lib/aws-sdk-iam/client.rb in aws-sdk-iam-1.60.0 vs lib/aws-sdk-iam/client.rb in aws-sdk-iam-1.61.0

- old
+ new

@@ -712,13 +712,13 @@ req.send_request(options) end # Changes the password of the IAM user who is calling this operation. # This operation can be performed using the CLI, the Amazon Web Services - # API, or the **My Security Credentials** page in the Management - # Console. The account root user password is not affected by this - # operation. + # API, or the **My Security Credentials** page in the Amazon Web + # Services Management Console. The Amazon Web Services account root user + # password is not affected by this operation. # # Use UpdateLoginProfile to use the CLI, the Amazon Web Services API, or # the **Users** page in the IAM console to change the password for any # IAM user. For more information about modifying passwords, see # [Managing passwords][1] in the *IAM User Guide*. @@ -729,21 +729,22 @@ # # @option params [required, String] :old_password # The IAM user's current password. # # @option params [required, String] :new_password - # The new password. The new password must conform to the account's - # password policy, if one exists. + # The new password. The new password must conform to the Amazon Web + # Services account's password policy, if one exists. # # The [regex pattern][1] that is used to validate this parameter is a # string of characters. That string can include almost any printable # ASCII character from the space (`\u0020`) through the end of the ASCII # character range (`\u00FF`). You can also include the tab (`\u0009`), # line feed (`\u000A`), and carriage return (`\u000D`) characters. Any # of these characters are valid in a password. However, many tools, such - # as the Management Console, might restrict the ability to type certain - # characters because they have special meaning within that tool. + # as the Amazon Web Services Management Console, might restrict the + # ability to type certain characters because they have special meaning + # within that tool. # # # # [1]: http://wikipedia.org/wiki/regex # @@ -779,22 +780,23 @@ # Amazon Web Services access key ID for the specified user. The default # status for new keys is `Active`. # # If you do not specify a user name, IAM determines the user name # implicitly based on the Amazon Web Services access key ID signing the - # request. This operation works for access keys under the account. - # Consequently, you can use this operation to manage account root user - # credentials. This is true even if the account has no associated users. + # request. This operation works for access keys under the Amazon Web + # Services account. Consequently, you can use this operation to manage + # Amazon Web Services account root user credentials. This is true even + # if the Amazon Web Services account has no associated users. # # For information about quotas on the number of keys you can create, see # [IAM and STS quotas][1] in the *IAM User Guide*. # - # To ensure the security of your account, the secret access key is - # accessible only during key and user creation. You must save the key - # (for example, in a text file) if you want to be able to access it - # again. If a secret key is lost, you can delete the access keys for the - # associated user and then create new keys. + # To ensure the security of your Amazon Web Services account, the secret + # access key is accessible only during key and user creation. You must + # save the key (for example, in a text file) if you want to be able to + # access it again. If a secret key is lost, you can delete the access + # keys for the associated user and then create new keys. # # # # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html # @@ -855,13 +857,13 @@ def create_access_key(params = {}, options = {}) req = build_request(:create_access_key, params) req.send_request(options) end - # Creates an alias for your account. For information about using an - # account alias, see [Using an alias for your account ID][1] in the *IAM - # User Guide*. + # Creates an alias for your Amazon Web Services account. For information + # about using an Amazon Web Services account alias, see [Using an alias + # for your Amazon Web Services account ID][1] in the *IAM User Guide*. # # # # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html # @@ -1123,17 +1125,18 @@ req = build_request(:create_instance_profile, params) req.send_request(options) end # Creates a password for the specified IAM user. A password allows an - # IAM user to access Amazon Web Services services through the Management - # Console. + # IAM user to access Amazon Web Services services through the Amazon Web + # Services Management Console. # # You can use the CLI, the Amazon Web Services API, or the **Users** # page in the IAM console to create a password for any IAM user. Use # ChangePassword to update your own existing password in the **My - # Security Credentials** page in the Management Console. + # Security Credentials** page in the Amazon Web Services Management + # Console. # # For more information about managing passwords, see [Managing # passwords][1] in the *IAM User Guide*. # # @@ -1160,12 +1163,13 @@ # string of characters. That string can include almost any printable # ASCII character from the space (`\u0020`) through the end of the ASCII # character range (`\u00FF`). You can also include the tab (`\u0009`), # line feed (`\u000A`), and carriage return (`\u000D`) characters. Any # of these characters are valid in a password. However, many tools, such - # as the Management Console, might restrict the ability to type certain - # characters because they have special meaning within that tool. + # as the Amazon Web Services Management Console, might restrict the + # ability to type certain characters because they have special meaning + # within that tool. # # # # [1]: http://wikipedia.org/wiki/regex # @@ -1245,12 +1249,12 @@ # provider # # * A list of thumbprints of one or more server certificates that the # IdP uses # - # You get all of this information from the OIDC IdP that you want to use - # to access Amazon Web Services. + # You get all of this information from the OIDC IdP you want to use to + # access Amazon Web Services. # # <note markdown="1"> Amazon Web Services secures communication with some OIDC identity # providers (IdPs) through our library of trusted certificate # authorities (CAs) instead of using a certificate thumbprint to verify # your IdP server certificate. These OIDC IdPs include Google, and those @@ -1275,20 +1279,22 @@ # The URL of the identity provider. The URL must begin with `https://` # and should correspond to the `iss` claim in the provider's OpenID # Connect ID tokens. Per the OIDC standard, path components are allowed # but query parameters are not. Typically the URL consists of only a # hostname, like `https://server.example.org` or `https://example.com`. + # The URL should not contain a port number. # # You cannot register the same provider multiple times in a single - # account. If you try to submit a URL that has already been used for an - # OpenID Connect provider in the account, you will get an error. + # Amazon Web Services account. If you try to submit a URL that has + # already been used for an OpenID Connect provider in the Amazon Web + # Services account, you will get an error. # # @option params [Array<String>] :client_id_list - # A list of client IDs (also known as audiences). When a mobile or web - # app registers with an OpenID Connect provider, they establish a value - # that identifies the application. (This is the value that's sent as - # the `client_id` parameter on OAuth requests.) + # Provides a list of client IDs, also known as audiences. When a mobile + # or web app registers with an OpenID Connect provider, they establish a + # value that identifies the application. This is the value that's sent + # as the `client_id` parameter on OAuth requests. # # You can register multiple client IDs with the same provider. For # example, you might have multiple applications that use the same OIDC # provider. You cannot register more than 100 client IDs with a single # IAM OIDC provider. @@ -1311,15 +1317,15 @@ # You must provide at least one thumbprint when creating an IAM OIDC # provider. For example, assume that the OIDC provider is # `server.example.com` and the provider stores its keys at # https://keys.server.example.com/openid-connect. In that case, the # thumbprint string would be the hex-encoded SHA-1 hash value of the - # certificate used by https://keys.server.example.com. + # certificate used by `https://keys.server.example.com.` # - # For more information about obtaining the OIDC provider's thumbprint, - # see [Obtaining the thumbprint for an OpenID Connect provider][1] in - # the *IAM User Guide*. + # For more information about obtaining the OIDC provider thumbprint, see + # [Obtaining the thumbprint for an OpenID Connect provider][1] in the + # *IAM User Guide*. # # # # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html # @@ -1393,11 +1399,11 @@ def create_open_id_connect_provider(params = {}, options = {}) req = build_request(:create_open_id_connect_provider, params) req.send_request(options) end - # Creates a new managed policy for your account. + # Creates a new managed policy for your Amazon Web Services account. # # This operation creates a policy version with a version identifier of # `v1` and sets v1 as the policy's default version. For more # information about policy versions, see [Versioning for managed # policies][1] in the *IAM User Guide*. @@ -1435,12 +1441,16 @@ # string that must begin and end with forward slashes. In addition, it # can contain any ASCII character from the ! (`\u0021`) through the DEL # character (`\u007F`), including most punctuation characters, digits, # and upper and lowercased letters. # + # <note markdown="1"> You cannot use an asterisk (*) in the path name. # + # </note> # + # + # # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html # [2]: http://wikipedia.org/wiki/regex # # @option params [required, String] :policy_document # The JSON policy document that you want to use as the content for the @@ -1648,14 +1658,14 @@ def create_policy_version(params = {}, options = {}) req = build_request(:create_policy_version, params) req.send_request(options) end - # Creates a new role for your account. For more information about roles, - # see [IAM roles][1]. For information about quotas for role names and - # the number of roles you can create, see [IAM and STS quotas][2] in the - # *IAM User Guide*. + # Creates a new role for your Amazon Web Services account. For more + # information about roles, see [IAM roles][1]. For information about + # quotas for role names and the number of roles you can create, see [IAM + # and STS quotas][2] in the *IAM User Guide*. # # # # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html # [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html @@ -1834,12 +1844,12 @@ # # The SAML provider resource that you create with this operation can be # used as a principal in an IAM role's trust policy. Such a policy can # enable federated users who sign in using the SAML IdP to assume the # role. You can create an IAM role that supports Web-based single - # sign-on (SSO) to the Management Console or one that supports API - # access to Amazon Web Services. + # sign-on (SSO) to the Amazon Web Services Management Console or one + # that supports API access to Amazon Web Services. # # When you create the SAML provider resource, you upload a SAML metadata # document that you get from your IdP. That document includes the # issuer's name, expiration information, and keys that can be used to # validate the SAML authentication response (assertions) that the IdP @@ -1849,12 +1859,12 @@ # <note markdown="1"> This operation requires [Signature Version 4][1]. # # </note> # # For more information, see [Enabling SAML 2.0 federated users to access - # the Management Console][2] and [About SAML 2.0-based federation][3] in - # the *IAM User Guide*. + # the Amazon Web Services Management Console][2] and [About SAML + # 2.0-based federation][3] in the *IAM User Guide*. # # # # [1]: https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html # [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html @@ -2094,11 +2104,11 @@ def create_service_specific_credential(params = {}, options = {}) req = build_request(:create_service_specific_credential, params) req.send_request(options) end - # Creates a new IAM user for your account. + # Creates a new IAM user for your Amazon Web Services account. # # For information about quotas for the number of IAM users you can # create, see [IAM and STS quotas][1] in the *IAM User Guide*. # # @@ -2209,14 +2219,15 @@ def create_user(params = {}, options = {}) req = build_request(:create_user, params) req.send_request(options) end - # Creates a new virtual MFA device for the account. After creating the - # virtual MFA, use EnableMFADevice to attach the MFA device to an IAM - # user. For more information about creating and working with virtual MFA - # devices, see [Using a virtual MFA device][1] in the *IAM User Guide*. + # Creates a new virtual MFA device for the Amazon Web Services account. + # After creating the virtual MFA, use EnableMFADevice to attach the MFA + # device to an IAM user. For more information about creating and working + # with virtual MFA devices, see [Using a virtual MFA device][1] in the + # *IAM User Guide*. # # For information about the maximum number of MFA devices you can # create, see [IAM and STS quotas][2] in the *IAM User Guide*. # # The seed information contained in the QR code and the Base32 string @@ -2382,13 +2393,14 @@ # Deletes the access key pair associated with the specified IAM user. # # If you do not specify a user name, IAM determines the user name # implicitly based on the Amazon Web Services access key ID signing the - # request. This operation works for access keys under the account. - # Consequently, you can use this operation to manage account root user - # credentials even if the account has no associated users. + # request. This operation works for access keys under the Amazon Web + # Services account. Consequently, you can use this operation to manage + # Amazon Web Services account root user credentials even if the Amazon + # Web Services account has no associated users. # # @option params [String] :user_name # The name of the user whose access key pair you want to delete. # # This parameter allows (through its [regex pattern][1]) a string of @@ -2438,13 +2450,14 @@ def delete_access_key(params = {}, options = {}) req = build_request(:delete_access_key, params) req.send_request(options) end - # Deletes the specified account alias. For information about using an - # Amazon Web Services account alias, see [Using an alias for your - # account ID][1] in the *IAM User Guide*. + # Deletes the specified Amazon Web Services account alias. For + # information about using an Amazon Web Services account alias, see + # [Using an alias for your Amazon Web Services account ID][1] in the + # *IAM User Guide*. # # # # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html # @@ -2484,11 +2497,12 @@ def delete_account_alias(params = {}, options = {}) req = build_request(:delete_account_alias, params) req.send_request(options) end - # Deletes the password policy for the account. There are no parameters. + # Deletes the password policy for the Amazon Web Services account. There + # are no parameters. # # @return [Struct] Returns an empty {Seahorse::Client::Response response}. # # # @example Example: To delete the current account password policy @@ -2657,16 +2671,17 @@ req.send_request(options) end # Deletes the password for the specified IAM user, which terminates the # user's ability to access Amazon Web Services services through the - # Management Console. + # Amazon Web Services Management Console. # # You can use the CLI, the Amazon Web Services API, or the **Users** # page in the IAM console to delete a password for any IAM user. You can # use ChangePassword to update, but not delete, your own password in the - # **My Security Credentials** page in the Management Console. + # **My Security Credentials** page in the Amazon Web Services Management + # Console. # # Deleting a user's password does not prevent a user from accessing # Amazon Web Services through the command line interface or the API. To # prevent all user access, you must also either make any access keys # inactive or delete them. For more information about making keys @@ -3241,13 +3256,14 @@ # Deletes a signing certificate associated with the specified IAM user. # # If you do not specify a user name, IAM determines the user name # implicitly based on the Amazon Web Services access key ID signing the - # request. This operation works for access keys under the account. - # Consequently, you can use this operation to manage account root user - # credentials even if the account has no associated IAM users. + # request. This operation works for access keys under the Amazon Web + # Services account. Consequently, you can use this operation to manage + # Amazon Web Services account root user credentials even if the Amazon + # Web Services account has no associated IAM users. # # @option params [String] :user_name # The name of the user the signing certificate belongs to. # # This parameter allows (through its [regex pattern][1]) a string of @@ -3296,15 +3312,15 @@ def delete_signing_certificate(params = {}, options = {}) req = build_request(:delete_signing_certificate, params) req.send_request(options) end - # Deletes the specified IAM user. Unlike the Management Console, when - # you delete a user programmatically, you must delete the items attached - # to the user manually, or the deletion fails. For more information, see - # [Deleting an IAM user][1]. Before attempting to delete a user, remove - # the following items: + # Deletes the specified IAM user. Unlike the Amazon Web Services + # Management Console, when you delete a user programmatically, you must + # delete the items attached to the user manually, or the deletion fails. + # For more information, see [Deleting an IAM user][1]. Before attempting + # to delete a user, remove the following items: # # * Password (DeleteLoginProfile) # # * Access keys (DeleteAccessKey) # @@ -3736,13 +3752,13 @@ def enable_mfa_device(params = {}, options = {}) req = build_request(:enable_mfa_device, params) req.send_request(options) end - # Generates a credential report for the account. For more information - # about the credential report, see [Getting credential reports][1] in - # the *IAM User Guide*. + # Generates a credential report for the Amazon Web Services account. For + # more information about the credential report, see [Getting credential + # reports][1] in the *IAM User Guide*. # # # # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html # @@ -3794,18 +3810,18 @@ # troubleshooting, and supported Regions see [Reducing permissions using # service last accessed data][1] in the *IAM User Guide*. # # The data includes all attempts to access Amazon Web Services, not just # the successful ones. This includes all attempts that were made using - # the Management Console, the Amazon Web Services API through any of the - # SDKs, or any of the command line tools. An unexpected entry in the - # service last accessed data does not mean that an account has been - # compromised, because the request might have been denied. Refer to your - # CloudTrail logs as the authoritative source for information about all - # API calls and whether they were successful or denied access. For more - # information, see [Logging IAM events with CloudTrail][2] in the *IAM - # User Guide*. + # the Amazon Web Services Management Console, the Amazon Web Services + # API through any of the SDKs, or any of the command line tools. An + # unexpected entry in the service last accessed data does not mean that + # an account has been compromised, because the request might have been + # denied. Refer to your CloudTrail logs as the authoritative source for + # information about all API calls and whether they were successful or + # denied access. For more information, see [Logging IAM events with + # CloudTrail][2] in the *IAM User Guide*. # # This operation returns a `JobId`. Use this parameter in the ` # GetOrganizationsAccessReport ` operation to check the status of the # report generation. To check the status of this request, use the # `JobId` parameter in the ` GetOrganizationsAccessReport ` operation @@ -3957,18 +3973,19 @@ # your Region began supporting this feature within the last year. For # more information, see [Regions where data is tracked][1]. # # The service last accessed data includes all attempts to access an # Amazon Web Services API, not just the successful ones. This includes - # all attempts that were made using the Management Console, the Amazon - # Web Services API through any of the SDKs, or any of the command line - # tools. An unexpected entry in the service last accessed data does not - # mean that your account has been compromised, because the request might - # have been denied. Refer to your CloudTrail logs as the authoritative - # source for information about all API calls and whether they were - # successful or denied access. For more information, see [Logging IAM - # events with CloudTrail][2] in the *IAM User Guide*. + # all attempts that were made using the Amazon Web Services Management + # Console, the Amazon Web Services API through any of the SDKs, or any + # of the command line tools. An unexpected entry in the service last + # accessed data does not mean that your account has been compromised, + # because the request might have been denied. Refer to your CloudTrail + # logs as the authoritative source for information about all API calls + # and whether they were successful or denied access. For more + # information, see [Logging IAM events with CloudTrail][2] in the *IAM + # User Guide*. # # The `GenerateServiceLastAccessedDetails` operation returns a `JobId`. # Use this parameter in the following operations to retrieve the # following details from your report: # @@ -4282,14 +4299,15 @@ def get_account_authorization_details(params = {}, options = {}) req = build_request(:get_account_authorization_details, params) req.send_request(options) end - # Retrieves the password policy for the account. This tells you the - # complexity requirements and mandatory rotation periods for the IAM - # user passwords in your account. For more information about using a - # password policy, see [Managing an IAM password policy][1]. + # Retrieves the password policy for the Amazon Web Services account. + # This tells you the complexity requirements and mandatory rotation + # periods for the IAM user passwords in your account. For more + # information about using a password policy, see [Managing an IAM + # password policy][1]. # # # # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html # @@ -4552,13 +4570,13 @@ def get_context_keys_for_principal_policy(params = {}, options = {}) req = build_request(:get_context_keys_for_principal_policy, params) req.send_request(options) end - # Retrieves a credential report for the account. For more information - # about the credential report, see [Getting credential reports][1] in - # the *IAM User Guide*. + # Retrieves a credential report for the Amazon Web Services account. For + # more information about the credential report, see [Getting credential + # reports][1] in the *IAM User Guide*. # # # # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html # @@ -4840,22 +4858,24 @@ req = build_request(:get_instance_profile, params) req.send_request(options) end # Retrieves the user name for the specified IAM user. A login profile is - # created when you create a password for the user to access the - # Management Console. If the user does not exist or does not have a - # password, the operation returns a 404 (`NoSuchEntity`) error. + # created when you create a password for the user to access the Amazon + # Web Services Management Console. If the user does not exist or does + # not have a password, the operation returns a 404 (`NoSuchEntity`) + # error. # # If you create an IAM user with access to the console, the `CreateDate` # reflects the date you created the initial password for the user. # # If you create an IAM user with programmatic access, and then later add - # a password for the user to access the Management Console, the - # `CreateDate` reflects the initial password creation date. A user with - # programmatic access does not have a login profile unless you create a - # password for the user to access the Management Console. + # a password for the user to access the Amazon Web Services Management + # Console, the `CreateDate` reflects the initial password creation date. + # A user with programmatic access does not have a login profile unless + # you create a password for the user to access the Amazon Web Services + # Management Console. # # @option params [required, String] :user_name # The name of the user whose login profile you want to retrieve. # # This parameter allows (through its [regex pattern][1]) a string of @@ -6129,16 +6149,17 @@ # Although each user is limited to a small number of keys, you can still # paginate the results using the `MaxItems` and `Marker` parameters. # # If the `UserName` field is not specified, the user name is determined # implicitly based on the Amazon Web Services access key ID used to sign - # the request. This operation works for access keys under the account. - # Consequently, you can use this operation to manage account root user - # credentials even if the account has no associated users. + # the request. This operation works for access keys under the Amazon Web + # Services account. Consequently, you can use this operation to manage + # Amazon Web Services account root user credentials even if the Amazon + # Web Services account has no associated users. # - # <note markdown="1"> To ensure the security of your account, the secret access key is - # accessible only during key and user creation. + # <note markdown="1"> To ensure the security of your Amazon Web Services account, the secret + # access key is accessible only during key and user creation. # # </note> # # @option params [String] :user_name # The name of the user. @@ -6229,13 +6250,14 @@ def list_access_keys(params = {}, options = {}) req = build_request(:list_access_keys, params) req.send_request(options) end - # Lists the account alias associated with the account (Note: you can - # have only one). For information about using an account alias, see - # [Using an alias for your account ID][1] in the *IAM User Guide*. + # Lists the account alias associated with the Amazon Web Services + # account (Note: you can have only one). For information about using an + # Amazon Web Services account alias, see [Using an alias for your Amazon + # Web Services account ID][1] in the *IAM User Guide*. # # # # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html # @@ -7508,11 +7530,11 @@ req = build_request(:list_open_id_connect_provider_tags, params) req.send_request(options) end # Lists information about the IAM OpenID Connect (OIDC) provider - # resource objects defined in the account. + # resource objects defined in the Amazon Web Services account. # # <note markdown="1"> IAM resource-listing operations return a subset of the available # attributes for the resource. For example, this operation does not # return tags, even though they are an attribute of the returned object. # To view all of the information for an OIDC provider, see @@ -7536,13 +7558,13 @@ def list_open_id_connect_providers(params = {}, options = {}) req = build_request(:list_open_id_connect_providers, params) req.send_request(options) end - # Lists all the managed policies that are available in your account, - # including your own customer-defined managed policies and all Amazon - # Web Services managed policies. + # Lists all the managed policies that are available in your Amazon Web + # Services account, including your own customer-defined managed policies + # and all Amazon Web Services managed policies. # # You can filter the list of policies that is returned using the # optional `OnlyAttached`, `Scope`, and `PathPrefix` parameters. For # example, to list only the customer managed policies in your Amazon Web # Services account, set `Scope` to `Local`. To list only Amazon Web @@ -7568,12 +7590,12 @@ # # @option params [String] :scope # The scope to use for filtering the results. # # To list only Amazon Web Services managed policies, set `Scope` to - # `AWS`. To list only the customer managed policies in your account, set - # `Scope` to `Local`. + # `AWS`. To list only the customer managed policies in your Amazon Web + # Services account, set `Scope` to `Local`. # # This parameter is optional. If it is not included, or if it is set to # `All`, all policies are returned. # # @option params [Boolean] :only_attached @@ -8669,13 +8691,13 @@ # and `Marker` parameters. # # If the `UserName` field is not specified, the user name is determined # implicitly based on the Amazon Web Services access key ID used to sign # the request for this operation. This operation works for access keys - # under the account. Consequently, you can use this operation to manage - # account root user credentials even if the account has no associated - # users. + # under the Amazon Web Services account. Consequently, you can use this + # operation to manage Amazon Web Services account root user credentials + # even if the Amazon Web Services account has no associated users. # # @option params [String] :user_name # The name of the IAM user whose signing certificates you want to # examine. # @@ -8933,12 +8955,13 @@ req = build_request(:list_user_tags, params) req.send_request(options) end # Lists the IAM users that have the specified path prefix. If no path - # prefix is specified, the operation returns all users in the account. - # If there are none, the operation returns an empty list. + # prefix is specified, the operation returns all users in the Amazon Web + # Services account. If there are none, the operation returns an empty + # list. # # <note markdown="1"> IAM resource-listing operations return a subset of the available # attributes for the resource. For example, this operation does not # return tags, even though they are an attribute of the returned object. # To view all of the information for a user, see GetUser. @@ -9052,14 +9075,14 @@ def list_users(params = {}, options = {}) req = build_request(:list_users, params) req.send_request(options) end - # Lists the virtual MFA devices defined in the account by assignment - # status. If you do not specify an assignment status, the operation - # returns a list of all virtual MFA devices. Assignment status can be - # `Assigned`, `Unassigned`, or `Any`. + # Lists the virtual MFA devices defined in the Amazon Web Services + # account by assignment status. If you do not specify an assignment + # status, the operation returns a list of all virtual MFA devices. + # Assignment status can be `Assigned`, `Unassigned`, or `Any`. # # <note markdown="1"> IAM resource-listing operations return a subset of the available # attributes for the resource. For example, this operation does not # return tags, even though they are an attribute of the returned object. # To view all of the information for a virtual MFA device, see @@ -9906,11 +9929,11 @@ req = build_request(:set_default_policy_version, params) req.send_request(options) end # Sets the specified version of the global endpoint token as the token - # version used for the account. + # version used for the Amazon Web Services account. # # By default, Security Token Service (STS) is available as a global # service, and all STS requests go to a single endpoint at # `https://sts.amazonaws.com`. Amazon Web Services recommends using # Regional STS endpoints to reduce latency, build in redundancy, and @@ -9919,16 +9942,17 @@ # quotas][1] in the *Amazon Web Services General Reference*. # # If you make an STS call to the global endpoint, the resulting session # tokens might be valid in some Regions but not others. It depends on # the version that is set in this operation. Version 1 tokens are valid - # only in Regions that are available by default. These tokens do not - # work in manually enabled Regions, such as Asia Pacific (Hong Kong). - # Version 2 tokens are valid in all Regions. However, version 2 tokens - # are longer and might affect systems where you temporarily store - # tokens. For information, see [Activating and deactivating STS in an - # Region][2] in the *IAM User Guide*. + # only in Amazon Web Services Regions that are available by default. + # These tokens do not work in manually enabled Regions, such as Asia + # Pacific (Hong Kong). Version 2 tokens are valid in all Regions. + # However, version 2 tokens are longer and might affect systems where + # you temporarily store tokens. For information, see [Activating and + # deactivating STS in an Amazon Web Services Region][2] in the *IAM User + # Guide*. # # To view the current session token version, see the # `GlobalEndpointTokenVersion` entry in the response of the # GetAccountSummary operation. # @@ -9937,18 +9961,18 @@ # [1]: https://docs.aws.amazon.com/general/latest/gr/sts.html # [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html # # @option params [required, String] :global_endpoint_token_version # The version of the global endpoint token. Version 1 tokens are valid - # only in Regions that are available by default. These tokens do not - # work in manually enabled Regions, such as Asia Pacific (Hong Kong). - # Version 2 tokens are valid in all Regions. However, version 2 tokens - # are longer and might affect systems where you temporarily store - # tokens. + # only in Amazon Web Services Regions that are available by default. + # These tokens do not work in manually enabled Regions, such as Asia + # Pacific (Hong Kong). Version 2 tokens are valid in all Regions. + # However, version 2 tokens are longer and might affect systems where + # you temporarily store tokens. # - # For information, see [Activating and deactivating STS in an Region][1] - # in the *IAM User Guide*. + # For information, see [Activating and deactivating STS in an Amazon Web + # Services Region][1] in the *IAM User Guide*. # # # # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html # @@ -10134,16 +10158,16 @@ # # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length # [2]: http://wikipedia.org/wiki/regex # # @option params [String] :resource_owner - # An ARN representing the account ID that specifies the owner of any - # simulated resource that does not identify its owner in the resource - # ARN. Examples of resource ARNs include an S3 bucket or object. If - # `ResourceOwner` is specified, it is also used as the account owner of - # any `ResourcePolicy` included in the simulation. If the - # `ResourceOwner` parameter is not specified, then the owner of the + # An ARN representing the Amazon Web Services account ID that specifies + # the owner of any simulated resource that does not identify its owner + # in the resource ARN. Examples of resource ARNs include an S3 bucket or + # object. If `ResourceOwner` is specified, it is also used as the + # account owner of any `ResourcePolicy` included in the simulation. If + # the `ResourceOwner` parameter is not specified, then the owner of the # resources and the resource policy defaults to the account of the # identity provided in `CallerArn`. This parameter is required only if # you specify a resource-based policy and account that owns the resource # is different from the account that owns the simulated calling user # `CallerArn`. @@ -10480,20 +10504,21 @@ # # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length # [2]: http://wikipedia.org/wiki/regex # # @option params [String] :resource_owner - # An account ID that specifies the owner of any simulated resource that - # does not identify its owner in the resource ARN. Examples of resource - # ARNs include an S3 bucket or object. If `ResourceOwner` is specified, - # it is also used as the account owner of any `ResourcePolicy` included - # in the simulation. If the `ResourceOwner` parameter is not specified, - # then the owner of the resources and the resource policy defaults to - # the account of the identity provided in `CallerArn`. This parameter is - # required only if you specify a resource-based policy and account that - # owns the resource is different from the account that owns the - # simulated calling user `CallerArn`. + # An Amazon Web Services account ID that specifies the owner of any + # simulated resource that does not identify its owner in the resource + # ARN. Examples of resource ARNs include an S3 bucket or object. If + # `ResourceOwner` is specified, it is also used as the account owner of + # any `ResourcePolicy` included in the simulation. If the + # `ResourceOwner` parameter is not specified, then the owner of the + # resources and the resource policy defaults to the account of the + # identity provided in `CallerArn`. This parameter is required only if + # you specify a resource-based policy and account that owns the resource + # is different from the account that owns the simulated calling user + # `CallerArn`. # # @option params [String] :caller_arn # The ARN of the IAM user that you want to specify as the simulated # caller of the API operations. If you do not specify a `CallerArn`, it # defaults to the ARN of the user that you specify in `PolicySourceArn`, @@ -11721,13 +11746,14 @@ # Inactive, or vice versa. This operation can be used to disable a # user's key as part of a key rotation workflow. # # If the `UserName` is not specified, the user name is determined # implicitly based on the Amazon Web Services access key ID used to sign - # the request. This operation works for access keys under the account. - # Consequently, you can use this operation to manage account root user - # credentials even if the account has no associated users. + # the request. This operation works for access keys under the Amazon Web + # Services account. Consequently, you can use this operation to manage + # Amazon Web Services account root user credentials even if the Amazon + # Web Services account has no associated users. # # For information about rotating keys, see [Managing keys and # certificates][1] in the *IAM User Guide*. # # @@ -11791,11 +11817,12 @@ def update_access_key(params = {}, options = {}) req = build_request(:update_access_key, params) req.send_request(options) end - # Updates the password policy settings for the account. + # Updates the password policy settings for the Amazon Web Services + # account. # # <note markdown="1"> * This operation does not support partial updates. No parameters are # required, but if you do not specify a parameter, that parameter's # value reverts to its default value. See the **Request Parameters** # section for each parameter's default value. Also note that some @@ -11853,13 +11880,14 @@ # If you do not specify a value for this parameter, then the operation # uses the default value of `false`. The result is that passwords do not # require at least one lowercase character. # # @option params [Boolean] :allow_users_to_change_password - # Allows all IAM users in your account to use the Management Console to - # change their own passwords. For more information, see [Letting IAM - # users change their own passwords][1] in the *IAM User Guide*. + # Allows all IAM users in your account to use the Amazon Web Services + # Management Console to change their own passwords. For more + # information, see [Letting IAM users change their own passwords][1] in + # the *IAM User Guide*. # # If you do not specify a value for this parameter, then the operation # uses the default value of `false`. The result is that IAM users in the # account do not automatically have permissions to change their own # password. @@ -12090,11 +12118,11 @@ # Changes the password for the specified IAM user. You can use the CLI, # the Amazon Web Services API, or the **Users** page in the IAM console # to change the password for any IAM user. Use ChangePassword to change # your own password in the **My Security Credentials** page in the - # Management Console. + # Amazon Web Services Management Console. # # For more information about modifying passwords, see [Managing # passwords][1] in the *IAM User Guide*. # # @@ -12127,12 +12155,12 @@ # # * The special characters tab (`\u0009`), line feed (`\u000A`), and # carriage return (`\u000D`) # # However, the format can be further restricted by the account - # administrator by setting a password policy on the account. For more - # information, see UpdateAccountPasswordPolicy. + # administrator by setting a password policy on the Amazon Web Services + # account. For more information, see UpdateAccountPasswordPolicy. # # # # [1]: http://wikipedia.org/wiki/regex # @@ -12595,13 +12623,14 @@ # disable an IAM user's signing certificate as part of a certificate # rotation work flow. # # If the `UserName` field is not specified, the user name is determined # implicitly based on the Amazon Web Services access key ID used to sign - # the request. This operation works for access keys under the account. - # Consequently, you can use this operation to manage account root user - # credentials even if the account has no associated users. + # the request. This operation works for access keys under the Amazon Web + # Services account. Consequently, you can use this operation to manage + # Amazon Web Services account root user credentials even if the Amazon + # Web Services account has no associated users. # # @option params [String] :user_name # The name of the IAM user the signing certificate belongs to. # # This parameter allows (through its [regex pattern][1]) a string of @@ -12818,13 +12847,14 @@ def upload_ssh_public_key(params = {}, options = {}) req = build_request(:upload_ssh_public_key, params) req.send_request(options) end - # Uploads a server certificate entity for the account. The server - # certificate entity includes a public key certificate, a private key, - # and an optional certificate chain, which should all be PEM-encoded. + # Uploads a server certificate entity for the Amazon Web Services + # account. The server certificate entity includes a public key + # certificate, a private key, and an optional certificate chain, which + # should all be PEM-encoded. # # We recommend that you use [Certificate Manager][1] to provision, # manage, and deploy your server certificates. With ACM you can request # a certificate, deploy it to Amazon Web Services resources, and let ACM # handle certificate renewals for you. Certificates provided by ACM are @@ -13045,13 +13075,14 @@ # For information about when you would use an X.509 signing certificate, # see [Managing server certificates in IAM][1] in the *IAM User Guide*. # # If the `UserName` is not specified, the IAM user name is determined # implicitly based on the Amazon Web Services access key ID used to sign - # the request. This operation works for access keys under the account. - # Consequently, you can use this operation to manage account root user - # credentials even if the account has no associated users. + # the request. This operation works for access keys under the Amazon Web + # Services account. Consequently, you can use this operation to manage + # Amazon Web Services account root user credentials even if the Amazon + # Web Services account has no associated users. # # <note markdown="1"> Because the body of an X.509 certificate can be large, you should use # POST rather than GET when calling `UploadSigningCertificate`. For # information about setting up signatures and authorization through the # API, see [Signing Amazon Web Services API requests][2] in the *Amazon @@ -13158,10 +13189,10 @@ operation: config.api.operation(operation_name), client: self, params: params, config: config) context[:gem_name] = 'aws-sdk-iam' - context[:gem_version] = '1.60.0' + context[:gem_version] = '1.61.0' Seahorse::Client::Request.new(handlers, context) end # Polls an API operation until a resource enters a desired state. #