You are viewing documentation for version 1 of the AWS SDK for Ruby. Version 2 documentation can be found here.

Class: AWS::IAM::Client

Inherits:
Core::QueryClient show all
Defined in:
lib/aws/iam/client.rb

Overview

Client class for AWS Identity and Access Management (IAM).

Direct Known Subclasses

V20100508

Defined Under Namespace

Classes: V20100508

Constant Summary

API_VERSION = 
'2010-05-08'

Instance Attribute Summary

Attributes inherited from Core::Client

#config

Instance Method Summary collapse

Methods inherited from Core::Client

#initialize, #log_warning, #operations, #with_http_handler, #with_options

Constructor Details

This class inherits a constructor from AWS::Core::Client

Instance Method Details

#add_client_id_to_open_id_connect_provider(options = {}) ⇒ Core::Response

Calls the AddClientIDToOpenIDConnectProvider API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :open_id_connect_provider_arn - required - (String) The Amazon Resource Name (ARN) of the IAM OpenID Connect (OIDC) provider to add the client ID to. You can get a list of OIDC provider ARNs by using the ListOpenIDConnectProviders action.
    • :client_id - required - (String) The client ID (also known as audience) to add to the IAM OpenID Connect provider.

Returns:

#add_role_to_instance_profile(options = {}) ⇒ Core::Response

Calls the AddRoleToInstanceProfile API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :instance_profile_name - required - (String) The name of the instance profile to update.
    • :role_name - required - (String) The name of the role to add.

Returns:

#add_user_to_group(options = {}) ⇒ Core::Response

Calls the AddUserToGroup API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :group_name - required - (String) The name of the group to update.
    • :user_name - required - (String) The name of the user to add.

Returns:

#attach_group_policy(options = {}) ⇒ Core::Response

Calls the AttachGroupPolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :group_name - required - (String) The name (friendly name, not ARN) of the group to attach the policy to.
    • :policy_arn - required - (String)

Returns:

#attach_role_policy(options = {}) ⇒ Core::Response

Calls the AttachRolePolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :role_name - required - (String) The name (friendly name, not ARN) of the role to attach the policy to.
    • :policy_arn - required - (String)

Returns:

#attach_user_policy(options = {}) ⇒ Core::Response

Calls the AttachUserPolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - required - (String) The name (friendly name, not ARN) of the user to attach the policy to.
    • :policy_arn - required - (String)

Returns:

#change_password(options = {}) ⇒ Core::Response

Calls the ChangePassword API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :old_password - required - (String) The IAM user's current password.
    • :new_password - required - (String) The new password. The new password must conform to the AWS account's password policy, if one exists.

Returns:

#create_access_key(options = {}) ⇒ Core::Response

Calls the CreateAccessKey API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - (String) The user name that the new key will belong to.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :access_key - (Hash)
      • :user_name - (String)
      • :access_key_id - (String)
      • :status - (String)
      • :secret_access_key - (String)
      • :create_date - (Time)

#create_account_alias(options = {}) ⇒ Core::Response

Calls the CreateAccountAlias API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :account_alias - required - (String) The account alias to create.

Returns:

#create_group(options = {}) ⇒ Core::Response

Calls the CreateGroup API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :path - (String) The path to the group. For more information about paths, see IAM Identifiers in the Using IAM guide. This parameter is optional. If it is not included, it defaults to a slash (/).
    • :group_name - required - (String) The name of the group to create. Do not include the path in this value.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :group - (Hash)
      • :path - (String)
      • :group_name - (String)
      • :group_id - (String)
      • :arn - (String)
      • :create_date - (Time)

#create_instance_profile(options = {}) ⇒ Core::Response

Calls the CreateInstanceProfile API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :instance_profile_name - required - (String) The name of the instance profile to create.
    • :path - (String) The path to the instance profile. For more information about paths, see IAM Identifiers in the Using IAM guide. This parameter is optional. If it is not included, it defaults to a slash (/).

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :instance_profile - (Hash)
      • :path - (String)
      • :instance_profile_name - (String)
      • :instance_profile_id - (String)
      • :arn - (String)
      • :create_date - (Time)
      • :roles - (Array)
        • :path - (String)
        • :role_name - (String)
        • :role_id - (String)
        • :arn - (String)
        • :create_date - (Time)
        • :assume_role_policy_document - (String)

#create_login_profile(options = {}) ⇒ Core::Response

Calls the CreateLoginProfile API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - required - (String) The name of the user to create a password for.
    • :password - required - (String) The new password for the user.
    • :password_reset_required - (Boolean) Specifies whether the user is required to set a new password on next sign-in.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :login_profile - (Hash)
      • :user_name - (String)
      • :create_date - (Time)
      • :password_reset_required - (Boolean)

#create_open_id_connect_provider(options = {}) ⇒ Core::Response

Calls the CreateOpenIDConnectProvider API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :url - required - (String) The URL of the identity provider. The URL must begin with "https://" and should correspond to the iss claim in the provider's OpenID Connect ID tokens. Per the OIDC standard, path components are allowed but query parameters are not. Typically the URL consists of only a host name, like "https://server.example.org" or "https://example.com". You cannot register the same provider multiple times in a single AWS account. If you try to submit a URL that has already been used for an OpenID Connect provider in the AWS account, you will get an error.
    • :client_id_list - (Array<) A list of client IDs (also known as audiences). When a mobile or web app registers with an OpenID Connect provider, they establish a value that identifies the application. (This is the value that's sent as the client_id parameter on OAuth requests.) You can register multiple client IDs with the same provider. For example, you might have multiple applications that use the same OIDC provider. You cannot register more than 100 client IDs with a single IAM OIDC provider. There is no defined format for a client ID. The CreateOpenIDConnectProviderRequest action accepts client IDs up to 255 characters long.
    • :thumbprint_list - required - (Array<) A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificate(s). Typically this list includes only one entry. However, IAM lets you have up to five thumbprints for an OIDC provider. This lets you maintain multiple thumbprints if the identity provider is rotating certificates. The server certificate thumbprint is the hex-encoded SHA-1 hash value of the X.509 certificate used by the domain where the OpenID Connect provider makes its keys available. It is always a 40-character string. You must provide at least one thumbprint when creating an IAM OIDC provider. For example, if the OIDC provider is server.example.com and the provider stores its keys at "https://keys.server.example.com/openid-connect", the thumbprint string would be the hex-encoded SHA-1 hash value of the certificate used by https://keys.server.example.com. For more information about obtaining the OIDC provider's thumbprint, see Obtaining the Thumbprint for an OpenID Connect Provider in the Using IAM guide.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :open_id_connect_provider_arn - (String)

#create_policy(options = {}) ⇒ Core::Response

Calls the CreatePolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :policy_name - required - (String) The name of the policy document.
    • :path - (String) The path for the policy. For more information about paths, see IAM Identifiers in the Using IAM guide. This parameter is optional. If it is not included, it defaults to a slash (/).
    • :policy_document - required - (String) The policy document. The policy must be URL-encoded according to RFC 3986.
    • :description - (String) A friendly description of the policy. Typically used to store information about the permissions defined in the policy. For example, "Grants access to production DynamoDB tables." The policy description is immutable. After a value is assigned, it cannot be changed.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :policy - (Hash)
      • :policy_name - (String)
      • :policy_id - (String)
      • :arn - (String)
      • :path - (String)
      • :default_version_id - (String)
      • :attachment_count - (Integer)
      • :is_attachable - (Boolean)
      • :description - (String)
      • :create_date - (Time)
      • :update_date - (Time)

#create_policy_version(options = {}) ⇒ Core::Response

Calls the CreatePolicyVersion API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :policy_arn - required - (String)
    • :policy_document - required - (String) The policy document. The policy must be URL-encoded according to RFC 3986.
    • :set_as_default - (Boolean) Specifies whether to set this version as the policy's default version. When this parameter is true , the new policy version becomes the operative version; that is, the version that is in effect for the IAM users, groups, and roles that the policy is attached to. For more information about managed policy versions, see Versioning for Managed Policies in the Using IAM guide.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :policy_version - (Hash)
      • :document - (String)
      • :version_id - (String)
      • :is_default_version - (Boolean)
      • :create_date - (Time)

#create_role(options = {}) ⇒ Core::Response

Calls the CreateRole API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :path - (String) The path to the role. For more information about paths, see IAM Identifiers in the Using IAM guide. This parameter is optional. If it is not included, it defaults to a slash (/).
    • :role_name - required - (String) The name of the role to create.
    • :assume_role_policy_document - required - (String) The policy that grants an entity permission to assume the role.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :role - (Hash)
      • :path - (String)
      • :role_name - (String)
      • :role_id - (String)
      • :arn - (String)
      • :create_date - (Time)
      • :assume_role_policy_document - (String)

#create_saml_provider(options = {}) ⇒ Core::Response

Calls the CreateSAMLProvider API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :saml_metadata_document - required - (String) An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP. For more information, see Creating Temporary Security Credentials for SAML Federation in the Using Temporary Security Credentials guide.
    • :name - required - (String) The name of the provider to create.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :saml_provider_arn - (String)

#create_user(options = {}) ⇒ Core::Response

Calls the CreateUser API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :path - (String) The path for the user name. For more information about paths, see IAM Identifiers in the Using IAM guide. This parameter is optional. If it is not included, it defaults to a slash (/).
    • :user_name - required - (String) The name of the user to create.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :user - (Hash)
      • :path - (String)
      • :user_name - (String)
      • :user_id - (String)
      • :arn - (String)
      • :create_date - (Time)
      • :password_last_used - (Time)

#create_virtual_mfa_device(options = {}) ⇒ Core::Response

Calls the CreateVirtualMFADevice API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :path - (String) The path for the virtual MFA device. For more information about paths, see IAM Identifiers in the Using IAM guide. This parameter is optional. If it is not included, it defaults to a slash (/).
    • :virtual_mfa_device_name - required - (String) The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA device.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :virtual_mfa_device - (Hash)
      • :serial_number - (String)
      • :base_32_string_seed - (String)
      • :qr_code_png - (String)
      • :user - (Hash)
        • :path - (String)
        • :user_name - (String)
        • :user_id - (String)
        • :arn - (String)
        • :create_date - (Time)
        • :password_last_used - (Time)
      • :enable_date - (Time)

#deactivate_mfa_device(options = {}) ⇒ Core::Response

Calls the DeactivateMFADevice API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - required - (String) The name of the user whose MFA device you want to deactivate.
    • :serial_number - required - (String) The serial number that uniquely identifies the MFA device. For virtual MFA devices, the serial number is the device ARN.

Returns:

#delete_access_key(options = {}) ⇒ Core::Response

Calls the DeleteAccessKey API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - (String) The name of the user whose key you want to delete.
    • :access_key_id - required - (String) The access key ID for the access key ID and secret access key you want to delete.

Returns:

#delete_account_alias(options = {}) ⇒ Core::Response

Calls the DeleteAccountAlias API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :account_alias - required - (String) The name of the account alias to delete.

Returns:

#delete_account_password_policy(options = {}) ⇒ Core::Response

Calls the DeleteAccountPasswordPolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})

Returns:

#delete_group(options = {}) ⇒ Core::Response

Calls the DeleteGroup API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :group_name - required - (String) The name of the group to delete.

Returns:

#delete_group_policy(options = {}) ⇒ Core::Response

Calls the DeleteGroupPolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :group_name - required - (String) The name (friendly name, not ARN) identifying the group that the policy is embedded in.
    • :policy_name - required - (String) The name identifying the policy document to delete.

Returns:

#delete_instance_profile(options = {}) ⇒ Core::Response

Calls the DeleteInstanceProfile API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :instance_profile_name - required - (String) The name of the instance profile to delete.

Returns:

#delete_login_profile(options = {}) ⇒ Core::Response

Calls the DeleteLoginProfile API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - required - (String) The name of the user whose password you want to delete.

Returns:

#delete_open_id_connect_provider(options = {}) ⇒ Core::Response

Calls the DeleteOpenIDConnectProvider API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :open_id_connect_provider_arn - required - (String) The Amazon Resource Name (ARN) of the IAM OpenID Connect provider to delete. You can get a list of OpenID Connect provider ARNs by using the ListOpenIDConnectProviders action.

Returns:

#delete_policy(options = {}) ⇒ Core::Response

Calls the DeletePolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :policy_arn - required - (String)

Returns:

#delete_policy_version(options = {}) ⇒ Core::Response

Calls the DeletePolicyVersion API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :policy_arn - required - (String)
    • :version_id - required - (String) The policy version to delete. For more information about managed policy versions, see Versioning for Managed Policies in the Using IAM guide.

Returns:

#delete_role(options = {}) ⇒ Core::Response

Calls the DeleteRole API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :role_name - required - (String) The name of the role to delete.

Returns:

#delete_role_policy(options = {}) ⇒ Core::Response

Calls the DeleteRolePolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :role_name - required - (String) The name (friendly name, not ARN) identifying the role that the policy is embedded in.
    • :policy_name - required - (String) The name identifying the policy document to delete.

Returns:

#delete_saml_provider(options = {}) ⇒ Core::Response

Calls the DeleteSAMLProvider API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :saml_provider_arn - required - (String) The Amazon Resource Name (ARN) of the SAML provider to delete.

Returns:

#delete_server_certificate(options = {}) ⇒ Core::Response

Calls the DeleteServerCertificate API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :server_certificate_name - required - (String) The name of the server certificate you want to delete.

Returns:

#delete_signing_certificate(options = {}) ⇒ Core::Response

Calls the DeleteSigningCertificate API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - (String) The name of the user the signing certificate belongs to.
    • :certificate_id - required - (String) The ID of the signing certificate to delete.

Returns:

#delete_user(options = {}) ⇒ Core::Response

Calls the DeleteUser API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - required - (String) The name of the user to delete.

Returns:

#delete_user_policy(options = {}) ⇒ Core::Response

Calls the DeleteUserPolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - required - (String) The name (friendly name, not ARN) identifying the user that the policy is embedded in.
    • :policy_name - required - (String) The name identifying the policy document to delete.

Returns:

#delete_virtual_mfa_device(options = {}) ⇒ Core::Response

Calls the DeleteVirtualMFADevice API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :serial_number - required - (String) The serial number that uniquely identifies the MFA device. For virtual MFA devices, the serial number is the same as the ARN.

Returns:

#detach_group_policy(options = {}) ⇒ Core::Response

Calls the DetachGroupPolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :group_name - required - (String) The name (friendly name, not ARN) of the group to detach the policy from.
    • :policy_arn - required - (String)

Returns:

#detach_role_policy(options = {}) ⇒ Core::Response

Calls the DetachRolePolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :role_name - required - (String) The name (friendly name, not ARN) of the role to detach the policy from.
    • :policy_arn - required - (String)

Returns:

#detach_user_policy(options = {}) ⇒ Core::Response

Calls the DetachUserPolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - required - (String) The name (friendly name, not ARN) of the user to detach the policy from.
    • :policy_arn - required - (String)

Returns:

#enable_mfa_device(options = {}) ⇒ Core::Response

Calls the EnableMFADevice API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - required - (String) The name of the user for whom you want to enable the MFA device.
    • :serial_number - required - (String) The serial number that uniquely identifies the MFA device. For virtual MFA devices, the serial number is the device ARN.
    • :authentication_code_1 - required - (String) An authentication code emitted by the device.
    • :authentication_code_2 - required - (String) A subsequent authentication code emitted by the device.

Returns:

#generate_credential_report(options = {}) ⇒ Core::Response

Calls the GenerateCredentialReport API operation.

Parameters:

  • options (Hash) (defaults to: {})

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :state - (String)
    • :description - (String)

#get_account_authorization_details(options = {}) ⇒ Core::Response

Calls the GetAccountAuthorizationDetails API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :filter - (Array<) A list of entity types (user, group, or role) for filtering the results.
    • :max_items - (Integer) Use this only when paginating results to indicate the maximum number of items you want in the response. If there are additional items beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.
    • :marker - (String) Use this only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :user_detail_list - (Array)
      • :path - (String)
      • :user_name - (String)
      • :user_id - (String)
      • :arn - (String)
      • :create_date - (Time)
      • :user_policy_list - (Array)
        • :policy_name - (String)
        • :policy_document - (String)
      • :group_list - (Array)
    • :group_detail_list - (Array)
      • :path - (String)
      • :group_name - (String)
      • :group_id - (String)
      • :arn - (String)
      • :create_date - (Time)
      • :group_policy_list - (Array)
        • :policy_name - (String)
        • :policy_document - (String)
    • :role_detail_list - (Array)
      • :path - (String)
      • :role_name - (String)
      • :role_id - (String)
      • :arn - (String)
      • :create_date - (Time)
      • :assume_role_policy_document - (String)
      • :instance_profile_list - (Array)
        • :path - (String)
        • :instance_profile_name - (String)
        • :instance_profile_id - (String)
        • :arn - (String)
        • :create_date - (Time)
        • :roles - (Array)
          • :path - (String)
          • :role_name - (String)
          • :role_id - (String)
          • :arn - (String)
          • :create_date - (Time)
          • :assume_role_policy_document - (String)
      • :role_policy_list - (Array)
        • :policy_name - (String)
        • :policy_document - (String)
    • :is_truncated - (Boolean)
    • :marker - (String)

#get_account_password_policy(options = {}) ⇒ Core::Response

Calls the GetAccountPasswordPolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :password_policy - (Hash)
      • :minimum_password_length - (Integer)
      • :require_symbols - (Boolean)
      • :require_numbers - (Boolean)
      • :require_uppercase_characters - (Boolean)
      • :require_lowercase_characters - (Boolean)
      • :allow_users_to_change_password - (Boolean)
      • :expire_passwords - (Boolean)
      • :max_password_age - (Integer)
      • :password_reuse_prevention - (Integer)
      • :hard_expiry - (Boolean)

#get_account_summary(options = {}) ⇒ Core::Response

Calls the GetAccountSummary API operation.

Parameters:

  • options (Hash) (defaults to: {})

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :summary_map - (Hash<String,Integer>)

#get_credential_report(options = {}) ⇒ Core::Response

Calls the GetCredentialReport API operation.

Parameters:

  • options (Hash) (defaults to: {})

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :content - (String)
    • :report_format - (String)
    • :generated_time - (Time)

#get_group(options = {}) ⇒ Core::Response

Calls the GetGroup API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :group_name - required - (String) The name of the group.
    • :marker - (String) Use this only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this only when paginating results to indicate the maximum number of groups you want in the response. If there are additional groups beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :group - (Hash)
      • :path - (String)
      • :group_name - (String)
      • :group_id - (String)
      • :arn - (String)
      • :create_date - (Time)
    • :users - (Array)
      • :path - (String)
      • :user_name - (String)
      • :user_id - (String)
      • :arn - (String)
      • :create_date - (Time)
      • :password_last_used - (Time)
    • :is_truncated - (Boolean)
    • :marker - (String)

#get_group_policy(options = {}) ⇒ Core::Response

Calls the GetGroupPolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :group_name - required - (String) The name of the group the policy is associated with.
    • :policy_name - required - (String) The name of the policy document to get.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :group_name - (String)
    • :policy_name - (String)
    • :policy_document - (String)

#get_instance_profile(options = {}) ⇒ Core::Response

Calls the GetInstanceProfile API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :instance_profile_name - required - (String) The name of the instance profile to get information about.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :instance_profile - (Hash)
      • :path - (String)
      • :instance_profile_name - (String)
      • :instance_profile_id - (String)
      • :arn - (String)
      • :create_date - (Time)
      • :roles - (Array)
        • :path - (String)
        • :role_name - (String)
        • :role_id - (String)
        • :arn - (String)
        • :create_date - (Time)
        • :assume_role_policy_document - (String)

#get_login_profile(options = {}) ⇒ Core::Response

Calls the GetLoginProfile API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - required - (String) The name of the user whose login profile you want to retrieve.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :login_profile - (Hash)
      • :user_name - (String)
      • :create_date - (Time)
      • :password_reset_required - (Boolean)

#get_open_id_connect_provider(options = {}) ⇒ Core::Response

Calls the GetOpenIDConnectProvider API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :open_id_connect_provider_arn - required - (String) The Amazon Resource Name (ARN) of the IAM OpenID Connect (OIDC) provider to get information for. You can get a list of OIDC provider ARNs by using the ListOpenIDConnectProviders action.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :url - (String)
    • :client_id_list - (Array)
    • :thumbprint_list - (Array)
    • :create_date - (Time)

#get_policy(options = {}) ⇒ Core::Response

Calls the GetPolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :policy_arn - required - (String)

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :policy - (Hash)
      • :policy_name - (String)
      • :policy_id - (String)
      • :arn - (String)
      • :path - (String)
      • :default_version_id - (String)
      • :attachment_count - (Integer)
      • :is_attachable - (Boolean)
      • :description - (String)
      • :create_date - (Time)
      • :update_date - (Time)

#get_policy_version(options = {}) ⇒ Core::Response

Calls the GetPolicyVersion API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :policy_arn - required - (String)
    • :version_id - required - (String) Identifies the policy version to retrieve.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :policy_version - (Hash)
      • :document - (String)
      • :version_id - (String)
      • :is_default_version - (Boolean)
      • :create_date - (Time)

#get_role(options = {}) ⇒ Core::Response

Calls the GetRole API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :role_name - required - (String) The name of the role to get information about.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :role - (Hash)
      • :path - (String)
      • :role_name - (String)
      • :role_id - (String)
      • :arn - (String)
      • :create_date - (Time)
      • :assume_role_policy_document - (String)

#get_role_policy(options = {}) ⇒ Core::Response

Calls the GetRolePolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :role_name - required - (String) The name of the role associated with the policy.
    • :policy_name - required - (String) The name of the policy document to get.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :role_name - (String)
    • :policy_name - (String)
    • :policy_document - (String)

#get_saml_provider(options = {}) ⇒ Core::Response

Calls the GetSAMLProvider API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :saml_provider_arn - required - (String) The Amazon Resource Name (ARN) of the SAML provider to get information about.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :saml_metadata_document - (String)
    • :create_date - (Time)
    • :valid_until - (Time)

#get_server_certificate(options = {}) ⇒ Core::Response

Calls the GetServerCertificate API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :server_certificate_name - required - (String) The name of the server certificate you want to retrieve information about.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :server_certificate - (Hash)
      • :server_certificate_metadata - (Hash)
        • :path - (String)
        • :server_certificate_name - (String)
        • :server_certificate_id - (String)
        • :arn - (String)
        • :upload_date - (Time)
        • :expiration - (Time)
      • :certificate_body - (String)
      • :certificate_chain - (String)

#get_user(options = {}) ⇒ Core::Response

Calls the GetUser API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - (String) The name of the user to get information about. This parameter is optional. If it is not included, it defaults to the user making the request.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :user - (Hash)
      • :path - (String)
      • :user_name - (String)
      • :user_id - (String)
      • :arn - (String)
      • :create_date - (Time)
      • :password_last_used - (Time)

#get_user_policy(options = {}) ⇒ Core::Response

Calls the GetUserPolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - required - (String) The name of the user who the policy is associated with.
    • :policy_name - required - (String) The name of the policy document to get.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :user_name - (String)
    • :policy_name - (String)
    • :policy_document - (String)

#list_access_keys(options = {}) ⇒ Core::Response

Calls the ListAccessKeys API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - (String) The name of the user.
    • :marker - (String) Use this parameter only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this parameter only when paginating results to indicate the maximum number of keys you want in the response. If there are additional keys beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :access_key_metadata - (Array)
      • :user_name - (String)
      • :access_key_id - (String)
      • :status - (String)
      • :create_date - (Time)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_account_aliases(options = {}) ⇒ Core::Response

Calls the ListAccountAliases API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :marker - (String) Use this only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this only when paginating results to indicate the maximum number of account aliases you want in the response. If there are additional account aliases beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :account_aliases - (Array)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_attached_group_policies(options = {}) ⇒ Core::Response

Calls the ListAttachedGroupPolicies API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :group_name - required - (String) The name (friendly name, not ARN) of the group to list attached policies for.
    • :path_prefix - (String) The path prefix for filtering the results. This parameter is optional. If it is not included, it defaults to a slash (/), listing all policies.
    • :marker - (String) Use this only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this only when paginating results to indicate the maximum number of policies you want in the response. If there are additional policies beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :attached_policies - (Array)
      • :policy_name - (String)
      • :policy_arn - (String)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_attached_role_policies(options = {}) ⇒ Core::Response

Calls the ListAttachedRolePolicies API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :role_name - required - (String) The name (friendly name, not ARN) of the role to list attached policies for.
    • :path_prefix - (String) The path prefix for filtering the results. This parameter is optional. If it is not included, it defaults to a slash (/), listing all policies.
    • :marker - (String) Use this only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this only when paginating results to indicate the maximum number of policies you want in the response. If there are additional policies beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :attached_policies - (Array)
      • :policy_name - (String)
      • :policy_arn - (String)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_attached_user_policies(options = {}) ⇒ Core::Response

Calls the ListAttachedUserPolicies API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - required - (String) The name (friendly name, not ARN) of the user to list attached policies for.
    • :path_prefix - (String) The path prefix for filtering the results. This parameter is optional. If it is not included, it defaults to a slash (/), listing all policies.
    • :marker - (String) Use this only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this only when paginating results to indicate the maximum number of policies you want in the response. If there are additional policies beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :attached_policies - (Array)
      • :policy_name - (String)
      • :policy_arn - (String)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_entities_for_policy(options = {}) ⇒ Core::Response

Calls the ListEntitiesForPolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :policy_arn - required - (String)
    • :entity_filter - (String) The entity type to use for filtering the results. For example, when EntityFilter is Role, only the roles that are attached to the specified policy are returned. This parameter is optional. If it is not included, all attached entities (users, groups, and roles) are returned. Valid values include:
      • User
      • Role
      • Group
    • :path_prefix - (String) The path prefix for filtering the results. This parameter is optional. If it is not included, it defaults to a slash (/), listing all entities.
    • :marker - (String) Use this only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this only when paginating results to indicate the maximum number of entities you want in the response. If there are additional entities beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :policy_groups - (Array)
      • :group_name - (String)
    • :policy_users - (Array)
      • :user_name - (String)
    • :policy_roles - (Array)
      • :role_name - (String)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_group_policies(options = {}) ⇒ Core::Response

Calls the ListGroupPolicies API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :group_name - required - (String) The name of the group to list policies for.
    • :marker - (String) Use this only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this only when paginating results to indicate the maximum number of policy names you want in the response. If there are additional policy names beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :policy_names - (Array)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_groups(options = {}) ⇒ Core::Response

Calls the ListGroups API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :path_prefix - (String) The path prefix for filtering the results. For example, the prefix /division_abc/subdivision_xyz/ gets all groups whose path starts with /division_abc/subdivision_xyz/. This parameter is optional. If it is not included, it defaults to a slash (/), listing all groups.
    • :marker - (String) Use this only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this only when paginating results to indicate the maximum number of groups you want in the response. If there are additional groups beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :groups - (Array)
      • :path - (String)
      • :group_name - (String)
      • :group_id - (String)
      • :arn - (String)
      • :create_date - (Time)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_groups_for_user(options = {}) ⇒ Core::Response

Calls the ListGroupsForUser API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - required - (String) The name of the user to list groups for.
    • :marker - (String) Use this only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this only when paginating results to indicate the maximum number of groups you want in the response. If there are additional groups beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :groups - (Array)
      • :path - (String)
      • :group_name - (String)
      • :group_id - (String)
      • :arn - (String)
      • :create_date - (Time)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_instance_profiles(options = {}) ⇒ Core::Response

Calls the ListInstanceProfiles API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :path_prefix - (String) The path prefix for filtering the results. For example, the prefix /application_abc/component_xyz/ gets all instance profiles whose path starts with /application_abc/component_xyz/. This parameter is optional. If it is not included, it defaults to a slash (/), listing all instance profiles.
    • :marker - (String) Use this parameter only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this parameter only when paginating results to indicate the maximum number of instance profiles you want in the response. If there are additional instance profiles beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :instance_profiles - (Array)
      • :path - (String)
      • :instance_profile_name - (String)
      • :instance_profile_id - (String)
      • :arn - (String)
      • :create_date - (Time)
      • :roles - (Array)
        • :path - (String)
        • :role_name - (String)
        • :role_id - (String)
        • :arn - (String)
        • :create_date - (Time)
        • :assume_role_policy_document - (String)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_instance_profiles_for_role(options = {}) ⇒ Core::Response

Calls the ListInstanceProfilesForRole API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :role_name - required - (String) The name of the role to list instance profiles for.
    • :marker - (String) Use this parameter only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this parameter only when paginating results to indicate the maximum number of instance profiles you want in the response. If there are additional instance profiles beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :instance_profiles - (Array)
      • :path - (String)
      • :instance_profile_name - (String)
      • :instance_profile_id - (String)
      • :arn - (String)
      • :create_date - (Time)
      • :roles - (Array)
        • :path - (String)
        • :role_name - (String)
        • :role_id - (String)
        • :arn - (String)
        • :create_date - (Time)
        • :assume_role_policy_document - (String)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_mfa_devices(options = {}) ⇒ Core::Response

Calls the ListMFADevices API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - (String) The name of the user whose MFA devices you want to list.
    • :marker - (String) Use this only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this only when paginating results to indicate the maximum number of MFA devices you want in the response. If there are additional MFA devices beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :mfa_devices - (Array)
      • :user_name - (String)
      • :serial_number - (String)
      • :enable_date - (Time)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_open_id_connect_providers(options = {}) ⇒ Core::Response

Calls the ListOpenIDConnectProviders API operation.

Parameters:

  • options (Hash) (defaults to: {})

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :open_id_connect_provider_list - (Array)
      • :arn - (String)

#list_policies(options = {}) ⇒ Core::Response

Calls the ListPolicies API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :scope - (String) The scope to use for filtering the results. To list only AWS managed policies, set Scope to AWS. To list only the customer managed policies in your AWS account, set Scope to Local. This parameter is optional. If it is not included, or if it is set to All, all policies are returned. Valid values include:
      • All
      • AWS
      • Local
    • :only_attached - (Boolean) A flag to filter the results to only the attached policies. When OnlyAttached is true , the returned list contains only the policies that are attached to a user, group, or role. When OnlyAttached is false , or when the parameter is not included, all policies are returned.
    • :path_prefix - (String) The path prefix for filtering the results. This parameter is optional. If it is not included, it defaults to a slash (/), listing all policies.
    • :marker - (String) Use this parameter only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this parameter only when paginating results to indicate the maximum number of policies you want in the response. If there are additional policies beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :policies - (Array)
      • :policy_name - (String)
      • :policy_id - (String)
      • :arn - (String)
      • :path - (String)
      • :default_version_id - (String)
      • :attachment_count - (Integer)
      • :is_attachable - (Boolean)
      • :description - (String)
      • :create_date - (Time)
      • :update_date - (Time)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_policy_versions(options = {}) ⇒ Core::Response

Calls the ListPolicyVersions API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :policy_arn - required - (String)
    • :marker - (String) Use this parameter only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this parameter only when paginating results to indicate the maximum number of policy versions you want in the response. If there are additional policy versions beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :versions - (Array)
      • :document - (String)
      • :version_id - (String)
      • :is_default_version - (Boolean)
      • :create_date - (Time)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_role_policies(options = {}) ⇒ Core::Response

Calls the ListRolePolicies API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :role_name - required - (String) The name of the role to list policies for.
    • :marker - (String) Use this parameter only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this parameter only when paginating results to indicate the maximum number of role policies you want in the response. If there are additional role policies beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :policy_names - (Array)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_roles(options = {}) ⇒ Core::Response

Calls the ListRoles API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :path_prefix - (String) The path prefix for filtering the results. For example, the prefix /application_abc/component_xyz/ gets all roles whose path starts with /application_abc/component_xyz/. This parameter is optional. If it is not included, it defaults to a slash (/), listing all roles.
    • :marker - (String) Use this parameter only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this parameter only when paginating results to indicate the maximum number of roles you want in the response. If there are additional roles beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :roles - (Array)
      • :path - (String)
      • :role_name - (String)
      • :role_id - (String)
      • :arn - (String)
      • :create_date - (Time)
      • :assume_role_policy_document - (String)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_saml_providers(options = {}) ⇒ Core::Response

Calls the ListSAMLProviders API operation.

Parameters:

  • options (Hash) (defaults to: {})

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :saml_provider_list - (Array)
      • :arn - (String)
      • :valid_until - (Time)
      • :create_date - (Time)

#list_server_certificates(options = {}) ⇒ Core::Response

Calls the ListServerCertificates API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :path_prefix - (String) The path prefix for filtering the results. For example: /company/servercerts would get all server certificates for which the path starts with /company/servercerts. This parameter is optional. If it is not included, it defaults to a slash (/), listing all server certificates.
    • :marker - (String) Use this only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this only when paginating results to indicate the maximum number of server certificates you want in the response. If there are additional server certificates beyond the maximum you specify, the IsTruncated response element will be set to true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :server_certificate_metadata_list - (Array)
      • :path - (String)
      • :server_certificate_name - (String)
      • :server_certificate_id - (String)
      • :arn - (String)
      • :upload_date - (Time)
      • :expiration - (Time)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_signing_certificates(options = {}) ⇒ Core::Response

Calls the ListSigningCertificates API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - (String) The name of the user.
    • :marker - (String) Use this only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this only when paginating results to indicate the maximum number of certificate IDs you want in the response. If there are additional certificate IDs beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :certificates - (Array)
      • :user_name - (String)
      • :certificate_id - (String)
      • :certificate_body - (String)
      • :status - (String)
      • :upload_date - (Time)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_user_policies(options = {}) ⇒ Core::Response

Calls the ListUserPolicies API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - required - (String) The name of the user to list policies for.
    • :marker - (String) Use this only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this only when paginating results to indicate the maximum number of policy names you want in the response. If there are additional policy names beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :policy_names - (Array)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_users(options = {}) ⇒ Core::Response

Calls the ListUsers API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :path_prefix - (String) The path prefix for filtering the results. For example: /division_abc/subdivision_xyz/, which would get all user names whose path starts with /division_abc/subdivision_xyz/. This parameter is optional. If it is not included, it defaults to a slash (/), listing all user names.
    • :marker - (String) Use this parameter only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this parameter only when paginating results to indicate the maximum number of user names you want in the response. If there are additional user names beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :users - (Array)
      • :path - (String)
      • :user_name - (String)
      • :user_id - (String)
      • :arn - (String)
      • :create_date - (Time)
      • :password_last_used - (Time)
    • :is_truncated - (Boolean)
    • :marker - (String)

#list_virtual_mfa_devices(options = {}) ⇒ Core::Response

Calls the ListVirtualMFADevices API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :assignment_status - (String) The status (unassigned or assigned) of the devices to list. If you do not specify an AssignmentStatus, the action defaults to Any which lists both assigned and unassigned virtual MFA devices. Valid values include:
      • Assigned
      • Unassigned
      • Any
    • :marker - (String) Use this parameter only when paginating results, and only in a subsequent request after you've received a response where the results are truncated. Set it to the value of the Marker element in the response you just received.
    • :max_items - (Integer) Use this parameter only when paginating results to indicate the maximum number of MFA devices you want in the response. If there are additional MFA devices beyond the maximum you specify, the IsTruncated response element is true . This parameter is optional. If you do not include it, it defaults to 100.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :virtual_mfa_devices - (Array)
      • :serial_number - (String)
      • :base_32_string_seed - (String)
      • :qr_code_png - (String)
      • :user - (Hash)
        • :path - (String)
        • :user_name - (String)
        • :user_id - (String)
        • :arn - (String)
        • :create_date - (Time)
        • :password_last_used - (Time)
      • :enable_date - (Time)
    • :is_truncated - (Boolean)
    • :marker - (String)

#put_group_policy(options = {}) ⇒ Core::Response

Calls the PutGroupPolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :group_name - required - (String) The name of the group to associate the policy with.
    • :policy_name - required - (String) The name of the policy document.
    • :policy_document - required - (String) The policy document.

Returns:

#put_role_policy(options = {}) ⇒ Core::Response

Calls the PutRolePolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :role_name - required - (String) The name of the role to associate the policy with.
    • :policy_name - required - (String) The name of the policy document.
    • :policy_document - required - (String) The policy document.

Returns:

#put_user_policy(options = {}) ⇒ Core::Response

Calls the PutUserPolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - required - (String) The name of the user to associate the policy with.
    • :policy_name - required - (String) The name of the policy document.
    • :policy_document - required - (String) The policy document.

Returns:

#remove_client_id_from_open_id_connect_provider(options = {}) ⇒ Core::Response

Calls the RemoveClientIDFromOpenIDConnectProvider API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :open_id_connect_provider_arn - required - (String) The Amazon Resource Name (ARN) of the IAM OpenID Connect (OIDC) provider to remove the client ID from. You can get a list of OIDC provider ARNs by using the ListOpenIDConnectProviders action.
    • :client_id - required - (String) The client ID (also known as audience) to remove from the IAM OpenID Connect provider. For more information about client IDs, see CreateOpenIDConnectProvider.

Returns:

#remove_role_from_instance_profile(options = {}) ⇒ Core::Response

Calls the RemoveRoleFromInstanceProfile API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :instance_profile_name - required - (String) The name of the instance profile to update.
    • :role_name - required - (String) The name of the role to remove.

Returns:

#remove_user_from_group(options = {}) ⇒ Core::Response

Calls the RemoveUserFromGroup API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :group_name - required - (String) The name of the group to update.
    • :user_name - required - (String) The name of the user to remove.

Returns:

#resync_mfa_device(options = {}) ⇒ Core::Response

Calls the ResyncMFADevice API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - required - (String) The name of the user whose MFA device you want to resynchronize.
    • :serial_number - required - (String) Serial number that uniquely identifies the MFA device.
    • :authentication_code_1 - required - (String) An authentication code emitted by the device.
    • :authentication_code_2 - required - (String) A subsequent authentication code emitted by the device.

Returns:

#set_default_policy_version(options = {}) ⇒ Core::Response

Calls the SetDefaultPolicyVersion API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :policy_arn - required - (String)
    • :version_id - required - (String) The version of the policy to set as the default (operative) version. For more information about managed policy versions, see Versioning for Managed Policies in the Using IAM guide.

Returns:

#update_access_key(options = {}) ⇒ Core::Response

Calls the UpdateAccessKey API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - (String) The name of the user whose key you want to update.
    • :access_key_id - required - (String) The access key ID of the secret access key you want to update.
    • :status - required - (String) The status you want to assign to the secret access key. Active means the key can be used for API calls to AWS, while Inactive means the key cannot be used. Valid values include:
      • Active
      • Inactive

Returns:

#update_account_password_policy(options = {}) ⇒ Core::Response

Calls the UpdateAccountPasswordPolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :minimum_password_length - (Integer) The minimum number of characters allowed in an IAM user password. Default value: 6
    • :require_symbols - (Boolean) Specifies whether IAM user passwords must contain at least one of the following non-alphanumeric characters: ! @ # $ % ^ & * ( ) _ + - = [ ] { } | ' Default value: false
    • :require_numbers - (Boolean) Specifies whether IAM user passwords must contain at least one numeric character (0 to 9). Default value: false
    • :require_uppercase_characters - (Boolean) Specifies whether IAM user passwords must contain at least one uppercase character from the ISO basic Latin alphabet (A to Z). Default value: false
    • :require_lowercase_characters - (Boolean) Specifies whether IAM user passwords must contain at least one lowercase character from the ISO basic Latin alphabet (a to z). Default value: false
    • :allow_users_to_change_password - (Boolean) Allows all IAM users in your account to use the AWS Management Console to change their own passwords. For more information, see Letting IAM Users Change Their Own Passwords in the Using IAM guide. Default value: false
    • :max_password_age - (Integer) The number of days that an IAM user password is valid. The default value of 0 means IAM user passwords never expire. Default value: 0
    • :password_reuse_prevention - (Integer) Specifies the number of previous passwords that IAM users are prevented from reusing. The default value of 0 means IAM users are not prevented from reusing previous passwords. Default value: 0
    • :hard_expiry - (Boolean) Prevents IAM users from setting a new password after their password has expired. Default value: false

Returns:

#update_assume_role_policy(options = {}) ⇒ Core::Response

Calls the UpdateAssumeRolePolicy API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :role_name - required - (String) The name of the role to update.
    • :policy_document - required - (String) The policy that grants an entity permission to assume the role.

Returns:

#update_group(options = {}) ⇒ Core::Response

Calls the UpdateGroup API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :group_name - required - (String) Name of the group to update. If you're changing the name of the group, this is the original name.
    • :new_path - (String) New path for the group. Only include this if changing the group's path.
    • :new_group_name - (String) New name for the group. Only include this if changing the group's name.

Returns:

#update_login_profile(options = {}) ⇒ Core::Response

Calls the UpdateLoginProfile API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - required - (String) The name of the user whose password you want to update.
    • :password - (String) The new password for the specified user.
    • :password_reset_required - (Boolean) Require the specified user to set a new password on next sign-in.

Returns:

#update_open_id_connect_provider_thumbprint(options = {}) ⇒ Core::Response

Calls the UpdateOpenIDConnectProviderThumbprint API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :open_id_connect_provider_arn - required - (String) The Amazon Resource Name (ARN) of the IAM OpenID Connect (OIDC) provider to update the thumbprint for. You can get a list of OIDC provider ARNs by using the ListOpenIDConnectProviders action.
    • :thumbprint_list - required - (Array<) A list of certificate thumbprints that are associated with the specified IAM OpenID Connect provider. For more information, see CreateOpenIDConnectProvider.

Returns:

#update_saml_provider(options = {}) ⇒ Core::Response

Calls the UpdateSAMLProvider API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :saml_metadata_document - required - (String) An XML document generated by an identity provider (IdP) that supports SAML 2.0. The document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that are received from the IdP. You must generate the metadata document using the identity management software that is used as your organization's IdP.
    • :saml_provider_arn - required - (String) The Amazon Resource Name (ARN) of the SAML provider to update.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :saml_provider_arn - (String)

#update_server_certificate(options = {}) ⇒ Core::Response

Calls the UpdateServerCertificate API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :server_certificate_name - required - (String) The name of the server certificate that you want to update.
    • :new_path - (String) The new path for the server certificate. Include this only if you are updating the server certificate's path.
    • :new_server_certificate_name - (String) The new name for the server certificate. Include this only if you are updating the server certificate's name.

Returns:

#update_signing_certificate(options = {}) ⇒ Core::Response

Calls the UpdateSigningCertificate API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - (String) The name of the user the signing certificate belongs to.
    • :certificate_id - required - (String) The ID of the signing certificate you want to update.
    • :status - required - (String) The status you want to assign to the certificate. Active means the certificate can be used for API calls to AWS, while Inactive means the certificate cannot be used. Valid values include:
      • Active
      • Inactive

Returns:

#update_user(options = {}) ⇒ Core::Response

Calls the UpdateUser API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - required - (String) Name of the user to update. If you're changing the name of the user, this is the original user name.
    • :new_path - (String) New path for the user. Include this parameter only if you're changing the user's path.
    • :new_user_name - (String) New name for the user. Include this parameter only if you're changing the user's name.

Returns:

#upload_server_certificate(options = {}) ⇒ Core::Response

Calls the UploadServerCertificate API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :path - (String) The path for the server certificate. For more information about paths, see IAM Identifiers in the Using IAM guide. This parameter is optional. If it is not included, it defaults to a slash (/). If you are uploading a server certificate specifically for use with Amazon CloudFront distributions, you must specify a path using the --path option. The path must begin with /cloudfront and must include a trailing slash (for example, /cloudfront/test/).
    • :server_certificate_name - required - (String) The name for the server certificate. Do not include the path in this value.
    • :certificate_body - required - (String) The contents of the public key certificate in PEM-encoded format.
    • :private_key - required - (String) The contents of the private key in PEM-encoded format.
    • :certificate_chain - (String) The contents of the certificate chain. This is typically a concatenation of the PEM-encoded public key certificates of the chain.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :server_certificate_metadata - (Hash)
      • :path - (String)
      • :server_certificate_name - (String)
      • :server_certificate_id - (String)
      • :arn - (String)
      • :upload_date - (Time)
      • :expiration - (Time)

#upload_signing_certificate(options = {}) ⇒ Core::Response

Calls the UploadSigningCertificate API operation.

Parameters:

  • options (Hash) (defaults to: {})
    • :user_name - (String) The name of the user the signing certificate is for.
    • :certificate_body - required - (String) The contents of the signing certificate.

Returns:

  • (Core::Response)

    The #data method of the response object returns a hash with the following structure:

    • :certificate - (Hash)
      • :user_name - (String)
      • :certificate_id - (String)
      • :certificate_body - (String)
      • :status - (String)
      • :upload_date - (Time)