t<a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html\">Limitations on IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t\t<p>The example policy grants permission to an EC2 instance to assume the role. The policy is URL-encoded\n\t\t\taccording to RFC 3986. For more information about RFC 3986, go to <a href=\"http://www.faqs.org/rfcs/rfc3986.html\">http://www.faqs.org/rfcs/rfc3986.html</a>.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=CreateRole\n&RoleName=S3Access\n&Path=/application_abc/component_xyz/\n&AssumeRolePolicyDocument={\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}\n&Version=2010-05-08\n&AUTHPARAMS\n\t\t\t</queryrequest>\n\t\t\t<queryresponse>\n<CreateRoleResponse xmlns=\"https://iam.amazonaws.com/doc/2010-05-08/\">\n <CreateRoleResult>\n <Role>\n <Path>/application_abc/component_xyz/</Path>\n <Arn>arn:aws:iam::123456789012:role/application_abc/component_xyz/S3Access</Arn>\n <RoleName>S3Access</RoleName>\n <AssumeRolePolicyDocument>{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}</AssumeRolePolicyDocument>\n <CreateDate>2012-05-08T23:34:01.495Z</CreateDate>\n <RoleId>AROADBQP57FF2AEXAMPLE</RoleId>\n </Role>\n </CreateRoleResult>\n <ResponseMetadata>\n <RequestId>4a93ceee-9966-11e1-b624-b1aEXAMPLE7c</RequestId>\n </ResponseMetadata>\n</CreateRoleResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"CreateSAMLProvider": {
"name": "CreateSAMLProvider",
"input": {
"shape_name": "CreateSAMLProviderRequest",
"type": "structure",
"members": {
"SAMLMetadataDocument": {
"shape_name": "SAMLMetadataDocumentType",
"type": "string",
"min_length": 1000,
"max_length": 10000000,
"documentation": "\n\t\t<p>An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document\n\t\t\tincludes the issuer's name, expiration information, and keys that can be used to validate the\n\t\t\tSAML authentication response (assertions) that are received from the IdP. You must generate\n\t\t\tthe metadata document using the identity management software that is used as your\n\t\t\torganization's IdP. </p>\n\n\t\t<p>For more information, see <a href=\"http://docs.aws.amazon.com/STS/latest/UsingSTS/CreatingSAML.html\">Creating Temporary Security Credentials for SAML Federation</a> in the <i>Using Temporary\n\t\t\t\tSecurity Credentials</i> guide. </p>\n\n\t",
"required": true
},
"Name": {
"shape_name": "SAMLProviderNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w._-]*",
"documentation": "\n\t\t<p>The name of the provider to create.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": {
"shape_name": "CreateSAMLProviderResponse",
"type": "structure",
"members": {
"SAMLProviderArn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) of the SAML provider.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>CreateSAMLProvider</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "InvalidInputException",
"type": "structure",
"members": {
"message": {
"shape_name": "invalidInputMessage",
"type": "string",
"documentation": null
}
},
"documentation": null
},
{
"shape_name": "EntityAlreadyExistsException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityAlreadyExistsMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create a resource that already exists.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Creates an IAM entity to describe an identity provider (IdP) that supports SAML 2.0.</p>\n\t\t<p>The SAML provider that you create with this operation can be used as a principal in a role's\n\t\t\ttrust policy to establish a trust relationship between AWS and a SAML identity provider. You\n\t\t\tcan create an IAM role that supports Web-based single sign-on (SSO) to the AWS Management Console or one\n\t\t\tthat supports API access to AWS. </p>\n\n\t\t<p>When you create the SAML provider, you upload an a SAML metadata document that you get from\n\t\t\tyour IdP and that includes the issuer's name, expiration information, and keys that can be\n\t\t\tused to validate the SAML authentication response (assertions) that are received from the IdP.\n\t\t\tYou must generate the metadata document using the identity management software that is used as\n\t\t\tyour organization's IdP. </p>\n\n\n\t\t<note>This operation requires <a href=\"http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html\">Signature Version\n\t\t\t4</a>.</note>\n\n\t\t<p>For more information, see <a href=\"http://docs.aws.amazon.com/STS/latest/UsingSTS/STSMgmtConsole-SAML.html\">Giving Console Access Using SAML</a> and <a href=\"http://docs.aws.amazon.com/STS/latest/UsingSTS/CreatingSAML.html\">Creating\n\t\t\t\tTemporary Security Credentials for SAML Federation</a> in the <i>Using Temporary\n\t\t\t\tCredentials</i> guide. </p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=CreateSAMLProvider\n&Name=MyUniversity\n&SAMLProviderDocument=VGhpcyBpcyB3aGVyZSB5b3UgcHV0IHRoZSBTQU1MIHByb3ZpZGVyIG1ldGFkYXRhIGRvY3VtZW50\nLCBCYXNlNjQtZW5jb2RlZCBpbnRvIGEgYmlnIHN0cmluZy4=\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<CreateSAMLProviderResponse xmlns=\"https://iam.amazonaws.com/doc/2010-05-08/\">\n <CreateSAMLProviderResult>\n <SAMLProviderArn>arn:aws:iam::123456789012:saml-metadata/MyUniversity</SAMLProviderArn>\n </CreateSAMLProviderResult>\n <ResponseMetadata>\n <RequestId>29f47818-99f5-11e1-a4c3-27EXAMPLE804</RequestId>\n </ResponseMetadata>\n</CreateSAMLProviderResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"CreateUser": {
"name": "CreateUser",
"input": {
"shape_name": "CreateUserRequest",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>The path for the user name. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t\t<p>This parameter is optional. If it is not included, it defaults to a slash (/).</p>\n\t"
},
"UserName": {
"shape_name": "userNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user to create.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": {
"shape_name": "CreateUserResponse",
"type": "structure",
"members": {
"User": {
"shape_name": "User",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the user. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"UserName": {
"shape_name": "userNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name identifying the user.</p>\n\t",
"required": true
},
"UserId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the user. For more information about IDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the user. For more information about ARNs and how\n\t\t\tto use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the user was created.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Information about the user.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>CreateUser</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
},
{
"shape_name": "EntityAlreadyExistsException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityAlreadyExistsMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create a resource that already exists.</p>\n\t"
},
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Creates a new user for your AWS account.</p>\n\t\t<p>For information about limitations on the number of users you can create, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html\">Limitations on IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=CreateUser\n&Path=/division_abc/subdivision_xyz/\n&UserName=Bob\n&Version=2010-05-08\n&AUTHPARAMS\n\t\t\t</queryrequest>\n\t\t\t<queryresponse>\n<CreateUserResponse>\n <CreateUserResult>\n <User>\n <Path>/division_abc/subdivision_xyz/</Path>\n <UserName>Bob</UserName>\n <UserId>AIDACKCEVSQ6C2EXAMPLE</UserId>\n <Arn>arn:aws:iam::123456789012:user/division_abc/subdivision_xyz/Bob\n </Arn>\n </User>\n </CreateUserResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</CreateUserResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"CreateVirtualMFADevice": {
"name": "CreateVirtualMFADevice",
"input": {
"shape_name": "CreateVirtualMFADeviceRequest",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>The path for the virtual MFA device. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t\t<p>This parameter is optional. If it is not included, it defaults to a slash (/).</p>\n\t"
},
"VirtualMFADeviceName": {
"shape_name": "virtualMFADeviceName",
"type": "string",
"pattern": "[\\w+=,.@-]*",
"min_length": 1,
"documentation": "\n\t\t<p>The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA\n\t\t\tdevice.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": {
"shape_name": "CreateVirtualMFADeviceResponse",
"type": "structure",
"members": {
"VirtualMFADevice": {
"shape_name": "VirtualMFADevice",
"type": "structure",
"members": {
"SerialNumber": {
"shape_name": "serialNumberType",
"type": "string",
"min_length": 9,
"max_length": 256,
"pattern": "[\\w+=/:,.@-]*",
"documentation": "\n\t\t<p>The serial number associated with <code>VirtualMFADevice</code>.</p>\n\t",
"required": true
},
"Base32StringSeed": {
"shape_name": "BootstrapDatum",
"type": "blob",
"sensitive": true,
"documentation": "\n\t\t<p>The Base32 seed defined as specified in <a href=\"http://www.ietf.org/rfc/rfc3548.txt\">RFC3548</a>. The <code>Base32StringSeed</code> is Base64-encoded.</p>\n\t"
},
"QRCodePNG": {
"shape_name": "BootstrapDatum",
"type": "blob",
"sensitive": true,
"documentation": "\n\t\t<p>A QR code PNG image that encodes <i>otpauth://totp/$virtualMFADeviceName@$AccountName?\n\t\t\t\tsecret=$Base32String</i> where $virtualMFADeviceName is one of the create call arguments,\n\t\t\tAccountName is the user name if set (accountId otherwise), and Base32String is the seed in\n\t\t\tBase32 format. The <code>Base32String</code> is Base64-encoded.</p>\n\t"
},
"User": {
"shape_name": "User",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the user. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"UserName": {
"shape_name": "userNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name identifying the user.</p>\n\t",
"required": true
},
"UserId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the user. For more information about IDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the user. For more information about ARNs and how\n\t\t\tto use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the user was created.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>The User data type contains information about a user.</p>\n\t\t<p> This data type is used as a response element in the following actions:</p>\n\t\t<ul>\n\t\t\t<li><p><a>CreateUser</a></p></li>\n\t\t\t<li><p><a>GetUser</a></p></li>\n\t\t\t<li><p><a>ListUsers</a></p></li>\n\t\t</ul>\n\t"
},
"EnableDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": null
}
},
"documentation": "\n\t\t<p>A newly created virtual MFA device.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>CreateVirtualMFADevice</a>\n\t\t\taction.</p>\n\t"
},
"errors": [
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
},
{
"shape_name": "EntityAlreadyExistsException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityAlreadyExistsMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create a resource that already exists.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Creates a new virtual MFA device for the AWS account. After creating the virtual MFA, use <a href=\"http://docs.aws.amazon.com/IAM/latest/APIReference/API_EnableMFADevice.html\">EnableMFADevice</a> to attach the MFA device to an IAM user. For more information about\n\t\t\tcreating and working with virtual MFA devices, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html\">Using a Virtual MFA Device</a> in the <i>Using IAM</i> guide.</p>\n\t\t<p>For information about limits on the number of MFA devices you can create, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html\">Limitations on Entities</a> in the <i>Using IAM</i> guide.</p>\n\t\t<important>The seed information contained in the QR code and the Base32 string should be treated\n\t\t\tlike any other secret access information, such as your AWS access keys or your passwords.\n\t\t\tAfter you provision your virtual device, you should ensure that the information is destroyed\n\t\t\tfollowing secure procedures.</important>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=CreateVirtualMFADevice\n&VirtualMFADeviceName=ExampleName\n&Path=/\n&Version=2010-05-08\n&AUTHPARAMS\n</queryrequest>\n\t\t\t<queryresponse>\n<CreateVirtualMFADeviceResponse>\n <CreateVirtualMFADeviceResult>\n <VirtualMFADevice>\n <SerialNumber>arn:aws:iam::123456789012:mfa/ExampleName</SerialNumber>\n <Base32StringSeed>2K5K5XTLA7GGE75TQLYEXAMPLEEXAMPLEEXAMPLECHDFW4KJYZ6\n UFQ75LL7COCYKM</Base32StringSeed>\n <QRCodePNG>89504E470D0A1A0AASDFAHSDFKJKLJFKALSDFJASDF</QRCodePNG> <!-- byte array of png file -->\n </VirtualMFADevice>\n </CreateVirtualMFADeviceResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</CreateVirtualMFADeviceResponse>\n</queryresponse>\n\t\t</examples>\n\t"
},
"DeactivateMFADevice": {
"name": "DeactivateMFADevice",
"input": {
"shape_name": "DeactivateMFADeviceRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user whose MFA device you want to deactivate.</p>\n\t",
"required": true
},
"SerialNumber": {
"shape_name": "serialNumberType",
"type": "string",
"min_length": 9,
"max_length": 256,
"pattern": "[\\w+=/:,.@-]*",
"documentation": "\n\t\t<p>The serial number that uniquely identifies the MFA device. For virtual MFA devices, the\n\t\t\tserial number is the device ARN.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "EntityTemporarilyUnmodifiableException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityTemporarilyUnmodifiableMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that is temporarily unmodifiable,\n\t\t\tsuch as a user name that was deleted and then recreated. The error indicates that the request\n\t\t\tis likely to succeed if you try again after waiting several minutes. The error message\n\t\t\tdescribes the entity.</p>\n\t"
},
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Deactivates the specified MFA device and removes it from association with the user name for\n\t\t\twhich it was originally enabled.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=DeactivateMFADevice\n&UserName=Bob\n&SerialNumber=R1234\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<DeactivateMFADeviceResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</DeactivateMFADeviceResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"DeleteAccessKey": {
"name": "DeleteAccessKey",
"input": {
"shape_name": "DeleteAccessKeyRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user whose key you want to delete.</p>\n\t"
},
"AccessKeyId": {
"shape_name": "accessKeyIdType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The access key ID for the access key ID and secret access key you want to delete.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Deletes the access key associated with the specified user.</p>\n\t\t<p>If you do not specify a user name, IAM determines the user name implicitly based on the AWS\n\t\t\taccess key ID signing the request. Because this action works for access keys under the AWS\n\t\t\taccount, you can use this API to manage root credentials even if the AWS account has no\n\t\t\tassociated users.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=DeleteAccessKey\n&UserName=Bob\n&AccessKeyId=AKIAIOSFODNN7EXAMPLE\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<DeleteAccessKeyResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</DeleteAccessKeyResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"DeleteAccountAlias": {
"name": "DeleteAccountAlias",
"input": {
"shape_name": "DeleteAccountAliasRequest",
"type": "structure",
"members": {
"AccountAlias": {
"shape_name": "accountAliasType",
"type": "string",
"min_length": 3,
"max_length": 63,
"pattern": "^[a-z0-9](([a-z0-9]|-(?!-))*[a-z0-9])?$",
"documentation": "\n\t\t<p>Name of the account alias to delete.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Deletes the specified AWS account alias. For information about using an AWS account alias,\n\t\t\tsee <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html\">Using an\n\t\t\t\tAlias for Your AWS Account ID</a> in the <i>Using IAM</i> guide.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=DeleteAccountAlias\n&AccountAlias=foocorporation\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<DeleteAccountAliasResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</DeleteAccountAliasResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"DeleteAccountPasswordPolicy": {
"name": "DeleteAccountPasswordPolicy",
"input": null,
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Deletes the password policy for the AWS account.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=DeleteAccountPasswordPolicy\n&Version=2010-05-08\n&AUTHPARAMS\n</queryrequest>\n\t\t\t<queryresponse>\n<DeleteAccountPasswordPolicyResponse>\n <ResponseMetadata>\n\t <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n\t</ResponseMetadata>\n</DeleteAccountPasswordPolicy>\n</queryresponse>\n\t\t</examples>\n\t"
},
"DeleteGroup": {
"name": "DeleteGroup",
"input": {
"shape_name": "DeleteGroupRequest",
"type": "structure",
"members": {
"GroupName": {
"shape_name": "groupNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the group to delete.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "DeleteConflictException",
"type": "structure",
"members": {
"message": {
"shape_name": "deleteConflictMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to delete a resource that has attached\n\t\t\tsubordinate entities. The error message describes these entities.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Deletes the specified group. The group must not contain any users or have any attached\n\t\t\tpolicies.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=DeleteGroup\n&Group=Test\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<DeleteGroupResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</DeleteGroupResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"DeleteGroupPolicy": {
"name": "DeleteGroupPolicy",
"input": {
"shape_name": "DeleteGroupPolicyRequest",
"type": "structure",
"members": {
"GroupName": {
"shape_name": "groupNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the group the policy is associated with.</p>\n\t",
"required": true
},
"PolicyName": {
"shape_name": "policyNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the policy document to delete.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Deletes the specified policy that is associated with the specified group.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=DeleteGroupPolicy\n&GroupName=Admins\n&PolicyName=AdminRoot\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<DeleteGroupPolicyResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</DeleteGroupPolicyResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"DeleteInstanceProfile": {
"name": "DeleteInstanceProfile",
"input": {
"shape_name": "DeleteInstanceProfileRequest",
"type": "structure",
"members": {
"InstanceProfileName": {
"shape_name": "instanceProfileNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the instance profile to delete.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "DeleteConflictException",
"type": "structure",
"members": {
"message": {
"shape_name": "deleteConflictMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to delete a resource that has attached\n\t\t\tsubordinate entities. The error message describes these entities.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Deletes the specified instance profile. The instance profile must not have an associated\n\t\t\trole.</p>\n\t\t<important>Make sure you do not have any Amazon EC2 instances running with the instance profile\n\t\t\tyou are about to delete. Deleting a role or instance profile that is associated with a running\n\t\t\tinstance will break any applications running on the instance.</important>\n\t\t<p>For more information about instance profiles, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html\">About Instance\n\t\t\t\tProfiles</a>.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=DeleteInstanceProfile\n&InstanceProfileName=Webserver\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<DeleteInstanceProfileResponse xmlns=\"https://iam.amazonaws.com/doc/2010-05-08/\">\n <ResponseMetadata>\n <RequestId>90c18667-99f3-11e1-a4c3-27EXAMPLE804</RequestId>\n </ResponseMetadata>\n</DeleteInstanceProfileResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"DeleteLoginProfile": {
"name": "DeleteLoginProfile",
"input": {
"shape_name": "DeleteLoginProfileRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "userNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user whose password you want to delete.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "EntityTemporarilyUnmodifiableException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityTemporarilyUnmodifiableMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that is temporarily unmodifiable,\n\t\t\tsuch as a user name that was deleted and then recreated. The error indicates that the request\n\t\t\tis likely to succeed if you try again after waiting several minutes. The error message\n\t\t\tdescribes the entity.</p>\n\t"
},
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Deletes the password for the specified user, which terminates the user's ability to access\n\t\t\tAWS services through the AWS Management Console.</p>\n\t\t<important>Deleting a user's password does not prevent a user from accessing IAM through the\n\t\t\tcommand line interface or the API. To prevent all user access you must also either make the\n\t\t\taccess key inactive or delete it. For more information about making keys inactive or deleting\n\t\t\tthem, see <a>UpdateAccessKey</a> and <a>DeleteAccessKey</a>. </important>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=DeleteLoginProfile\n&UserName=Bob\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<DeleteLoginProfileResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</DeleteLoginProfileResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"DeleteRole": {
"name": "DeleteRole",
"input": {
"shape_name": "DeleteRoleRequest",
"type": "structure",
"members": {
"RoleName": {
"shape_name": "roleNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the role to delete.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "DeleteConflictException",
"type": "structure",
"members": {
"message": {
"shape_name": "deleteConflictMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to delete a resource that has attached\n\t\t\tsubordinate entities. The error message describes these entities.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Deletes the specified role. The role must not have any policies attached. For more\n\t\t\tinformation about roles, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html\">Working with\n\t\t\tRoles</a>.</p>\n\t\t<important>Make sure you do not have any Amazon EC2 instances running with the role you are\n\t\t\tabout to delete. Deleting a role or instance profile that is associated with a running\n\t\t\tinstance will break any applications running on the instance.</important>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=DeleteRole\n&RoleName=S3Access\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<DeleteRoleResponse xmlns=\"https://iam.amazonaws.com/doc/2010-05-08/\">\n <ResponseMetadata>\n <RequestId>913e3f37-99ed-11e1-a4c3-270EXAMPLE04</RequestId>\n </ResponseMetadata>\n</DeleteRoleResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"DeleteRolePolicy": {
"name": "DeleteRolePolicy",
"input": {
"shape_name": "DeleteRolePolicyRequest",
"type": "structure",
"members": {
"RoleName": {
"shape_name": "roleNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the role the associated with the policy.</p>\n\t",
"required": true
},
"PolicyName": {
"shape_name": "policyNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the policy document to delete.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Deletes the specified policy associated with the specified role.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=DeleteRolePolicy\n&PolicyName=S3AccessPolicy\n&RoleName=S3Access\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<DeleteRolePolicyResponse xmlns=\"https://iam.amazonaws.com/doc/2010-05-08/\">\n <ResponseMetadata>\n <RequestId>c749ee7f-99ef-11e1-a4c3-27EXAMPLE804</RequestId>\n </ResponseMetadata>\n</DeleteRolePolicyResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"DeleteSAMLProvider": {
"name": "DeleteSAMLProvider",
"input": {
"shape_name": "DeleteSAMLProviderRequest",
"type": "structure",
"members": {
"SAMLProviderArn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) of the SAML provider to delete.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "InvalidInputException",
"type": "structure",
"members": {
"message": {
"shape_name": "invalidInputMessage",
"type": "string",
"documentation": null
}
},
"documentation": null
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
},
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Deletes a SAML provider.</p>\n\t\t<p>Deleting the provider does not update any roles that reference the SAML provider as a\n\t\t\tprincipal in their trust policies. Any attempt to assume a role that references a SAML\n\t\t\tprovider that has been deleted will fail. </p>\n\n\t\t<note>This operation requires <a href=\"http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html\">Signature Version\n\t\t\t4</a>.</note>\n\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=DeleteSAMLProvider\n&Name=arn:aws:iam::123456789012:saml-metadata/MyUniversity\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t</examples>\n\t"
},
"DeleteServerCertificate": {
"name": "DeleteServerCertificate",
"input": {
"shape_name": "DeleteServerCertificateRequest",
"type": "structure",
"members": {
"ServerCertificateName": {
"shape_name": "serverCertificateNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name of the server certificate you want to delete.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "DeleteConflictException",
"type": "structure",
"members": {
"message": {
"shape_name": "deleteConflictMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to delete a resource that has attached\n\t\t\tsubordinate entities. The error message describes these entities.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Deletes the specified server certificate.</p>\n\t\t<important>If you are using a server certificate with Elastic Load Balancing, deleting the\n\t\t\tcertificate could have implications for your application. If Elastic Load Balancing doesn't\n\t\t\tdetect the deletion of bound certificates, it may continue to use the certificates. This could\n\t\t\tcause Elastic Load Balancing to stop accepting traffic. We recommend that you remove the\n\t\t\treference to the certificate from Elastic Load Balancing before using this command to delete\n\t\t\tthe certificate. For more information, go to <a href=\"http://docs.aws.amazon.com/ElasticLoadBalancing/latest/APIReference/API_DeleteLoadBalancerListeners.html\" target=\"blank\">DeleteLoadBalancerListeners</a> in the <i>Elastic Load Balancing API\n\t\t\t\tReference</i>.</important>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=DeleteServerCertificate\n&ServerCertificateName=ProdServerCert\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<DeleteServerCertificateResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</DeleteServerCertificateResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"DeleteSigningCertificate": {
"name": "DeleteSigningCertificate",
"input": {
"shape_name": "DeleteSigningCertificateRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user the signing certificate belongs to.</p>\n\t"
},
"CertificateId": {
"shape_name": "certificateIdType",
"type": "string",
"min_length": 24,
"max_length": 128,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>ID of the signing certificate to delete.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Deletes the specified signing certificate associated with the specified user.</p>\n\t\t<p>If you do not specify a user name, IAM determines the user name implicitly based on the AWS\n\t\t\taccess key ID signing the request. Because this action works for access keys under the AWS\n\t\t\taccount, you can use this API to manage root credentials even if the AWS account has no\n\t\t\tassociated users.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=DeleteSigningCertificate\n&UserName=Bob\n&CertificateId=TA7SMP42TDN5Z26OBPJE7EXAMPLE\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<DeleteSigningCertificateResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</DeleteSigningCertificateResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"DeleteUser": {
"name": "DeleteUser",
"input": {
"shape_name": "DeleteUserRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user to delete.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
},
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "DeleteConflictException",
"type": "structure",
"members": {
"message": {
"shape_name": "deleteConflictMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to delete a resource that has attached\n\t\t\tsubordinate entities. The error message describes these entities.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Deletes the specified user. The user must not belong to any groups, have any keys or signing\n\t\t\tcertificates, or have any attached policies.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=DeleteUser\n&UserName=Bob\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<DeleteUserResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</DeleteUserResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"DeleteUserPolicy": {
"name": "DeleteUserPolicy",
"input": {
"shape_name": "DeleteUserPolicyRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user the policy is associated with.</p>\n\t",
"required": true
},
"PolicyName": {
"shape_name": "policyNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the policy document to delete.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Deletes the specified policy associated with the specified user.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=DeleteUserPolicy\n&UserName=Bob\n&PolicyName=AllAccessPolicy\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<DeleteUserPolicyResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</DeleteUserPolicyResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"DeleteVirtualMFADevice": {
"name": "DeleteVirtualMFADevice",
"input": {
"shape_name": "DeleteVirtualMFADeviceRequest",
"type": "structure",
"members": {
"SerialNumber": {
"shape_name": "serialNumberType",
"type": "string",
"min_length": 9,
"max_length": 256,
"pattern": "[\\w+=/:,.@-]*",
"documentation": "\n\t\t<p>The serial number that uniquely identifies the MFA device. For virtual MFA devices, the\n\t\t\tserial number is the same as the ARN.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "DeleteConflictException",
"type": "structure",
"members": {
"message": {
"shape_name": "deleteConflictMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to delete a resource that has attached\n\t\t\tsubordinate entities. The error message describes these entities.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Deletes a virtual MFA device.</p>\n\n\t\t<note>You must deactivate a user's virtual MFA device before you can delete it. For information\n\t\t\tabout deactivating MFA devices, see <a href=\"http://docs.aws.amazon.com/IAM/latest/APIReference/API_DeactivateMFADevice.html\">DeactivateMFADevice</a>.</note>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=DeleteVirtualMFADevice\n&SerialNumber=arn:aws:iam::123456789012:mfa/ExampleName\n&Version=2010-05-08\n&AUTHPARAMS\n</queryrequest>\n\t\t\t<queryresponse>\n<DeleteVirtualMFADeviceResponse>\n <DeleteVirtualMFADeviceResult>\n <VirtualMFADevice>\n <SerialNumber>arn:aws:iam::123456789012:mfa/ExampleName</SerialNumber>\n </VirtualMFADevice>\n </DeleteVirtualMFADeviceResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</DeleteVirtualMFADeviceResponse>\n</queryresponse>\n\t\t</examples>\n\t"
},
"EnableMFADevice": {
"name": "EnableMFADevice",
"input": {
"shape_name": "EnableMFADeviceRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user for whom you want to enable the MFA device.</p>\n\t",
"required": true
},
"SerialNumber": {
"shape_name": "serialNumberType",
"type": "string",
"min_length": 9,
"max_length": 256,
"pattern": "[\\w+=/:,.@-]*",
"documentation": "\n\t\t<p>The serial number that uniquely identifies the MFA device. For virtual MFA devices, the\n\t\t\tserial number is the device ARN.</p>\n\t",
"required": true
},
"AuthenticationCode1": {
"shape_name": "authenticationCodeType",
"type": "string",
"min_length": 6,
"max_length": 6,
"pattern": "[\\d]*",
"documentation": "\n\t\t<p>An authentication code emitted by the device.</p>\n\t",
"required": true
},
"AuthenticationCode2": {
"shape_name": "authenticationCodeType",
"type": "string",
"min_length": 6,
"max_length": 6,
"pattern": "[\\d]*",
"documentation": "\n\t\t<p>A subsequent authentication code emitted by the device.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "EntityAlreadyExistsException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityAlreadyExistsMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create a resource that already exists.</p>\n\t"
},
{
"shape_name": "EntityTemporarilyUnmodifiableException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityTemporarilyUnmodifiableMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that is temporarily unmodifiable,\n\t\t\tsuch as a user name that was deleted and then recreated. The error indicates that the request\n\t\t\tis likely to succeed if you try again after waiting several minutes. The error message\n\t\t\tdescribes the entity.</p>\n\t"
},
{
"shape_name": "InvalidAuthenticationCodeException",
"type": "structure",
"members": {
"message": {
"shape_name": "invalidAuthenticationCodeMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because the authentication code was not recognized. The error\n\t\t\tmessage describes the specific error.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
},
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Enables the specified MFA device and associates it with the specified user name. When\n\t\t\tenabled, the MFA device is required for every subsequent login by the user name associated\n\t\t\twith the device.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=EnableMFADevice\n&UserName=Bob\n&SerialNumber=R1234\n&AuthenticationCode1=234567\n&AuthenticationCode2=987654\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<EnableMFADeviceResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</EnableMFADeviceResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"GenerateCredentialReport": {
"name": "GenerateCredentialReport",
"input": null,
"output": {
"shape_name": "GenerateCredentialReportResponse",
"type": "structure",
"members": {
"State": {
"shape_name": "ReportStateType",
"type": "string",
"enum": [
"STARTED",
"INPROGRESS",
"COMPLETE"
],
"documentation": "\n <p>Information about the state of a credential report.</p>\n "
},
"Description": {
"shape_name": "ReportStateDescriptionType",
"type": "string",
"documentation": "\n <p>Information about the credential report.</p>\n "
}
},
"documentation": "\n <p>Contains the result of a successful invocation of the <a>GenerateCredentialReport</a> action.</p> \n "
},
"errors": [
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n <p>Generates a credential report for the AWS account. For more information about the credential report, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html\">Getting Credential Reports</a> in the <i>Using IAM</i> guide.</p>\n "
},
"GetAccountPasswordPolicy": {
"name": "GetAccountPasswordPolicy",
"input": null,
"output": {
"shape_name": "GetAccountPasswordPolicyResponse",
"type": "structure",
"members": {
"PasswordPolicy": {
"shape_name": "PasswordPolicy",
"type": "structure",
"members": {
"MinimumPasswordLength": {
"shape_name": "minimumPasswordLengthType",
"type": "integer",
"min_length": 6,
"max_length": 128,
"documentation": "\n\t\t<p>Minimum length to require for IAM user passwords.</p>\n\t"
},
"RequireSymbols": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>Specifies whether to require symbols for IAM user passwords.</p>\n\t"
},
"RequireNumbers": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>Specifies whether to require numbers for IAM user passwords.</p>\n\t"
},
"RequireUppercaseCharacters": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>Specifies whether to require uppercase characters for IAM user passwords.</p>\n\t"
},
"RequireLowercaseCharacters": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>Specifies whether to require lowercase characters for IAM user passwords.</p>\n\t"
},
"AllowUsersToChangePassword": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>Specifies whether IAM users are allowed to change their own password.</p>\n\t"
},
"ExpirePasswords": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n <p>Specifies whether IAM users are required to change their password after a specified number of days.</p>\n "
},
"MaxPasswordAge": {
"shape_name": "maxPasswordAgeType",
"type": "integer",
"min_length": 1,
"max_length": 1095,
"box": true,
"documentation": "\n <p>The number of days that an IAM user password is valid.</p>\n "
},
"PasswordReusePrevention": {
"shape_name": "passwordReusePreventionType",
"type": "integer",
"min_length": 1,
"max_length": 24,
"box": true,
"documentation": "\n <p>Specifies the number of previous passwords that IAM users are prevented from reusing.</p>\n "
},
"HardExpiry": {
"shape_name": "booleanObjectType",
"type": "boolean",
"box": true,
"documentation": "\n <p>Specifies whether IAM users are prevented from setting a new password after their password has expired.</p>\n "
}
},
"documentation": "\n\t\t<p>The PasswordPolicy data type contains information about the account password policy.</p>\n\t\t<p> This data type is used as a response element in the action <a>GetAccountPasswordPolicy</a>.\n\t\t</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>GetAccountPasswordPolicy</a>\n\t\t\taction.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Retrieves the password policy for the AWS account. For more information about using a\n\t\t\tpassword policy, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html\">Managing an\n\t\t\t\tIAM Password Policy</a>.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=GetAccountPasswordPolicy\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<GetAccountPasswordPolicyResponse>\n <GetAccountPasswordPolicyResult>\n <PasswordPolicy>\n <MinimumPasswordLength>6</MinimumPasswordLength>,\n <RequireUppercaseCharacters>false</RequireUppercaseCharacters>\n <RequireLowercaseCharacters>false</RequireLowercaseCharacters>\n <RequireNumbers>false</RequireNumbers>\n <RequireSymbols>false</RequireSymbols>\n <AllowUsersToChangePassword>true</AllowUsersToChangePassword>\n </PasswordPolicy>\n </GetAccountPasswordPolicyResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</GetAccountPasswordPolicyResponse>\n</queryresponse>\n\t\t</examples>\n\t"
},
"GetAccountSummary": {
"name": "GetAccountSummary",
"input": null,
"output": {
"shape_name": "GetAccountSummaryResponse",
"type": "structure",
"members": {
"SummaryMap": {
"shape_name": "summaryMapType",
"type": "map",
"keys": {
"shape_name": "summaryKeyType",
"type": "string",
"enum": [
"Users",
"UsersQuota",
"Groups",
"GroupsQuota",
"ServerCertificates",
"ServerCertificatesQuota",
"UserPolicySizeQuota",
"GroupPolicySizeQuota",
"GroupsPerUserQuota",
"SigningCertificatesPerUserQuota",
"AccessKeysPerUserQuota",
"MFADevices",
"MFADevicesInUse",
"AccountMFAEnabled"
],
"documentation": null
},
"members": {
"shape_name": "summaryValueType",
"type": "integer",
"documentation": null
},
"documentation": "\n\t\t<p>A set of key value pairs containing account-level information.</p>\n\t\t<p>\n\t\t\t<code>SummaryMap</code> contains the following keys: <ul>\n\t\t\t\t<li><p><code>AccessKeysPerUserQuota</code> - Maximum number of access keys that can be\n\t\t\t\t\t\tcreated per user</p></li>\n\t\t\t\t<li><p><code>AccountMFAEnabled</code> - 1 if the root account has an MFA device assigned to\n\t\t\t\t\t\tit, 0 otherwise</p></li>\n\t\t\t\t<li><p><code>AssumeRolePolicySizeQuota</code> - Maximum allowed size for assume role policy\n\t\t\t\t\t\tdocuments (in kilobytes) </p></li>\n\t\t\t\t<li><p><code>GroupPolicySizeQuota</code> - Maximum allowed size for Group policy documents\n\t\t\t\t\t\t(in kilobytes)</p></li>\n\t\t\t\t<li><p><code>Groups</code> - Number of Groups for the AWS account</p></li>\n\t\t\t\t<li><p><code>GroupsPerUserQuota</code> - Maximum number of groups a user can belong\n\t\t\t\t\tto</p></li>\n\t\t\t\t<li><p><code>GroupsQuota</code> - Maximum groups allowed for the AWS account</p></li>\n\t\t\t\t<li><p><code>InstanceProfiles</code> - Number of instance profiles for the AWS\n\t\t\t\t\taccount</p></li>\n\t\t\t\t<li><p><code>InstanceProfilesQuota</code> - Maximum instance profiles allowed for the AWS\n\t\t\t\t\t\taccount</p></li>\n\t\t\t\t<li><p><code>MFADevices</code> - Number of MFA devices, either assigned or\n\t\t\t\t\tunassigned</p></li>\n\t\t\t\t<li><p><code>MFADevicesInUse</code> - Number of MFA devices that have been assigned to an\n\t\t\t\t\t\tIAM user or to the root account</p></li>\n\t\t\t\t<li><p><code>RolePolicySizeQuota</code> - Maximum allowed size for role policy documents (in\n\t\t\t\t\t\tkilobytes) </p></li>\n\t\t\t\t<li><p><code>Roles</code> - Number of roles for the AWS account</p></li>\n\t\t\t\t<li><p><code>RolesQuota</code> - Maximum roles allowed for the AWS account</p></li>\n\t\t\t\t<li><p><code>ServerCertificates</code> - Number of server certificates for the AWS\n\t\t\t\t\t\taccount</p></li>\n\t\t\t\t<li><p><code>ServerCertificatesQuota</code> - Maximum server certificates allowed for the\n\t\t\t\t\t\tAWS account</p></li>\n\t\t\t\t<li><p><code>SigningCertificatesPerUserQuota</code> - Maximum number of X509 certificates\n\t\t\t\t\t\tallowed for a user</p></li>\n\t\t\t\t<li><p><code>UserPolicySizeQuota</code> - Maximum allowed size for user policy documents (in\n\t\t\t\t\t\tkilobytes) </p></li>\n\t\t\t\t<li><p><code>Users</code> - Number of users for the AWS account</p></li>\n\t\t\t\t<li><p><code>UsersQuota</code> - Maximum users allowed for the AWS account</p></li>\n\t\t\t</ul>\n\t\t</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>GetAccountSummary</a> action.</p>\n\t"
},
"errors": [],
"documentation": "\n\t\t<p>Retrieves account level information about account entity usage and IAM quotas.</p>\n\t\t<p>For information about limitations on IAM entities, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html\">Limitations on IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=GetAccountSummary\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<GetAccountSummaryResponse>\n <GetAccountSummaryResult>\n <SummaryMap>\n <entry>\n <key>Groups</key>\n <value>31</value>\n </entry>\n <entry>\n <key>GroupsQuota</key>\n <value>50</value>\n </entry>\n <entry>\n <key>UsersQuota</key>\n <value>150</value>\n </entry>\n <entry>\n <key>Users</key>\n <value>35</value>\n </entry>\n <entry>\n <key>GroupPolicySizeQuota</key>\n <value>10240</value>\n </entry>\n <entry>\n <key>AccessKeysPerUserQuota</key>\n <value>2</value>\n </entry>\n <entry>\n <key>GroupsPerUserQuota</key>\n <value>10</value>\n </entry>\n <entry>\n <key>UserPolicySizeQuota</key>\n <value>10240</value>\n </entry>\n <entry>\n <key>SigningCertificatesPerUserQuota</key>\n <value>2</value>\n </entry>\n <entry>\n <key>ServerCertificates</key>\n <value>0</value>\n </entry>\n <entry>\n <key>ServerCertificatesQuota</key>\n <value>10</value>\n </entry>\n <entry>\n <key>AccountMFAEnabled</key>\n <value>0</value>\n </entry>\n <entry>\n <key>MFADevicesInUse</key>\n <value>10</value>\n </entry>\n <entry>\n <key>MFADevices</key>\n <value>20</value>\n </entry>\n </SummaryMap>\n </GetAccountSummaryResult>\n <ResponseMetadata>\n <RequestId>f1e38443-f1ad-11df-b1ef-a9265EXAMPLE</RequestId>\n </ResponseMetadata>\n</GetAccountSummaryResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"GetCredentialReport": {
"name": "GetCredentialReport",
"input": null,
"output": {
"shape_name": "GetCredentialReportResponse",
"type": "structure",
"members": {
"Content": {
"shape_name": "ReportContentType",
"type": "blob",
"documentation": "\n <p>Contains the credential report. The report is Base64-encoded.</p>\n "
},
"ReportFormat": {
"shape_name": "ReportFormatType",
"type": "string",
"enum": [
"text/csv"
],
"documentation": "\n <p>The format (MIME type) of the credential report.</p>\n "
},
"GeneratedTime": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n <p>The time and date when the credential report was created, in <a href=\"http://www.iso.org/iso/iso8601\">ISO 8601 date-time format</a>.</p>\n "
}
},
"documentation": "\n <p>Contains the result of a successful invocation of the <a>GetCredentialReport</a> action.</p> \n "
},
"errors": [
{
"shape_name": "CredentialReportNotPresentException",
"type": "structure",
"members": {
"message": {
"shape_name": "credentialReportNotPresentExceptionMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n <p>The request was rejected because the credential report does not exist. To generate a credential report, use <a>GenerateCredentialReport</a>.</p>\n "
},
{
"shape_name": "CredentialReportExpiredException",
"type": "structure",
"members": {
"message": {
"shape_name": "credentialReportExpiredExceptionMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n <p>The request was rejected because the most recent credential report has expired. To generate a new credential report, use <a>GenerateCredentialReport</a>. For more information about credential report expiration, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html\">Getting Credential Reports</a> in the <i>Using IAM</i> guide.</p> \n "
},
{
"shape_name": "CredentialReportNotReadyException",
"type": "structure",
"members": {
"message": {
"shape_name": "credentialReportNotReadyExceptionMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n <p>The request was rejected because the credential report is still being generated.</p>\n "
}
],
"documentation": "\n <p>Retrieves a credential report for the AWS account. For more information about the credential report, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html\">Getting Credential Reports</a> in the <i>Using IAM</i> guide.</p>\n "
},
"GetGroup": {
"name": "GetGroup",
"input": {
"shape_name": "GetGroupRequest",
"type": "structure",
"members": {
"GroupName": {
"shape_name": "groupNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the group.</p>\n\t",
"required": true
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>Use this only when paginating results, and only in a subsequent request after you've received\n\t\t\ta response where the results are truncated. Set it to the value of the <code>Marker</code>\n\t\t\telement in the response you just received.</p>\n\t"
},
"MaxItems": {
"shape_name": "maxItemsType",
"type": "integer",
"min_length": 1,
"max_length": 1000,
"documentation": "\n\t\t<p>Use this only when paginating results to indicate the maximum number of user names you want\n\t\t\tin the response. If there are additional user names beyond the maximum you specify, the\n\t\t\t\t<code>IsTruncated</code> response element is <code>true</code>. This parameter is optional.\n\t\t\tIf you do not include it, it defaults to 100.</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "GetGroupResponse",
"type": "structure",
"members": {
"Group": {
"shape_name": "Group",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the group. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"GroupName": {
"shape_name": "groupNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name that identifies the group.</p>\n\t",
"required": true
},
"GroupId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the group. For more information about IDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the group. For more information about ARNs and how\n\t\t\tto use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the group was created.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Information about the group.</p>\n\t",
"required": true
},
"Users": {
"shape_name": "userListType",
"type": "list",
"members": {
"shape_name": "User",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the user. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"UserName": {
"shape_name": "userNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name identifying the user.</p>\n\t",
"required": true
},
"UserId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the user. For more information about IDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the user. For more information about ARNs and how\n\t\t\tto use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the user was created.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>The User data type contains information about a user.</p>\n\t\t<p> This data type is used as a response element in the following actions:</p>\n\t\t<ul>\n\t\t\t<li><p><a>CreateUser</a></p></li>\n\t\t\t<li><p><a>GetUser</a></p></li>\n\t\t\t<li><p><a>ListUsers</a></p></li>\n\t\t</ul>\n\t"
},
"documentation": "\n\t\t<p>A list of users in the group.</p>\n\t",
"required": true
},
"IsTruncated": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>A flag that indicates whether there are more user names to list. If your results were\n\t\t\ttruncated, you can make a subsequent pagination request using the <code>Marker</code> request\n\t\t\tparameter to retrieve more user names in the list.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>If IsTruncated is <code>true</code>, then this element is present and contains the value to\n\t\t\tuse for the <code>Marker</code> parameter in a subsequent pagination request.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>GetGroup</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Returns a list of users that are in the specified group. You can paginate the results using\n\t\t\tthe <code>MaxItems</code> and <code>Marker</code> parameters.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=GetGroup\n&GroupName=Admins\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<GetGroupResponse>\n <GetGroupResult>\n <Group>\n <Path>/</Path>\n <GroupName>Admins</GroupName>\n <GroupId>AGPACKCEVSQ6C2EXAMPLE</GroupId>\n <Arn>arn:aws:iam::123456789012:group/Admins</Arn>\n </Group>\n <Users>\n <member>\n <Path>/division_abc/subdivision_xyz/</Path>\n <UserName>Bob</UserName>\n <UserId>AIDACKCEVSQ6C2EXAMPLE</UserId>\n <Arn>\n arn:aws:iam::123456789012:user/division_abc/subdivision_xyz/Bob\n </Arn>\n </member>\n <member>\n <Path>/division_abc/subdivision_xyz/</Path>\n <UserName>Susan</UserName>\n <UserId>AIDACKCEVSQ6C2EXAMPLE</UserId>\n <Arn>\n arn:aws:iam::123456789012:user/division_abc/subdivision_xyz/Susan\n </Arn>\n </member>\n </Users>\n <IsTruncated>false</IsTruncated>\n </GetGroupResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</GetGroupResponse>\n </queryresponse>\n\t\t</examples>\n\t",
"pagination": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "Users",
"non_aggregate_keys": [
"Group"
],
"py_input_token": "marker"
}
},
"GetGroupPolicy": {
"name": "GetGroupPolicy",
"input": {
"shape_name": "GetGroupPolicyRequest",
"type": "structure",
"members": {
"GroupName": {
"shape_name": "groupNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the group the policy is associated with.</p>\n\t",
"required": true
},
"PolicyName": {
"shape_name": "policyNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the policy document to get.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": {
"shape_name": "GetGroupPolicyResponse",
"type": "structure",
"members": {
"GroupName": {
"shape_name": "groupNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The group the policy is associated with.</p>\n\t",
"required": true
},
"PolicyName": {
"shape_name": "policyNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name of the policy.</p>\n\t",
"required": true
},
"PolicyDocument": {
"shape_name": "policyDocumentType",
"type": "string",
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"min_length": 1,
"max_length": 131072,
"documentation": "\n\t\t<p>The policy document.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>GetGroupPolicy</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Retrieves the specified policy document for the specified group. The returned policy is\n\t\t\tURL-encoded according to RFC 3986. For more information about RFC 3986, go to <a href=\"http://www.faqs.org/rfcs/rfc3986.html\">http://www.faqs.org/rfcs/rfc3986.html</a>.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=GetGroupPolicy\n&GroupName=Admins\n&PolicyName=AdminRoot\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<GetGroupPolicyResponse>\n <GetGroupPolicyResult>\n <GroupName>Admins</GroupName>\n <PolicyName>AdminRoot</PolicyName>\n <PolicyDocument>\n {\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}]}\n </PolicyDocument>\n </GetGroupPolicyResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</GetGroupPolicyResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"GetInstanceProfile": {
"name": "GetInstanceProfile",
"input": {
"shape_name": "GetInstanceProfileRequest",
"type": "structure",
"members": {
"InstanceProfileName": {
"shape_name": "instanceProfileNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the instance profile to get information about.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": {
"shape_name": "GetInstanceProfileResponse",
"type": "structure",
"members": {
"InstanceProfile": {
"shape_name": "InstanceProfile",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the instance profile. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"InstanceProfileName": {
"shape_name": "instanceProfileNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name identifying the instance profile.</p>\n\t",
"required": true
},
"InstanceProfileId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the instance profile. For more information about\n\t\t\tIDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the instance profile. For more information about\n\t\t\tARNs and how to use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the instance profile was created.</p>\n\t",
"required": true
},
"Roles": {
"shape_name": "roleListType",
"type": "list",
"members": {
"shape_name": "Role",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the role. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"RoleName": {
"shape_name": "roleNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name identifying the role.</p>\n\t",
"required": true
},
"RoleId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the role. For more information about IDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the role. For more information about ARNs and how\n\t\t\tto use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the role was created.</p>\n\t",
"required": true
},
"AssumeRolePolicyDocument": {
"shape_name": "policyDocumentType",
"type": "string",
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"min_length": 1,
"max_length": 131072,
"documentation": "\n\t\t<p>The policy that grants an entity permission to assume the role.</p>\n\t\t<p>The returned policy is URL-encoded according to RFC 3986. For more information about RFC\n\t\t\t3986, go to <a href=\"http://www.faqs.org/rfcs/rfc3986.html\">http://www.faqs.org/rfcs/rfc3986.html</a>.</p>\n\t"
}
},
"documentation": "\n\t\t<p>The Role data type contains information about a role.</p>\n\t\t<p> This data type is used as a response element in the following actions:</p>\n\t\t<ul>\n\t\t\t<li><p><a>CreateRole</a></p></li>\n\t\t\t<li><p><a>GetRole</a></p></li>\n\t\t\t<li><p><a>ListRoles</a></p></li>\n\t\t</ul>\n\t"
},
"documentation": "\n\t\t<p>The role associated with the instance profile.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Information about the instance profile.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>GetInstanceProfile</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Retrieves information about the specified instance profile, including the instance profile's\n\t\t\tpath, GUID, ARN, and role. For more information about instance profiles, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html\">About Instance\n\t\t\t\tProfiles</a>. For more information about ARNs, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html#Identifiers_ARNs\">ARNs</a>.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=GetInstanceProfile\n&InstanceProfileName=Webserver\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<GetInstanceProfileResponse xmlns=\"https://iam.amazonaws.com/doc/2010-05-08/\">\n <GetInstanceProfileResult>\n <InstanceProfile>\n <InstanceProfileId>AIPAD5ARO2C5EXAMPLE3G</InstanceProfileId>\n <Roles>\n <member>\n <Path>/application_abc/component_xyz/</Path>\n <Arn>arn:aws:iam::123456789012:role/application_abc/component_xyz/S3Access</Arn>\n <RoleName>S3Access</RoleName>\n <AssumeRolePolicyDocument>{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}</AssumeRolePolicyDocument>\n <CreateDate>2012-05-09T15:45:35Z</CreateDate>\n <RoleId>AROACVYKSVTSZFEXAMPLE</RoleId>\n </member>\n </Roles>\n <InstanceProfileName>Webserver</InstanceProfileName>\n <Path>/application_abc/component_xyz/</Path>\n <Arn>arn:aws:iam::123456789012:instance-profile/application_abc/component_xyz/Webserver</Arn>\n <CreateDate>2012-05-09T16:11:10Z</CreateDate>\n </InstanceProfile>\n </GetInstanceProfileResult>\n <ResponseMetadata>\n <RequestId>37289fda-99f2-11e1-a4c3-27EXAMPLE804</RequestId>\n </ResponseMetadata>\n</GetInstanceProfileResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"GetLoginProfile": {
"name": "GetLoginProfile",
"input": {
"shape_name": "GetLoginProfileRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "userNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user whose login profile you want to retrieve.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": {
"shape_name": "GetLoginProfileResponse",
"type": "structure",
"members": {
"LoginProfile": {
"shape_name": "LoginProfile",
"type": "structure",
"members": {
"UserName": {
"shape_name": "userNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name of the user, which can be used for signing in to the AWS Management Console.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the password for the user was created.</p>\n\t",
"required": true
},
"PasswordResetRequired": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n <p>Specifies whether the user is required to set a new password on next sign-in.</p>\n "
}
},
"documentation": "\n\t\t<p>User name and password create date for the user.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>GetLoginProfile</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Retrieves the user name and password-creation date for the specified user. If the user has\n\t\t\tnot been assigned a password, the action returns a 404 (<code>NoSuchEntity</code>) error. </p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=GetLoginProfile\n&UserName=Bob\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<GetLoginProfileResponse>\n <GetLoginProfileResult>\n <LoginProfile>\n <UserName>Bob</UserName>\n <CreateDate>2011-09-19T23:00:56Z</CreateDate>\n </LoginProfile>\n </GetLoginProfileResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</GetLoginProfileResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"GetRole": {
"name": "GetRole",
"input": {
"shape_name": "GetRoleRequest",
"type": "structure",
"members": {
"RoleName": {
"shape_name": "roleNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the role to get information about.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": {
"shape_name": "GetRoleResponse",
"type": "structure",
"members": {
"Role": {
"shape_name": "Role",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the role. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"RoleName": {
"shape_name": "roleNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name identifying the role.</p>\n\t",
"required": true
},
"RoleId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the role. For more information about IDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the role. For more information about ARNs and how\n\t\t\tto use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the role was created.</p>\n\t",
"required": true
},
"AssumeRolePolicyDocument": {
"shape_name": "policyDocumentType",
"type": "string",
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"min_length": 1,
"max_length": 131072,
"documentation": "\n\t\t<p>The policy that grants an entity permission to assume the role.</p>\n\t\t<p>The returned policy is URL-encoded according to RFC 3986. For more information about RFC\n\t\t\t3986, go to <a href=\"http://www.faqs.org/rfcs/rfc3986.html\">http://www.faqs.org/rfcs/rfc3986.html</a>.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Information about the role.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>GetRole</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Retrieves information about the specified role, including the role's path, GUID, ARN, and the\n\t\t\tpolicy granting permission to assume the role. For more information about ARNs, go to\n\t\t\t\t<a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html#Identifiers_ARNs\">ARNs</a>. For more information about roles, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html\">Working with\n\t\t\tRoles</a>.</p>\n\t\t<p>The returned policy is URL-encoded according to RFC 3986. For more information about RFC\n\t\t\t3986, go to <a href=\"http://www.faqs.org/rfcs/rfc3986.html\">http://www.faqs.org/rfcs/rfc3986.html</a>.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=GetRole\n&RoleName=S3Access\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<GetRoleResponse xmlns=\"https://iam.amazonaws.com/doc/2010-05-08/\">\n <GetRoleResult>\n <Role>\n <Path>/application_abc/component_xyz/</Path>\n <Arn>arn:aws:iam::123456789012:role/application_abc/component_xyz/S3Access</Arn>\n <RoleName>S3Access</RoleName>\n <AssumeRolePolicyDocument>{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}</AssumeRolePolicyDocument>\n <CreateDate>2012-05-08T23:34:01Z</CreateDate>\n <RoleId>AROADBQP57FF2AEXAMPLE</RoleId>\n </Role>\n </GetRoleResult>\n <ResponseMetadata>\n <RequestId>df37e965-9967-11e1-a4c3-270EXAMPLE04</RequestId>\n </ResponseMetadata>\n</GetRoleResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"GetRolePolicy": {
"name": "GetRolePolicy",
"input": {
"shape_name": "GetRolePolicyRequest",
"type": "structure",
"members": {
"RoleName": {
"shape_name": "roleNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the role associated with the policy.</p>\n\t",
"required": true
},
"PolicyName": {
"shape_name": "policyNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the policy document to get.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": {
"shape_name": "GetRolePolicyResponse",
"type": "structure",
"members": {
"RoleName": {
"shape_name": "roleNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The role the policy is associated with.</p>\n\t",
"required": true
},
"PolicyName": {
"shape_name": "policyNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name of the policy.</p>\n\t",
"required": true
},
"PolicyDocument": {
"shape_name": "policyDocumentType",
"type": "string",
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"min_length": 1,
"max_length": 131072,
"documentation": "\n\t\t<p>The policy document.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>GetRolePolicy</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Retrieves the specified policy document for the specified role. For more information about\n\t\t\troles, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html\">Working with\n\t\t\t\tRoles</a>.</p>\n\t\t<p>The returned policy is URL-encoded according to RFC 3986. For more information about RFC\n\t\t\t3986, go to <a href=\"http://www.faqs.org/rfcs/rfc3986.html\">http://www.faqs.org/rfcs/rfc3986.html</a>.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=GetRolePolicy\n&PolicyName=S3AccessPolicy\n&RoleName=S3Access\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<GetRolePolicyResponse xmlns=\"https://iam.amazonaws.com/doc/2010-05-08/\">\n <GetRolePolicyResult>\n <PolicyName>S3AccessPolicy</PolicyName>\n <RoleName>S3Access</RoleName>\n <PolicyDocument>{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":[\"s3:*\"],\"Resource\":[\"*\"]}]}</PolicyDocument>\n </GetRolePolicyResult>\n <ResponseMetadata>\n <RequestId>7e7cd8bc-99ef-11e1-a4c3-27EXAMPLE804</RequestId>\n </ResponseMetadata>\n</GetRolePolicyResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"GetSAMLProvider": {
"name": "GetSAMLProvider",
"input": {
"shape_name": "GetSAMLProviderRequest",
"type": "structure",
"members": {
"SAMLProviderArn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) of the SAML provider to get information about.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": {
"shape_name": "GetSAMLProviderResponse",
"type": "structure",
"members": {
"SAMLMetadataDocument": {
"shape_name": "SAMLMetadataDocumentType",
"type": "string",
"min_length": 1000,
"max_length": 10000000,
"documentation": "\n\t\t<p>The XML metadata document that includes information about an identity provider.</p>\n\t"
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date and time when the SAML provider was created.</p>\n\t"
},
"ValidUntil": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The expiration date and time for the SAML provider.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>GetSAMLProvider</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "InvalidInputException",
"type": "structure",
"members": {
"message": {
"shape_name": "invalidInputMessage",
"type": "string",
"documentation": null
}
},
"documentation": null
}
],
"documentation": "\n\t\t<p>Returns the SAML provider metadocument that was uploaded when the provider was created or\n\t\t\tupdated.</p>\n\n\t\t<note>This operation requires <a href=\"http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html\">Signature Version\n\t\t\t4</a>.\n\t\t</note>\n\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=GetSAMLProvider\n&Name=arn:aws:iam::123456789012:saml-metadata/MyUniversity\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<GetSAMLProviderResponse xmlns=\"https://iam.amazonaws.com/doc/2010-05-08/\">\n <GetSAMLProviderResult>\n <CreateDate>2012-05-09T16:27:11Z</CreateDate>\n <ValidUntil>2015-12-31T211:59:59Z</ValidUntil>\n <SAMLMetadataDocument>Pd9fexDssTkRgGNqs...DxptfEs==</SAMLMetadataDocument>\n </GetSAMLProviderResult>\n <ResponseMetadata>\n <RequestId>29f47818-99f5-11e1-a4c3-27EXAMPLE804</RequestId>\n </ResponseMetadata>\n</GetSAMLProviderResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"GetServerCertificate": {
"name": "GetServerCertificate",
"input": {
"shape_name": "GetServerCertificateRequest",
"type": "structure",
"members": {
"ServerCertificateName": {
"shape_name": "serverCertificateNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name of the server certificate you want to retrieve information about.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": {
"shape_name": "GetServerCertificateResponse",
"type": "structure",
"members": {
"ServerCertificate": {
"shape_name": "ServerCertificate",
"type": "structure",
"members": {
"ServerCertificateMetadata": {
"shape_name": "ServerCertificateMetadata",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the server certificate. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"ServerCertificateName": {
"shape_name": "serverCertificateNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name that identifies the server certificate.</p>\n\t",
"required": true
},
"ServerCertificateId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the server certificate. For more information about\n\t\t\tIDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the server certificate. For more information about\n\t\t\tARNs and how to use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"UploadDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the server certificate was uploaded.</p>\n "
},
"Expiration": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n <p>The date on which the certificate is set to expire.</p>\n "
}
},
"documentation": "\n\t\t<p>The meta information of the server certificate, such as its name, path, ID, and ARN.</p>\n\t",
"required": true
},
"CertificateBody": {
"shape_name": "certificateBodyType",
"type": "string",
"min_length": 1,
"max_length": 16384,
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"documentation": "\n\t\t<p>The contents of the public key certificate.</p>\n\t",
"required": true
},
"CertificateChain": {
"shape_name": "certificateChainType",
"type": "string",
"min_length": 1,
"max_length": 2097152,
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>The contents of the public key certificate chain.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Information about the server certificate.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>GetServerCertificate</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Retrieves information about the specified server certificate.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=GetServerCertificate\n&ServerCertificateName=ProdServerCert\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<GetServerCertificateResponse>\n <GetServerCertificateResult>\n <ServerCertificate>\n <ServerCertificateMetadata>\n <ServerCertificateName>ProdServerCert</ServerCertificateName>\n <Path>/company/servercerts/</Path>\n <Arn>arn:aws:iam::123456789012:server-certificate/company/servercerts/ProdServerCert</Arn>\n <UploadDate>2010-05-08T01:02:03.004Z</UploadDate>\n <ServerCertificateId>ASCACKCEVSQ6C2EXAMPLE</ServerCertificateId>\n <Expiration>2012-05-08T01:02:03.004Z</Expiration>\n </ServerCertificateMetadata>\n <CertificateBody>-----BEGIN CERTIFICATE-----\nMIICdzCCAeCgAwIBAgIGANc+Ha2wMA0GCSqGSIb3DQEBBQUAMFMxCzAJBgNVBAYT\nAlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMQwwCgYDVQQLEwNBV1MxITAfBgNVBAMT\nGEFXUyBMaW1pdGVkLUFzc3VyYW5jZSBDQTAeFw0wOTAyMDQxNzE5MjdaFw0xMDAy\nMDQxNzE5MjdaMFIxCzAJBgNVBAYTAlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMRcw\nFQYDVQQLEw5BV1MtRGV2ZWxvcGVyczEVMBMGA1UEAxMMNTdxNDl0c3ZwYjRtMIGf\nMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCpB/vsOwmT/O0td1RqzKjttSBaPjbr\ndqwNe9BrOyB08fw2+Ch5oonZYXfGUrT6mkYXH5fQot9HvASrzAKHO596FdJA6DmL\nywdWe1Oggk7zFSXO1Xv+3vPrJtaYxYo3eRIp7w80PMkiOv6M0XK8ubcTouODeJbf\nsuDqcLnLDxwsvwIDAQABo1cwVTAOBgNVHQ8BAf8EBAMCBaAwFgYDVR0lAQH/BAww\nCgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQULGNaBphBumaKbDRK\nCAi0mH8B3mowDQYJKoZIhvcNAQEFBQADgYEAuKxhkXaCLGcqDuweKtO/AEw9ZePH\nwr0XqsaIK2HZboqruebXEGsojK4Ks0WzwgrEynuHJwTn760xe39rSqXWIOGrOBaX\nwFpWHVjTFMKk+tSDG1lssLHyYWWdFFU4AnejRGORJYNaRHgVTKjHphc5jEhHm0BX\nAEaHzTpmEXAMPLE=\n-----END CERTIFICATE-----\n </CertificateBody>\n </ServerCertificate>\n </GetServerCertificateResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</GetServerCertificateResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"GetUser": {
"name": "GetUser",
"input": {
"shape_name": "GetUserRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user to get information about.</p>\n\t\t<p>This parameter is optional. If it is not included, it defaults to the user making the\n\t\t\trequest.</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "GetUserResponse",
"type": "structure",
"members": {
"User": {
"shape_name": "User",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the user. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"UserName": {
"shape_name": "userNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name identifying the user.</p>\n\t",
"required": true
},
"UserId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the user. For more information about IDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the user. For more information about ARNs and how\n\t\t\tto use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the user was created.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Information about the user.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>GetUser</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Retrieves information about the specified user, including the user's path, unique ID, and\n\t\t\tARN.</p>\n\t\t<p>If you do not specify a user name, IAM determines the user name implicitly based on the AWS\n\t\t\taccess key ID signing the request.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=GetUser\n&UserName=Bob\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<GetUserResponse>\n <GetUserResult>\n <User>\n <Path>/division_abc/subdivision_xyz/</Path>\n <UserName>Bob</UserName>\n <UserId>AIDACKCEVSQ6C2EXAMPLE</UserId>\n <Arn>\n arn:aws:iam::123456789012:user/division_abc/subdivision_xyz/Bob\n </Arn>\n </User>\n </GetUserResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</GetUserResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"GetUserPolicy": {
"name": "GetUserPolicy",
"input": {
"shape_name": "GetUserPolicyRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user who the policy is associated with.</p>\n\t",
"required": true
},
"PolicyName": {
"shape_name": "policyNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the policy document to get.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": {
"shape_name": "GetUserPolicyResponse",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The user the policy is associated with.</p>\n\t",
"required": true
},
"PolicyName": {
"shape_name": "policyNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name of the policy.</p>\n\t",
"required": true
},
"PolicyDocument": {
"shape_name": "policyDocumentType",
"type": "string",
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"min_length": 1,
"max_length": 131072,
"documentation": "\n\t\t<p>The policy document.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>GetUserPolicy</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Retrieves the specified policy document for the specified user. The returned policy is\n\t\t\tURL-encoded according to RFC 3986. For more information about RFC 3986, go to <a href=\"http://www.faqs.org/rfcs/rfc3986.html\">http://www.faqs.org/rfcs/rfc3986.html</a>.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=GetUserPolicy\n&UserName=Bob\n&PolicyName=AllAccessPolicy\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<GetUserPolicyResponse>\n <GetUserPolicyResult>\n <UserName>Bob</UserName>\n <PolicyName>AllAccessPolicy</PolicyName>\n <PolicyDocument>\n {\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}]}\n </PolicyDocument>\n </GetUserPolicyResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</GetUserPolicyResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"ListAccessKeys": {
"name": "ListAccessKeys",
"input": {
"shape_name": "ListAccessKeysRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>Use this parameter only when paginating results, and only in a subsequent request after\n\t\t\tyou've received a response where the results are truncated. Set it to the value of the\n\t\t\t\t<code>Marker</code> element in the response you just received.</p>\n\t"
},
"MaxItems": {
"shape_name": "maxItemsType",
"type": "integer",
"min_length": 1,
"max_length": 1000,
"documentation": "\n\t\t<p>Use this parameter only when paginating results to indicate the maximum number of keys you\n\t\t\twant in the response. If there are additional keys beyond the maximum you specify, the\n\t\t\t\t<code>IsTruncated</code> response element is <code>true</code>. This parameter is optional.\n\t\t\tIf you do not include it, it defaults to 100.</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "ListAccessKeysResponse",
"type": "structure",
"members": {
"AccessKeyMetadata": {
"shape_name": "accessKeyMetadataListType",
"type": "list",
"members": {
"shape_name": "AccessKeyMetadata",
"type": "structure",
"members": {
"UserName": {
"shape_name": "userNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user the key is associated with.</p>\n\t"
},
"AccessKeyId": {
"shape_name": "accessKeyIdType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The ID for this access key.</p>\n\t"
},
"Status": {
"shape_name": "statusType",
"type": "string",
"enum": [
"Active",
"Inactive"
],
"documentation": "\n\t\t<p>The status of the access key. <code>Active</code> means the key is valid for API calls, while\n\t\t\t\t<code>Inactive</code> means it is not.</p>\n\t"
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the access key was created.</p>\n\t"
}
},
"documentation": "\n\t\t<p>The AccessKey data type contains information about an AWS access key, without its secret\n\t\t\tkey.</p>\n\t\t<p> This data type is used as a response element in the action <a>ListAccessKeys</a>. </p>\n\t"
},
"documentation": "\n\t\t<p>A list of access key metadata.</p>\n\t",
"required": true
},
"IsTruncated": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>A flag that indicates whether there are more keys to list. If your results were truncated,\n\t\t\tyou can make a subsequent pagination request using the <code>Marker</code> request parameter\n\t\t\tto retrieve more keys in the list.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>If <code>IsTruncated</code> is <code>true</code>, this element is present and contains the\n\t\t\tvalue to use for the <code>Marker</code> parameter in a subsequent pagination request.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>ListAccessKeys</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Returns information about the access key IDs associated with the specified user. If there are\n\t\t\tnone, the action returns an empty list.</p>\n\t\t<p>Although each user is limited to a small number of keys, you can still paginate the results\n\t\t\tusing the <code>MaxItems</code> and <code>Marker</code> parameters.</p>\n\t\t<p>If the <code>UserName</code> field is not specified, the UserName is determined implicitly\n\t\t\tbased on the AWS access key ID used to sign the request. Because this action works for access\n\t\t\tkeys under the AWS account, this API can be used to manage root credentials even if the AWS\n\t\t\taccount has no associated users.</p>\n\n\t\t<note>To ensure the security of your AWS account, the secret access key is accessible only\n\t\t\tduring key and user creation.</note>\n\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=ListAccessKeys\n&UserName=Bob\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<ListAccessKeysResponse>\n <ListAccessKeysResult>\n <UserName>Bob</UserName>\n <AccessKeyMetadata>\n <member>\n <UserName>Bob</UserName>\n <AccessKeyId>AKIAIOSFODNN7EXAMPLE</AccessKeyId>\n <Status>Active</Status>\n </member>\n <member>\n <UserName>Bob</UserName>\n <AccessKeyId>AKIAI44QH8DHBEXAMPLE</AccessKeyId>\n <Status>Inactive</Status>\n </member>\n </AccessKeyMetadata>\n <IsTruncated>false</IsTruncated>\n </ListAccessKeysResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</ListAccessKeysResponse>\n </queryresponse>\n\t\t</examples>\n\t",
"pagination": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "AccessKeyMetadata",
"py_input_token": "marker"
}
},
"ListAccountAliases": {
"name": "ListAccountAliases",
"input": {
"shape_name": "ListAccountAliasesRequest",
"type": "structure",
"members": {
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>Use this only when paginating results, and only in a subsequent request after you've received\n\t\t\ta response where the results are truncated. Set it to the value of the <code>Marker</code>\n\t\t\telement in the response you just received.</p>\n\t"
},
"MaxItems": {
"shape_name": "maxItemsType",
"type": "integer",
"min_length": 1,
"max_length": 1000,
"documentation": "\n\t\t<p>Use this only when paginating results to indicate the maximum number of account aliases you\n\t\t\twant in the response. If there are additional account aliases beyond the maximum you specify,\n\t\t\tthe <code>IsTruncated</code> response element is <code>true</code>. This parameter is\n\t\t\toptional. If you do not include it, it defaults to 100.</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "ListAccountAliasesResponse",
"type": "structure",
"members": {
"AccountAliases": {
"shape_name": "accountAliasListType",
"type": "list",
"members": {
"shape_name": "accountAliasType",
"type": "string",
"min_length": 3,
"max_length": 63,
"pattern": "^[a-z0-9](([a-z0-9]|-(?!-))*[a-z0-9])?$",
"documentation": null
},
"documentation": "\n\t\t<p>A list of aliases associated with the account.</p>\n\t",
"required": true
},
"IsTruncated": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>A flag that indicates whether there are more account aliases to list. If your results were\n\t\t\ttruncated, you can make a subsequent pagination request using the <code>Marker</code> request\n\t\t\tparameter to retrieve more account aliases in the list.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>Use this only when paginating results, and only in a subsequent request after you've received\n\t\t\ta response where the results are truncated. Set it to the value of the <code>Marker</code>\n\t\t\telement in the response you just received.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>ListAccountAliases</a> action.</p>\n\t"
},
"errors": [],
"documentation": "\n\t\t<p>Lists the account aliases associated with the account. For information about using an AWS\n\t\t\taccount alias, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html\">Using an Alias for Your AWS Account ID</a> in the <i>Using IAM</i> guide.</p>\n\t\t<p>You can paginate the results using the <code>MaxItems</code> and <code>Marker</code>\n\t\t\tparameters.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=ListAccountAliases\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<ListAccountAliasesResponse>\n <ListAccountAliasesResult>\n <IsTruncated>false</IsTruncated>\n <AccountAliases>\n <member>foocorporation</member>\n </AccountAliases>\n </ListAccountAliasesResult>\n <ResponseMetadata>\n <RequestId>c5a076e9-f1b0-11df-8fbe-45274EXAMPLE</RequestId>\n </ResponseMetadata>\n</ListAccountAliasesResponse>\n </queryresponse>\n\t\t</examples>\n\t",
"pagination": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "AccountAliases",
"py_input_token": "marker"
}
},
"ListGroupPolicies": {
"name": "ListGroupPolicies",
"input": {
"shape_name": "ListGroupPoliciesRequest",
"type": "structure",
"members": {
"GroupName": {
"shape_name": "groupNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name of the group to list policies for.</p>\n\t",
"required": true
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>Use this only when paginating results, and only in a subsequent request after you've received\n\t\t\ta response where the results are truncated. Set it to the value of the <code>Marker</code>\n\t\t\telement in the response you just received.</p>\n\t"
},
"MaxItems": {
"shape_name": "maxItemsType",
"type": "integer",
"min_length": 1,
"max_length": 1000,
"documentation": "\n\t\t<p>Use this only when paginating results to indicate the maximum number of policy names you want\n\t\t\tin the response. If there are additional policy names beyond the maximum you specify, the\n\t\t\t\t<code>IsTruncated</code> response element is <code>true</code>. This parameter is optional.\n\t\t\tIf you do not include it, it defaults to 100.</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "ListGroupPoliciesResponse",
"type": "structure",
"members": {
"PolicyNames": {
"shape_name": "policyNameListType",
"type": "list",
"members": {
"shape_name": "policyNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": null
},
"documentation": "\n\t\t<p>A list of policy names.</p>\n\t",
"required": true
},
"IsTruncated": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>A flag that indicates whether there are more policy names to list. If your results were\n\t\t\ttruncated, you can make a subsequent pagination request using the <code>Marker</code> request\n\t\t\tparameter to retrieve more policy names in the list.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>If <code>IsTruncated</code> is <code>true</code>, this element is present and contains the\n\t\t\tvalue to use for the <code>Marker</code> parameter in a subsequent pagination request.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>ListGroupPolicies</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Lists the names of the policies associated with the specified group. If there are none, the\n\t\t\taction returns an empty list.</p>\n\t\t<p>You can paginate the results using the <code>MaxItems</code> and <code>Marker</code>\n\t\t\tparameters.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=ListGroupPolicies\n&GroupName=Admins\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<ListGroupPoliciesResponse>\n <ListGroupPoliciesResult>\n <PolicyNames>\n <member>AdminRoot</member>\n <member>KeyPolicy</member>\n </PolicyNames>\n <IsTruncated>false</IsTruncated>\n </ListGroupPoliciesResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</ListGroupPoliciesResponse>\n </queryresponse>\n\t\t</examples>\n\t",
"pagination": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "PolicyNames",
"py_input_token": "marker"
}
},
"ListGroups": {
"name": "ListGroups",
"input": {
"shape_name": "ListGroupsRequest",
"type": "structure",
"members": {
"PathPrefix": {
"shape_name": "pathPrefixType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "\\u002F[\\u0021-\\u007F]*",
"documentation": "\n\t\t<p>The path prefix for filtering the results. For example:\n\t\t\t\t<code>/division_abc/subdivision_xyz/</code>, which would get all groups whose path starts\n\t\t\twith <code>/division_abc/subdivision_xyz/</code>.</p>\n\t\t<p>This parameter is optional. If it is not included, it defaults to a slash (/), listing all\n\t\t\tgroups.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>Use this only when paginating results, and only in a subsequent request after you've received\n\t\t\ta response where the results are truncated. Set it to the value of the <code>Marker</code>\n\t\t\telement in the response you just received.</p>\n\t"
},
"MaxItems": {
"shape_name": "maxItemsType",
"type": "integer",
"min_length": 1,
"max_length": 1000,
"documentation": "\n\t\t<p>Use this only when paginating results to indicate the maximum number of groups you want in\n\t\t\tthe response. If there are additional groups beyond the maximum you specify, the\n\t\t\t\t<code>IsTruncated</code> response element is <code>true</code>. This parameter is optional.\n\t\t\tIf you do not include it, it defaults to 100.</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "ListGroupsResponse",
"type": "structure",
"members": {
"Groups": {
"shape_name": "groupListType",
"type": "list",
"members": {
"shape_name": "Group",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the group. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"GroupName": {
"shape_name": "groupNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name that identifies the group.</p>\n\t",
"required": true
},
"GroupId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the group. For more information about IDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the group. For more information about ARNs and how\n\t\t\tto use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the group was created.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>The Group data type contains information about a group.</p>\n\t\t<p> This data type is used as a response element in the following actions:</p>\n\t\t<ul>\n\t\t\t<li><a>CreateGroup</a></li>\n\t\t\t<li><a>GetGroup</a></li>\n\t\t\t<li><a>ListGroups</a></li>\n\t\t</ul>\n\t"
},
"documentation": "\n\t\t<p>A list of groups.</p>\n\t",
"required": true
},
"IsTruncated": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>A flag that indicates whether there are more groups to list. If your results were truncated,\n\t\t\tyou can make a subsequent pagination request using the <code>Marker</code> request parameter\n\t\t\tto retrieve more groups in the list.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>If <code>IsTruncated</code> is <code>true</code>, this element is present and contains the\n\t\t\tvalue to use for the <code>Marker</code> parameter in a subsequent pagination request.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>ListGroups</a> action.</p>\n\t"
},
"errors": [],
"documentation": "\n\t\t<p>Lists the groups that have the specified path prefix.</p>\n\t\t<p>You can paginate the results using the <code>MaxItems</code> and <code>Marker</code>\n\t\t\tparameters.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=ListGroups\n&PathPrefix=/division_abc/subdivision_xyz/\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<ListGroupsResponse>\n <ListGroupsResult>\n <Groups>\n <member>\n <Path>/division_abc/subdivision_xyz/</Path>\n <GroupName>Admins</GroupName>\n <GroupId>AGPACKCEVSQ6C2EXAMPLE</GroupId>\n <Arn>arn:aws:iam::123456789012:group/Admins</Arn>\n </member>\n <member>\n <Path>/division_abc/subdivision_xyz/product_1234/engineering/\n </Path>\n <GroupName>Test</GroupName>\n <GroupId>AGP2MAB8DPLSRHEXAMPLE</GroupId>\n <Arn>arn:aws:iam::123456789012:group\n /division_abc/subdivision_xyz/product_1234/engineering/Test</Arn>\n </member>\n <member>\n <Path>/division_abc/subdivision_xyz/product_1234/</Path>\n <GroupName>Managers</GroupName>\n <GroupId>AGPIODR4TAW7CSEXAMPLE</GroupId>\n <Arn>arn:aws:iam::123456789012\n :group/division_abc/subdivision_xyz/product_1234/Managers</Arn>\n </member>\n </Groups>\n <IsTruncated>false</IsTruncated>\n </ListGroupsResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</ListGroupsResponse>\n </queryresponse>\n\t\t</examples>\n\t",
"pagination": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "Groups",
"py_input_token": "marker"
}
},
"ListGroupsForUser": {
"name": "ListGroupsForUser",
"input": {
"shape_name": "ListGroupsForUserRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name of the user to list groups for.</p>\n\t",
"required": true
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>Use this only when paginating results, and only in a subsequent request after you've received\n\t\t\ta response where the results are truncated. Set it to the value of the <code>Marker</code>\n\t\t\telement in the response you just received.</p>\n\t"
},
"MaxItems": {
"shape_name": "maxItemsType",
"type": "integer",
"min_length": 1,
"max_length": 1000,
"documentation": "\n\t\t<p>Use this only when paginating results to indicate the maximum number of groups you want in\n\t\t\tthe response. If there are additional groups beyond the maximum you specify, the\n\t\t\t\t<code>IsTruncated</code> response element is <code>true</code>. This parameter is optional.\n\t\t\tIf you do not include it, it defaults to 100.</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "ListGroupsForUserResponse",
"type": "structure",
"members": {
"Groups": {
"shape_name": "groupListType",
"type": "list",
"members": {
"shape_name": "Group",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the group. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"GroupName": {
"shape_name": "groupNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name that identifies the group.</p>\n\t",
"required": true
},
"GroupId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the group. For more information about IDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the group. For more information about ARNs and how\n\t\t\tto use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the group was created.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>The Group data type contains information about a group.</p>\n\t\t<p> This data type is used as a response element in the following actions:</p>\n\t\t<ul>\n\t\t\t<li><a>CreateGroup</a></li>\n\t\t\t<li><a>GetGroup</a></li>\n\t\t\t<li><a>ListGroups</a></li>\n\t\t</ul>\n\t"
},
"documentation": "\n\t\t<p>A list of groups.</p>\n\t",
"required": true
},
"IsTruncated": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>A flag that indicates whether there are more groups to list. If your results were truncated,\n\t\t\tyou can make a subsequent pagination request using the <code>Marker</code> request parameter\n\t\t\tto retrieve more groups in the list.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>If <code>IsTruncated</code> is <code>true</code>, this element is present and contains the\n\t\t\tvalue to use for the <code>Marker</code> parameter in a subsequent pagination request.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>ListGroupsForUser</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Lists the groups the specified user belongs to.</p>\n\t\t<p>You can paginate the results using the <code>MaxItems</code> and <code>Marker</code>\n\t\t\tparameters.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\n\t\t\t\t\nhttps://iam.amazonaws.com/\n?Action=ListGroupsForUser\n&UserName=Bob\n&AUTHPARAMS\n \n\t\t\t</queryrequest>\n\t\t\t<queryresponse>\n\t\t\t\t\n<ListGroupsForUserResponse>\n <ListGroupsForUserResult>\n <Groups>\n <member>\n <Path>/</Path>\n <GroupName>Admins</GroupName>\n <GroupId>AGPACKCEVSQ6C2EXAMPLE</GroupId>\n <Arn>arn:aws:iam::123456789012:group/Admins</Arn>\n </member>\n </Groups>\n <IsTruncated>false</IsTruncated>\n </ListGroupsForUserResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</ListGroupsForUserResponse>\n</queryresponse>\n\t\t</examples>\n\t",
"pagination": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "Groups",
"py_input_token": "marker"
}
},
"ListInstanceProfiles": {
"name": "ListInstanceProfiles",
"input": {
"shape_name": "ListInstanceProfilesRequest",
"type": "structure",
"members": {
"PathPrefix": {
"shape_name": "pathPrefixType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "\\u002F[\\u0021-\\u007F]*",
"documentation": "\n\t\t<p>The path prefix for filtering the results. For example:\n\t\t\t\t<code>/application_abc/component_xyz/</code>, which would get all instance profiles whose\n\t\t\tpath starts with <code>/application_abc/component_xyz/</code>.</p>\n\t\t<p>This parameter is optional. If it is not included, it defaults to a slash (/), listing all\n\t\t\tinstance profiles.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>Use this parameter only when paginating results, and only in a subsequent request after\n\t\t\tyou've received a response where the results are truncated. Set it to the value of the\n\t\t\t\t<code>Marker</code> element in the response you just received.</p>\n\t"
},
"MaxItems": {
"shape_name": "maxItemsType",
"type": "integer",
"min_length": 1,
"max_length": 1000,
"documentation": "\n\t\t<p>Use this parameter only when paginating results to indicate the maximum number of user names\n\t\t\tyou want in the response. If there are additional user names beyond the maximum you specify,\n\t\t\tthe <code>IsTruncated</code> response element is <code>true</code>. This parameter is\n\t\t\toptional. If you do not include it, it defaults to 100.</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "ListInstanceProfilesResponse",
"type": "structure",
"members": {
"InstanceProfiles": {
"shape_name": "instanceProfileListType",
"type": "list",
"members": {
"shape_name": "InstanceProfile",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the instance profile. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"InstanceProfileName": {
"shape_name": "instanceProfileNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name identifying the instance profile.</p>\n\t",
"required": true
},
"InstanceProfileId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the instance profile. For more information about\n\t\t\tIDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the instance profile. For more information about\n\t\t\tARNs and how to use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the instance profile was created.</p>\n\t",
"required": true
},
"Roles": {
"shape_name": "roleListType",
"type": "list",
"members": {
"shape_name": "Role",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the role. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"RoleName": {
"shape_name": "roleNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name identifying the role.</p>\n\t",
"required": true
},
"RoleId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the role. For more information about IDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the role. For more information about ARNs and how\n\t\t\tto use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the role was created.</p>\n\t",
"required": true
},
"AssumeRolePolicyDocument": {
"shape_name": "policyDocumentType",
"type": "string",
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"min_length": 1,
"max_length": 131072,
"documentation": "\n\t\t<p>The policy that grants an entity permission to assume the role.</p>\n\t\t<p>The returned policy is URL-encoded according to RFC 3986. For more information about RFC\n\t\t\t3986, go to <a href=\"http://www.faqs.org/rfcs/rfc3986.html\">http://www.faqs.org/rfcs/rfc3986.html</a>.</p>\n\t"
}
},
"documentation": "\n\t\t<p>The Role data type contains information about a role.</p>\n\t\t<p> This data type is used as a response element in the following actions:</p>\n\t\t<ul>\n\t\t\t<li><p><a>CreateRole</a></p></li>\n\t\t\t<li><p><a>GetRole</a></p></li>\n\t\t\t<li><p><a>ListRoles</a></p></li>\n\t\t</ul>\n\t"
},
"documentation": "\n\t\t<p>The role associated with the instance profile.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>The InstanceProfile data type contains information about an instance profile.</p>\n\t\t<p> This data type is used as a response element in the following actions:</p>\n\t\t<ul>\n\t\t\t<li><p><a>CreateInstanceProfile</a></p></li>\n\t\t\t<li><p><a>GetInstanceProfile</a></p></li>\n\t\t\t<li><p><a>ListInstanceProfiles</a></p></li>\n\t\t\t<li><p><a>ListInstanceProfilesForRole</a></p></li>\n\t\t</ul>\n\t"
},
"documentation": "\n\t\t<p>A list of instance profiles.</p>\n\t",
"required": true
},
"IsTruncated": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>A flag that indicates whether there are more instance profiles to list. If your results were\n\t\t\ttruncated, you can make a subsequent pagination request using the <code>Marker</code> request\n\t\t\tparameter to retrieve more instance profiles in the list.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>If <code>IsTruncated</code> is <code>true</code>, this element is present and contains the\n\t\t\tvalue to use for the <code>Marker</code> parameter in a subsequent pagination request.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>ListInstanceProfiles</a> action.</p>\n\t"
},
"errors": [],
"documentation": "\n\t\t<p>Lists the instance profiles that have the specified path prefix. If there are none, the\n\t\t\taction returns an empty list. For more information about instance profiles, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html\">About Instance\n\t\t\t\tProfiles</a>.</p>\n\t\t<p>You can paginate the results using the <code>MaxItems</code> and <code>Marker</code>\n\t\t\tparameters.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=ListInstanceProfiles\n&MaxItems=100\n&PathPrefix=/application_abc/\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<ListInstanceProfilesResponse xmlns=\"https://iam.amazonaws.com/doc/2010-05-08/\">\n <ListInstanceProfilesResult>\n <IsTruncated>false</IsTruncated>\n <InstanceProfiles>\n <member>\n <Id>AIPACIFN4OZXG7EXAMPLE</Id>\n <Roles/>\n <InstanceProfileName>Database</InstanceProfileName>\n <Path>/application_abc/component_xyz/</Path>\n <Arn>arn:aws:iam::123456789012:instance-profile/application_abc/component_xyz/Database</Arn>\n <CreateDate>2012-05-09T16:27:03Z</CreateDate>\n </member>\n <member>\n <Id>AIPACZLSXM2EYYEXAMPLE</Id>\n <Roles/>\n <InstanceProfileName>Webserver</InstanceProfileName>\n <Path>/application_abc/component_xyz/</Path>\n <Arn>arn:aws:iam::123456789012:instance-profile/application_abc/component_xyz/Webserver</Arn>\n <CreateDate>2012-05-09T16:27:11Z</CreateDate>\n </member>\n </InstanceProfiles>\n </ListInstanceProfilesResult>\n <ResponseMetadata>\n <RequestId>fd74fa8d-99f3-11e1-a4c3-27EXAMPLE804</RequestId>\n </ResponseMetadata>\n</ListInstanceProfilesResponse>\n </queryresponse>\n\t\t</examples>\n\t",
"pagination": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "InstanceProfiles",
"py_input_token": "marker"
}
},
"ListInstanceProfilesForRole": {
"name": "ListInstanceProfilesForRole",
"input": {
"shape_name": "ListInstanceProfilesForRoleRequest",
"type": "structure",
"members": {
"RoleName": {
"shape_name": "roleNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name of the role to list instance profiles for.</p>\n\t",
"required": true
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>Use this parameter only when paginating results, and only in a subsequent request after\n\t\t\tyou've received a response where the results are truncated. Set it to the value of the\n\t\t\t\t<code>Marker</code> element in the response you just received.</p>\n\t"
},
"MaxItems": {
"shape_name": "maxItemsType",
"type": "integer",
"min_length": 1,
"max_length": 1000,
"documentation": "\n\t\t<p>Use this parameter only when paginating results to indicate the maximum number of user names\n\t\t\tyou want in the response. If there are additional user names beyond the maximum you specify,\n\t\t\tthe <code>IsTruncated</code> response element is <code>true</code>. This parameter is\n\t\t\toptional. If you do not include it, it defaults to 100.</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "ListInstanceProfilesForRoleResponse",
"type": "structure",
"members": {
"InstanceProfiles": {
"shape_name": "instanceProfileListType",
"type": "list",
"members": {
"shape_name": "InstanceProfile",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the instance profile. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"InstanceProfileName": {
"shape_name": "instanceProfileNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name identifying the instance profile.</p>\n\t",
"required": true
},
"InstanceProfileId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the instance profile. For more information about\n\t\t\tIDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the instance profile. For more information about\n\t\t\tARNs and how to use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the instance profile was created.</p>\n\t",
"required": true
},
"Roles": {
"shape_name": "roleListType",
"type": "list",
"members": {
"shape_name": "Role",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the role. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"RoleName": {
"shape_name": "roleNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name identifying the role.</p>\n\t",
"required": true
},
"RoleId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the role. For more information about IDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the role. For more information about ARNs and how\n\t\t\tto use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the role was created.</p>\n\t",
"required": true
},
"AssumeRolePolicyDocument": {
"shape_name": "policyDocumentType",
"type": "string",
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"min_length": 1,
"max_length": 131072,
"documentation": "\n\t\t<p>The policy that grants an entity permission to assume the role.</p>\n\t\t<p>The returned policy is URL-encoded according to RFC 3986. For more information about RFC\n\t\t\t3986, go to <a href=\"http://www.faqs.org/rfcs/rfc3986.html\">http://www.faqs.org/rfcs/rfc3986.html</a>.</p>\n\t"
}
},
"documentation": "\n\t\t<p>The Role data type contains information about a role.</p>\n\t\t<p> This data type is used as a response element in the following actions:</p>\n\t\t<ul>\n\t\t\t<li><p><a>CreateRole</a></p></li>\n\t\t\t<li><p><a>GetRole</a></p></li>\n\t\t\t<li><p><a>ListRoles</a></p></li>\n\t\t</ul>\n\t"
},
"documentation": "\n\t\t<p>The role associated with the instance profile.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>The InstanceProfile data type contains information about an instance profile.</p>\n\t\t<p> This data type is used as a response element in the following actions:</p>\n\t\t<ul>\n\t\t\t<li><p><a>CreateInstanceProfile</a></p></li>\n\t\t\t<li><p><a>GetInstanceProfile</a></p></li>\n\t\t\t<li><p><a>ListInstanceProfiles</a></p></li>\n\t\t\t<li><p><a>ListInstanceProfilesForRole</a></p></li>\n\t\t</ul>\n\t"
},
"documentation": "\n\t\t<p>A list of instance profiles.</p>\n\t",
"required": true
},
"IsTruncated": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>A flag that indicates whether there are more instance profiles to list. If your results were\n\t\t\ttruncated, you can make a subsequent pagination request using the <code>Marker</code> request\n\t\t\tparameter to retrieve more instance profiles in the list.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>If <code>IsTruncated</code> is <code>true</code>, this element is present and contains the\n\t\t\tvalue to use for the <code>Marker</code> parameter in a subsequent pagination request.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>ListInstanceProfilesForRole</a>\n\t\t\taction.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Lists the instance profiles that have the specified associated role. If there are none, the\n\t\t\taction returns an empty list. For more information about instance profiles, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html\">About Instance\n\t\t\t\tProfiles</a>.</p>\n\t\t<p>You can paginate the results using the <code>MaxItems</code> and <code>Marker</code>\n\t\t\tparameters.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=ListInstanceProfilesForRole\n&MaxItems=100\n&RoleName=S3Access\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<ListInstanceProfilesForRoleResponse xmlns=\"https://iam.amazonaws.com/doc/2010-05-08/\">\n <ListInstanceProfilesForRoleResult>\n <IsTruncated>false</IsTruncated>\n <InstanceProfiles>\n <member>\n <Id>AIPACZLS2EYYXMEXAMPLE</Id>\n <Roles>\n <member>\n <Path>/application_abc/component_xyz/</Path>\n <Arn>arn:aws:iam::123456789012:role/application_abc/component_xyz/S3Access</Arn>\n <RoleName>S3Access</RoleName>\n <AssumeRolePolicyDocument>{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}</AssumeRolePolicyDocument>\n <CreateDate>2012-05-09T15:45:35Z</CreateDate>\n <RoleId>AROACVSVTSZYK3EXAMPLE</RoleId>\n </member>\n </Roles>\n <InstanceProfileName>Webserver</InstanceProfileName>\n <Path>/application_abc/component_xyz/</Path>\n <Arn>arn:aws:iam::123456789012:instance-profile/application_abc/component_xyz/Webserver</Arn>\n <CreateDate>2012-05-09T16:27:11Z</CreateDate>\n </member>\n </InstanceProfiles>\n </ListInstanceProfilesForRoleResult>\n <ResponseMetadata>\n <RequestId>6a8c3992-99f4-11e1-a4c3-27EXAMPLE804</RequestId>\n </ResponseMetadata>\n</ListInstanceProfilesForRoleResponse>\n\n </queryresponse>\n\t\t</examples>\n\t",
"pagination": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "InstanceProfiles",
"py_input_token": "marker"
}
},
"ListMFADevices": {
"name": "ListMFADevices",
"input": {
"shape_name": "ListMFADevicesRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user whose MFA devices you want to list.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>Use this only when paginating results, and only in a subsequent request after you've received\n\t\t\ta response where the results are truncated. Set it to the value of the <code>Marker</code>\n\t\t\telement in the response you just received.</p>\n\t"
},
"MaxItems": {
"shape_name": "maxItemsType",
"type": "integer",
"min_length": 1,
"max_length": 1000,
"documentation": "\n\t\t<p>Use this only when paginating results to indicate the maximum number of MFA devices you want\n\t\t\tin the response. If there are additional MFA devices beyond the maximum you specify, the\n\t\t\t\t<code>IsTruncated</code> response element is <code>true</code>. This parameter is optional.\n\t\t\tIf you do not include it, it defaults to 100.</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "ListMFADevicesResponse",
"type": "structure",
"members": {
"MFADevices": {
"shape_name": "mfaDeviceListType",
"type": "list",
"members": {
"shape_name": "MFADevice",
"type": "structure",
"members": {
"UserName": {
"shape_name": "userNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The user with whom the MFA device is associated.</p>\n\t",
"required": true
},
"SerialNumber": {
"shape_name": "serialNumberType",
"type": "string",
"min_length": 9,
"max_length": 256,
"pattern": "[\\w+=/:,.@-]*",
"documentation": "\n\t\t<p>The serial number that uniquely identifies the MFA device. For virtual MFA devices, the\n\t\t\tserial number is the device ARN.</p>\n\t",
"required": true
},
"EnableDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the MFA device was enabled for the user.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>The <code>MFADevice</code> data type contains information about an MFA device.</p>\n\t\t<p> This data type is used as a response element in the action <a>ListMFADevices</a>. </p>\n\t"
},
"documentation": "\n\t\t<p>A list of MFA devices.</p>\n\t",
"required": true
},
"IsTruncated": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>A flag that indicates whether there are more MFA devices to list. If your results were\n\t\t\ttruncated, you can make a subsequent pagination request using the <code>Marker</code> request\n\t\t\tparameter to retrieve more MFA devices in the list.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>If <code>IsTruncated</code> is <code>true</code>, this element is present and contains the\n\t\t\tvalue to use for the <code>Marker</code> parameter in a subsequent pagination request.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>ListMFADevices</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Lists the MFA devices. If the request includes the user name, then this action lists all the\n\t\t\tMFA devices associated with the specified user name. If you do not specify a user name, IAM\n\t\t\tdetermines the user name implicitly based on the AWS access key ID signing the request.</p>\n\t\t<p>You can paginate the results using the <code>MaxItems</code> and <code>Marker</code>\n\t\t\tparameters.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=ListMFADevices\n&UserName=Bob\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<ListMFADevicesResponse>\n <ListMFADevicesResult>\n <MFADevices>\n <member>\n <UserName>Bob</UserName>\n <SerialNumber>R1234</SerialNumber>\n </member>\n </MFADevices>\n <IsTruncated>false</IsTruncated>\n </ListMFADevicesResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</ListMFADevicesResponse>\n </queryresponse>\n\t\t</examples>\n\t",
"pagination": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "MFADevices",
"py_input_token": "marker"
}
},
"ListRolePolicies": {
"name": "ListRolePolicies",
"input": {
"shape_name": "ListRolePoliciesRequest",
"type": "structure",
"members": {
"RoleName": {
"shape_name": "roleNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name of the role to list policies for.</p>\n\t",
"required": true
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>Use this parameter only when paginating results, and only in a subsequent request after\n\t\t\tyou've received a response where the results are truncated. Set it to the value of the\n\t\t\t\t<code>Marker</code> element in the response you just received.</p>\n\t"
},
"MaxItems": {
"shape_name": "maxItemsType",
"type": "integer",
"min_length": 1,
"max_length": 1000,
"documentation": "\n\t\t<p>Use this parameter only when paginating results to indicate the maximum number of user names\n\t\t\tyou want in the response. If there are additional user names beyond the maximum you specify,\n\t\t\tthe <code>IsTruncated</code> response element is <code>true</code>. This parameter is\n\t\t\toptional. If you do not include it, it defaults to 100.</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "ListRolePoliciesResponse",
"type": "structure",
"members": {
"PolicyNames": {
"shape_name": "policyNameListType",
"type": "list",
"members": {
"shape_name": "policyNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": null
},
"documentation": "\n\t\t<p>A list of policy names.</p>\n\t",
"required": true
},
"IsTruncated": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>A flag that indicates whether there are more policy names to list. If your results were\n\t\t\ttruncated, you can make a subsequent pagination request using the <code>Marker</code> request\n\t\t\tparameter to retrieve more policy names in the list.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>If <code>IsTruncated</code> is <code>true</code>, this element is present and contains the\n\t\t\tvalue to use for the <code>Marker</code> parameter in a subsequent pagination request.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>ListRolePolicies</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Lists the names of the policies associated with the specified role. If there are none, the\n\t\t\taction returns an empty list.</p>\n\t\t<p>You can paginate the results using the <code>MaxItems</code> and <code>Marker</code>\n\t\t\tparameters.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=ListRolePolicies\n&MaxItems=100\n&RoleName=S3Access\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<ListRolePoliciesResponse xmlns=\"https://iam.amazonaws.com/doc/2010-05-08/\">\n <ListRolePoliciesResult>\n <PolicyNames>\n <member>CloudwatchPutMetricPolicy</member>\n <member>S3AccessPolicy</member>\n </PolicyNames>\n <IsTruncated>false</IsTruncated>\n </ListRolePoliciesResult>\n <ResponseMetadata>\n <RequestId>8c7e1816-99f0-11e1-a4c3-27EXAMPLE804</RequestId>\n </ResponseMetadata>\n</ListRolePoliciesResponse>\n </queryresponse>\n\t\t</examples>\n\t",
"pagination": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "PolicyNames",
"py_input_token": "marker"
}
},
"ListRoles": {
"name": "ListRoles",
"input": {
"shape_name": "ListRolesRequest",
"type": "structure",
"members": {
"PathPrefix": {
"shape_name": "pathPrefixType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "\\u002F[\\u0021-\\u007F]*",
"documentation": "\n\t\t<p>The path prefix for filtering the results. For example:\n\t\t\t\t<code>/application_abc/component_xyz/</code>, which would get all roles whose path starts\n\t\t\twith <code>/application_abc/component_xyz/</code>.</p>\n\t\t<p>This parameter is optional. If it is not included, it defaults to a slash (/), listing all\n\t\t\troles.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>Use this parameter only when paginating results, and only in a subsequent request after\n\t\t\tyou've received a response where the results are truncated. Set it to the value of the\n\t\t\t\t<code>Marker</code> element in the response you just received.</p>\n\t"
},
"MaxItems": {
"shape_name": "maxItemsType",
"type": "integer",
"min_length": 1,
"max_length": 1000,
"documentation": "\n\t\t<p>Use this parameter only when paginating results to indicate the maximum number of user names\n\t\t\tyou want in the response. If there are additional user names beyond the maximum you specify,\n\t\t\tthe <code>IsTruncated</code> response element is <code>true</code>. This parameter is\n\t\t\toptional. If you do not include it, it defaults to 100.</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "ListRolesResponse",
"type": "structure",
"members": {
"Roles": {
"shape_name": "roleListType",
"type": "list",
"members": {
"shape_name": "Role",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the role. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"RoleName": {
"shape_name": "roleNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name identifying the role.</p>\n\t",
"required": true
},
"RoleId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the role. For more information about IDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the role. For more information about ARNs and how\n\t\t\tto use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the role was created.</p>\n\t",
"required": true
},
"AssumeRolePolicyDocument": {
"shape_name": "policyDocumentType",
"type": "string",
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"min_length": 1,
"max_length": 131072,
"documentation": "\n\t\t<p>The policy that grants an entity permission to assume the role.</p>\n\t\t<p>The returned policy is URL-encoded according to RFC 3986. For more information about RFC\n\t\t\t3986, go to <a href=\"http://www.faqs.org/rfcs/rfc3986.html\">http://www.faqs.org/rfcs/rfc3986.html</a>.</p>\n\t"
}
},
"documentation": "\n\t\t<p>The Role data type contains information about a role.</p>\n\t\t<p> This data type is used as a response element in the following actions:</p>\n\t\t<ul>\n\t\t\t<li><p><a>CreateRole</a></p></li>\n\t\t\t<li><p><a>GetRole</a></p></li>\n\t\t\t<li><p><a>ListRoles</a></p></li>\n\t\t</ul>\n\t"
},
"documentation": "\n\t\t<p>A list of roles.</p>\n\t",
"required": true
},
"IsTruncated": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>A flag that indicates whether there are more roles to list. If your results were truncated,\n\t\t\tyou can make a subsequent pagination request using the <code>Marker</code> request parameter\n\t\t\tto retrieve more roles in the list.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>If <code>IsTruncated</code> is <code>true</code>, this element is present and contains the\n\t\t\tvalue to use for the <code>Marker</code> parameter in a subsequent pagination request.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>ListRoles</a> action.</p>\n\t"
},
"errors": [],
"documentation": "\n\t\t<p>Lists the roles that have the specified path prefix. If there are none, the action returns an\n\t\t\tempty list. For more information about roles, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html\">Working with\n\t\t\tRoles</a>.</p>\n\t\t<p>You can paginate the results using the <code>MaxItems</code> and <code>Marker</code>\n\t\t\tparameters.</p>\n\t\t<p>The returned policy is URL-encoded according to RFC 3986. For more information about RFC\n\t\t\t3986, go to <a href=\"http://www.faqs.org/rfcs/rfc3986.html\">http://www.faqs.org/rfcs/rfc3986.html</a>.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=ListRoles\n&MaxItems=100\n&PathPrefix=/application_abc/\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<ListRolesResponse xmlns=\"https://iam.amazonaws.com/doc/2010-05-08/\">\n <ListRolesResult>\n <IsTruncated>false</IsTruncated>\n <Roles>\n <member>\n <Path>/application_abc/component_xyz/</Path>\n <Arn>arn:aws:iam::123456789012:role/application_abc/component_xyz/S3Access</Arn>\n <RoleName>S3Access</RoleName>\n <AssumeRolePolicyDocument>{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}</AssumeRolePolicyDocument>\n <CreateDate>2012-05-09T15:45:35Z</CreateDate>\n <RoleId>AROACVSVTSZYEXAMPLEYK</RoleId>\n </member>\n <member>\n <Path>/application_abc/component_xyz/</Path>\n <Arn>arn:aws:iam::123456789012:role/application_abc/component_xyz/SDBAccess</Arn>\n <RoleName>SDBAccess</RoleName>\n <AssumeRolePolicyDocument>{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}</AssumeRolePolicyDocument>\n <CreateDate>2012-05-09T15:45:45Z</CreateDate>\n <RoleId>AROAC2ICXG32EXAMPLEWK</RoleId>\n </member>\n </Roles>\n </ListRolesResult>\n <ResponseMetadata>\n <RequestId>20f7279f-99ee-11e1-a4c3-27EXAMPLE804</RequestId>\n </ResponseMetadata>\n</ListRolesResponse>\n </queryresponse>\n\t\t</examples>\n\t",
"pagination": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "Roles",
"py_input_token": "marker"
}
},
"ListSAMLProviders": {
"name": "ListSAMLProviders",
"input": {
"shape_name": "ListSAMLProvidersRequest",
"type": "structure",
"members": {},
"documentation": " "
},
"output": {
"shape_name": "ListSAMLProvidersResponse",
"type": "structure",
"members": {
"SAMLProviderList": {
"shape_name": "SAMLProviderListType",
"type": "list",
"members": {
"shape_name": "SAMLProviderListEntry",
"type": "structure",
"members": {
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) of the SAML provider.</p>\n\t"
},
"ValidUntil": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The expiration date and time for the SAML provider.</p>\n\t"
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date and time when the SAML provider was created.</p>\n\t"
}
},
"documentation": "\n\t\t<p>The list of SAML providers for this account.</p>\n\t"
},
"documentation": "\n\t\t<p>The list of SAML providers for this account.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>ListSAMLProviders</a> action.</p>\n\t"
},
"errors": [],
"documentation": "\n\t\t<p>Lists the SAML providers in the account.</p>\n\n\t\t<note>This operation requires <a href=\"http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html\">Signature Version\n\t\t\t4</a>.</note>\n\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=ListSAMLProviders\n&MaxItems=100\n&PathPrefix=/application_abc/\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<ListSAMLProvidersResponse xmlns=\"https://iam.amazonaws.com/doc/2010-05-08/\">\n <ListSAMLProvidersResult>\n <SAMLProviderList>\n <member>\n <Arn>arn:aws:iam::123456789012:instance-profile/application_abc/component_xyz/Database</Arn>\n <ValidUntil>2032-05-09T16:27:11Z</ValidUntil>\n <CreateDate>2012-05-09T16:27:03Z</CreateDate>\n </member>\n <member>\n <Arn>arn:aws:iam::123456789012:instance-profile/application_abc/component_xyz/Webserver</Arn>\n <ValidUntil>2015-03-11T13:11:02Z</ValidUntil>\n <CreateDate>2012-05-09T16:27:11Z</CreateDate>\n </member>\n </SAMLProviderList>\n </ListSAMLProvidersResult>\n <ResponseMetadata>\n <RequestId>fd74fa8d-99f3-11e1-a4c3-27EXAMPLE804</RequestId>\n </ResponseMetadata>\n</ListSAMLProvidersResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"ListServerCertificates": {
"name": "ListServerCertificates",
"input": {
"shape_name": "ListServerCertificatesRequest",
"type": "structure",
"members": {
"PathPrefix": {
"shape_name": "pathPrefixType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "\\u002F[\\u0021-\\u007F]*",
"documentation": "\n\t\t<p>The path prefix for filtering the results. For example: <code>/company/servercerts</code>\n\t\t\twould get all server certificates for which the path starts with\n\t\t\t\t<code>/company/servercerts</code>.</p>\n\t\t<p>This parameter is optional. If it is not included, it defaults to a slash (/), listing all\n\t\t\tserver certificates.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>Use this only when paginating results, and only in a subsequent request after you've received\n\t\t\ta response where the results are truncated. Set it to the value of the <code>Marker</code>\n\t\t\telement in the response you just received.</p>\n\t"
},
"MaxItems": {
"shape_name": "maxItemsType",
"type": "integer",
"min_length": 1,
"max_length": 1000,
"documentation": "\n\t\t<p>Use this only when paginating results to indicate the maximum number of server certificates\n\t\t\tyou want in the response. If there are additional server certificates beyond the maximum you\n\t\t\tspecify, the <code>IsTruncated</code> response element will be set to <code>true</code>. This\n\t\t\tparameter is optional. If you do not include it, it defaults to 100.</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "ListServerCertificatesResponse",
"type": "structure",
"members": {
"ServerCertificateMetadataList": {
"shape_name": "serverCertificateMetadataListType",
"type": "list",
"members": {
"shape_name": "ServerCertificateMetadata",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the server certificate. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"ServerCertificateName": {
"shape_name": "serverCertificateNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name that identifies the server certificate.</p>\n\t",
"required": true
},
"ServerCertificateId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the server certificate. For more information about\n\t\t\tIDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the server certificate. For more information about\n\t\t\tARNs and how to use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"UploadDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the server certificate was uploaded.</p>\n "
},
"Expiration": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n <p>The date on which the certificate is set to expire.</p>\n "
}
},
"documentation": "\n\t\t<p>ServerCertificateMetadata contains information about a server certificate without its\n\t\t\tcertificate body, certificate chain, and private key.</p>\n\t\t<p>This data type is used as a response element in the action <a>UploadServerCertificate</a> and\n\t\t\t\t<a>ListServerCertificates</a>.</p>\n\t"
},
"documentation": "\n\t\t<p>A list of server certificates.</p>\n\t",
"required": true
},
"IsTruncated": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>A flag that indicates whether there are more server certificates to list. If your results\n\t\t\twere truncated, you can make a subsequent pagination request using the <code>Marker</code>\n\t\t\trequest parameter to retrieve more server certificates in the list.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>If <code>IsTruncated</code> is <code>true</code>, this element is present and contains the\n\t\t\tvalue to use for the <code>Marker</code> parameter in a subsequent pagination request.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>ListServerCertificates</a>\n\t\t\taction.</p>\n\t"
},
"errors": [],
"documentation": "\n\t\t<p>Lists the server certificates that have the specified path prefix. If none exist, the action\n\t\t\treturns an empty list.</p>\n\t\t<p>You can paginate the results using the <code>MaxItems</code> and <code>Marker</code>\n\t\t\tparameters.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=ListServerCertificates\n&PathPrefix=/company/servercerts\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<ListServerCertificatesResponse>\n <ListServerCertificatesResult>\n <IsTruncated>false</IsTruncated>\n <ServerCertificateMetadataList>\n <member>\n <ServerCertificateMetadata>\n <ServerCertificateName>ProdServerCert</ServerCertificateName>\n <Path>/company/servercerts/</Path>\n <Arn>arn:aws:iam::123456789012:server-certificate/company/servercerts/ProdServerCert</Arn>\n <UploadDate>2010-05-08T01:02:03.004Z</UploadDate>\n <ServerCertificateId>ASCACKCEVSQ6CEXAMPLE1</ServerCertificateId>\n <Expiration>2012-05-08T01:02:03.004Z</Expiration>\n </ServerCertificateMetadata>\n </member>\n <member>\n <ServerCertificateMetadata>\n <ServerCertificateName>BetaServerCert</ServerCertificateName>\n <Path>/company/servercerts/</Path>\n <Arn>arn:aws:iam::123456789012:server-certificate/company/servercerts/BetaServerCert</Arn>\n <UploadDate>2010-05-08T02:03:01.004Z</UploadDate>\n <ServerCertificateId>ASCACKCEVSQ6CEXAMPLE2</ServerCertificateId>\n <Expiration>2012-05-08T02:03:01.004Z</Expiration>\n </ServerCertificateMetadata>\n </member>\n <member>\n <ServerCertificateMetadata>\n <ServerCertificateName>TestServerCert</ServerCertificateName>\n <Path>/company/servercerts/</Path>\n <Arn>arn:aws:iam::123456789012:server-certificate/company/servercerts/TestServerCert</Arn>\n <UploadDate>2010-05-08T03:01:02.004Z</UploadDate>\n <ServerCertificateId>ASCACKCEVSQ6CEXAMPLE3</ServerCertificateId>\n <Expiration>2012-05-08T03:01:02.004Z</Expiration>\n </ServerCertificateMetadata>\n </member>\n </ServerCertificateMetadataList>\n </ListServerCertificatesResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</ListServerCertificatesResponse>\n </queryresponse>\n\t\t</examples>\n\t",
"pagination": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "ServerCertificateMetadataList",
"py_input_token": "marker"
}
},
"ListSigningCertificates": {
"name": "ListSigningCertificates",
"input": {
"shape_name": "ListSigningCertificatesRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name of the user.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>Use this only when paginating results, and only in a subsequent request after you've received\n\t\t\ta response where the results are truncated. Set it to the value of the <code>Marker</code>\n\t\t\telement in the response you just received.</p>\n\t"
},
"MaxItems": {
"shape_name": "maxItemsType",
"type": "integer",
"min_length": 1,
"max_length": 1000,
"documentation": "\n\t\t<p>Use this only when paginating results to indicate the maximum number of certificate IDs you\n\t\t\twant in the response. If there are additional certificate IDs beyond the maximum you specify,\n\t\t\tthe <code>IsTruncated</code> response element is <code>true</code>. This parameter is\n\t\t\toptional. If you do not include it, it defaults to 100.</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "ListSigningCertificatesResponse",
"type": "structure",
"members": {
"Certificates": {
"shape_name": "certificateListType",
"type": "list",
"members": {
"shape_name": "SigningCertificate",
"type": "structure",
"members": {
"UserName": {
"shape_name": "userNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user the signing certificate is associated with.</p>\n\t",
"required": true
},
"CertificateId": {
"shape_name": "certificateIdType",
"type": "string",
"min_length": 24,
"max_length": 128,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The ID for the signing certificate.</p>\n\t",
"required": true
},
"CertificateBody": {
"shape_name": "certificateBodyType",
"type": "string",
"min_length": 1,
"max_length": 16384,
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"documentation": "\n\t\t<p>The contents of the signing certificate.</p>\n\t",
"required": true
},
"Status": {
"shape_name": "statusType",
"type": "string",
"enum": [
"Active",
"Inactive"
],
"documentation": "\n\t\t<p>The status of the signing certificate. <code>Active</code> means the key is valid for API\n\t\t\tcalls, while <code>Inactive</code> means it is not.</p>\n\t",
"required": true
},
"UploadDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the signing certificate was uploaded.</p>\n\t"
}
},
"documentation": "\n\t\t<p>The SigningCertificate data type contains information about an X.509 signing certificate.</p>\n\t\t<p> This data type is used as a response element in the actions <a>UploadSigningCertificate</a>\n\t\t\tand <a>ListSigningCertificates</a>. </p>\n\t"
},
"documentation": "\n\t\t<p>A list of the user's signing certificate information.</p>\n\t",
"required": true
},
"IsTruncated": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>A flag that indicates whether there are more certificate IDs to list. If your results were\n\t\t\ttruncated, you can make a subsequent pagination request using the <code>Marker</code> request\n\t\t\tparameter to retrieve more certificates in the list.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>If <code>IsTruncated</code> is <code>true</code>, this element is present and contains the\n\t\t\tvalue to use for the <code>Marker</code> parameter in a subsequent pagination request.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>ListSigningCertificates</a>\n\t\t\taction.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Returns information about the signing certificates associated with the specified user. If\n\t\t\tthere are none, the action returns an empty list.</p>\n\t\t<p>Although each user is limited to a small number of signing certificates, you can still\n\t\t\tpaginate the results using the <code>MaxItems</code> and <code>Marker</code> parameters.</p>\n\t\t<p>If the <code>UserName</code> field is not specified, the user name is determined implicitly\n\t\t\tbased on the AWS access key ID used to sign the request. Because this action works for access\n\t\t\tkeys under the AWS account, this API can be used to manage root credentials even if the AWS\n\t\t\taccount has no associated users.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=ListSigningCertificates\n&UserName=Bob\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<ListSigningCertificatesResponse>\n <ListSigningCertificatesResult>\n <UserName>Bob</UserName>\n <Certificates>\n <member>\n <UserName>Bob</UserName>\n <CertificateId>TA7SMP42TDN5Z26OBPJE7EXAMPLE</CertificateId>\n <CertificateBody>-----BEGIN CERTIFICATE-----\n MIICdzCCAeCgAwIBAgIGANc+Ha2wMA0GCSqGSIb3DQEBBQUAMFMxCzAJBgNVBAYT\n AlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMQwwCgYDVQQLEwNBV1MxITAfBgNVBAMT\n GEFXUyBMaW1pdGVkLUFzc3VyYW5jZSBDQTAeFw0wOTAyMDQxNzE5MjdaFw0xMDAy\n MDQxNzE5MjdaMFIxCzAJBgNVBAYTAlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMRcw\n FQYDVQQLEw5BV1MtRGV2ZWxvcGVyczEVMBMGA1UEAxMMNTdxNDl0c3ZwYjRtMIGf\n MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCpB/vsOwmT/O0td1RqzKjttSBaPjbr\n dqwNe9BrOyB08fw2+Ch5oonZYXfGUrT6mkYXH5fQot9HvASrzAKHO596FdJA6DmL\n ywdWe1Oggk7zFSXO1Xv+3vPrJtaYxYo3eRIp7w80PMkiOv6M0XK8ubcTouODeJbf\n suDqcLnLDxwsvwIDAQABo1cwVTAOBgNVHQ8BAf8EBAMCBaAwFgYDVR0lAQH/BAww\n CgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQULGNaBphBumaKbDRK\n CAi0mH8B3mowDQYJKoZIhvcNAQEFBQADgYEAuKxhkXaCLGcqDuweKtO/AEw9ZePH\n wr0XqsaIK2HZboqruebXEGsojK4Ks0WzwgrEynuHJwTn760xe39rSqXWIOGrOBaX\n wFpWHVjTFMKk+tSDG1lssLHyYWWdFFU4AnejRGORJYNaRHgVTKjHphc5jEhHm0BX\n AEaHzTpmEXAMPLE=\n -----END CERTIFICATE-----</CertificateBody>\n <Status>Active</Status>\n </member>\n </Certificates>\n <IsTruncated>false</IsTruncated>\n </ListSigningCertificatesResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</ListSigningCertificatesResponse>\n </queryresponse>\n\t\t</examples>\n\t",
"pagination": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "Certificates",
"py_input_token": "marker"
}
},
"ListUserPolicies": {
"name": "ListUserPolicies",
"input": {
"shape_name": "ListUserPoliciesRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name of the user to list policies for.</p>\n\t",
"required": true
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>Use this only when paginating results, and only in a subsequent request after you've received\n\t\t\ta response where the results are truncated. Set it to the value of the <code>Marker</code>\n\t\t\telement in the response you just received.</p>\n\t"
},
"MaxItems": {
"shape_name": "maxItemsType",
"type": "integer",
"min_length": 1,
"max_length": 1000,
"documentation": "\n\t\t<p>Use this only when paginating results to indicate the maximum number of policy names you want\n\t\t\tin the response. If there are additional policy names beyond the maximum you specify, the\n\t\t\t\t<code>IsTruncated</code> response element is <code>true</code>. This parameter is optional.\n\t\t\tIf you do not include it, it defaults to 100.</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "ListUserPoliciesResponse",
"type": "structure",
"members": {
"PolicyNames": {
"shape_name": "policyNameListType",
"type": "list",
"members": {
"shape_name": "policyNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": null
},
"documentation": "\n\t\t<p>A list of policy names.</p>\n\t",
"required": true
},
"IsTruncated": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>A flag that indicates whether there are more policy names to list. If your results were\n\t\t\ttruncated, you can make a subsequent pagination request using the <code>Marker</code> request\n\t\t\tparameter to retrieve more policy names in the list.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>If <code>IsTruncated</code> is <code>true</code>, this element is present and contains the\n\t\t\tvalue to use for the <code>Marker</code> parameter in a subsequent pagination request.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>ListUserPolicies</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Lists the names of the policies associated with the specified user. If there are none, the\n\t\t\taction returns an empty list.</p>\n\t\t<p>You can paginate the results using the <code>MaxItems</code> and <code>Marker</code>\n\t\t\tparameters.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=ListUserPolicies\n&UserName=Bob\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<ListUserPoliciesResponse>\n <ListUserPoliciesResult>\n <PolicyNames>\n <member>AllAccessPolicy</member>\n <member>KeyPolicy</member>\n </PolicyNames>\n <IsTruncated>false</IsTruncated>\n </ListUserPoliciesResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</ListUserPoliciesResponse>\n </queryresponse>\n\t\t</examples>\n\t",
"pagination": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "PolicyNames",
"py_input_token": "marker"
}
},
"ListUsers": {
"name": "ListUsers",
"input": {
"shape_name": "ListUsersRequest",
"type": "structure",
"members": {
"PathPrefix": {
"shape_name": "pathPrefixType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "\\u002F[\\u0021-\\u007F]*",
"documentation": "\n\t\t<p>The path prefix for filtering the results. For example:\n\t\t\t\t<code>/division_abc/subdivision_xyz/</code>, which would get all user names whose path\n\t\t\tstarts with <code>/division_abc/subdivision_xyz/</code>.</p>\n\t\t<p>This parameter is optional. If it is not included, it defaults to a slash (/), listing all\n\t\t\tuser names.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>Use this parameter only when paginating results, and only in a subsequent request after\n\t\t\tyou've received a response where the results are truncated. Set it to the value of the\n\t\t\t\t<code>Marker</code> element in the response you just received.</p>\n\t"
},
"MaxItems": {
"shape_name": "maxItemsType",
"type": "integer",
"min_length": 1,
"max_length": 1000,
"documentation": "\n\t\t<p>Use this parameter only when paginating results to indicate the maximum number of user names\n\t\t\tyou want in the response. If there are additional user names beyond the maximum you specify,\n\t\t\tthe <code>IsTruncated</code> response element is <code>true</code>. This parameter is\n\t\t\toptional. If you do not include it, it defaults to 100.</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "ListUsersResponse",
"type": "structure",
"members": {
"Users": {
"shape_name": "userListType",
"type": "list",
"members": {
"shape_name": "User",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the user. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"UserName": {
"shape_name": "userNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name identifying the user.</p>\n\t",
"required": true
},
"UserId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the user. For more information about IDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the user. For more information about ARNs and how\n\t\t\tto use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the user was created.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>The User data type contains information about a user.</p>\n\t\t<p> This data type is used as a response element in the following actions:</p>\n\t\t<ul>\n\t\t\t<li><p><a>CreateUser</a></p></li>\n\t\t\t<li><p><a>GetUser</a></p></li>\n\t\t\t<li><p><a>ListUsers</a></p></li>\n\t\t</ul>\n\t"
},
"documentation": "\n\t\t<p>A list of users.</p>\n\t",
"required": true
},
"IsTruncated": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>A flag that indicates whether there are more user names to list. If your results were\n\t\t\ttruncated, you can make a subsequent pagination request using the <code>Marker</code> request\n\t\t\tparameter to retrieve more users in the list.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>If <code>IsTruncated</code> is <code>true</code>, this element is present and contains the\n\t\t\tvalue to use for the <code>Marker</code> parameter in a subsequent pagination request.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>ListUsers</a> action.</p>\n\t"
},
"errors": [],
"documentation": "\n\t\t<p>Lists the users that have the specified path prefix. If there are none, the action returns an\n\t\t\tempty list.</p>\n\t\t<p>You can paginate the results using the <code>MaxItems</code> and <code>Marker</code>\n\t\t\tparameters.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=ListUsers\n&PathPrefix=/division_abc/subdivision_xyz/product_1234/engineering/\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\n\t\t\t<queryresponse>\n<ListUsersResponse>\n <ListUsersResult>\n <Users>\n <member>\n <Path>/division_abc/subdivision_xyz/engineering/</Path>\n <UserName>Andrew</UserName>\n <UserId>AID2MAB8DPLSRHEXAMPLE</UserId>\n <Arn>arn:aws:iam::123456789012:user\n /division_abc/subdivision_xyz/engineering/Andrew</Arn>\n </member>\n <member>\n <Path>/division_abc/subdivision_xyz/engineering/</Path>\n <UserName>Jackie</UserName>\n <UserId>AIDIODR4TAW7CSEXAMPLE</UserId>\n <Arn>arn:aws:iam::123456789012:user\n /division_abc/subdivision_xyz/engineering/Jackie</Arn>\n </member>\n </Users>\n <IsTruncated>false</IsTruncated>\n </ListUsersResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</ListUsersResponse>\n </queryresponse>\n\t\t</examples>\n\t",
"pagination": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "Users",
"py_input_token": "marker"
}
},
"ListVirtualMFADevices": {
"name": "ListVirtualMFADevices",
"input": {
"shape_name": "ListVirtualMFADevicesRequest",
"type": "structure",
"members": {
"AssignmentStatus": {
"shape_name": "assignmentStatusType",
"type": "string",
"enum": [
"Assigned",
"Unassigned",
"Any"
],
"documentation": "\n\t\t<p>The status (unassigned or assigned) of the devices to list. If you do not specify an\n\t\t\t\t<code>AssignmentStatus</code>, the action defaults to <code>Any</code> which lists both\n\t\t\tassigned and unassigned virtual MFA devices. </p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>Use this parameter only when paginating results, and only in a subsequent request after\n\t\t\tyou've received a response where the results are truncated. Set it to the value of the\n\t\t\t\t<code>Marker</code> element in the response you just received.</p>\n\t"
},
"MaxItems": {
"shape_name": "maxItemsType",
"type": "integer",
"min_length": 1,
"max_length": 1000,
"documentation": "\n\t\t<p>Use this parameter only when paginating results to indicate the maximum number of user names\n\t\t\tyou want in the response. If there are additional user names beyond the maximum you specify,\n\t\t\tthe <code>IsTruncated</code> response element is <code>true</code>. This parameter is\n\t\t\toptional. If you do not include it, it defaults to 100.</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "ListVirtualMFADevicesResponse",
"type": "structure",
"members": {
"VirtualMFADevices": {
"shape_name": "virtualMFADeviceListType",
"type": "list",
"members": {
"shape_name": "VirtualMFADevice",
"type": "structure",
"members": {
"SerialNumber": {
"shape_name": "serialNumberType",
"type": "string",
"min_length": 9,
"max_length": 256,
"pattern": "[\\w+=/:,.@-]*",
"documentation": "\n\t\t<p>The serial number associated with <code>VirtualMFADevice</code>.</p>\n\t",
"required": true
},
"Base32StringSeed": {
"shape_name": "BootstrapDatum",
"type": "blob",
"sensitive": true,
"documentation": "\n\t\t<p>The Base32 seed defined as specified in <a href=\"http://www.ietf.org/rfc/rfc3548.txt\">RFC3548</a>. The <code>Base32StringSeed</code> is Base64-encoded.</p>\n\t"
},
"QRCodePNG": {
"shape_name": "BootstrapDatum",
"type": "blob",
"sensitive": true,
"documentation": "\n\t\t<p>A QR code PNG image that encodes <i>otpauth://totp/$virtualMFADeviceName@$AccountName?\n\t\t\t\tsecret=$Base32String</i> where $virtualMFADeviceName is one of the create call arguments,\n\t\t\tAccountName is the user name if set (accountId otherwise), and Base32String is the seed in\n\t\t\tBase32 format. The <code>Base32String</code> is Base64-encoded.</p>\n\t"
},
"User": {
"shape_name": "User",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the user. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"UserName": {
"shape_name": "userNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name identifying the user.</p>\n\t",
"required": true
},
"UserId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the user. For more information about IDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the user. For more information about ARNs and how\n\t\t\tto use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"CreateDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the user was created.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>The User data type contains information about a user.</p>\n\t\t<p> This data type is used as a response element in the following actions:</p>\n\t\t<ul>\n\t\t\t<li><p><a>CreateUser</a></p></li>\n\t\t\t<li><p><a>GetUser</a></p></li>\n\t\t\t<li><p><a>ListUsers</a></p></li>\n\t\t</ul>\n\t"
},
"EnableDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": null
}
},
"documentation": "\n\t\t<p>The <code>VirtualMFADevice</code> data type contains information about a virtual MFA\n\t\t\tdevice.</p>\n\t"
},
"documentation": null,
"required": true
},
"IsTruncated": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n\t\t<p>A flag that indicates whether there are more items to list. If your results were truncated,\n\t\t\tyou can make a subsequent pagination request using the <code>Marker</code> request parameter\n\t\t\tto retrieve more items the list.</p>\n\t"
},
"Marker": {
"shape_name": "markerType",
"type": "string",
"min_length": 1,
"max_length": 320,
"pattern": "[\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>If <code>IsTruncated</code> is <code>true</code>, this element is present and contains the\n\t\t\tvalue to use for the <code>Marker</code> parameter in a subsequent pagination request.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>ListVirtualMFADevices</a>\n\t\t\taction.</p>\n\t"
},
"errors": [],
"documentation": "\n\t\t<p> Lists the virtual MFA devices under the AWS account by assignment status. If you do not\n\t\t\tspecify an assignment status, the action returns a list of all virtual MFA devices. Assignment\n\t\t\tstatus can be <code>Assigned</code>, <code>Unassigned</code>, or <code>Any</code>. </p>\n\t\t<p>You can paginate the results using the <code>MaxItems</code> and <code>Marker</code>\n\t\t\tparameters.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\n<!-- This example shows the request where\n the AssignmentStatus is Any -->\n\nhttps://iam.amazonaws.com/\n?Action=ListVirtualMFADevices\n&AssignmentStatus=Any\n&AUTHPARAMS\n</queryrequest>\n\t\t\t<queryresponse>\n<!-- The action returns all three virtual MFA devices\n associated with the account: the first device is\n unassigned, the second is assigned to the root\n account, and the third is assigned to a user\n named ExampleUser under the account. -->\n\n<ListVirtualMFADevicesResponse>\n <ListVirtualMFADevicesResult>\n <IsTruncated>false</IsTruncated>\n <VirtualMFADevices>\n <member>\n <SerialNumber>\n arn:aws:iam::123456789012:mfa/MFAdeviceName\n </SerialNumber>\n </member>\n <member>\n <SerialNumber>\n arn:aws:iam::123456789012:mfa/RootMFAdeviceName\n </SerialNumber>\n <EnableDate>2011-10-20T20:49:03Z</EnableDate>\n <User>\n <UserId>123456789012</UserId>\n <Arn>arn:aws:iam::123456789012:root</Arn>\n <CreateDate>2009-10-13T22:00:36Z</CreateDate>\n </User>\n </member>\n <member>\n <SerialNumber>\n arn:aws:iam:::mfa/ExampleUserMFAdeviceName\n </SerialNumber>\n <EnableDate>2011-10-31T20:45:02Z</EnableDate>\n <User>\n <UserId>AIDEXAMPLE4EXAMPLEXYZ</UserId>\n <Path>/</Path>\n <UserName>ExampleUser</UserName>\n <Arn>arn:aws:iam::111122223333:user/ExampleUser</Arn>\n <CreateDate>2011-07-01T17:23:07Z</CreateDate>\n </User>\n </member>\n </VirtualMFADevices>\n </ListVirtualMFADevicesResult>\n <ResponseMetadata>\n <RequestId>b61ce1b1-0401-11e1-b2f8-2dEXAMPLEbfc</RequestId>\n </ResponseMetadata>\n</ListVirtualMFADevicesResponse>\n</queryresponse>\n\t\t</examples>\n\t",
"pagination": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "VirtualMFADevices",
"py_input_token": "marker"
}
},
"PutGroupPolicy": {
"name": "PutGroupPolicy",
"input": {
"shape_name": "PutGroupPolicyRequest",
"type": "structure",
"members": {
"GroupName": {
"shape_name": "groupNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the group to associate the policy with.</p>\n\t",
"required": true
},
"PolicyName": {
"shape_name": "policyNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the policy document.</p>\n\t",
"required": true
},
"PolicyDocument": {
"shape_name": "policyDocumentType",
"type": "string",
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"min_length": 1,
"max_length": 131072,
"documentation": "\n\t\t<p>The policy document.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
},
{
"shape_name": "MalformedPolicyDocumentException",
"type": "structure",
"members": {
"message": {
"shape_name": "malformedPolicyDocumentMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because the policy document was malformed. The error message\n\t\t\tdescribes the specific error.</p>\n\t"
},
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Adds (or updates) a policy document associated with the specified group. For information\n\t\t\tabout policies, refer to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/PoliciesOverview.html\">Overview of Policies</a> in the <i>Using IAM</i> guide.</p>\n\t\t<p>For information about limits on the number of policies you can associate with a group, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html\">Limitations on IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\n\t\t<note>Because policy documents can be large, you should use POST rather than GET when calling\n\t\t\t\t<code>PutGroupPolicy</code>. For information about setting up signatures and authorization\n\t\t\tthrough the API, go to <a href=\"http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html\">Signing AWS API Requests</a> in the <i>AWS General Reference</i>. For general information\n\t\t\tabout using the Query API with IAM, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html\">Making\n\t\t\t\tQuery Requests</a> in the <i>Using IAM</i> guide.</note>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=PutGroupPolicy\n&GroupName=Admins\n&PolicyName=AdminRoot\n&PolicyDocument={\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}]}\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<PutGroupPolicyResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</PutGroupPolicyResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"PutRolePolicy": {
"name": "PutRolePolicy",
"input": {
"shape_name": "PutRolePolicyRequest",
"type": "structure",
"members": {
"RoleName": {
"shape_name": "roleNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the role to associate the policy with.</p>\n\t",
"required": true
},
"PolicyName": {
"shape_name": "policyNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the policy document.</p>\n\t",
"required": true
},
"PolicyDocument": {
"shape_name": "policyDocumentType",
"type": "string",
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"min_length": 1,
"max_length": 131072,
"documentation": "\n\t\t<p>The policy document.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
},
{
"shape_name": "MalformedPolicyDocumentException",
"type": "structure",
"members": {
"message": {
"shape_name": "malformedPolicyDocumentMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because the policy document was malformed. The error message\n\t\t\tdescribes the specific error.</p>\n\t"
},
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Adds (or updates) a policy document associated with the specified role. For information about\n\t\t\tpolicies, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/PoliciesOverview.html\">Overview of Policies</a> in the <i>Using IAM</i> guide.</p>\n\t\t<p>For information about limits on the policies you can associate with a role, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html\">Limitations on IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\n\t\t<note>Because policy documents can be large, you should use POST rather than GET when calling\n\t\t\t\t<code>PutRolePolicy</code>. For information about setting up signatures and authorization\n\t\t\tthrough the API, go to <a href=\"http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html\">Signing AWS API Requests</a> in the <i>AWS General Reference</i>. For general information\n\t\t\tabout using the Query API with IAM, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html\">Making\n\t\t\t\tQuery Requests</a> in the <i>Using IAM</i> guide.</note>\n\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=PutRolePolicy\n&RoleName=S3Access\n&PolicyName=S3AccessPolicy\n&PolicyDocument={\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"s3:*\",\"Resource\":\"*\"}]}\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<PutRolePolicyResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</PutRolePolicyResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"PutUserPolicy": {
"name": "PutUserPolicy",
"input": {
"shape_name": "PutUserPolicyRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user to associate the policy with.</p>\n\t",
"required": true
},
"PolicyName": {
"shape_name": "policyNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the policy document.</p>\n\t",
"required": true
},
"PolicyDocument": {
"shape_name": "policyDocumentType",
"type": "string",
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"min_length": 1,
"max_length": 131072,
"documentation": "\n\t\t<p>The policy document.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
},
{
"shape_name": "MalformedPolicyDocumentException",
"type": "structure",
"members": {
"message": {
"shape_name": "malformedPolicyDocumentMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because the policy document was malformed. The error message\n\t\t\tdescribes the specific error.</p>\n\t"
},
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Adds (or updates) a policy document associated with the specified user. For information about\n\t\t\tpolicies, refer to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/PoliciesOverview.html\">Overview of Policies</a> in the <i>Using IAM</i> guide.</p>\n\t\t<p>For information about limits on the number of policies you can associate with a user, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html\">Limitations on IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\n\t\t<note>Because policy documents can be large, you should use POST rather than GET when calling\n\t\t\t\t<code>PutUserPolicy</code>. For information about setting up signatures and authorization\n\t\t\tthrough the API, go to <a href=\"http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html\">Signing AWS API Requests</a> in the <i>AWS General Reference</i>. For general information\n\t\t\tabout using the Query API with IAM, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html\">Making\n\t\t\t\tQuery Requests</a> in the <i>Using IAM</i> guide.</note>\n\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=PutUserPolicy\n&UserName=Bob\n&PolicyName=AllAccessPolicy\n&PolicyDocument={\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}]}\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<PutUserPolicyResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</PutUserPolicyResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"RemoveRoleFromInstanceProfile": {
"name": "RemoveRoleFromInstanceProfile",
"input": {
"shape_name": "RemoveRoleFromInstanceProfileRequest",
"type": "structure",
"members": {
"InstanceProfileName": {
"shape_name": "instanceProfileNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the instance profile to update.</p>\n\t",
"required": true
},
"RoleName": {
"shape_name": "roleNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the role to remove.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Removes the specified role from the specified instance profile.</p>\n\t\t<important>Make sure you do not have any Amazon EC2 instances running with the role you are\n\t\t\tabout to remove from the instance profile. Removing a role from an instance profile that is\n\t\t\tassociated with a running instance will break any applications running on the\n\t\t\tinstance.</important>\n\t\t<p>For more information about roles, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html\">Working with Roles</a>.\n\t\t\tFor more information about instance profiles, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html\">About Instance\n\t\t\t\tProfiles</a>.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=RemoveRoleFromInstanceProfile\n&InstanceProfileName=Webserver\n&RoleName=S3Access\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<RemoveRoleFromInstanceProfileResponse xmlns=\"https://iam.amazonaws.com/doc/2010-05-08/\">\n <ResponseMetadata>\n <RequestId>29f47818-99f5-11e1-a4c3-27EXAMPLE804</RequestId>\n </ResponseMetadata>\n</RemoveRoleFromInstanceProfileResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"RemoveUserFromGroup": {
"name": "RemoveUserFromGroup",
"input": {
"shape_name": "RemoveUserFromGroupRequest",
"type": "structure",
"members": {
"GroupName": {
"shape_name": "groupNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the group to update.</p>\n\t",
"required": true
},
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user to remove.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Removes the specified user from the specified group.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=RemoveUserFromGroup\n&GroupName=Managers\n&UserName=Bob\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<RemoveUserFromGroupResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</RemoveUserFromGroupResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"ResyncMFADevice": {
"name": "ResyncMFADevice",
"input": {
"shape_name": "ResyncMFADeviceRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user whose MFA device you want to resynchronize.</p>\n\t",
"required": true
},
"SerialNumber": {
"shape_name": "serialNumberType",
"type": "string",
"min_length": 9,
"max_length": 256,
"pattern": "[\\w+=/:,.@-]*",
"documentation": "\n\t\t<p>Serial number that uniquely identifies the MFA device.</p>\n\t",
"required": true
},
"AuthenticationCode1": {
"shape_name": "authenticationCodeType",
"type": "string",
"min_length": 6,
"max_length": 6,
"pattern": "[\\d]*",
"documentation": "\n\t\t<p>An authentication code emitted by the device.</p>\n\t",
"required": true
},
"AuthenticationCode2": {
"shape_name": "authenticationCodeType",
"type": "string",
"min_length": 6,
"max_length": 6,
"pattern": "[\\d]*",
"documentation": "\n\t\t<p>A subsequent authentication code emitted by the device.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "InvalidAuthenticationCodeException",
"type": "structure",
"members": {
"message": {
"shape_name": "invalidAuthenticationCodeMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because the authentication code was not recognized. The error\n\t\t\tmessage describes the specific error.</p>\n\t"
},
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Synchronizes the specified MFA device with AWS servers.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=ResyncMFADevice\n&UserName=Bob\n&SerialNumber=R1234\n&AuthenticationCode1=234567\n&AuthenticationCode2=987654\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<ResyncMFADeviceResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</ResyncMFADeviceResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"UpdateAccessKey": {
"name": "UpdateAccessKey",
"input": {
"shape_name": "UpdateAccessKeyRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user whose key you want to update.</p>\n\t"
},
"AccessKeyId": {
"shape_name": "accessKeyIdType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The access key ID of the secret access key you want to update.</p>\n\t",
"required": true
},
"Status": {
"shape_name": "statusType",
"type": "string",
"enum": [
"Active",
"Inactive"
],
"documentation": "\n\t\t<p>The status you want to assign to the secret access key. <code>Active</code> means the key can\n\t\t\tbe used for API calls to AWS, while <code>Inactive</code> means the key cannot be used.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Changes the status of the specified access key from Active to Inactive, or vice versa. This\n\t\t\taction can be used to disable a user's key as part of a key rotation work flow.</p>\n\t\t<p>If the <code>UserName</code> field is not specified, the UserName is determined implicitly\n\t\t\tbased on the AWS access key ID used to sign the request. Because this action works for access\n\t\t\tkeys under the AWS account, this API can be used to manage root credentials even if the AWS\n\t\t\taccount has no associated users.</p>\n\t\t<p>For information about rotating keys, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingCredentials.html\">Managing Keys and Certificates</a> in the <i>Using IAM\n\t\t\t\t</i> guide.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=UpdateAccessKey\n&UserName=Bob\n&AccessKeyId=AKIAIOSFODNN7EXAMPLE\n&Status=Inactive\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<UpdateAccessKeyResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</UpdateAccessKeyResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"UpdateAccountPasswordPolicy": {
"name": "UpdateAccountPasswordPolicy",
"input": {
"shape_name": "UpdateAccountPasswordPolicyRequest",
"type": "structure",
"members": {
"MinimumPasswordLength": {
"shape_name": "minimumPasswordLengthType",
"type": "integer",
"min_length": 6,
"max_length": 128,
"documentation": "\n <p>The minimum number of characters allowed in an IAM user password.</p>\n "
},
"RequireSymbols": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n Specifies whether IAM user passwords must contain at least one of the following non-alphanumeric characters: ! @ # $ % ^ &amp; * ( ) _ + - = [ ] { } | '\n "
},
"RequireNumbers": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n <p>Specifies whether IAM user passwords must contain at least one numeric character (0 to 9).</p>\n "
},
"RequireUppercaseCharacters": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n <p>Specifies whether IAM user passwords must contain at least one uppercase character from the ISO basic Latin alphabet (A to Z).</p>\n "
},
"RequireLowercaseCharacters": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n <p>Specifies whether IAM user passwords must contain at least one lowercase character from the ISO basic Latin alphabet (a to z).</p>\n "
},
"AllowUsersToChangePassword": {
"shape_name": "booleanType",
"type": "boolean",
"documentation": "\n <p>Allows all IAM users in your account to use the AWS Management Console to change their own passwords. For more information, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html\">Letting IAM Users Change Their Own Passwords</a> in the <i>Using IAM</i> guide.</p>\n "
},
"MaxPasswordAge": {
"shape_name": "maxPasswordAgeType",
"type": "integer",
"min_length": 1,
"max_length": 1095,
"box": true,
"documentation": "\n <p>The number of days that an IAM user password is valid.</p>\n "
},
"PasswordReusePrevention": {
"shape_name": "passwordReusePreventionType",
"type": "integer",
"min_length": 1,
"max_length": 24,
"box": true,
"documentation": "\n <p>Specifies the number of previous passwords that IAM users are prevented from reusing.</p>\n "
},
"HardExpiry": {
"shape_name": "booleanObjectType",
"type": "boolean",
"box": true,
"documentation": "\n <p>Prevents IAM users from setting a new password after their password has expired.</p>\n "
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "MalformedPolicyDocumentException",
"type": "structure",
"members": {
"message": {
"shape_name": "malformedPolicyDocumentMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because the policy document was malformed. The error message\n\t\t\tdescribes the specific error.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Updates the password policy settings for the account. For more information about using a\n\t\t\tpassword policy, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html\">Managing an\n\t\t\t\tIAM Password Policy</a> in the <i>Using IAM</i> guide.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=UpdateAccountPasswordPolicy\n&MinimumPasswordLength=12\n&RequireSymbols=false\n&RequireNumbers=true\n&RequireUppercaseCharacters=true\n&RequireLowercaseCharacters=true\n&AllowUsersToChangePassword=true\n&MaxPasswordAge=90\n&PasswordReusePrevention=6\n&HardExpiry=false\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<UpdateAccountPasswordPolicyResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</UpdateAccountPasswordPolicyResponse>\n</queryresponse>\n\t\t</examples>\n\t"
},
"UpdateAssumeRolePolicy": {
"name": "UpdateAssumeRolePolicy",
"input": {
"shape_name": "UpdateAssumeRolePolicyRequest",
"type": "structure",
"members": {
"RoleName": {
"shape_name": "roleNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the role to update.</p>\n\t",
"required": true
},
"PolicyDocument": {
"shape_name": "policyDocumentType",
"type": "string",
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"min_length": 1,
"max_length": 131072,
"documentation": "\n\t\t<p>The policy that grants an entity permission to assume the role.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "MalformedPolicyDocumentException",
"type": "structure",
"members": {
"message": {
"shape_name": "malformedPolicyDocumentMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because the policy document was malformed. The error message\n\t\t\tdescribes the specific error.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Updates the policy that grants an entity permission to assume a role. For more information about roles, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html\">Working with\n\t\t\tRoles</a>.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=UpdateAssumeRolePolicy\n&PolicyDocument={\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}\n&RoleName=S3Access\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<UpdateAssumeRolePolicyResponse xmlns=\"https://iam.amazonaws.com/doc/2010-05-08/\">\n <ResponseMetadata>\n <RequestId>309c1671-99ed-11e1-a4c3-270EXAMPLE04</RequestId>\n </ResponseMetadata>\n</UpdateAssumeRolePolicyResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"UpdateGroup": {
"name": "UpdateGroup",
"input": {
"shape_name": "UpdateGroupRequest",
"type": "structure",
"members": {
"GroupName": {
"shape_name": "groupNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the group to update. If you're changing the name of the group, this is the original\n\t\t\tname.</p>\n\t",
"required": true
},
"NewPath": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>New path for the group. Only include this if changing the group's path.</p>\n\t"
},
"NewGroupName": {
"shape_name": "groupNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>New name for the group. Only include this if changing the group's name.</p>\n\t"
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "EntityAlreadyExistsException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityAlreadyExistsMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create a resource that already exists.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Updates the name and/or the path of the specified group.</p>\n\t\t<important> You should understand the implications of changing a group's path or name. For more\n\t\t information, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_WorkingWithGroupsAndUsers.html\">Renaming Users and Groups</a> in the <i>Using IAM</i> guide. </important>\n\n\t\t<note>To change a group name the requester must have appropriate permissions on both the source\n\t\t\tobject and the target object. For example, to change Managers to MGRs, the entity making the\n\t\t\trequest must have permission on Managers and MGRs, or must have permission on all (*). For\n\t\t\tmore information about permissions, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/PermissionsAndPolicies.html\" target=\"blank\">Permissions and Policies</a>. </note>\n\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=UpdateGroup\n&GroupName=Test\n&NewGroupName=Test_1\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<UpdateGroupResponse>\n <UpdateGroupResult>\n <Group xmlns=\"http://iam.amazonaws.com/doc/2010-05-08/\">\n <Path>/division_abc/subdivision_xyz/product_1234/engineering/</Path>\n <GroupName>Test_1</GroupName>\n <GroupId>AGP2MAB8DPLSRHEXAMPLE</GroupId>\n <Arn>arn:aws:iam::123456789012:group/division_abc/subdivision_xyz/\n product_1234/engineering/Test_1</Arn>\n </Group>\n </UpdateGroupResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</UpdateGroupResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"UpdateLoginProfile": {
"name": "UpdateLoginProfile",
"input": {
"shape_name": "UpdateLoginProfileRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "userNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user whose password you want to update.</p>\n\t",
"required": true
},
"Password": {
"shape_name": "passwordType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"sensitive": true,
"documentation": "\n\t\t<p>The new password for the specified user.</p>\n\t"
},
"PasswordResetRequired": {
"shape_name": "booleanObjectType",
"type": "boolean",
"box": true,
"documentation": "\n <p>Require the specified user to set a new password on next sign-in.</p>\n "
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "EntityTemporarilyUnmodifiableException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityTemporarilyUnmodifiableMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that is temporarily unmodifiable,\n\t\t\tsuch as a user name that was deleted and then recreated. The error indicates that the request\n\t\t\tis likely to succeed if you try again after waiting several minutes. The error message\n\t\t\tdescribes the entity.</p>\n\t"
},
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "PasswordPolicyViolationException",
"type": "structure",
"members": {
"message": {
"shape_name": "passwordPolicyViolationMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because the provided password did not meet the requirements imposed\n\t\t\tby the account password policy.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Changes the password for the specified user.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=UpdateLoginProfile\n&UserName=Bob\n&Password=NewPassword\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<UpdateLoginProfileResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</UpdateLoginProfileResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"UpdateSAMLProvider": {
"name": "UpdateSAMLProvider",
"input": {
"shape_name": "UpdateSAMLProviderRequest",
"type": "structure",
"members": {
"SAMLMetadataDocument": {
"shape_name": "SAMLMetadataDocumentType",
"type": "string",
"min_length": 1000,
"max_length": 10000000,
"documentation": "\n\t\t<p>An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document\n\t\t\tincludes the issuer's name, expiration information, and keys that can be used to validate the\n\t\t\tSAML authentication response (assertions) that are received from the IdP. You must generate\n\t\t\tthe metadata document using the identity management software that is used as your\n\t\t\torganization's IdP. </p>\n\t",
"required": true
},
"SAMLProviderArn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) of the SAML provider to update.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": {
"shape_name": "UpdateSAMLProviderResponse",
"type": "structure",
"members": {
"SAMLProviderArn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) of the SAML provider that was updated.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>UpdateSAMLProvider</a> action.</p>\n\t"
},
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "InvalidInputException",
"type": "structure",
"members": {
"message": {
"shape_name": "invalidInputMessage",
"type": "string",
"documentation": null
}
},
"documentation": null
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Updates the metadata document for an existing SAML provider.</p>\n\n\t\t<note>This operation requires <a href=\"http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html\">Signature Version\n\t\t\t4</a>.</note>\n\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=UpdateSAMLProvider\n&Name=arn:aws:iam::123456789012:saml-metadata/MyUniversity\n&SAMLProviderDocument=VGhpcyBpcyB3aGVyZSB5b3UgcHV0IHRoZSBTQU1MIHByb3ZpZGVyIG1ldGFkYXRhIGRvY3VtZW50\nLCBCYXNlNjQtZW5jb2RlZCBpbnRvIGEgYmlnIHN0cmluZy4=\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<UpdateSAMLProviderResponse xmlns=\"https://iam.amazonaws.com/doc/2010-05-08/\">\n <UpdateSAMLProviderResult>\n <SAMLProviderArn>arn:aws:iam::123456789012:saml-metadata/MyUniversity</SAMLProviderArn>\n </UpdateSAMLProviderResult>\n <ResponseMetadata>\n <RequestId>29f47818-99f5-11e1-a4c3-27EXAMPLE804</RequestId>\n </ResponseMetadata>\n</UpdateSAMLProviderResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"UpdateServerCertificate": {
"name": "UpdateServerCertificate",
"input": {
"shape_name": "UpdateServerCertificateRequest",
"type": "structure",
"members": {
"ServerCertificateName": {
"shape_name": "serverCertificateNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name of the server certificate that you want to update.</p>\n\t",
"required": true
},
"NewPath": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>The new path for the server certificate. Include this only if you are updating the server\n\t\t\tcertificate's path.</p>\n\t"
},
"NewServerCertificateName": {
"shape_name": "serverCertificateNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The new name for the server certificate. Include this only if you are updating the server\n\t\t\tcertificate's name.</p>\n\t"
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "EntityAlreadyExistsException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityAlreadyExistsMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create a resource that already exists.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Updates the name and/or the path of the specified server certificate.</p>\n\t\t<important> You should understand the implications of changing a server certificate's path or\n\t\t\tname. For more information, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingServerCerts.html\">Managing Server Certificates</a> in the <i>Using IAM</i> guide. </important>\n\n\t\t<note>To change a server certificate name the requester must have appropriate permissions on\n\t\t\tboth the source object and the target object. For example, to change the name from\n\t\t\tProductionCert to ProdCert, the entity making the request must have permission on\n\t\t\tProductionCert and ProdCert, or must have permission on all (*). For more information about\n\t\t\tpermissions, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/PermissionsAndPolicies.html\" target=\"blank\">Permissions and Policies</a>. </note>\n\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=UpdateServerCertificate\n&ServerCertificateName=ProdServerCert\n&NewServerCertificateName=ProdServerCertName\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<UpdateServerCertificateResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</UpdateServerCertificateResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"UpdateSigningCertificate": {
"name": "UpdateSigningCertificate",
"input": {
"shape_name": "UpdateSigningCertificateRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user the signing certificate belongs to.</p>\n\t"
},
"CertificateId": {
"shape_name": "certificateIdType",
"type": "string",
"min_length": 24,
"max_length": 128,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The ID of the signing certificate you want to update.</p>\n\t",
"required": true
},
"Status": {
"shape_name": "statusType",
"type": "string",
"enum": [
"Active",
"Inactive"
],
"documentation": "\n\t\t<p>The status you want to assign to the certificate. <code>Active</code> means the certificate\n\t\t\tcan be used for API calls to AWS, while <code>Inactive</code> means the certificate cannot be\n\t\t\tused.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Changes the status of the specified signing certificate from active to disabled, or vice\n\t\t\tversa. This action can be used to disable a user's signing certificate as part of a\n\t\t\tcertificate rotation work flow.</p>\n\t\t<p>If the <code>UserName</code> field is not specified, the UserName is determined implicitly\n\t\t\tbased on the AWS access key ID used to sign the request. Because this action works for access\n\t\t\tkeys under the AWS account, this API can be used to manage root credentials even if the AWS\n\t\t\taccount has no associated users.</p>\n\t\t<p>For information about rotating certificates, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingCredentials.html\">Managing Keys and Certificates</a> in the <i>Using IAM</i> guide.</p>\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=UpdateSigningCertificate\n&UserName=Bob\n&CertificateId=TA7SMP42TDN5Z26OBPJE7EXAMPLE\n&Status=Inactive\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<UpdateSigningCertificateResponse>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</UpdateSigningCertificateResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"UpdateUser": {
"name": "UpdateUser",
"input": {
"shape_name": "UpdateUserRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user to update. If you're changing the name of the user, this is the original\n\t\t\tuser name.</p>\n\t",
"required": true
},
"NewPath": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>New path for the user. Include this parameter only if you're changing the user's path.</p>\n\t"
},
"NewUserName": {
"shape_name": "userNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>New name for the user. Include this parameter only if you're changing the user's name.</p>\n\t"
}
},
"documentation": " "
},
"output": null,
"errors": [
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
},
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
},
{
"shape_name": "EntityAlreadyExistsException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityAlreadyExistsMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create a resource that already exists.</p>\n\t"
},
{
"shape_name": "EntityTemporarilyUnmodifiableException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityTemporarilyUnmodifiableMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that is temporarily unmodifiable,\n\t\t\tsuch as a user name that was deleted and then recreated. The error indicates that the request\n\t\t\tis likely to succeed if you try again after waiting several minutes. The error message\n\t\t\tdescribes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Updates the name and/or the path of the specified user.</p>\n\n\t\t<important> You should understand the implications of changing a user's path or name. For more\n\t\t information, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_WorkingWithGroupsAndUsers.html\">Renaming Users and Groups</a> in the <i>Using IAM</i> guide. </important>\n\t\t<note>To change a user name the requester must have appropriate permissions on both the source\n\t\t\tobject and the target object. For example, to change Bob to Robert, the entity making the\n\t\t\trequest must have permission on Bob and Robert, or must have permission on all (*). For more\n\t\t\tinformation about permissions, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/PermissionsAndPolicies.html\" target=\"blank\">Permissions and Policies</a>. </note>\n\t\t<examples>\n\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=UpdateUser\n&UserName=Bob\n&NewUserName=Robert\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<UpdateUserResponse>\n <UpdateUserResult>\n <User>\n <Path>/division_abc/subdivision_xyz/</Path>\n <UserName>Robert</UserName>\n <UserId>AIDACKCEVSQ6C2EXAMPLE</UserId>\n <Arn>arn:aws::123456789012:user/division_abc/subdivision_xyz/Robert\n </Arn>\n </User>\n </UpdateUserResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</UpdateUserResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"UploadServerCertificate": {
"name": "UploadServerCertificate",
"input": {
"shape_name": "UploadServerCertificateRequest",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\n\t\t<p>The path for the server certificate. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\n\t\t<p>This parameter is optional. If it is not included, it defaults to a slash (/).</p>\n\n\t\t<note>If you are uploading a server certificate specifically for use with Amazon CloudFront\n\t\t\tdistributions, you must specify a path using the <code>--path</code> option. The path must begin\n\t\t\twith <code>/cloudfront</code> and must include a trailing slash (for example, <code>/cloudfront/test/</code>).\n\t\t</note>\n\n\t"
},
"ServerCertificateName": {
"shape_name": "serverCertificateNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name for the server certificate. Do not include the path in this value.</p>\n\t",
"required": true
},
"CertificateBody": {
"shape_name": "certificateBodyType",
"type": "string",
"min_length": 1,
"max_length": 16384,
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"documentation": "\n\t\t<p>The contents of the public key certificate in PEM-encoded format.</p>\n\t",
"required": true
},
"PrivateKey": {
"shape_name": "privateKeyType",
"type": "string",
"min_length": 1,
"max_length": 16384,
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]*",
"sensitive": true,
"documentation": "\n\t\t<p>The contents of the private key in PEM-encoded format.</p>\n\t",
"required": true
},
"CertificateChain": {
"shape_name": "certificateChainType",
"type": "string",
"min_length": 1,
"max_length": 2097152,
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]*",
"documentation": "\n\t\t<p>The contents of the certificate chain. This is typically a concatenation of the PEM-encoded\n\t\t\tpublic key certificates of the chain.</p>\n\t"
}
},
"documentation": " "
},
"output": {
"shape_name": "UploadServerCertificateResponse",
"type": "structure",
"members": {
"ServerCertificateMetadata": {
"shape_name": "ServerCertificateMetadata",
"type": "structure",
"members": {
"Path": {
"shape_name": "pathType",
"type": "string",
"min_length": 1,
"max_length": 512,
"pattern": "(\\u002F)|(\\u002F[\\u0021-\\u007F]+\\u002F)",
"documentation": "\n\t\t<p>Path to the server certificate. For more information about paths, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"ServerCertificateName": {
"shape_name": "serverCertificateNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>The name that identifies the server certificate.</p>\n\t",
"required": true
},
"ServerCertificateId": {
"shape_name": "idType",
"type": "string",
"min_length": 16,
"max_length": 32,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The stable and unique string identifying the server certificate. For more information about\n\t\t\tIDs, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"Arn": {
"shape_name": "arnType",
"type": "string",
"min_length": 20,
"max_length": 2048,
"documentation": "\n\t\t<p>The Amazon Resource Name (ARN) specifying the server certificate. For more information about\n\t\t\tARNs and how to use them in policies, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html\">Identifiers for IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\t",
"required": true
},
"UploadDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the server certificate was uploaded.</p>\n "
},
"Expiration": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n <p>The date on which the certificate is set to expire.</p>\n "
}
},
"documentation": "\n\t\t<p>The meta information of the uploaded server certificate without its certificate body,\n\t\t\tcertificate chain, and private key.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>UploadServerCertificate</a>\n\t\t\taction.</p>\n\t"
},
"errors": [
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
},
{
"shape_name": "EntityAlreadyExistsException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityAlreadyExistsMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create a resource that already exists.</p>\n\t"
},
{
"shape_name": "MalformedCertificateException",
"type": "structure",
"members": {
"message": {
"shape_name": "malformedCertificateMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because the certificate was malformed or expired. The error message\n\t\t\tdescribes the specific error.</p>\n\t"
},
{
"shape_name": "KeyPairMismatchException",
"type": "structure",
"members": {
"message": {
"shape_name": "keyPairMismatchMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because the public key certificate and the private key do not\n\t\t\tmatch.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Uploads a server certificate entity for the AWS account. The server certificate entity\n\t\t\tincludes a public key certificate, a private key, and an optional certificate chain, which\n\t\t\tshould all be PEM-encoded.</p>\n\t\t<p>For information about the number of server certificates you can upload, see <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html\">Limitations on IAM Entities</a> in the <i>Using IAM</i> guide.</p>\n\n\n\t\t<note>Because the body of the public key certificate, private key, and the certificate chain can\n\t\t\tbe large, you should use POST rather than GET when calling\n\t\t\t\t<code>UploadServerCertificate</code>. For information about setting up signatures and\n\t\t\tauthorization through the API, go to <a href=\"http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html\">Signing AWS API Requests</a> in the <i>AWS General Reference</i>. For general information\n\t\t\tabout using the Query API with IAM, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html\">Making\n\t\t\t\tQuery Requests</a> in the <i>Using IAM</i> guide.</note>\n\n\t\t<examples>\n\t\t\t<queryrequest>\nhttps://iam.amazonaws.com/\n?Action=UploadServerCertificate\n&ServerCertificateName=ProdServerCert\n&Path=/company/servercerts/\n&CertificateBody=-----BEGIN CERTIFICATE-----\nMIICdzCCAeCgAwIBAgIGANc+Ha2wMA0GCSqGSIb3DQEBBQUAMFMxCzAJBgNVBAYT\nAlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMQwwCgYDVQQLEwNBV1MxITAfBgNVBAMT\nGEFXUyBMaW1pdGVkLUFzc3VyYW5jZSBDQTAeFw0wOTAyMDQxNzE5MjdaFw0xMDAy\nMDQxNzE5MjdaMFIxCzAJBgNVBAYTAlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMRcw\nFQYDVQQLEw5BV1MtRGV2ZWxvcGVyczEVMBMGA1UEAxMMNTdxNDl0c3ZwYjRtMIGf\nMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCpB/vsOwmT/O0td1RqzKjttSBaPjbr\ndqwNe9BrOyB08fw2+Ch5oonZYXfGUrT6mkYXH5fQot9HvASrzAKHO596FdJA6DmL\nywdWe1Oggk7zFSXO1Xv+3vPrJtaYxYo3eRIp7w80PMkiOv6M0XK8ubcTouODeJbf\nsuDqcLnLDxwsvwIDAQABo1cwVTAOBgNVHQ8BAf8EBAMCBaAwFgYDVR0lAQH/BAww\nCgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQULGNaBphBumaKbDRK\nCAi0mH8B3mowDQYJKoZIhvcNAQEFBQADgYEAuKxhkXaCLGcqDuweKtO/AEw9ZePH\nwr0XqsaIK2HZboqruebXEGsojK4Ks0WzwgrEynuHJwTn760xe39rSqXWIOGrOBaX\nwFpWHVjTFMKk+tSDG1lssLHyYWWdFFU4AnejRGORJYNaRHgVTKjHphc5jEhHm0BX\nAEaHzTpmEXAMPLE=\n-----END CERTIFICATE-----\n&PrivateKey=-----BEGIN DSA PRIVATE KEY-----\nMIIBugIBTTKBgQD33xToSXPJ6hr37L3+KNi3/7DgywlBcvlFPPSHIw3ORuO/22mT\n8Cy5fT89WwNvZ3BPKWU6OZ38TQv3eWjNc/3U3+oqVNG2poX5nCPOtO1b96HYX2mR\n3FTdH6FRKbQEhpDzZ6tRrjTHjMX6sT3JRWkBd2c4bGu+HUHO1H7QvrCTeQIVTKMs\nTCKCyrLiGhUWuUGNJUMU6y6zToGTHl84Tz7TPwDGDXuy/Dk5s4jTVr+xibROC/gS\nQrs4Dzz3T1ze6lvU8S1KT9UsOB5FUJNTTPCPey+Lo4mmK6b23XdTyCIT8e2fsm2j\njHHC1pIPiTkdLS3j6ZYjF8LY6TENFng+LDY/xwPOl7TJVoD3J/WXC2J9CEYq9o34\nkq6WWn3CgYTuo54nXUgnoCb3xdG8COFrg+oTbIkHTSzs3w5o/GGgKK7TDF3UlJjq\nvHNyJQ6kWBrQRR1Xp5KYQ4c/Dm5kef+62mH53HpcCELguWVcffuVQpmq3EWL9Zp9\njobTJQ2VHjb5IVxiO6HRSd27di3njyrzUuJCyHSDTqwLJmTThpd6OTIUTL3Tc4m2\n62TITdw53KWJEXAMPLE=\n-----END DSA PRIVATE KEY-----\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<UploadServerCertificateResponse>\n <UploadServerCertificateResult>\n <ServerCertificateMetadata>\n <ServerCertificateName>ProdServerCert</ServerCertificateName>\n <Path>/company/servercerts/</Path>\n <Arn>arn:aws:iam::123456789012:server-certificate/company/servercerts/ProdServerCert</Arn>\n <UploadDate>2010-05-08T01:02:03.004Z</UploadDate>\n <ServerCertificateId>ASCACKCEVSQ6C2EXAMPLE</ServerCertificateId>\n <Expiration>2012-05-08T01:02:03.004Z</Expiration>\n </ServerCertificateMetadata>\n </UploadServerCertificateResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</UploadServerCertificateResponse>\n </queryresponse>\n\t\t</examples>\n\t"
},
"UploadSigningCertificate": {
"name": "UploadSigningCertificate",
"input": {
"shape_name": "UploadSigningCertificateRequest",
"type": "structure",
"members": {
"UserName": {
"shape_name": "existingUserNameType",
"type": "string",
"min_length": 1,
"max_length": 128,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user the signing certificate is for.</p>\n\t"
},
"CertificateBody": {
"shape_name": "certificateBodyType",
"type": "string",
"min_length": 1,
"max_length": 16384,
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"documentation": "\n\t\t<p>The contents of the signing certificate.</p>\n\t",
"required": true
}
},
"documentation": " "
},
"output": {
"shape_name": "UploadSigningCertificateResponse",
"type": "structure",
"members": {
"Certificate": {
"shape_name": "SigningCertificate",
"type": "structure",
"members": {
"UserName": {
"shape_name": "userNameType",
"type": "string",
"min_length": 1,
"max_length": 64,
"pattern": "[\\w+=,.@-]*",
"documentation": "\n\t\t<p>Name of the user the signing certificate is associated with.</p>\n\t",
"required": true
},
"CertificateId": {
"shape_name": "certificateIdType",
"type": "string",
"min_length": 24,
"max_length": 128,
"pattern": "[\\w]*",
"documentation": "\n\t\t<p>The ID for the signing certificate.</p>\n\t",
"required": true
},
"CertificateBody": {
"shape_name": "certificateBodyType",
"type": "string",
"min_length": 1,
"max_length": 16384,
"pattern": "[\\u0009\\u000A\\u000D\\u0020-\\u00FF]+",
"documentation": "\n\t\t<p>The contents of the signing certificate.</p>\n\t",
"required": true
},
"Status": {
"shape_name": "statusType",
"type": "string",
"enum": [
"Active",
"Inactive"
],
"documentation": "\n\t\t<p>The status of the signing certificate. <code>Active</code> means the key is valid for API\n\t\t\tcalls, while <code>Inactive</code> means it is not.</p>\n\t",
"required": true
},
"UploadDate": {
"shape_name": "dateType",
"type": "timestamp",
"documentation": "\n\t\t<p>The date when the signing certificate was uploaded.</p>\n\t"
}
},
"documentation": "\n\t\t<p>Information about the certificate.</p>\n\t",
"required": true
}
},
"documentation": "\n\t\t<p>Contains the result of a successful invocation of the <a>UploadSigningCertificate</a>\n\t\t\taction.</p>\n\t"
},
"errors": [
{
"shape_name": "LimitExceededException",
"type": "structure",
"members": {
"message": {
"shape_name": "limitExceededMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create resources beyond the current AWS\n\t\t\taccount limits. The error message describes the limit exceeded.</p>\n\t"
},
{
"shape_name": "EntityAlreadyExistsException",
"type": "structure",
"members": {
"message": {
"shape_name": "entityAlreadyExistsMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it attempted to create a resource that already exists.</p>\n\t"
},
{
"shape_name": "MalformedCertificateException",
"type": "structure",
"members": {
"message": {
"shape_name": "malformedCertificateMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because the certificate was malformed or expired. The error message\n\t\t\tdescribes the specific error.</p>\n\t"
},
{
"shape_name": "InvalidCertificateException",
"type": "structure",
"members": {
"message": {
"shape_name": "invalidCertificateMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because the certificate is invalid.</p>\n\t"
},
{
"shape_name": "DuplicateCertificateException",
"type": "structure",
"members": {
"message": {
"shape_name": "duplicateCertificateMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because the same certificate is associated to another user under the\n\t\t\taccount.</p>\n\t"
},
{
"shape_name": "NoSuchEntityException",
"type": "structure",
"members": {
"message": {
"shape_name": "noSuchEntityMessage",
"type": "string",
"documentation": null
}
},
"documentation": "\n\t\t<p>The request was rejected because it referenced an entity that does not exist. The error\n\t\t\tmessage describes the entity.</p>\n\t"
}
],
"documentation": "\n\t\t<p>Uploads an X.509 signing certificate and associates it with the specified user. Some AWS\n\t\t\tservices use X.509 signing certificates to validate requests that are signed with a\n\t\t\tcorresponding private key. When you upload the certificate, its default status is\n\t\t\t\t<code>Active</code>.</p>\n\t\t<p>If the <code>UserName</code> field is not specified, the user name is determined implicitly\n\t\t\tbased on the AWS access key ID used to sign the request. Because this action works for access\n\t\t\tkeys under the AWS account, this API can be used to manage root credentials even if the AWS\n\t\t\taccount has no associated users.</p>\n\n\t\t<note>Because the body of a X.509 certificate can be large, you should use POST rather than GET\n\t\t\twhen calling <code>UploadSigningCertificate</code>. For information about setting up\n\t\t\tsignatures and authorization through the API, go to <a href=\"http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html\">Signing AWS API Requests</a> in the <i>AWS General Reference</i>. For general information\n\t\t\tabout using the Query API with IAM, go to <a href=\"http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html\">Making\n\t\t\t\tQuery Requests</a> in the <i>Using IAM</i>guide.</note>\n\t\t<examples>\n\t\t\t<queryrequest>\nPOST / HTTP/1.1\nHost: iam.amazonaws.com\nContent-Type: application/x-www-form-urlencoded\n\nAction=UploadSigningCertificate\n&UserName=Bob\n&CertificateBody=-----BEGIN CERTIFICATE-----\n MIICdzCCAeCgAwIBAgIGANc+Ha2wMA0GCSqGSIb3DQEBBQUAMFMxCzAJBgNVBAYT\n AlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMQwwCgYDVQQLEwNBV1MxITAfBgNVBAMT\n GEFXUyBMaW1pdGVkLUFzc3VyYW5jZSBDQTAeFw0wOTAyMDQxNzE5MjdaFw0xMDAy\n MDQxNzE5MjdaMFIxCzAJBgNVBAYTAlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMRcw\n FQYDVQQLEw5BV1MtRGV2ZWxvcGVyczEVMBMGA1UEAxMMNTdxNDl0c3ZwYjRtMIGf\n MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCpB/vsOwmT/O0td1RqzKjttSBaPjbr\n dqwNe9BrOyB08fw2+Ch5oonZYXfGUrT6mkYXH5fQot9HvASrzAKHO596FdJA6DmL\n ywdWe1Oggk7zFSXO1Xv+3vPrJtaYxYo3eRIp7w80PMkiOv6M0XK8ubcTouODeJbf\n suDqcLnLDxwsvwIDAQABo1cwVTAOBgNVHQ8BAf8EBAMCBaAwFgYDVR0lAQH/BAww\n CgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQULGNaBphBumaKbDRK\n CAi0mH8B3mowDQYJKoZIhvcNAQEFBQADgYEAuKxhkXaCLGcqDuweKtO/AEw9ZePH\n wr0XqsaIK2HZboqruebXEGsojK4Ks0WzwgrEynuHJwTn760xe39rSqXWIOGrOBaX\n wFpWHVjTFMKk+tSDG1lssLHyYWWdFFU4AnejRGORJYNaRHgVTKjHphc5jEhHm0BX\n AEaHzTpmEXAMPLE=\n -----END CERTIFICATE-----\n&Version=2010-05-08\n&AUTHPARAMS\n </queryrequest>\n\t\t\t<queryresponse>\n<UploadSigningCertificateResponse>\n <UploadSigningCertificateResult>\n <Certificate>\n <UserName>Bob</UserName>\n <CertificateId>TA7SMP42TDN5Z26OBPJE7EXAMPLE</CertificateId>\n <CertificateBody>-----BEGIN CERTIFICATE-----\n MIICdzCCAeCgAwIBAgIGANc+Ha2wMA0GCSqGSIb3DQEBBQUAMFMxCzAJBgNVBAYT\n AlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMQwwCgYDVQQLEwNBV1MxITAfBgNVBAMT\n GEFXUyBMaW1pdGVkLUFzc3VyYW5jZSBDQTAeFw0wOTAyMDQxNzE5MjdaFw0xMDAy\n MDQxNzE5MjdaMFIxCzAJBgNVBAYTAlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMRcw\n FQYDVQQLEw5BV1MtRGV2ZWxvcGVyczEVMBMGA1UEAxMMNTdxNDl0c3ZwYjRtMIGf\n MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCpB/vsOwmT/O0td1RqzKjttSBaPjbr\n dqwNe9BrOyB08fw2+Ch5oonZYXfGUrT6mkYXH5fQot9HvASrzAKHO596FdJA6DmL\n ywdWe1Oggk7zFSXO1Xv+3vPrJtaYxYo3eRIp7w80PMkiOv6M0XK8ubcTouODeJbf\n suDqcLnLDxwsvwIDAQABo1cwVTAOBgNVHQ8BAf8EBAMCBaAwFgYDVR0lAQH/BAww\n CgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQULGNaBphBumaKbDRK\n CAi0mH8B3mowDQYJKoZIhvcNAQEFBQADgYEAuKxhkXaCLGcqDuweKtO/AEw9ZePH\n wr0XqsaIK2HZboqruebXEGsojK4Ks0WzwgrEynuHJwTn760xe39rSqXWIOGrOBaX\n wFpWHVjTFMKk+tSDG1lssLHyYWWdFFU4AnejRGORJYNaRHgVTKjHphc5jEhHm0BX\n AEaHzTpmEXAMPLE=\n -----END CERTIFICATE-----</CertificateBody>\n <Status>Active</Status>\n </Certificate>\n </UploadSigningCertificateResult>\n <ResponseMetadata>\n <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>\n </ResponseMetadata>\n</UploadSigningCertificateResponse>\n </queryresponse>\n\t\t</examples>\n\t"
}
},
"pagination": {
"GetGroup": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "Users",
"non_aggregate_keys": [
"Group"
],
"py_input_token": "marker"
},
"ListAccessKeys": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "AccessKeyMetadata",
"py_input_token": "marker"
},
"ListAccountAliases": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "AccountAliases",
"py_input_token": "marker"
},
"ListGroupPolicies": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "PolicyNames",
"py_input_token": "marker"
},
"ListGroups": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "Groups",
"py_input_token": "marker"
},
"ListGroupsForUser": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "Groups",
"py_input_token": "marker"
},
"ListInstanceProfiles": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "InstanceProfiles",
"py_input_token": "marker"
},
"ListInstanceProfilesForRole": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "InstanceProfiles",
"py_input_token": "marker"
},
"ListMFADevices": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "MFADevices",
"py_input_token": "marker"
},
"ListRolePolicies": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "PolicyNames",
"py_input_token": "marker"
},
"ListRoles": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "Roles",
"py_input_token": "marker"
},
"ListServerCertificates": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "ServerCertificateMetadataList",
"py_input_token": "marker"
},
"ListSigningCertificates": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "Certificates",
"py_input_token": "marker"
},
"ListUserPolicies": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "PolicyNames",
"py_input_token": "marker"
},
"ListUsers": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "Users",
"py_input_token": "marker"
},
"ListVirtualMFADevices": {
"input_token": "Marker",
"output_token": "Marker",
"more_results": "IsTruncated",
"limit_key": "MaxItems",
"result_key": "VirtualMFADevices",
"py_input_token": "marker"
}
},
"retry": {
"__default__": {
"max_attempts": 5,
"delay": {
"type": "exponential",
"base": "rand",
"growth_factor": 2
},
"policies": {
"general_socket_errors": {
"applies_when": {
"socket_errors": [
"GENERAL_CONNECTION_ERROR"
]
}
},
"general_server_error": {
"applies_when": {
"response": {
"http_status_code": 500
}
}
},
"service_unavailable": {
"applies_when": {
"response": {
"http_status_code": 503
}
}
},
"limit_exceeded": {
"applies_when": {
"response": {
"http_status_code": 509
}
}
},
"throttling": {
"applies_when": {
"response": {
"service_error_code": "Throttling",
"http_status_code": 400
}
}
}
}
}
}
}
Reference in a new issue View git blame Copy permalink