diff --git a/CHANGELOG.md b/CHANGELOG.md index 5259b1f46..c35f28fd8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ * `emp ps` now shows the correct uptime of the process thanks to ECS support [#683](https://github.com/remind101/empire/pull/683). * You can now deploy images from unofficial Docker registries, such as Quay.io [#692](https://github.com/remind101/empire/pull/692). +* Empire now allows you to "attach" existing IAM certificates. This replaces the old `ssl-*` commands in the `emp` CLI [#701](https://github.com/remind101/empire/pull/701). **Bugs** diff --git a/Godeps/Godeps.json b/Godeps/Godeps.json index 89a72912d..647cb31e5 100644 --- a/Godeps/Godeps.json +++ b/Godeps/Godeps.json @@ -75,11 +75,6 @@ "Comment": "v1.0.2", "Rev": "9d7bc2d6ca2ada0468f705f0e9725ca97f8550c8" }, - { - "ImportPath": "github.com/aws/aws-sdk-go/service/iam", - "Comment": "v1.0.2", - "Rev": "9d7bc2d6ca2ada0468f705f0e9725ca97f8550c8" - }, { "ImportPath": "github.com/aws/aws-sdk-go/service/kinesis", "Comment": "v1.0.2", @@ -91,8 +86,8 @@ "Rev": "9d7bc2d6ca2ada0468f705f0e9725ca97f8550c8" }, { - "ImportPath": "github.com/bgentry/heroku-go", - "Rev": "b891b4c66c7a330c5da052a0789f66c4e83c1bed" + "ImportPath": "github.com/bgentry/testnet", + "Rev": "05450cdcf16c84d5b08dc9bb617250aa7b63c8ff" }, { "ImportPath": "github.com/codegangsta/cli", diff --git a/Godeps/_workspace/src/github.com/aws/aws-sdk-go/service/iam/api.go b/Godeps/_workspace/src/github.com/aws/aws-sdk-go/service/iam/api.go deleted file mode 100644 index 118022be5..000000000 --- a/Godeps/_workspace/src/github.com/aws/aws-sdk-go/service/iam/api.go +++ /dev/null @@ -1,12177 +0,0 @@ -// THIS FILE IS AUTOMATICALLY GENERATED. DO NOT EDIT. - -// Package iam provides a client for AWS Identity and Access Management. -package iam - -import ( - "time" - - "github.com/aws/aws-sdk-go/aws/awsutil" - "github.com/aws/aws-sdk-go/aws/request" -) - -const opAddClientIDToOpenIDConnectProvider = "AddClientIDToOpenIDConnectProvider" - -// AddClientIDToOpenIDConnectProviderRequest generates a request for the AddClientIDToOpenIDConnectProvider operation. -func (c *IAM) AddClientIDToOpenIDConnectProviderRequest(input *AddClientIDToOpenIDConnectProviderInput) (req *request.Request, output *AddClientIDToOpenIDConnectProviderOutput) { - op := &request.Operation{ - Name: opAddClientIDToOpenIDConnectProvider, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &AddClientIDToOpenIDConnectProviderInput{} - } - - req = c.newRequest(op, input, output) - output = &AddClientIDToOpenIDConnectProviderOutput{} - req.Data = output - return -} - -// Adds a new client ID (also known as audience) to the list of client IDs already -// registered for the specified IAM OpenID Connect provider. -// -// This action is idempotent; it does not fail or return an error if you add -// an existing client ID to the provider. -func (c *IAM) AddClientIDToOpenIDConnectProvider(input *AddClientIDToOpenIDConnectProviderInput) (*AddClientIDToOpenIDConnectProviderOutput, error) { - req, out := c.AddClientIDToOpenIDConnectProviderRequest(input) - err := req.Send() - return out, err -} - -const opAddRoleToInstanceProfile = "AddRoleToInstanceProfile" - -// AddRoleToInstanceProfileRequest generates a request for the AddRoleToInstanceProfile operation. -func (c *IAM) AddRoleToInstanceProfileRequest(input *AddRoleToInstanceProfileInput) (req *request.Request, output *AddRoleToInstanceProfileOutput) { - op := &request.Operation{ - Name: opAddRoleToInstanceProfile, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &AddRoleToInstanceProfileInput{} - } - - req = c.newRequest(op, input, output) - output = &AddRoleToInstanceProfileOutput{} - req.Data = output - return -} - -// Adds the specified role to the specified instance profile. For more information -// about roles, go to Working with Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). -// For more information about instance profiles, go to About Instance Profiles -// (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html). -func (c *IAM) AddRoleToInstanceProfile(input *AddRoleToInstanceProfileInput) (*AddRoleToInstanceProfileOutput, error) { - req, out := c.AddRoleToInstanceProfileRequest(input) - err := req.Send() - return out, err -} - -const opAddUserToGroup = "AddUserToGroup" - -// AddUserToGroupRequest generates a request for the AddUserToGroup operation. -func (c *IAM) AddUserToGroupRequest(input *AddUserToGroupInput) (req *request.Request, output *AddUserToGroupOutput) { - op := &request.Operation{ - Name: opAddUserToGroup, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &AddUserToGroupInput{} - } - - req = c.newRequest(op, input, output) - output = &AddUserToGroupOutput{} - req.Data = output - return -} - -// Adds the specified user to the specified group. -func (c *IAM) AddUserToGroup(input *AddUserToGroupInput) (*AddUserToGroupOutput, error) { - req, out := c.AddUserToGroupRequest(input) - err := req.Send() - return out, err -} - -const opAttachGroupPolicy = "AttachGroupPolicy" - -// AttachGroupPolicyRequest generates a request for the AttachGroupPolicy operation. -func (c *IAM) AttachGroupPolicyRequest(input *AttachGroupPolicyInput) (req *request.Request, output *AttachGroupPolicyOutput) { - op := &request.Operation{ - Name: opAttachGroupPolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &AttachGroupPolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &AttachGroupPolicyOutput{} - req.Data = output - return -} - -// Attaches the specified managed policy to the specified group. -// -// You use this API to attach a managed policy to a group. To embed an inline -// policy in a group, use PutGroupPolicy. -// -// For more information about policies, refer to Managed Policies and Inline -// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -func (c *IAM) AttachGroupPolicy(input *AttachGroupPolicyInput) (*AttachGroupPolicyOutput, error) { - req, out := c.AttachGroupPolicyRequest(input) - err := req.Send() - return out, err -} - -const opAttachRolePolicy = "AttachRolePolicy" - -// AttachRolePolicyRequest generates a request for the AttachRolePolicy operation. -func (c *IAM) AttachRolePolicyRequest(input *AttachRolePolicyInput) (req *request.Request, output *AttachRolePolicyOutput) { - op := &request.Operation{ - Name: opAttachRolePolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &AttachRolePolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &AttachRolePolicyOutput{} - req.Data = output - return -} - -// Attaches the specified managed policy to the specified role. -// -// When you attach a managed policy to a role, the managed policy is used as -// the role's access (permissions) policy. You cannot use a managed policy as -// the role's trust policy. The role's trust policy is created at the same time -// as the role, using CreateRole. You can update a role's trust policy using -// UpdateAssumeRolePolicy. -// -// Use this API to attach a managed policy to a role. To embed an inline policy -// in a role, use PutRolePolicy. For more information about policies, refer -// to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -func (c *IAM) AttachRolePolicy(input *AttachRolePolicyInput) (*AttachRolePolicyOutput, error) { - req, out := c.AttachRolePolicyRequest(input) - err := req.Send() - return out, err -} - -const opAttachUserPolicy = "AttachUserPolicy" - -// AttachUserPolicyRequest generates a request for the AttachUserPolicy operation. -func (c *IAM) AttachUserPolicyRequest(input *AttachUserPolicyInput) (req *request.Request, output *AttachUserPolicyOutput) { - op := &request.Operation{ - Name: opAttachUserPolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &AttachUserPolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &AttachUserPolicyOutput{} - req.Data = output - return -} - -// Attaches the specified managed policy to the specified user. -// -// You use this API to attach a managed policy to a user. To embed an inline -// policy in a user, use PutUserPolicy. -// -// For more information about policies, refer to Managed Policies and Inline -// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -func (c *IAM) AttachUserPolicy(input *AttachUserPolicyInput) (*AttachUserPolicyOutput, error) { - req, out := c.AttachUserPolicyRequest(input) - err := req.Send() - return out, err -} - -const opChangePassword = "ChangePassword" - -// ChangePasswordRequest generates a request for the ChangePassword operation. -func (c *IAM) ChangePasswordRequest(input *ChangePasswordInput) (req *request.Request, output *ChangePasswordOutput) { - op := &request.Operation{ - Name: opChangePassword, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &ChangePasswordInput{} - } - - req = c.newRequest(op, input, output) - output = &ChangePasswordOutput{} - req.Data = output - return -} - -// Changes the password of the IAM user who is calling this action. The root -// account password is not affected by this action. -// -// To change the password for a different user, see UpdateLoginProfile. For -// more information about modifying passwords, see Managing Passwords (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) -// in the IAM User Guide. -func (c *IAM) ChangePassword(input *ChangePasswordInput) (*ChangePasswordOutput, error) { - req, out := c.ChangePasswordRequest(input) - err := req.Send() - return out, err -} - -const opCreateAccessKey = "CreateAccessKey" - -// CreateAccessKeyRequest generates a request for the CreateAccessKey operation. -func (c *IAM) CreateAccessKeyRequest(input *CreateAccessKeyInput) (req *request.Request, output *CreateAccessKeyOutput) { - op := &request.Operation{ - Name: opCreateAccessKey, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &CreateAccessKeyInput{} - } - - req = c.newRequest(op, input, output) - output = &CreateAccessKeyOutput{} - req.Data = output - return -} - -// Creates a new AWS secret access key and corresponding AWS access key ID for -// the specified user. The default status for new keys is Active. -// -// If you do not specify a user name, IAM determines the user name implicitly -// based on the AWS access key ID signing the request. Because this action works -// for access keys under the AWS account, you can use this action to manage -// root credentials even if the AWS account has no associated users. -// -// For information about limits on the number of keys you can create, see -// Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) -// in the IAM User Guide. -// -// To ensure the security of your AWS account, the secret access key is accessible -// only during key and user creation. You must save the key (for example, in -// a text file) if you want to be able to access it again. If a secret key is -// lost, you can delete the access keys for the associated user and then create -// new keys. -func (c *IAM) CreateAccessKey(input *CreateAccessKeyInput) (*CreateAccessKeyOutput, error) { - req, out := c.CreateAccessKeyRequest(input) - err := req.Send() - return out, err -} - -const opCreateAccountAlias = "CreateAccountAlias" - -// CreateAccountAliasRequest generates a request for the CreateAccountAlias operation. -func (c *IAM) CreateAccountAliasRequest(input *CreateAccountAliasInput) (req *request.Request, output *CreateAccountAliasOutput) { - op := &request.Operation{ - Name: opCreateAccountAlias, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &CreateAccountAliasInput{} - } - - req = c.newRequest(op, input, output) - output = &CreateAccountAliasOutput{} - req.Data = output - return -} - -// Creates an alias for your AWS account. For information about using an AWS -// account alias, see Using an Alias for Your AWS Account ID (http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) -// in the IAM User Guide. -func (c *IAM) CreateAccountAlias(input *CreateAccountAliasInput) (*CreateAccountAliasOutput, error) { - req, out := c.CreateAccountAliasRequest(input) - err := req.Send() - return out, err -} - -const opCreateGroup = "CreateGroup" - -// CreateGroupRequest generates a request for the CreateGroup operation. -func (c *IAM) CreateGroupRequest(input *CreateGroupInput) (req *request.Request, output *CreateGroupOutput) { - op := &request.Operation{ - Name: opCreateGroup, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &CreateGroupInput{} - } - - req = c.newRequest(op, input, output) - output = &CreateGroupOutput{} - req.Data = output - return -} - -// Creates a new group. -// -// For information about the number of groups you can create, see Limitations -// on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) -// in the IAM User Guide. -func (c *IAM) CreateGroup(input *CreateGroupInput) (*CreateGroupOutput, error) { - req, out := c.CreateGroupRequest(input) - err := req.Send() - return out, err -} - -const opCreateInstanceProfile = "CreateInstanceProfile" - -// CreateInstanceProfileRequest generates a request for the CreateInstanceProfile operation. -func (c *IAM) CreateInstanceProfileRequest(input *CreateInstanceProfileInput) (req *request.Request, output *CreateInstanceProfileOutput) { - op := &request.Operation{ - Name: opCreateInstanceProfile, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &CreateInstanceProfileInput{} - } - - req = c.newRequest(op, input, output) - output = &CreateInstanceProfileOutput{} - req.Data = output - return -} - -// Creates a new instance profile. For information about instance profiles, -// go to About Instance Profiles (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html). -// -// For information about the number of instance profiles you can create, see -// Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) -// in the IAM User Guide. -func (c *IAM) CreateInstanceProfile(input *CreateInstanceProfileInput) (*CreateInstanceProfileOutput, error) { - req, out := c.CreateInstanceProfileRequest(input) - err := req.Send() - return out, err -} - -const opCreateLoginProfile = "CreateLoginProfile" - -// CreateLoginProfileRequest generates a request for the CreateLoginProfile operation. -func (c *IAM) CreateLoginProfileRequest(input *CreateLoginProfileInput) (req *request.Request, output *CreateLoginProfileOutput) { - op := &request.Operation{ - Name: opCreateLoginProfile, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &CreateLoginProfileInput{} - } - - req = c.newRequest(op, input, output) - output = &CreateLoginProfileOutput{} - req.Data = output - return -} - -// Creates a password for the specified user, giving the user the ability to -// access AWS services through the AWS Management Console. For more information -// about managing passwords, see Managing Passwords (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) -// in the Using IAM guide. -func (c *IAM) CreateLoginProfile(input *CreateLoginProfileInput) (*CreateLoginProfileOutput, error) { - req, out := c.CreateLoginProfileRequest(input) - err := req.Send() - return out, err -} - -const opCreateOpenIDConnectProvider = "CreateOpenIDConnectProvider" - -// CreateOpenIDConnectProviderRequest generates a request for the CreateOpenIDConnectProvider operation. -func (c *IAM) CreateOpenIDConnectProviderRequest(input *CreateOpenIDConnectProviderInput) (req *request.Request, output *CreateOpenIDConnectProviderOutput) { - op := &request.Operation{ - Name: opCreateOpenIDConnectProvider, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &CreateOpenIDConnectProviderInput{} - } - - req = c.newRequest(op, input, output) - output = &CreateOpenIDConnectProviderOutput{} - req.Data = output - return -} - -// Creates an IAM entity to describe an identity provider (IdP) that supports -// OpenID Connect (OIDC) (http://openid.net/connect/). -// -// The OIDC provider that you create with this operation can be used as a principal -// in a role's trust policy to establish a trust relationship between AWS and -// the OIDC provider. -// -// When you create the IAM OIDC provider, you specify the URL of the OIDC identity -// provider (IdP) to trust, a list of client IDs (also known as audiences) that -// identify the application or applications that are allowed to authenticate -// using the OIDC provider, and a list of thumbprints of the server certificate(s) -// that the IdP uses. You get all of this information from the OIDC IdP that -// you want to use for access to AWS. -// -// Because trust for the OIDC provider is ultimately derived from the IAM provider -// that this action creates, it is a best practice to limit access to the CreateOpenIDConnectProvider -// action to highly-privileged users. -func (c *IAM) CreateOpenIDConnectProvider(input *CreateOpenIDConnectProviderInput) (*CreateOpenIDConnectProviderOutput, error) { - req, out := c.CreateOpenIDConnectProviderRequest(input) - err := req.Send() - return out, err -} - -const opCreatePolicy = "CreatePolicy" - -// CreatePolicyRequest generates a request for the CreatePolicy operation. -func (c *IAM) CreatePolicyRequest(input *CreatePolicyInput) (req *request.Request, output *CreatePolicyOutput) { - op := &request.Operation{ - Name: opCreatePolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &CreatePolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &CreatePolicyOutput{} - req.Data = output - return -} - -// Creates a new managed policy for your AWS account. -// -// This operation creates a policy version with a version identifier of v1 -// and sets v1 as the policy's default version. For more information about policy -// versions, see Versioning for Managed Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) -// in the IAM User Guide. -// -// For more information about managed policies in general, refer to Managed -// Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -func (c *IAM) CreatePolicy(input *CreatePolicyInput) (*CreatePolicyOutput, error) { - req, out := c.CreatePolicyRequest(input) - err := req.Send() - return out, err -} - -const opCreatePolicyVersion = "CreatePolicyVersion" - -// CreatePolicyVersionRequest generates a request for the CreatePolicyVersion operation. -func (c *IAM) CreatePolicyVersionRequest(input *CreatePolicyVersionInput) (req *request.Request, output *CreatePolicyVersionOutput) { - op := &request.Operation{ - Name: opCreatePolicyVersion, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &CreatePolicyVersionInput{} - } - - req = c.newRequest(op, input, output) - output = &CreatePolicyVersionOutput{} - req.Data = output - return -} - -// Creates a new version of the specified managed policy. To update a managed -// policy, you create a new policy version. A managed policy can have up to -// five versions. If the policy has five versions, you must delete an existing -// version using DeletePolicyVersion before you create a new version. -// -// Optionally, you can set the new version as the policy's default version. -// The default version is the operative version; that is, the version that is -// in effect for the IAM users, groups, and roles that the policy is attached -// to. -// -// For more information about managed policy versions, see Versioning for Managed -// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) -// in the IAM User Guide. -func (c *IAM) CreatePolicyVersion(input *CreatePolicyVersionInput) (*CreatePolicyVersionOutput, error) { - req, out := c.CreatePolicyVersionRequest(input) - err := req.Send() - return out, err -} - -const opCreateRole = "CreateRole" - -// CreateRoleRequest generates a request for the CreateRole operation. -func (c *IAM) CreateRoleRequest(input *CreateRoleInput) (req *request.Request, output *CreateRoleOutput) { - op := &request.Operation{ - Name: opCreateRole, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &CreateRoleInput{} - } - - req = c.newRequest(op, input, output) - output = &CreateRoleOutput{} - req.Data = output - return -} - -// Creates a new role for your AWS account. For more information about roles, -// go to Working with Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). -// For information about limitations on role names and the number of roles you -// can create, go to Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) -// in the IAM User Guide. -// -// The policy in the following example grants permission to an EC2 instance -// to assume the role. -func (c *IAM) CreateRole(input *CreateRoleInput) (*CreateRoleOutput, error) { - req, out := c.CreateRoleRequest(input) - err := req.Send() - return out, err -} - -const opCreateSAMLProvider = "CreateSAMLProvider" - -// CreateSAMLProviderRequest generates a request for the CreateSAMLProvider operation. -func (c *IAM) CreateSAMLProviderRequest(input *CreateSAMLProviderInput) (req *request.Request, output *CreateSAMLProviderOutput) { - op := &request.Operation{ - Name: opCreateSAMLProvider, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &CreateSAMLProviderInput{} - } - - req = c.newRequest(op, input, output) - output = &CreateSAMLProviderOutput{} - req.Data = output - return -} - -// Creates an IAM entity to describe an identity provider (IdP) that supports -// SAML 2.0. -// -// The SAML provider that you create with this operation can be used as a -// principal in a role's trust policy to establish a trust relationship between -// AWS and a SAML identity provider. You can create an IAM role that supports -// Web-based single sign-on (SSO) to the AWS Management Console or one that -// supports API access to AWS. -// -// When you create the SAML provider, you upload an a SAML metadata document -// that you get from your IdP and that includes the issuer's name, expiration -// information, and keys that can be used to validate the SAML authentication -// response (assertions) that are received from the IdP. You must generate the -// metadata document using the identity management software that is used as -// your organization's IdP. -// -// This operation requires Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). -// For more information, see Enabling SAML 2.0 Federated Users to Access the -// AWS Management Console (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html) -// and About SAML 2.0-based Federation (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) -// in the IAM User Guide. -func (c *IAM) CreateSAMLProvider(input *CreateSAMLProviderInput) (*CreateSAMLProviderOutput, error) { - req, out := c.CreateSAMLProviderRequest(input) - err := req.Send() - return out, err -} - -const opCreateUser = "CreateUser" - -// CreateUserRequest generates a request for the CreateUser operation. -func (c *IAM) CreateUserRequest(input *CreateUserInput) (req *request.Request, output *CreateUserOutput) { - op := &request.Operation{ - Name: opCreateUser, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &CreateUserInput{} - } - - req = c.newRequest(op, input, output) - output = &CreateUserOutput{} - req.Data = output - return -} - -// Creates a new user for your AWS account. -// -// For information about limitations on the number of users you can create, -// see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) -// in the IAM User Guide. -func (c *IAM) CreateUser(input *CreateUserInput) (*CreateUserOutput, error) { - req, out := c.CreateUserRequest(input) - err := req.Send() - return out, err -} - -const opCreateVirtualMFADevice = "CreateVirtualMFADevice" - -// CreateVirtualMFADeviceRequest generates a request for the CreateVirtualMFADevice operation. -func (c *IAM) CreateVirtualMFADeviceRequest(input *CreateVirtualMFADeviceInput) (req *request.Request, output *CreateVirtualMFADeviceOutput) { - op := &request.Operation{ - Name: opCreateVirtualMFADevice, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &CreateVirtualMFADeviceInput{} - } - - req = c.newRequest(op, input, output) - output = &CreateVirtualMFADeviceOutput{} - req.Data = output - return -} - -// Creates a new virtual MFA device for the AWS account. After creating the -// virtual MFA, use EnableMFADevice to attach the MFA device to an IAM user. -// For more information about creating and working with virtual MFA devices, -// go to Using a Virtual MFA Device (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) -// in the Using IAM guide. -// -// For information about limits on the number of MFA devices you can create, -// see Limitations on Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) -// in the Using IAM guide. -// -// The seed information contained in the QR code and the Base32 string should -// be treated like any other secret access information, such as your AWS access -// keys or your passwords. After you provision your virtual device, you should -// ensure that the information is destroyed following secure procedures. -func (c *IAM) CreateVirtualMFADevice(input *CreateVirtualMFADeviceInput) (*CreateVirtualMFADeviceOutput, error) { - req, out := c.CreateVirtualMFADeviceRequest(input) - err := req.Send() - return out, err -} - -const opDeactivateMFADevice = "DeactivateMFADevice" - -// DeactivateMFADeviceRequest generates a request for the DeactivateMFADevice operation. -func (c *IAM) DeactivateMFADeviceRequest(input *DeactivateMFADeviceInput) (req *request.Request, output *DeactivateMFADeviceOutput) { - op := &request.Operation{ - Name: opDeactivateMFADevice, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeactivateMFADeviceInput{} - } - - req = c.newRequest(op, input, output) - output = &DeactivateMFADeviceOutput{} - req.Data = output - return -} - -// Deactivates the specified MFA device and removes it from association with -// the user name for which it was originally enabled. -// -// For more information about creating and working with virtual MFA devices, -// go to Using a Virtual MFA Device (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) -// in the Using IAM guide. -func (c *IAM) DeactivateMFADevice(input *DeactivateMFADeviceInput) (*DeactivateMFADeviceOutput, error) { - req, out := c.DeactivateMFADeviceRequest(input) - err := req.Send() - return out, err -} - -const opDeleteAccessKey = "DeleteAccessKey" - -// DeleteAccessKeyRequest generates a request for the DeleteAccessKey operation. -func (c *IAM) DeleteAccessKeyRequest(input *DeleteAccessKeyInput) (req *request.Request, output *DeleteAccessKeyOutput) { - op := &request.Operation{ - Name: opDeleteAccessKey, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeleteAccessKeyInput{} - } - - req = c.newRequest(op, input, output) - output = &DeleteAccessKeyOutput{} - req.Data = output - return -} - -// Deletes the access key associated with the specified user. -// -// If you do not specify a user name, IAM determines the user name implicitly -// based on the AWS access key ID signing the request. Because this action works -// for access keys under the AWS account, you can use this action to manage -// root credentials even if the AWS account has no associated users. -func (c *IAM) DeleteAccessKey(input *DeleteAccessKeyInput) (*DeleteAccessKeyOutput, error) { - req, out := c.DeleteAccessKeyRequest(input) - err := req.Send() - return out, err -} - -const opDeleteAccountAlias = "DeleteAccountAlias" - -// DeleteAccountAliasRequest generates a request for the DeleteAccountAlias operation. -func (c *IAM) DeleteAccountAliasRequest(input *DeleteAccountAliasInput) (req *request.Request, output *DeleteAccountAliasOutput) { - op := &request.Operation{ - Name: opDeleteAccountAlias, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeleteAccountAliasInput{} - } - - req = c.newRequest(op, input, output) - output = &DeleteAccountAliasOutput{} - req.Data = output - return -} - -// Deletes the specified AWS account alias. For information about using an AWS -// account alias, see Using an Alias for Your AWS Account ID (http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) -// in the IAM User Guide. -func (c *IAM) DeleteAccountAlias(input *DeleteAccountAliasInput) (*DeleteAccountAliasOutput, error) { - req, out := c.DeleteAccountAliasRequest(input) - err := req.Send() - return out, err -} - -const opDeleteAccountPasswordPolicy = "DeleteAccountPasswordPolicy" - -// DeleteAccountPasswordPolicyRequest generates a request for the DeleteAccountPasswordPolicy operation. -func (c *IAM) DeleteAccountPasswordPolicyRequest(input *DeleteAccountPasswordPolicyInput) (req *request.Request, output *DeleteAccountPasswordPolicyOutput) { - op := &request.Operation{ - Name: opDeleteAccountPasswordPolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeleteAccountPasswordPolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &DeleteAccountPasswordPolicyOutput{} - req.Data = output - return -} - -// Deletes the password policy for the AWS account. -func (c *IAM) DeleteAccountPasswordPolicy(input *DeleteAccountPasswordPolicyInput) (*DeleteAccountPasswordPolicyOutput, error) { - req, out := c.DeleteAccountPasswordPolicyRequest(input) - err := req.Send() - return out, err -} - -const opDeleteGroup = "DeleteGroup" - -// DeleteGroupRequest generates a request for the DeleteGroup operation. -func (c *IAM) DeleteGroupRequest(input *DeleteGroupInput) (req *request.Request, output *DeleteGroupOutput) { - op := &request.Operation{ - Name: opDeleteGroup, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeleteGroupInput{} - } - - req = c.newRequest(op, input, output) - output = &DeleteGroupOutput{} - req.Data = output - return -} - -// Deletes the specified group. The group must not contain any users or have -// any attached policies. -func (c *IAM) DeleteGroup(input *DeleteGroupInput) (*DeleteGroupOutput, error) { - req, out := c.DeleteGroupRequest(input) - err := req.Send() - return out, err -} - -const opDeleteGroupPolicy = "DeleteGroupPolicy" - -// DeleteGroupPolicyRequest generates a request for the DeleteGroupPolicy operation. -func (c *IAM) DeleteGroupPolicyRequest(input *DeleteGroupPolicyInput) (req *request.Request, output *DeleteGroupPolicyOutput) { - op := &request.Operation{ - Name: opDeleteGroupPolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeleteGroupPolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &DeleteGroupPolicyOutput{} - req.Data = output - return -} - -// Deletes the specified inline policy that is embedded in the specified group. -// -// A group can also have managed policies attached to it. To detach a managed -// policy from a group, use DetachGroupPolicy. For more information about policies, -// refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -func (c *IAM) DeleteGroupPolicy(input *DeleteGroupPolicyInput) (*DeleteGroupPolicyOutput, error) { - req, out := c.DeleteGroupPolicyRequest(input) - err := req.Send() - return out, err -} - -const opDeleteInstanceProfile = "DeleteInstanceProfile" - -// DeleteInstanceProfileRequest generates a request for the DeleteInstanceProfile operation. -func (c *IAM) DeleteInstanceProfileRequest(input *DeleteInstanceProfileInput) (req *request.Request, output *DeleteInstanceProfileOutput) { - op := &request.Operation{ - Name: opDeleteInstanceProfile, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeleteInstanceProfileInput{} - } - - req = c.newRequest(op, input, output) - output = &DeleteInstanceProfileOutput{} - req.Data = output - return -} - -// Deletes the specified instance profile. The instance profile must not have -// an associated role. -// -// Make sure you do not have any Amazon EC2 instances running with the instance -// profile you are about to delete. Deleting a role or instance profile that -// is associated with a running instance will break any applications running -// on the instance. For more information about instance profiles, go to About -// Instance Profiles (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html). -func (c *IAM) DeleteInstanceProfile(input *DeleteInstanceProfileInput) (*DeleteInstanceProfileOutput, error) { - req, out := c.DeleteInstanceProfileRequest(input) - err := req.Send() - return out, err -} - -const opDeleteLoginProfile = "DeleteLoginProfile" - -// DeleteLoginProfileRequest generates a request for the DeleteLoginProfile operation. -func (c *IAM) DeleteLoginProfileRequest(input *DeleteLoginProfileInput) (req *request.Request, output *DeleteLoginProfileOutput) { - op := &request.Operation{ - Name: opDeleteLoginProfile, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeleteLoginProfileInput{} - } - - req = c.newRequest(op, input, output) - output = &DeleteLoginProfileOutput{} - req.Data = output - return -} - -// Deletes the password for the specified user, which terminates the user's -// ability to access AWS services through the AWS Management Console. -// -// Deleting a user's password does not prevent a user from accessing IAM through -// the command line interface or the API. To prevent all user access you must -// also either make the access key inactive or delete it. For more information -// about making keys inactive or deleting them, see UpdateAccessKey and DeleteAccessKey. -func (c *IAM) DeleteLoginProfile(input *DeleteLoginProfileInput) (*DeleteLoginProfileOutput, error) { - req, out := c.DeleteLoginProfileRequest(input) - err := req.Send() - return out, err -} - -const opDeleteOpenIDConnectProvider = "DeleteOpenIDConnectProvider" - -// DeleteOpenIDConnectProviderRequest generates a request for the DeleteOpenIDConnectProvider operation. -func (c *IAM) DeleteOpenIDConnectProviderRequest(input *DeleteOpenIDConnectProviderInput) (req *request.Request, output *DeleteOpenIDConnectProviderOutput) { - op := &request.Operation{ - Name: opDeleteOpenIDConnectProvider, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeleteOpenIDConnectProviderInput{} - } - - req = c.newRequest(op, input, output) - output = &DeleteOpenIDConnectProviderOutput{} - req.Data = output - return -} - -// Deletes an IAM OpenID Connect identity provider. -// -// Deleting an OIDC provider does not update any roles that reference the provider -// as a principal in their trust policies. Any attempt to assume a role that -// references a provider that has been deleted will fail. -// -// This action is idempotent; it does not fail or return an error if you call -// the action for a provider that was already deleted. -func (c *IAM) DeleteOpenIDConnectProvider(input *DeleteOpenIDConnectProviderInput) (*DeleteOpenIDConnectProviderOutput, error) { - req, out := c.DeleteOpenIDConnectProviderRequest(input) - err := req.Send() - return out, err -} - -const opDeletePolicy = "DeletePolicy" - -// DeletePolicyRequest generates a request for the DeletePolicy operation. -func (c *IAM) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Request, output *DeletePolicyOutput) { - op := &request.Operation{ - Name: opDeletePolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeletePolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &DeletePolicyOutput{} - req.Data = output - return -} - -// Deletes the specified managed policy. -// -// Before you can delete a managed policy, you must detach the policy from -// all users, groups, and roles that it is attached to, and you must delete -// all of the policy's versions. The following steps describe the process for -// deleting a managed policy: Detach the policy from all users, groups, and -// roles that the policy is attached to, using the DetachUserPolicy, DetachGroupPolicy, -// or DetachRolePolicy APIs. To list all the users, groups, and roles that a -// policy is attached to, use ListEntitiesForPolicy. Delete all versions of -// the policy using DeletePolicyVersion. To list the policy's versions, use -// ListPolicyVersions. You cannot use DeletePolicyVersion to delete the version -// that is marked as the default version. You delete the policy's default version -// in the next step of the process. Delete the policy (this automatically deletes -// the policy's default version) using this API. -// -// For information about managed policies, refer to Managed Policies and Inline -// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -func (c *IAM) DeletePolicy(input *DeletePolicyInput) (*DeletePolicyOutput, error) { - req, out := c.DeletePolicyRequest(input) - err := req.Send() - return out, err -} - -const opDeletePolicyVersion = "DeletePolicyVersion" - -// DeletePolicyVersionRequest generates a request for the DeletePolicyVersion operation. -func (c *IAM) DeletePolicyVersionRequest(input *DeletePolicyVersionInput) (req *request.Request, output *DeletePolicyVersionOutput) { - op := &request.Operation{ - Name: opDeletePolicyVersion, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeletePolicyVersionInput{} - } - - req = c.newRequest(op, input, output) - output = &DeletePolicyVersionOutput{} - req.Data = output - return -} - -// Deletes the specified version of the specified managed policy. -// -// You cannot delete the default version of a policy using this API. To delete -// the default version of a policy, use DeletePolicy. To find out which version -// of a policy is marked as the default version, use ListPolicyVersions. -// -// For information about versions for managed policies, refer to Versioning -// for Managed Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) -// in the IAM User Guide. -func (c *IAM) DeletePolicyVersion(input *DeletePolicyVersionInput) (*DeletePolicyVersionOutput, error) { - req, out := c.DeletePolicyVersionRequest(input) - err := req.Send() - return out, err -} - -const opDeleteRole = "DeleteRole" - -// DeleteRoleRequest generates a request for the DeleteRole operation. -func (c *IAM) DeleteRoleRequest(input *DeleteRoleInput) (req *request.Request, output *DeleteRoleOutput) { - op := &request.Operation{ - Name: opDeleteRole, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeleteRoleInput{} - } - - req = c.newRequest(op, input, output) - output = &DeleteRoleOutput{} - req.Data = output - return -} - -// Deletes the specified role. The role must not have any policies attached. -// For more information about roles, go to Working with Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). -// -// Make sure you do not have any Amazon EC2 instances running with the role -// you are about to delete. Deleting a role or instance profile that is associated -// with a running instance will break any applications running on the instance. -func (c *IAM) DeleteRole(input *DeleteRoleInput) (*DeleteRoleOutput, error) { - req, out := c.DeleteRoleRequest(input) - err := req.Send() - return out, err -} - -const opDeleteRolePolicy = "DeleteRolePolicy" - -// DeleteRolePolicyRequest generates a request for the DeleteRolePolicy operation. -func (c *IAM) DeleteRolePolicyRequest(input *DeleteRolePolicyInput) (req *request.Request, output *DeleteRolePolicyOutput) { - op := &request.Operation{ - Name: opDeleteRolePolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeleteRolePolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &DeleteRolePolicyOutput{} - req.Data = output - return -} - -// Deletes the specified inline policy that is embedded in the specified role. -// -// A role can also have managed policies attached to it. To detach a managed -// policy from a role, use DetachRolePolicy. For more information about policies, -// refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -func (c *IAM) DeleteRolePolicy(input *DeleteRolePolicyInput) (*DeleteRolePolicyOutput, error) { - req, out := c.DeleteRolePolicyRequest(input) - err := req.Send() - return out, err -} - -const opDeleteSAMLProvider = "DeleteSAMLProvider" - -// DeleteSAMLProviderRequest generates a request for the DeleteSAMLProvider operation. -func (c *IAM) DeleteSAMLProviderRequest(input *DeleteSAMLProviderInput) (req *request.Request, output *DeleteSAMLProviderOutput) { - op := &request.Operation{ - Name: opDeleteSAMLProvider, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeleteSAMLProviderInput{} - } - - req = c.newRequest(op, input, output) - output = &DeleteSAMLProviderOutput{} - req.Data = output - return -} - -// Deletes a SAML provider. -// -// Deleting the provider does not update any roles that reference the SAML -// provider as a principal in their trust policies. Any attempt to assume a -// role that references a SAML provider that has been deleted will fail. -// -// This operation requires Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). -func (c *IAM) DeleteSAMLProvider(input *DeleteSAMLProviderInput) (*DeleteSAMLProviderOutput, error) { - req, out := c.DeleteSAMLProviderRequest(input) - err := req.Send() - return out, err -} - -const opDeleteSSHPublicKey = "DeleteSSHPublicKey" - -// DeleteSSHPublicKeyRequest generates a request for the DeleteSSHPublicKey operation. -func (c *IAM) DeleteSSHPublicKeyRequest(input *DeleteSSHPublicKeyInput) (req *request.Request, output *DeleteSSHPublicKeyOutput) { - op := &request.Operation{ - Name: opDeleteSSHPublicKey, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeleteSSHPublicKeyInput{} - } - - req = c.newRequest(op, input, output) - output = &DeleteSSHPublicKeyOutput{} - req.Data = output - return -} - -// Deletes the specified SSH public key. -// -// The SSH public key deleted by this action is used only for authenticating -// the associated IAM user to an AWS CodeCommit repository. For more information -// about using SSH keys to authenticate to an AWS CodeCommit repository, see -// Set up AWS CodeCommit for SSH Connections (http://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) -// in the AWS CodeCommit User Guide. -func (c *IAM) DeleteSSHPublicKey(input *DeleteSSHPublicKeyInput) (*DeleteSSHPublicKeyOutput, error) { - req, out := c.DeleteSSHPublicKeyRequest(input) - err := req.Send() - return out, err -} - -const opDeleteServerCertificate = "DeleteServerCertificate" - -// DeleteServerCertificateRequest generates a request for the DeleteServerCertificate operation. -func (c *IAM) DeleteServerCertificateRequest(input *DeleteServerCertificateInput) (req *request.Request, output *DeleteServerCertificateOutput) { - op := &request.Operation{ - Name: opDeleteServerCertificate, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeleteServerCertificateInput{} - } - - req = c.newRequest(op, input, output) - output = &DeleteServerCertificateOutput{} - req.Data = output - return -} - -// Deletes the specified server certificate. -// -// If you are using a server certificate with Elastic Load Balancing, deleting -// the certificate could have implications for your application. If Elastic -// Load Balancing doesn't detect the deletion of bound certificates, it may -// continue to use the certificates. This could cause Elastic Load Balancing -// to stop accepting traffic. We recommend that you remove the reference to -// the certificate from Elastic Load Balancing before using this command to -// delete the certificate. For more information, go to DeleteLoadBalancerListeners -// (http://docs.aws.amazon.com/ElasticLoadBalancing/latest/APIReference/API_DeleteLoadBalancerListeners.html) -// in the Elastic Load Balancing API Reference. -func (c *IAM) DeleteServerCertificate(input *DeleteServerCertificateInput) (*DeleteServerCertificateOutput, error) { - req, out := c.DeleteServerCertificateRequest(input) - err := req.Send() - return out, err -} - -const opDeleteSigningCertificate = "DeleteSigningCertificate" - -// DeleteSigningCertificateRequest generates a request for the DeleteSigningCertificate operation. -func (c *IAM) DeleteSigningCertificateRequest(input *DeleteSigningCertificateInput) (req *request.Request, output *DeleteSigningCertificateOutput) { - op := &request.Operation{ - Name: opDeleteSigningCertificate, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeleteSigningCertificateInput{} - } - - req = c.newRequest(op, input, output) - output = &DeleteSigningCertificateOutput{} - req.Data = output - return -} - -// Deletes the specified signing certificate associated with the specified user. -// -// If you do not specify a user name, IAM determines the user name implicitly -// based on the AWS access key ID signing the request. Because this action works -// for access keys under the AWS account, you can use this action to manage -// root credentials even if the AWS account has no associated users. -func (c *IAM) DeleteSigningCertificate(input *DeleteSigningCertificateInput) (*DeleteSigningCertificateOutput, error) { - req, out := c.DeleteSigningCertificateRequest(input) - err := req.Send() - return out, err -} - -const opDeleteUser = "DeleteUser" - -// DeleteUserRequest generates a request for the DeleteUser operation. -func (c *IAM) DeleteUserRequest(input *DeleteUserInput) (req *request.Request, output *DeleteUserOutput) { - op := &request.Operation{ - Name: opDeleteUser, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeleteUserInput{} - } - - req = c.newRequest(op, input, output) - output = &DeleteUserOutput{} - req.Data = output - return -} - -// Deletes the specified user. The user must not belong to any groups, have -// any keys or signing certificates, or have any attached policies. -func (c *IAM) DeleteUser(input *DeleteUserInput) (*DeleteUserOutput, error) { - req, out := c.DeleteUserRequest(input) - err := req.Send() - return out, err -} - -const opDeleteUserPolicy = "DeleteUserPolicy" - -// DeleteUserPolicyRequest generates a request for the DeleteUserPolicy operation. -func (c *IAM) DeleteUserPolicyRequest(input *DeleteUserPolicyInput) (req *request.Request, output *DeleteUserPolicyOutput) { - op := &request.Operation{ - Name: opDeleteUserPolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeleteUserPolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &DeleteUserPolicyOutput{} - req.Data = output - return -} - -// Deletes the specified inline policy that is embedded in the specified user. -// -// A user can also have managed policies attached to it. To detach a managed -// policy from a user, use DetachUserPolicy. For more information about policies, -// refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -func (c *IAM) DeleteUserPolicy(input *DeleteUserPolicyInput) (*DeleteUserPolicyOutput, error) { - req, out := c.DeleteUserPolicyRequest(input) - err := req.Send() - return out, err -} - -const opDeleteVirtualMFADevice = "DeleteVirtualMFADevice" - -// DeleteVirtualMFADeviceRequest generates a request for the DeleteVirtualMFADevice operation. -func (c *IAM) DeleteVirtualMFADeviceRequest(input *DeleteVirtualMFADeviceInput) (req *request.Request, output *DeleteVirtualMFADeviceOutput) { - op := &request.Operation{ - Name: opDeleteVirtualMFADevice, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DeleteVirtualMFADeviceInput{} - } - - req = c.newRequest(op, input, output) - output = &DeleteVirtualMFADeviceOutput{} - req.Data = output - return -} - -// Deletes a virtual MFA device. -// -// You must deactivate a user's virtual MFA device before you can delete it. -// For information about deactivating MFA devices, see DeactivateMFADevice. -func (c *IAM) DeleteVirtualMFADevice(input *DeleteVirtualMFADeviceInput) (*DeleteVirtualMFADeviceOutput, error) { - req, out := c.DeleteVirtualMFADeviceRequest(input) - err := req.Send() - return out, err -} - -const opDetachGroupPolicy = "DetachGroupPolicy" - -// DetachGroupPolicyRequest generates a request for the DetachGroupPolicy operation. -func (c *IAM) DetachGroupPolicyRequest(input *DetachGroupPolicyInput) (req *request.Request, output *DetachGroupPolicyOutput) { - op := &request.Operation{ - Name: opDetachGroupPolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DetachGroupPolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &DetachGroupPolicyOutput{} - req.Data = output - return -} - -// Removes the specified managed policy from the specified group. -// -// A group can also have inline policies embedded with it. To delete an inline -// policy, use the DeleteGroupPolicy API. For information about policies, refer -// to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -func (c *IAM) DetachGroupPolicy(input *DetachGroupPolicyInput) (*DetachGroupPolicyOutput, error) { - req, out := c.DetachGroupPolicyRequest(input) - err := req.Send() - return out, err -} - -const opDetachRolePolicy = "DetachRolePolicy" - -// DetachRolePolicyRequest generates a request for the DetachRolePolicy operation. -func (c *IAM) DetachRolePolicyRequest(input *DetachRolePolicyInput) (req *request.Request, output *DetachRolePolicyOutput) { - op := &request.Operation{ - Name: opDetachRolePolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DetachRolePolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &DetachRolePolicyOutput{} - req.Data = output - return -} - -// Removes the specified managed policy from the specified role. -// -// A role can also have inline policies embedded with it. To delete an inline -// policy, use the DeleteRolePolicy API. For information about policies, refer -// to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -func (c *IAM) DetachRolePolicy(input *DetachRolePolicyInput) (*DetachRolePolicyOutput, error) { - req, out := c.DetachRolePolicyRequest(input) - err := req.Send() - return out, err -} - -const opDetachUserPolicy = "DetachUserPolicy" - -// DetachUserPolicyRequest generates a request for the DetachUserPolicy operation. -func (c *IAM) DetachUserPolicyRequest(input *DetachUserPolicyInput) (req *request.Request, output *DetachUserPolicyOutput) { - op := &request.Operation{ - Name: opDetachUserPolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DetachUserPolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &DetachUserPolicyOutput{} - req.Data = output - return -} - -// Removes the specified managed policy from the specified user. -// -// A user can also have inline policies embedded with it. To delete an inline -// policy, use the DeleteUserPolicy API. For information about policies, refer -// to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -func (c *IAM) DetachUserPolicy(input *DetachUserPolicyInput) (*DetachUserPolicyOutput, error) { - req, out := c.DetachUserPolicyRequest(input) - err := req.Send() - return out, err -} - -const opEnableMFADevice = "EnableMFADevice" - -// EnableMFADeviceRequest generates a request for the EnableMFADevice operation. -func (c *IAM) EnableMFADeviceRequest(input *EnableMFADeviceInput) (req *request.Request, output *EnableMFADeviceOutput) { - op := &request.Operation{ - Name: opEnableMFADevice, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &EnableMFADeviceInput{} - } - - req = c.newRequest(op, input, output) - output = &EnableMFADeviceOutput{} - req.Data = output - return -} - -// Enables the specified MFA device and associates it with the specified user -// name. When enabled, the MFA device is required for every subsequent login -// by the user name associated with the device. -func (c *IAM) EnableMFADevice(input *EnableMFADeviceInput) (*EnableMFADeviceOutput, error) { - req, out := c.EnableMFADeviceRequest(input) - err := req.Send() - return out, err -} - -const opGenerateCredentialReport = "GenerateCredentialReport" - -// GenerateCredentialReportRequest generates a request for the GenerateCredentialReport operation. -func (c *IAM) GenerateCredentialReportRequest(input *GenerateCredentialReportInput) (req *request.Request, output *GenerateCredentialReportOutput) { - op := &request.Operation{ - Name: opGenerateCredentialReport, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GenerateCredentialReportInput{} - } - - req = c.newRequest(op, input, output) - output = &GenerateCredentialReportOutput{} - req.Data = output - return -} - -// Generates a credential report for the AWS account. For more information about -// the credential report, see Getting Credential Reports (http://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) -// in the IAM User Guide. -func (c *IAM) GenerateCredentialReport(input *GenerateCredentialReportInput) (*GenerateCredentialReportOutput, error) { - req, out := c.GenerateCredentialReportRequest(input) - err := req.Send() - return out, err -} - -const opGetAccessKeyLastUsed = "GetAccessKeyLastUsed" - -// GetAccessKeyLastUsedRequest generates a request for the GetAccessKeyLastUsed operation. -func (c *IAM) GetAccessKeyLastUsedRequest(input *GetAccessKeyLastUsedInput) (req *request.Request, output *GetAccessKeyLastUsedOutput) { - op := &request.Operation{ - Name: opGetAccessKeyLastUsed, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetAccessKeyLastUsedInput{} - } - - req = c.newRequest(op, input, output) - output = &GetAccessKeyLastUsedOutput{} - req.Data = output - return -} - -// Retrieves information about when the specified access key was last used. -// The information includes the date and time of last use, along with the AWS -// service and region that were specified in the last request made with that -// key. -func (c *IAM) GetAccessKeyLastUsed(input *GetAccessKeyLastUsedInput) (*GetAccessKeyLastUsedOutput, error) { - req, out := c.GetAccessKeyLastUsedRequest(input) - err := req.Send() - return out, err -} - -const opGetAccountAuthorizationDetails = "GetAccountAuthorizationDetails" - -// GetAccountAuthorizationDetailsRequest generates a request for the GetAccountAuthorizationDetails operation. -func (c *IAM) GetAccountAuthorizationDetailsRequest(input *GetAccountAuthorizationDetailsInput) (req *request.Request, output *GetAccountAuthorizationDetailsOutput) { - op := &request.Operation{ - Name: opGetAccountAuthorizationDetails, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &GetAccountAuthorizationDetailsInput{} - } - - req = c.newRequest(op, input, output) - output = &GetAccountAuthorizationDetailsOutput{} - req.Data = output - return -} - -// Retrieves information about all IAM users, groups, roles, and policies in -// your account, including their relationships to one another. Use this API -// to obtain a snapshot of the configuration of IAM permissions (users, groups, -// roles, and policies) in your account. -// -// You can optionally filter the results using the Filter parameter. You can -// paginate the results using the MaxItems and Marker parameters. -func (c *IAM) GetAccountAuthorizationDetails(input *GetAccountAuthorizationDetailsInput) (*GetAccountAuthorizationDetailsOutput, error) { - req, out := c.GetAccountAuthorizationDetailsRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) GetAccountAuthorizationDetailsPages(input *GetAccountAuthorizationDetailsInput, fn func(p *GetAccountAuthorizationDetailsOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.GetAccountAuthorizationDetailsRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*GetAccountAuthorizationDetailsOutput), lastPage) - }) -} - -const opGetAccountPasswordPolicy = "GetAccountPasswordPolicy" - -// GetAccountPasswordPolicyRequest generates a request for the GetAccountPasswordPolicy operation. -func (c *IAM) GetAccountPasswordPolicyRequest(input *GetAccountPasswordPolicyInput) (req *request.Request, output *GetAccountPasswordPolicyOutput) { - op := &request.Operation{ - Name: opGetAccountPasswordPolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetAccountPasswordPolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &GetAccountPasswordPolicyOutput{} - req.Data = output - return -} - -// Retrieves the password policy for the AWS account. For more information about -// using a password policy, go to Managing an IAM Password Policy (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html). -func (c *IAM) GetAccountPasswordPolicy(input *GetAccountPasswordPolicyInput) (*GetAccountPasswordPolicyOutput, error) { - req, out := c.GetAccountPasswordPolicyRequest(input) - err := req.Send() - return out, err -} - -const opGetAccountSummary = "GetAccountSummary" - -// GetAccountSummaryRequest generates a request for the GetAccountSummary operation. -func (c *IAM) GetAccountSummaryRequest(input *GetAccountSummaryInput) (req *request.Request, output *GetAccountSummaryOutput) { - op := &request.Operation{ - Name: opGetAccountSummary, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetAccountSummaryInput{} - } - - req = c.newRequest(op, input, output) - output = &GetAccountSummaryOutput{} - req.Data = output - return -} - -// Retrieves information about IAM entity usage and IAM quotas in the AWS account. -// -// For information about limitations on IAM entities, see Limitations on IAM -// Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) -// in the IAM User Guide. -func (c *IAM) GetAccountSummary(input *GetAccountSummaryInput) (*GetAccountSummaryOutput, error) { - req, out := c.GetAccountSummaryRequest(input) - err := req.Send() - return out, err -} - -const opGetContextKeysForCustomPolicy = "GetContextKeysForCustomPolicy" - -// GetContextKeysForCustomPolicyRequest generates a request for the GetContextKeysForCustomPolicy operation. -func (c *IAM) GetContextKeysForCustomPolicyRequest(input *GetContextKeysForCustomPolicyInput) (req *request.Request, output *GetContextKeysForPolicyResponse) { - op := &request.Operation{ - Name: opGetContextKeysForCustomPolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetContextKeysForCustomPolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &GetContextKeysForPolicyResponse{} - req.Data = output - return -} - -// Gets a list of all of the context keys referenced in Condition elements in -// the input policies. The policies are supplied as a list of one or more strings. -// To get the context keys from policies associated with an IAM user, group, -// or role, use GetContextKeysForPrincipalPolicy. -// -// Context keys are variables maintained by AWS and its services that provide -// details about the context of an API query request, and can be evaluated by -// using the Condition element of an IAM policy. Use GetContextKeysForCustomPolicy -// to understand what key names and values you must supply when you call SimulateCustomPolicy. -// Note that all parameters are shown in unencoded form here for clarity, but -// must be URL encoded to be included as a part of a real HTML request. -func (c *IAM) GetContextKeysForCustomPolicy(input *GetContextKeysForCustomPolicyInput) (*GetContextKeysForPolicyResponse, error) { - req, out := c.GetContextKeysForCustomPolicyRequest(input) - err := req.Send() - return out, err -} - -const opGetContextKeysForPrincipalPolicy = "GetContextKeysForPrincipalPolicy" - -// GetContextKeysForPrincipalPolicyRequest generates a request for the GetContextKeysForPrincipalPolicy operation. -func (c *IAM) GetContextKeysForPrincipalPolicyRequest(input *GetContextKeysForPrincipalPolicyInput) (req *request.Request, output *GetContextKeysForPolicyResponse) { - op := &request.Operation{ - Name: opGetContextKeysForPrincipalPolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetContextKeysForPrincipalPolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &GetContextKeysForPolicyResponse{} - req.Data = output - return -} - -// Gets a list of all of the context keys referenced in Condition elements in -// all of the IAM policies attached to the specified IAM entity. The entity -// can be an IAM user, group, or role. If you specify a user, then the request -// also includes all of the policies attached to groups that the user is a member -// of. -// -// You can optionally include a list of one or more additional policies, specified -// as strings. If you want to include only a list of policies by string, use -// GetContextKeysForCustomPolicy instead. -// -// Note: This API discloses information about the permissions granted to other -// users. If you do not want users to see other user's permissions, then consider -// allowing them to use GetContextKeysForCustomPolicy instead. -// -// Context keys are variables maintained by AWS and its services that provide -// details about the context of an API query request, and can be evaluated by -// using the Condition element of an IAM policy. Use GetContextKeysForPrincipalPolicy -// to understand what key names and values you must supply when you call SimulatePrincipalPolicy. -func (c *IAM) GetContextKeysForPrincipalPolicy(input *GetContextKeysForPrincipalPolicyInput) (*GetContextKeysForPolicyResponse, error) { - req, out := c.GetContextKeysForPrincipalPolicyRequest(input) - err := req.Send() - return out, err -} - -const opGetCredentialReport = "GetCredentialReport" - -// GetCredentialReportRequest generates a request for the GetCredentialReport operation. -func (c *IAM) GetCredentialReportRequest(input *GetCredentialReportInput) (req *request.Request, output *GetCredentialReportOutput) { - op := &request.Operation{ - Name: opGetCredentialReport, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetCredentialReportInput{} - } - - req = c.newRequest(op, input, output) - output = &GetCredentialReportOutput{} - req.Data = output - return -} - -// Retrieves a credential report for the AWS account. For more information about -// the credential report, see Getting Credential Reports (http://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) -// in the IAM User Guide. -func (c *IAM) GetCredentialReport(input *GetCredentialReportInput) (*GetCredentialReportOutput, error) { - req, out := c.GetCredentialReportRequest(input) - err := req.Send() - return out, err -} - -const opGetGroup = "GetGroup" - -// GetGroupRequest generates a request for the GetGroup operation. -func (c *IAM) GetGroupRequest(input *GetGroupInput) (req *request.Request, output *GetGroupOutput) { - op := &request.Operation{ - Name: opGetGroup, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &GetGroupInput{} - } - - req = c.newRequest(op, input, output) - output = &GetGroupOutput{} - req.Data = output - return -} - -// Returns a list of users that are in the specified group. You can paginate -// the results using the MaxItems and Marker parameters. -func (c *IAM) GetGroup(input *GetGroupInput) (*GetGroupOutput, error) { - req, out := c.GetGroupRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) GetGroupPages(input *GetGroupInput, fn func(p *GetGroupOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.GetGroupRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*GetGroupOutput), lastPage) - }) -} - -const opGetGroupPolicy = "GetGroupPolicy" - -// GetGroupPolicyRequest generates a request for the GetGroupPolicy operation. -func (c *IAM) GetGroupPolicyRequest(input *GetGroupPolicyInput) (req *request.Request, output *GetGroupPolicyOutput) { - op := &request.Operation{ - Name: opGetGroupPolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetGroupPolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &GetGroupPolicyOutput{} - req.Data = output - return -} - -// Retrieves the specified inline policy document that is embedded in the specified -// group. -// -// A group can also have managed policies attached to it. To retrieve a managed -// policy document that is attached to a group, use GetPolicy to determine the -// policy's default version, then use GetPolicyVersion to retrieve the policy -// document. -// -// For more information about policies, refer to Managed Policies and Inline -// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -func (c *IAM) GetGroupPolicy(input *GetGroupPolicyInput) (*GetGroupPolicyOutput, error) { - req, out := c.GetGroupPolicyRequest(input) - err := req.Send() - return out, err -} - -const opGetInstanceProfile = "GetInstanceProfile" - -// GetInstanceProfileRequest generates a request for the GetInstanceProfile operation. -func (c *IAM) GetInstanceProfileRequest(input *GetInstanceProfileInput) (req *request.Request, output *GetInstanceProfileOutput) { - op := &request.Operation{ - Name: opGetInstanceProfile, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetInstanceProfileInput{} - } - - req = c.newRequest(op, input, output) - output = &GetInstanceProfileOutput{} - req.Data = output - return -} - -// Retrieves information about the specified instance profile, including the -// instance profile's path, GUID, ARN, and role. For more information about -// instance profiles, go to About Instance Profiles (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html). -// For more information about ARNs, go to ARNs (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html#Identifiers_ARNs). -func (c *IAM) GetInstanceProfile(input *GetInstanceProfileInput) (*GetInstanceProfileOutput, error) { - req, out := c.GetInstanceProfileRequest(input) - err := req.Send() - return out, err -} - -const opGetLoginProfile = "GetLoginProfile" - -// GetLoginProfileRequest generates a request for the GetLoginProfile operation. -func (c *IAM) GetLoginProfileRequest(input *GetLoginProfileInput) (req *request.Request, output *GetLoginProfileOutput) { - op := &request.Operation{ - Name: opGetLoginProfile, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetLoginProfileInput{} - } - - req = c.newRequest(op, input, output) - output = &GetLoginProfileOutput{} - req.Data = output - return -} - -// Retrieves the user name and password-creation date for the specified user. -// If the user has not been assigned a password, the action returns a 404 (NoSuchEntity) -// error. -func (c *IAM) GetLoginProfile(input *GetLoginProfileInput) (*GetLoginProfileOutput, error) { - req, out := c.GetLoginProfileRequest(input) - err := req.Send() - return out, err -} - -const opGetOpenIDConnectProvider = "GetOpenIDConnectProvider" - -// GetOpenIDConnectProviderRequest generates a request for the GetOpenIDConnectProvider operation. -func (c *IAM) GetOpenIDConnectProviderRequest(input *GetOpenIDConnectProviderInput) (req *request.Request, output *GetOpenIDConnectProviderOutput) { - op := &request.Operation{ - Name: opGetOpenIDConnectProvider, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetOpenIDConnectProviderInput{} - } - - req = c.newRequest(op, input, output) - output = &GetOpenIDConnectProviderOutput{} - req.Data = output - return -} - -// Returns information about the specified OpenID Connect provider. -func (c *IAM) GetOpenIDConnectProvider(input *GetOpenIDConnectProviderInput) (*GetOpenIDConnectProviderOutput, error) { - req, out := c.GetOpenIDConnectProviderRequest(input) - err := req.Send() - return out, err -} - -const opGetPolicy = "GetPolicy" - -// GetPolicyRequest generates a request for the GetPolicy operation. -func (c *IAM) GetPolicyRequest(input *GetPolicyInput) (req *request.Request, output *GetPolicyOutput) { - op := &request.Operation{ - Name: opGetPolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetPolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &GetPolicyOutput{} - req.Data = output - return -} - -// Retrieves information about the specified managed policy, including the policy's -// default version and the total number of users, groups, and roles that the -// policy is attached to. For a list of the specific users, groups, and roles -// that the policy is attached to, use the ListEntitiesForPolicy API. This API -// returns metadata about the policy. To retrieve the policy document for a -// specific version of the policy, use GetPolicyVersion. -// -// This API retrieves information about managed policies. To retrieve information -// about an inline policy that is embedded with a user, group, or role, use -// the GetUserPolicy, GetGroupPolicy, or GetRolePolicy API. -// -// For more information about policies, refer to Managed Policies and Inline -// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -func (c *IAM) GetPolicy(input *GetPolicyInput) (*GetPolicyOutput, error) { - req, out := c.GetPolicyRequest(input) - err := req.Send() - return out, err -} - -const opGetPolicyVersion = "GetPolicyVersion" - -// GetPolicyVersionRequest generates a request for the GetPolicyVersion operation. -func (c *IAM) GetPolicyVersionRequest(input *GetPolicyVersionInput) (req *request.Request, output *GetPolicyVersionOutput) { - op := &request.Operation{ - Name: opGetPolicyVersion, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetPolicyVersionInput{} - } - - req = c.newRequest(op, input, output) - output = &GetPolicyVersionOutput{} - req.Data = output - return -} - -// Retrieves information about the specified version of the specified managed -// policy, including the policy document. -// -// To list the available versions for a policy, use ListPolicyVersions. -// -// This API retrieves information about managed policies. To retrieve information -// about an inline policy that is embedded in a user, group, or role, use the -// GetUserPolicy, GetGroupPolicy, or GetRolePolicy API. -// -// For more information about the types of policies, refer to Managed Policies -// and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -func (c *IAM) GetPolicyVersion(input *GetPolicyVersionInput) (*GetPolicyVersionOutput, error) { - req, out := c.GetPolicyVersionRequest(input) - err := req.Send() - return out, err -} - -const opGetRole = "GetRole" - -// GetRoleRequest generates a request for the GetRole operation. -func (c *IAM) GetRoleRequest(input *GetRoleInput) (req *request.Request, output *GetRoleOutput) { - op := &request.Operation{ - Name: opGetRole, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetRoleInput{} - } - - req = c.newRequest(op, input, output) - output = &GetRoleOutput{} - req.Data = output - return -} - -// Retrieves information about the specified role, including the role's path, -// GUID, ARN, and the policy granting permission to assume the role. For more -// information about ARNs, go to ARNs (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html#Identifiers_ARNs). -// For more information about roles, go to Working with Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). -func (c *IAM) GetRole(input *GetRoleInput) (*GetRoleOutput, error) { - req, out := c.GetRoleRequest(input) - err := req.Send() - return out, err -} - -const opGetRolePolicy = "GetRolePolicy" - -// GetRolePolicyRequest generates a request for the GetRolePolicy operation. -func (c *IAM) GetRolePolicyRequest(input *GetRolePolicyInput) (req *request.Request, output *GetRolePolicyOutput) { - op := &request.Operation{ - Name: opGetRolePolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetRolePolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &GetRolePolicyOutput{} - req.Data = output - return -} - -// Retrieves the specified inline policy document that is embedded with the -// specified role. -// -// A role can also have managed policies attached to it. To retrieve a managed -// policy document that is attached to a role, use GetPolicy to determine the -// policy's default version, then use GetPolicyVersion to retrieve the policy -// document. -// -// For more information about policies, refer to Managed Policies and Inline -// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -// -// For more information about roles, go to Using Roles to Delegate Permissions -// and Federate Identities (http://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html). -func (c *IAM) GetRolePolicy(input *GetRolePolicyInput) (*GetRolePolicyOutput, error) { - req, out := c.GetRolePolicyRequest(input) - err := req.Send() - return out, err -} - -const opGetSAMLProvider = "GetSAMLProvider" - -// GetSAMLProviderRequest generates a request for the GetSAMLProvider operation. -func (c *IAM) GetSAMLProviderRequest(input *GetSAMLProviderInput) (req *request.Request, output *GetSAMLProviderOutput) { - op := &request.Operation{ - Name: opGetSAMLProvider, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetSAMLProviderInput{} - } - - req = c.newRequest(op, input, output) - output = &GetSAMLProviderOutput{} - req.Data = output - return -} - -// Returns the SAML provider metadocument that was uploaded when the provider -// was created or updated. -// -// This operation requires Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). -func (c *IAM) GetSAMLProvider(input *GetSAMLProviderInput) (*GetSAMLProviderOutput, error) { - req, out := c.GetSAMLProviderRequest(input) - err := req.Send() - return out, err -} - -const opGetSSHPublicKey = "GetSSHPublicKey" - -// GetSSHPublicKeyRequest generates a request for the GetSSHPublicKey operation. -func (c *IAM) GetSSHPublicKeyRequest(input *GetSSHPublicKeyInput) (req *request.Request, output *GetSSHPublicKeyOutput) { - op := &request.Operation{ - Name: opGetSSHPublicKey, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetSSHPublicKeyInput{} - } - - req = c.newRequest(op, input, output) - output = &GetSSHPublicKeyOutput{} - req.Data = output - return -} - -// Retrieves the specified SSH public key, including metadata about the key. -// -// The SSH public key retrieved by this action is used only for authenticating -// the associated IAM user to an AWS CodeCommit repository. For more information -// about using SSH keys to authenticate to an AWS CodeCommit repository, see -// Set up AWS CodeCommit for SSH Connections (http://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) -// in the AWS CodeCommit User Guide. -func (c *IAM) GetSSHPublicKey(input *GetSSHPublicKeyInput) (*GetSSHPublicKeyOutput, error) { - req, out := c.GetSSHPublicKeyRequest(input) - err := req.Send() - return out, err -} - -const opGetServerCertificate = "GetServerCertificate" - -// GetServerCertificateRequest generates a request for the GetServerCertificate operation. -func (c *IAM) GetServerCertificateRequest(input *GetServerCertificateInput) (req *request.Request, output *GetServerCertificateOutput) { - op := &request.Operation{ - Name: opGetServerCertificate, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetServerCertificateInput{} - } - - req = c.newRequest(op, input, output) - output = &GetServerCertificateOutput{} - req.Data = output - return -} - -// Retrieves information about the specified server certificate. -func (c *IAM) GetServerCertificate(input *GetServerCertificateInput) (*GetServerCertificateOutput, error) { - req, out := c.GetServerCertificateRequest(input) - err := req.Send() - return out, err -} - -const opGetUser = "GetUser" - -// GetUserRequest generates a request for the GetUser operation. -func (c *IAM) GetUserRequest(input *GetUserInput) (req *request.Request, output *GetUserOutput) { - op := &request.Operation{ - Name: opGetUser, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetUserInput{} - } - - req = c.newRequest(op, input, output) - output = &GetUserOutput{} - req.Data = output - return -} - -// Retrieves information about the specified user, including the user's creation -// date, path, unique ID, and ARN. -// -// If you do not specify a user name, IAM determines the user name implicitly -// based on the AWS access key ID used to sign the request. -func (c *IAM) GetUser(input *GetUserInput) (*GetUserOutput, error) { - req, out := c.GetUserRequest(input) - err := req.Send() - return out, err -} - -const opGetUserPolicy = "GetUserPolicy" - -// GetUserPolicyRequest generates a request for the GetUserPolicy operation. -func (c *IAM) GetUserPolicyRequest(input *GetUserPolicyInput) (req *request.Request, output *GetUserPolicyOutput) { - op := &request.Operation{ - Name: opGetUserPolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &GetUserPolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &GetUserPolicyOutput{} - req.Data = output - return -} - -// Retrieves the specified inline policy document that is embedded in the specified -// user. -// -// A user can also have managed policies attached to it. To retrieve a managed -// policy document that is attached to a user, use GetPolicy to determine the -// policy's default version, then use GetPolicyVersion to retrieve the policy -// document. -// -// For more information about policies, refer to Managed Policies and Inline -// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -func (c *IAM) GetUserPolicy(input *GetUserPolicyInput) (*GetUserPolicyOutput, error) { - req, out := c.GetUserPolicyRequest(input) - err := req.Send() - return out, err -} - -const opListAccessKeys = "ListAccessKeys" - -// ListAccessKeysRequest generates a request for the ListAccessKeys operation. -func (c *IAM) ListAccessKeysRequest(input *ListAccessKeysInput) (req *request.Request, output *ListAccessKeysOutput) { - op := &request.Operation{ - Name: opListAccessKeys, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListAccessKeysInput{} - } - - req = c.newRequest(op, input, output) - output = &ListAccessKeysOutput{} - req.Data = output - return -} - -// Returns information about the access key IDs associated with the specified -// user. If there are none, the action returns an empty list. -// -// Although each user is limited to a small number of keys, you can still paginate -// the results using the MaxItems and Marker parameters. -// -// If the UserName field is not specified, the UserName is determined implicitly -// based on the AWS access key ID used to sign the request. Because this action -// works for access keys under the AWS account, you can use this action to manage -// root credentials even if the AWS account has no associated users. -// -// To ensure the security of your AWS account, the secret access key is accessible -// only during key and user creation. -func (c *IAM) ListAccessKeys(input *ListAccessKeysInput) (*ListAccessKeysOutput, error) { - req, out := c.ListAccessKeysRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListAccessKeysPages(input *ListAccessKeysInput, fn func(p *ListAccessKeysOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListAccessKeysRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListAccessKeysOutput), lastPage) - }) -} - -const opListAccountAliases = "ListAccountAliases" - -// ListAccountAliasesRequest generates a request for the ListAccountAliases operation. -func (c *IAM) ListAccountAliasesRequest(input *ListAccountAliasesInput) (req *request.Request, output *ListAccountAliasesOutput) { - op := &request.Operation{ - Name: opListAccountAliases, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListAccountAliasesInput{} - } - - req = c.newRequest(op, input, output) - output = &ListAccountAliasesOutput{} - req.Data = output - return -} - -// Lists the account alias associated with the account (Note: you can have only -// one). For information about using an AWS account alias, see Using an Alias -// for Your AWS Account ID (http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) -// in the IAM User Guide. -func (c *IAM) ListAccountAliases(input *ListAccountAliasesInput) (*ListAccountAliasesOutput, error) { - req, out := c.ListAccountAliasesRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListAccountAliasesPages(input *ListAccountAliasesInput, fn func(p *ListAccountAliasesOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListAccountAliasesRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListAccountAliasesOutput), lastPage) - }) -} - -const opListAttachedGroupPolicies = "ListAttachedGroupPolicies" - -// ListAttachedGroupPoliciesRequest generates a request for the ListAttachedGroupPolicies operation. -func (c *IAM) ListAttachedGroupPoliciesRequest(input *ListAttachedGroupPoliciesInput) (req *request.Request, output *ListAttachedGroupPoliciesOutput) { - op := &request.Operation{ - Name: opListAttachedGroupPolicies, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListAttachedGroupPoliciesInput{} - } - - req = c.newRequest(op, input, output) - output = &ListAttachedGroupPoliciesOutput{} - req.Data = output - return -} - -// Lists all managed policies that are attached to the specified group. -// -// A group can also have inline policies embedded with it. To list the inline -// policies for a group, use the ListGroupPolicies API. For information about -// policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -// -// You can paginate the results using the MaxItems and Marker parameters. You -// can use the PathPrefix parameter to limit the list of policies to only those -// matching the specified path prefix. If there are no policies attached to -// the specified group (or none that match the specified path prefix), the action -// returns an empty list. -func (c *IAM) ListAttachedGroupPolicies(input *ListAttachedGroupPoliciesInput) (*ListAttachedGroupPoliciesOutput, error) { - req, out := c.ListAttachedGroupPoliciesRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListAttachedGroupPoliciesPages(input *ListAttachedGroupPoliciesInput, fn func(p *ListAttachedGroupPoliciesOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListAttachedGroupPoliciesRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListAttachedGroupPoliciesOutput), lastPage) - }) -} - -const opListAttachedRolePolicies = "ListAttachedRolePolicies" - -// ListAttachedRolePoliciesRequest generates a request for the ListAttachedRolePolicies operation. -func (c *IAM) ListAttachedRolePoliciesRequest(input *ListAttachedRolePoliciesInput) (req *request.Request, output *ListAttachedRolePoliciesOutput) { - op := &request.Operation{ - Name: opListAttachedRolePolicies, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListAttachedRolePoliciesInput{} - } - - req = c.newRequest(op, input, output) - output = &ListAttachedRolePoliciesOutput{} - req.Data = output - return -} - -// Lists all managed policies that are attached to the specified role. -// -// A role can also have inline policies embedded with it. To list the inline -// policies for a role, use the ListRolePolicies API. For information about -// policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -// -// You can paginate the results using the MaxItems and Marker parameters. You -// can use the PathPrefix parameter to limit the list of policies to only those -// matching the specified path prefix. If there are no policies attached to -// the specified role (or none that match the specified path prefix), the action -// returns an empty list. -func (c *IAM) ListAttachedRolePolicies(input *ListAttachedRolePoliciesInput) (*ListAttachedRolePoliciesOutput, error) { - req, out := c.ListAttachedRolePoliciesRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListAttachedRolePoliciesPages(input *ListAttachedRolePoliciesInput, fn func(p *ListAttachedRolePoliciesOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListAttachedRolePoliciesRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListAttachedRolePoliciesOutput), lastPage) - }) -} - -const opListAttachedUserPolicies = "ListAttachedUserPolicies" - -// ListAttachedUserPoliciesRequest generates a request for the ListAttachedUserPolicies operation. -func (c *IAM) ListAttachedUserPoliciesRequest(input *ListAttachedUserPoliciesInput) (req *request.Request, output *ListAttachedUserPoliciesOutput) { - op := &request.Operation{ - Name: opListAttachedUserPolicies, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListAttachedUserPoliciesInput{} - } - - req = c.newRequest(op, input, output) - output = &ListAttachedUserPoliciesOutput{} - req.Data = output - return -} - -// Lists all managed policies that are attached to the specified user. -// -// A user can also have inline policies embedded with it. To list the inline -// policies for a user, use the ListUserPolicies API. For information about -// policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -// -// You can paginate the results using the MaxItems and Marker parameters. You -// can use the PathPrefix parameter to limit the list of policies to only those -// matching the specified path prefix. If there are no policies attached to -// the specified group (or none that match the specified path prefix), the action -// returns an empty list. -func (c *IAM) ListAttachedUserPolicies(input *ListAttachedUserPoliciesInput) (*ListAttachedUserPoliciesOutput, error) { - req, out := c.ListAttachedUserPoliciesRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListAttachedUserPoliciesPages(input *ListAttachedUserPoliciesInput, fn func(p *ListAttachedUserPoliciesOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListAttachedUserPoliciesRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListAttachedUserPoliciesOutput), lastPage) - }) -} - -const opListEntitiesForPolicy = "ListEntitiesForPolicy" - -// ListEntitiesForPolicyRequest generates a request for the ListEntitiesForPolicy operation. -func (c *IAM) ListEntitiesForPolicyRequest(input *ListEntitiesForPolicyInput) (req *request.Request, output *ListEntitiesForPolicyOutput) { - op := &request.Operation{ - Name: opListEntitiesForPolicy, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListEntitiesForPolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &ListEntitiesForPolicyOutput{} - req.Data = output - return -} - -// Lists all users, groups, and roles that the specified managed policy is attached -// to. -// -// You can use the optional EntityFilter parameter to limit the results to -// a particular type of entity (users, groups, or roles). For example, to list -// only the roles that are attached to the specified policy, set EntityFilter -// to Role. -// -// You can paginate the results using the MaxItems and Marker parameters. -func (c *IAM) ListEntitiesForPolicy(input *ListEntitiesForPolicyInput) (*ListEntitiesForPolicyOutput, error) { - req, out := c.ListEntitiesForPolicyRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListEntitiesForPolicyPages(input *ListEntitiesForPolicyInput, fn func(p *ListEntitiesForPolicyOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListEntitiesForPolicyRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListEntitiesForPolicyOutput), lastPage) - }) -} - -const opListGroupPolicies = "ListGroupPolicies" - -// ListGroupPoliciesRequest generates a request for the ListGroupPolicies operation. -func (c *IAM) ListGroupPoliciesRequest(input *ListGroupPoliciesInput) (req *request.Request, output *ListGroupPoliciesOutput) { - op := &request.Operation{ - Name: opListGroupPolicies, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListGroupPoliciesInput{} - } - - req = c.newRequest(op, input, output) - output = &ListGroupPoliciesOutput{} - req.Data = output - return -} - -// Lists the names of the inline policies that are embedded in the specified -// group. -// -// A group can also have managed policies attached to it. To list the managed -// policies that are attached to a group, use ListAttachedGroupPolicies. For -// more information about policies, refer to Managed Policies and Inline Policies -// (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -// -// You can paginate the results using the MaxItems and Marker parameters. If -// there are no inline policies embedded with the specified group, the action -// returns an empty list. -func (c *IAM) ListGroupPolicies(input *ListGroupPoliciesInput) (*ListGroupPoliciesOutput, error) { - req, out := c.ListGroupPoliciesRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListGroupPoliciesPages(input *ListGroupPoliciesInput, fn func(p *ListGroupPoliciesOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListGroupPoliciesRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListGroupPoliciesOutput), lastPage) - }) -} - -const opListGroups = "ListGroups" - -// ListGroupsRequest generates a request for the ListGroups operation. -func (c *IAM) ListGroupsRequest(input *ListGroupsInput) (req *request.Request, output *ListGroupsOutput) { - op := &request.Operation{ - Name: opListGroups, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListGroupsInput{} - } - - req = c.newRequest(op, input, output) - output = &ListGroupsOutput{} - req.Data = output - return -} - -// Lists the groups that have the specified path prefix. -// -// You can paginate the results using the MaxItems and Marker parameters. -func (c *IAM) ListGroups(input *ListGroupsInput) (*ListGroupsOutput, error) { - req, out := c.ListGroupsRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListGroupsPages(input *ListGroupsInput, fn func(p *ListGroupsOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListGroupsRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListGroupsOutput), lastPage) - }) -} - -const opListGroupsForUser = "ListGroupsForUser" - -// ListGroupsForUserRequest generates a request for the ListGroupsForUser operation. -func (c *IAM) ListGroupsForUserRequest(input *ListGroupsForUserInput) (req *request.Request, output *ListGroupsForUserOutput) { - op := &request.Operation{ - Name: opListGroupsForUser, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListGroupsForUserInput{} - } - - req = c.newRequest(op, input, output) - output = &ListGroupsForUserOutput{} - req.Data = output - return -} - -// Lists the groups the specified user belongs to. -// -// You can paginate the results using the MaxItems and Marker parameters. -func (c *IAM) ListGroupsForUser(input *ListGroupsForUserInput) (*ListGroupsForUserOutput, error) { - req, out := c.ListGroupsForUserRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListGroupsForUserPages(input *ListGroupsForUserInput, fn func(p *ListGroupsForUserOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListGroupsForUserRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListGroupsForUserOutput), lastPage) - }) -} - -const opListInstanceProfiles = "ListInstanceProfiles" - -// ListInstanceProfilesRequest generates a request for the ListInstanceProfiles operation. -func (c *IAM) ListInstanceProfilesRequest(input *ListInstanceProfilesInput) (req *request.Request, output *ListInstanceProfilesOutput) { - op := &request.Operation{ - Name: opListInstanceProfiles, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListInstanceProfilesInput{} - } - - req = c.newRequest(op, input, output) - output = &ListInstanceProfilesOutput{} - req.Data = output - return -} - -// Lists the instance profiles that have the specified path prefix. If there -// are none, the action returns an empty list. For more information about instance -// profiles, go to About Instance Profiles (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html). -// -// You can paginate the results using the MaxItems and Marker parameters. -func (c *IAM) ListInstanceProfiles(input *ListInstanceProfilesInput) (*ListInstanceProfilesOutput, error) { - req, out := c.ListInstanceProfilesRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListInstanceProfilesPages(input *ListInstanceProfilesInput, fn func(p *ListInstanceProfilesOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListInstanceProfilesRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListInstanceProfilesOutput), lastPage) - }) -} - -const opListInstanceProfilesForRole = "ListInstanceProfilesForRole" - -// ListInstanceProfilesForRoleRequest generates a request for the ListInstanceProfilesForRole operation. -func (c *IAM) ListInstanceProfilesForRoleRequest(input *ListInstanceProfilesForRoleInput) (req *request.Request, output *ListInstanceProfilesForRoleOutput) { - op := &request.Operation{ - Name: opListInstanceProfilesForRole, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListInstanceProfilesForRoleInput{} - } - - req = c.newRequest(op, input, output) - output = &ListInstanceProfilesForRoleOutput{} - req.Data = output - return -} - -// Lists the instance profiles that have the specified associated role. If there -// are none, the action returns an empty list. For more information about instance -// profiles, go to About Instance Profiles (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html). -// -// You can paginate the results using the MaxItems and Marker parameters. -func (c *IAM) ListInstanceProfilesForRole(input *ListInstanceProfilesForRoleInput) (*ListInstanceProfilesForRoleOutput, error) { - req, out := c.ListInstanceProfilesForRoleRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListInstanceProfilesForRolePages(input *ListInstanceProfilesForRoleInput, fn func(p *ListInstanceProfilesForRoleOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListInstanceProfilesForRoleRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListInstanceProfilesForRoleOutput), lastPage) - }) -} - -const opListMFADevices = "ListMFADevices" - -// ListMFADevicesRequest generates a request for the ListMFADevices operation. -func (c *IAM) ListMFADevicesRequest(input *ListMFADevicesInput) (req *request.Request, output *ListMFADevicesOutput) { - op := &request.Operation{ - Name: opListMFADevices, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListMFADevicesInput{} - } - - req = c.newRequest(op, input, output) - output = &ListMFADevicesOutput{} - req.Data = output - return -} - -// Lists the MFA devices. If the request includes the user name, then this action -// lists all the MFA devices associated with the specified user name. If you -// do not specify a user name, IAM determines the user name implicitly based -// on the AWS access key ID signing the request. -// -// You can paginate the results using the MaxItems and Marker parameters. -func (c *IAM) ListMFADevices(input *ListMFADevicesInput) (*ListMFADevicesOutput, error) { - req, out := c.ListMFADevicesRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListMFADevicesPages(input *ListMFADevicesInput, fn func(p *ListMFADevicesOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListMFADevicesRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListMFADevicesOutput), lastPage) - }) -} - -const opListOpenIDConnectProviders = "ListOpenIDConnectProviders" - -// ListOpenIDConnectProvidersRequest generates a request for the ListOpenIDConnectProviders operation. -func (c *IAM) ListOpenIDConnectProvidersRequest(input *ListOpenIDConnectProvidersInput) (req *request.Request, output *ListOpenIDConnectProvidersOutput) { - op := &request.Operation{ - Name: opListOpenIDConnectProviders, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &ListOpenIDConnectProvidersInput{} - } - - req = c.newRequest(op, input, output) - output = &ListOpenIDConnectProvidersOutput{} - req.Data = output - return -} - -// Lists information about the OpenID Connect providers in the AWS account. -func (c *IAM) ListOpenIDConnectProviders(input *ListOpenIDConnectProvidersInput) (*ListOpenIDConnectProvidersOutput, error) { - req, out := c.ListOpenIDConnectProvidersRequest(input) - err := req.Send() - return out, err -} - -const opListPolicies = "ListPolicies" - -// ListPoliciesRequest generates a request for the ListPolicies operation. -func (c *IAM) ListPoliciesRequest(input *ListPoliciesInput) (req *request.Request, output *ListPoliciesOutput) { - op := &request.Operation{ - Name: opListPolicies, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListPoliciesInput{} - } - - req = c.newRequest(op, input, output) - output = &ListPoliciesOutput{} - req.Data = output - return -} - -// Lists all the managed policies that are available to your account, including -// your own customer managed policies and all AWS managed policies. -// -// You can filter the list of policies that is returned using the optional -// OnlyAttached, Scope, and PathPrefix parameters. For example, to list only -// the customer managed policies in your AWS account, set Scope to Local. To -// list only AWS managed policies, set Scope to AWS. -// -// You can paginate the results using the MaxItems and Marker parameters. -// -// For more information about managed policies, refer to Managed Policies and -// Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -func (c *IAM) ListPolicies(input *ListPoliciesInput) (*ListPoliciesOutput, error) { - req, out := c.ListPoliciesRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListPoliciesPages(input *ListPoliciesInput, fn func(p *ListPoliciesOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListPoliciesRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListPoliciesOutput), lastPage) - }) -} - -const opListPolicyVersions = "ListPolicyVersions" - -// ListPolicyVersionsRequest generates a request for the ListPolicyVersions operation. -func (c *IAM) ListPolicyVersionsRequest(input *ListPolicyVersionsInput) (req *request.Request, output *ListPolicyVersionsOutput) { - op := &request.Operation{ - Name: opListPolicyVersions, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &ListPolicyVersionsInput{} - } - - req = c.newRequest(op, input, output) - output = &ListPolicyVersionsOutput{} - req.Data = output - return -} - -// Lists information about the versions of the specified managed policy, including -// the version that is set as the policy's default version. -// -// For more information about managed policies, refer to Managed Policies and -// Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -func (c *IAM) ListPolicyVersions(input *ListPolicyVersionsInput) (*ListPolicyVersionsOutput, error) { - req, out := c.ListPolicyVersionsRequest(input) - err := req.Send() - return out, err -} - -const opListRolePolicies = "ListRolePolicies" - -// ListRolePoliciesRequest generates a request for the ListRolePolicies operation. -func (c *IAM) ListRolePoliciesRequest(input *ListRolePoliciesInput) (req *request.Request, output *ListRolePoliciesOutput) { - op := &request.Operation{ - Name: opListRolePolicies, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListRolePoliciesInput{} - } - - req = c.newRequest(op, input, output) - output = &ListRolePoliciesOutput{} - req.Data = output - return -} - -// Lists the names of the inline policies that are embedded in the specified -// role. -// -// A role can also have managed policies attached to it. To list the managed -// policies that are attached to a role, use ListAttachedRolePolicies. For more -// information about policies, refer to Managed Policies and Inline Policies -// (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -// -// You can paginate the results using the MaxItems and Marker parameters. If -// there are no inline policies embedded with the specified role, the action -// returns an empty list. -func (c *IAM) ListRolePolicies(input *ListRolePoliciesInput) (*ListRolePoliciesOutput, error) { - req, out := c.ListRolePoliciesRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListRolePoliciesPages(input *ListRolePoliciesInput, fn func(p *ListRolePoliciesOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListRolePoliciesRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListRolePoliciesOutput), lastPage) - }) -} - -const opListRoles = "ListRoles" - -// ListRolesRequest generates a request for the ListRoles operation. -func (c *IAM) ListRolesRequest(input *ListRolesInput) (req *request.Request, output *ListRolesOutput) { - op := &request.Operation{ - Name: opListRoles, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListRolesInput{} - } - - req = c.newRequest(op, input, output) - output = &ListRolesOutput{} - req.Data = output - return -} - -// Lists the roles that have the specified path prefix. If there are none, the -// action returns an empty list. For more information about roles, go to Working -// with Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). -// -// You can paginate the results using the MaxItems and Marker parameters. -func (c *IAM) ListRoles(input *ListRolesInput) (*ListRolesOutput, error) { - req, out := c.ListRolesRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListRolesPages(input *ListRolesInput, fn func(p *ListRolesOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListRolesRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListRolesOutput), lastPage) - }) -} - -const opListSAMLProviders = "ListSAMLProviders" - -// ListSAMLProvidersRequest generates a request for the ListSAMLProviders operation. -func (c *IAM) ListSAMLProvidersRequest(input *ListSAMLProvidersInput) (req *request.Request, output *ListSAMLProvidersOutput) { - op := &request.Operation{ - Name: opListSAMLProviders, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &ListSAMLProvidersInput{} - } - - req = c.newRequest(op, input, output) - output = &ListSAMLProvidersOutput{} - req.Data = output - return -} - -// Lists the SAML providers in the account. -// -// This operation requires Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). -func (c *IAM) ListSAMLProviders(input *ListSAMLProvidersInput) (*ListSAMLProvidersOutput, error) { - req, out := c.ListSAMLProvidersRequest(input) - err := req.Send() - return out, err -} - -const opListSSHPublicKeys = "ListSSHPublicKeys" - -// ListSSHPublicKeysRequest generates a request for the ListSSHPublicKeys operation. -func (c *IAM) ListSSHPublicKeysRequest(input *ListSSHPublicKeysInput) (req *request.Request, output *ListSSHPublicKeysOutput) { - op := &request.Operation{ - Name: opListSSHPublicKeys, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &ListSSHPublicKeysInput{} - } - - req = c.newRequest(op, input, output) - output = &ListSSHPublicKeysOutput{} - req.Data = output - return -} - -// Returns information about the SSH public keys associated with the specified -// IAM user. If there are none, the action returns an empty list. -// -// The SSH public keys returned by this action are used only for authenticating -// the IAM user to an AWS CodeCommit repository. For more information about -// using SSH keys to authenticate to an AWS CodeCommit repository, see Set up -// AWS CodeCommit for SSH Connections (http://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) -// in the AWS CodeCommit User Guide. -// -// Although each user is limited to a small number of keys, you can still paginate -// the results using the MaxItems and Marker parameters. -func (c *IAM) ListSSHPublicKeys(input *ListSSHPublicKeysInput) (*ListSSHPublicKeysOutput, error) { - req, out := c.ListSSHPublicKeysRequest(input) - err := req.Send() - return out, err -} - -const opListServerCertificates = "ListServerCertificates" - -// ListServerCertificatesRequest generates a request for the ListServerCertificates operation. -func (c *IAM) ListServerCertificatesRequest(input *ListServerCertificatesInput) (req *request.Request, output *ListServerCertificatesOutput) { - op := &request.Operation{ - Name: opListServerCertificates, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListServerCertificatesInput{} - } - - req = c.newRequest(op, input, output) - output = &ListServerCertificatesOutput{} - req.Data = output - return -} - -// Lists the server certificates that have the specified path prefix. If none -// exist, the action returns an empty list. -// -// You can paginate the results using the MaxItems and Marker parameters. -func (c *IAM) ListServerCertificates(input *ListServerCertificatesInput) (*ListServerCertificatesOutput, error) { - req, out := c.ListServerCertificatesRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListServerCertificatesPages(input *ListServerCertificatesInput, fn func(p *ListServerCertificatesOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListServerCertificatesRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListServerCertificatesOutput), lastPage) - }) -} - -const opListSigningCertificates = "ListSigningCertificates" - -// ListSigningCertificatesRequest generates a request for the ListSigningCertificates operation. -func (c *IAM) ListSigningCertificatesRequest(input *ListSigningCertificatesInput) (req *request.Request, output *ListSigningCertificatesOutput) { - op := &request.Operation{ - Name: opListSigningCertificates, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListSigningCertificatesInput{} - } - - req = c.newRequest(op, input, output) - output = &ListSigningCertificatesOutput{} - req.Data = output - return -} - -// Returns information about the signing certificates associated with the specified -// user. If there are none, the action returns an empty list. -// -// Although each user is limited to a small number of signing certificates, -// you can still paginate the results using the MaxItems and Marker parameters. -// -// If the UserName field is not specified, the user name is determined implicitly -// based on the AWS access key ID used to sign the request. Because this action -// works for access keys under the AWS account, you can use this action to manage -// root credentials even if the AWS account has no associated users. -func (c *IAM) ListSigningCertificates(input *ListSigningCertificatesInput) (*ListSigningCertificatesOutput, error) { - req, out := c.ListSigningCertificatesRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListSigningCertificatesPages(input *ListSigningCertificatesInput, fn func(p *ListSigningCertificatesOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListSigningCertificatesRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListSigningCertificatesOutput), lastPage) - }) -} - -const opListUserPolicies = "ListUserPolicies" - -// ListUserPoliciesRequest generates a request for the ListUserPolicies operation. -func (c *IAM) ListUserPoliciesRequest(input *ListUserPoliciesInput) (req *request.Request, output *ListUserPoliciesOutput) { - op := &request.Operation{ - Name: opListUserPolicies, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListUserPoliciesInput{} - } - - req = c.newRequest(op, input, output) - output = &ListUserPoliciesOutput{} - req.Data = output - return -} - -// Lists the names of the inline policies embedded in the specified user. -// -// A user can also have managed policies attached to it. To list the managed -// policies that are attached to a user, use ListAttachedUserPolicies. For more -// information about policies, refer to Managed Policies and Inline Policies -// (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -// -// You can paginate the results using the MaxItems and Marker parameters. If -// there are no inline policies embedded with the specified user, the action -// returns an empty list. -func (c *IAM) ListUserPolicies(input *ListUserPoliciesInput) (*ListUserPoliciesOutput, error) { - req, out := c.ListUserPoliciesRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListUserPoliciesPages(input *ListUserPoliciesInput, fn func(p *ListUserPoliciesOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListUserPoliciesRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListUserPoliciesOutput), lastPage) - }) -} - -const opListUsers = "ListUsers" - -// ListUsersRequest generates a request for the ListUsers operation. -func (c *IAM) ListUsersRequest(input *ListUsersInput) (req *request.Request, output *ListUsersOutput) { - op := &request.Operation{ - Name: opListUsers, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListUsersInput{} - } - - req = c.newRequest(op, input, output) - output = &ListUsersOutput{} - req.Data = output - return -} - -// Lists the IAM users that have the specified path prefix. If no path prefix -// is specified, the action returns all users in the AWS account. If there are -// none, the action returns an empty list. -// -// You can paginate the results using the MaxItems and Marker parameters. -func (c *IAM) ListUsers(input *ListUsersInput) (*ListUsersOutput, error) { - req, out := c.ListUsersRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListUsersPages(input *ListUsersInput, fn func(p *ListUsersOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListUsersRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListUsersOutput), lastPage) - }) -} - -const opListVirtualMFADevices = "ListVirtualMFADevices" - -// ListVirtualMFADevicesRequest generates a request for the ListVirtualMFADevices operation. -func (c *IAM) ListVirtualMFADevicesRequest(input *ListVirtualMFADevicesInput) (req *request.Request, output *ListVirtualMFADevicesOutput) { - op := &request.Operation{ - Name: opListVirtualMFADevices, - HTTPMethod: "POST", - HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"Marker"}, - OutputTokens: []string{"Marker"}, - LimitToken: "MaxItems", - TruncationToken: "IsTruncated", - }, - } - - if input == nil { - input = &ListVirtualMFADevicesInput{} - } - - req = c.newRequest(op, input, output) - output = &ListVirtualMFADevicesOutput{} - req.Data = output - return -} - -// Lists the virtual MFA devices under the AWS account by assignment status. -// If you do not specify an assignment status, the action returns a list of -// all virtual MFA devices. Assignment status can be Assigned, Unassigned, or -// Any. -// -// You can paginate the results using the MaxItems and Marker parameters. -func (c *IAM) ListVirtualMFADevices(input *ListVirtualMFADevicesInput) (*ListVirtualMFADevicesOutput, error) { - req, out := c.ListVirtualMFADevicesRequest(input) - err := req.Send() - return out, err -} - -func (c *IAM) ListVirtualMFADevicesPages(input *ListVirtualMFADevicesInput, fn func(p *ListVirtualMFADevicesOutput, lastPage bool) (shouldContinue bool)) error { - page, _ := c.ListVirtualMFADevicesRequest(input) - page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator")) - return page.EachPage(func(p interface{}, lastPage bool) bool { - return fn(p.(*ListVirtualMFADevicesOutput), lastPage) - }) -} - -const opPutGroupPolicy = "PutGroupPolicy" - -// PutGroupPolicyRequest generates a request for the PutGroupPolicy operation. -func (c *IAM) PutGroupPolicyRequest(input *PutGroupPolicyInput) (req *request.Request, output *PutGroupPolicyOutput) { - op := &request.Operation{ - Name: opPutGroupPolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &PutGroupPolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &PutGroupPolicyOutput{} - req.Data = output - return -} - -// Adds (or updates) an inline policy document that is embedded in the specified -// group. -// -// A user can also have managed policies attached to it. To attach a managed -// policy to a group, use AttachGroupPolicy. To create a new managed policy, -// use CreatePolicy. For information about policies, refer to Managed Policies -// and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -// -// For information about limits on the number of inline policies that you can -// embed in a group, see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) -// in the IAM User Guide. -// -// Because policy documents can be large, you should use POST rather than GET -// when calling PutGroupPolicy. For general information about using the Query -// API with IAM, go to Making Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) -// in the Using IAM guide. -func (c *IAM) PutGroupPolicy(input *PutGroupPolicyInput) (*PutGroupPolicyOutput, error) { - req, out := c.PutGroupPolicyRequest(input) - err := req.Send() - return out, err -} - -const opPutRolePolicy = "PutRolePolicy" - -// PutRolePolicyRequest generates a request for the PutRolePolicy operation. -func (c *IAM) PutRolePolicyRequest(input *PutRolePolicyInput) (req *request.Request, output *PutRolePolicyOutput) { - op := &request.Operation{ - Name: opPutRolePolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &PutRolePolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &PutRolePolicyOutput{} - req.Data = output - return -} - -// Adds (or updates) an inline policy document that is embedded in the specified -// role. -// -// When you embed an inline policy in a role, the inline policy is used as -// the role's access (permissions) policy. The role's trust policy is created -// at the same time as the role, using CreateRole. You can update a role's trust -// policy using UpdateAssumeRolePolicy. For more information about roles, go -// to Using Roles to Delegate Permissions and Federate Identities (http://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html). -// -// A role can also have a managed policy attached to it. To attach a managed -// policy to a role, use AttachRolePolicy. To create a new managed policy, use -// CreatePolicy. For information about policies, refer to Managed Policies and -// Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -// -// For information about limits on the number of inline policies that you can -// embed with a role, see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) -// in the IAM User Guide. -// -// Because policy documents can be large, you should use POST rather than GET -// when calling PutRolePolicy. For general information about using the Query -// API with IAM, go to Making Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) -// in the Using IAM guide. -func (c *IAM) PutRolePolicy(input *PutRolePolicyInput) (*PutRolePolicyOutput, error) { - req, out := c.PutRolePolicyRequest(input) - err := req.Send() - return out, err -} - -const opPutUserPolicy = "PutUserPolicy" - -// PutUserPolicyRequest generates a request for the PutUserPolicy operation. -func (c *IAM) PutUserPolicyRequest(input *PutUserPolicyInput) (req *request.Request, output *PutUserPolicyOutput) { - op := &request.Operation{ - Name: opPutUserPolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &PutUserPolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &PutUserPolicyOutput{} - req.Data = output - return -} - -// Adds (or updates) an inline policy document that is embedded in the specified -// user. -// -// A user can also have a managed policy attached to it. To attach a managed -// policy to a user, use AttachUserPolicy. To create a new managed policy, use -// CreatePolicy. For information about policies, refer to Managed Policies and -// Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -// -// For information about limits on the number of inline policies that you can -// embed in a user, see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) -// in the IAM User Guide. -// -// Because policy documents can be large, you should use POST rather than GET -// when calling PutUserPolicy. For general information about using the Query -// API with IAM, go to Making Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) -// in the Using IAM guide. -func (c *IAM) PutUserPolicy(input *PutUserPolicyInput) (*PutUserPolicyOutput, error) { - req, out := c.PutUserPolicyRequest(input) - err := req.Send() - return out, err -} - -const opRemoveClientIDFromOpenIDConnectProvider = "RemoveClientIDFromOpenIDConnectProvider" - -// RemoveClientIDFromOpenIDConnectProviderRequest generates a request for the RemoveClientIDFromOpenIDConnectProvider operation. -func (c *IAM) RemoveClientIDFromOpenIDConnectProviderRequest(input *RemoveClientIDFromOpenIDConnectProviderInput) (req *request.Request, output *RemoveClientIDFromOpenIDConnectProviderOutput) { - op := &request.Operation{ - Name: opRemoveClientIDFromOpenIDConnectProvider, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &RemoveClientIDFromOpenIDConnectProviderInput{} - } - - req = c.newRequest(op, input, output) - output = &RemoveClientIDFromOpenIDConnectProviderOutput{} - req.Data = output - return -} - -// Removes the specified client ID (also known as audience) from the list of -// client IDs registered for the specified IAM OpenID Connect provider. -// -// This action is idempotent; it does not fail or return an error if you try -// to remove a client ID that was removed previously. -func (c *IAM) RemoveClientIDFromOpenIDConnectProvider(input *RemoveClientIDFromOpenIDConnectProviderInput) (*RemoveClientIDFromOpenIDConnectProviderOutput, error) { - req, out := c.RemoveClientIDFromOpenIDConnectProviderRequest(input) - err := req.Send() - return out, err -} - -const opRemoveRoleFromInstanceProfile = "RemoveRoleFromInstanceProfile" - -// RemoveRoleFromInstanceProfileRequest generates a request for the RemoveRoleFromInstanceProfile operation. -func (c *IAM) RemoveRoleFromInstanceProfileRequest(input *RemoveRoleFromInstanceProfileInput) (req *request.Request, output *RemoveRoleFromInstanceProfileOutput) { - op := &request.Operation{ - Name: opRemoveRoleFromInstanceProfile, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &RemoveRoleFromInstanceProfileInput{} - } - - req = c.newRequest(op, input, output) - output = &RemoveRoleFromInstanceProfileOutput{} - req.Data = output - return -} - -// Removes the specified role from the specified instance profile. -// -// Make sure you do not have any Amazon EC2 instances running with the role -// you are about to remove from the instance profile. Removing a role from an -// instance profile that is associated with a running instance will break any -// applications running on the instance. For more information about roles, -// go to Working with Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). -// For more information about instance profiles, go to About Instance Profiles -// (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html). -func (c *IAM) RemoveRoleFromInstanceProfile(input *RemoveRoleFromInstanceProfileInput) (*RemoveRoleFromInstanceProfileOutput, error) { - req, out := c.RemoveRoleFromInstanceProfileRequest(input) - err := req.Send() - return out, err -} - -const opRemoveUserFromGroup = "RemoveUserFromGroup" - -// RemoveUserFromGroupRequest generates a request for the RemoveUserFromGroup operation. -func (c *IAM) RemoveUserFromGroupRequest(input *RemoveUserFromGroupInput) (req *request.Request, output *RemoveUserFromGroupOutput) { - op := &request.Operation{ - Name: opRemoveUserFromGroup, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &RemoveUserFromGroupInput{} - } - - req = c.newRequest(op, input, output) - output = &RemoveUserFromGroupOutput{} - req.Data = output - return -} - -// Removes the specified user from the specified group. -func (c *IAM) RemoveUserFromGroup(input *RemoveUserFromGroupInput) (*RemoveUserFromGroupOutput, error) { - req, out := c.RemoveUserFromGroupRequest(input) - err := req.Send() - return out, err -} - -const opResyncMFADevice = "ResyncMFADevice" - -// ResyncMFADeviceRequest generates a request for the ResyncMFADevice operation. -func (c *IAM) ResyncMFADeviceRequest(input *ResyncMFADeviceInput) (req *request.Request, output *ResyncMFADeviceOutput) { - op := &request.Operation{ - Name: opResyncMFADevice, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &ResyncMFADeviceInput{} - } - - req = c.newRequest(op, input, output) - output = &ResyncMFADeviceOutput{} - req.Data = output - return -} - -// Synchronizes the specified MFA device with AWS servers. -// -// For more information about creating and working with virtual MFA devices, -// go to Using a Virtual MFA Device (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) -// in the Using IAM guide. -func (c *IAM) ResyncMFADevice(input *ResyncMFADeviceInput) (*ResyncMFADeviceOutput, error) { - req, out := c.ResyncMFADeviceRequest(input) - err := req.Send() - return out, err -} - -const opSetDefaultPolicyVersion = "SetDefaultPolicyVersion" - -// SetDefaultPolicyVersionRequest generates a request for the SetDefaultPolicyVersion operation. -func (c *IAM) SetDefaultPolicyVersionRequest(input *SetDefaultPolicyVersionInput) (req *request.Request, output *SetDefaultPolicyVersionOutput) { - op := &request.Operation{ - Name: opSetDefaultPolicyVersion, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &SetDefaultPolicyVersionInput{} - } - - req = c.newRequest(op, input, output) - output = &SetDefaultPolicyVersionOutput{} - req.Data = output - return -} - -// Sets the specified version of the specified policy as the policy's default -// (operative) version. -// -// This action affects all users, groups, and roles that the policy is attached -// to. To list the users, groups, and roles that the policy is attached to, -// use the ListEntitiesForPolicy API. -// -// For information about managed policies, refer to Managed Policies and Inline -// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the IAM User Guide. -func (c *IAM) SetDefaultPolicyVersion(input *SetDefaultPolicyVersionInput) (*SetDefaultPolicyVersionOutput, error) { - req, out := c.SetDefaultPolicyVersionRequest(input) - err := req.Send() - return out, err -} - -const opSimulateCustomPolicy = "SimulateCustomPolicy" - -// SimulateCustomPolicyRequest generates a request for the SimulateCustomPolicy operation. -func (c *IAM) SimulateCustomPolicyRequest(input *SimulateCustomPolicyInput) (req *request.Request, output *SimulatePolicyResponse) { - op := &request.Operation{ - Name: opSimulateCustomPolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &SimulateCustomPolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &SimulatePolicyResponse{} - req.Data = output - return -} - -// Simulate how a set of IAM policies and optionally a resource-based policy -// works with a list of API actions and AWS resources to determine the policies' -// effective permissions. The policies are provided as strings. -// -// The simulation does not perform the API actions; it only checks the authorization -// to determine if the simulated policies allow or deny the actions. -// -// If you want to simulate existing policies attached to an IAM user, group, -// or role, use SimulatePrincipalPolicy instead. -// -// Context keys are variables maintained by AWS and its services that provide -// details about the context of an API query request. You can use the Condition -// element of an IAM policy to evaluate context keys. To get the list of context -// keys that the policies require for correct simulation, use GetContextKeysForCustomPolicy. -// -// If the output is long, you can use MaxItems and Marker parameters to paginate -// the results. -func (c *IAM) SimulateCustomPolicy(input *SimulateCustomPolicyInput) (*SimulatePolicyResponse, error) { - req, out := c.SimulateCustomPolicyRequest(input) - err := req.Send() - return out, err -} - -const opSimulatePrincipalPolicy = "SimulatePrincipalPolicy" - -// SimulatePrincipalPolicyRequest generates a request for the SimulatePrincipalPolicy operation. -func (c *IAM) SimulatePrincipalPolicyRequest(input *SimulatePrincipalPolicyInput) (req *request.Request, output *SimulatePolicyResponse) { - op := &request.Operation{ - Name: opSimulatePrincipalPolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &SimulatePrincipalPolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &SimulatePolicyResponse{} - req.Data = output - return -} - -// Simulate how a set of IAM policies attached to an IAM entity works with a -// list of API actions and AWS resources to determine the policies' effective -// permissions. The entity can be an IAM user, group, or role. If you specify -// a user, then the simulation also includes all of the policies that are attached -// to groups that the user belongs to . -// -// You can optionally include a list of one or more additional policies specified -// as strings to include in the simulation. If you want to simulate only policies -// specified as strings, use SimulateCustomPolicy instead. -// -// You can also optionally include one resource-based policy to be evaluated -// with each of the resources included in the simulation. -// -// The simulation does not perform the API actions, it only checks the authorization -// to determine if the simulated policies allow or deny the actions. -// -// Note: This API discloses information about the permissions granted to other -// users. If you do not want users to see other user's permissions, then consider -// allowing them to use SimulateCustomPolicy instead. -// -// Context keys are variables maintained by AWS and its services that provide -// details about the context of an API query request. You can use the Condition -// element of an IAM policy to evaluate context keys. To get the list of context -// keys that the policies require for correct simulation, use GetContextKeysForPrincipalPolicy. -// -// If the output is long, you can use the MaxItems and Marker parameters to -// paginate the results. -func (c *IAM) SimulatePrincipalPolicy(input *SimulatePrincipalPolicyInput) (*SimulatePolicyResponse, error) { - req, out := c.SimulatePrincipalPolicyRequest(input) - err := req.Send() - return out, err -} - -const opUpdateAccessKey = "UpdateAccessKey" - -// UpdateAccessKeyRequest generates a request for the UpdateAccessKey operation. -func (c *IAM) UpdateAccessKeyRequest(input *UpdateAccessKeyInput) (req *request.Request, output *UpdateAccessKeyOutput) { - op := &request.Operation{ - Name: opUpdateAccessKey, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &UpdateAccessKeyInput{} - } - - req = c.newRequest(op, input, output) - output = &UpdateAccessKeyOutput{} - req.Data = output - return -} - -// Changes the status of the specified access key from Active to Inactive, or -// vice versa. This action can be used to disable a user's key as part of a -// key rotation work flow. -// -// If the UserName field is not specified, the UserName is determined implicitly -// based on the AWS access key ID used to sign the request. Because this action -// works for access keys under the AWS account, you can use this action to manage -// root credentials even if the AWS account has no associated users. -// -// For information about rotating keys, see Managing Keys and Certificates -// (http://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingCredentials.html) -// in the IAM User Guide. -func (c *IAM) UpdateAccessKey(input *UpdateAccessKeyInput) (*UpdateAccessKeyOutput, error) { - req, out := c.UpdateAccessKeyRequest(input) - err := req.Send() - return out, err -} - -const opUpdateAccountPasswordPolicy = "UpdateAccountPasswordPolicy" - -// UpdateAccountPasswordPolicyRequest generates a request for the UpdateAccountPasswordPolicy operation. -func (c *IAM) UpdateAccountPasswordPolicyRequest(input *UpdateAccountPasswordPolicyInput) (req *request.Request, output *UpdateAccountPasswordPolicyOutput) { - op := &request.Operation{ - Name: opUpdateAccountPasswordPolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &UpdateAccountPasswordPolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &UpdateAccountPasswordPolicyOutput{} - req.Data = output - return -} - -// Updates the password policy settings for the AWS account. -// -// This action does not support partial updates. No parameters are required, -// but if you do not specify a parameter, that parameter's value reverts to -// its default value. See the Request Parameters section for each parameter's -// default value. -// -// For more information about using a password policy, see Managing an IAM -// Password Policy (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html) -// in the IAM User Guide. -func (c *IAM) UpdateAccountPasswordPolicy(input *UpdateAccountPasswordPolicyInput) (*UpdateAccountPasswordPolicyOutput, error) { - req, out := c.UpdateAccountPasswordPolicyRequest(input) - err := req.Send() - return out, err -} - -const opUpdateAssumeRolePolicy = "UpdateAssumeRolePolicy" - -// UpdateAssumeRolePolicyRequest generates a request for the UpdateAssumeRolePolicy operation. -func (c *IAM) UpdateAssumeRolePolicyRequest(input *UpdateAssumeRolePolicyInput) (req *request.Request, output *UpdateAssumeRolePolicyOutput) { - op := &request.Operation{ - Name: opUpdateAssumeRolePolicy, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &UpdateAssumeRolePolicyInput{} - } - - req = c.newRequest(op, input, output) - output = &UpdateAssumeRolePolicyOutput{} - req.Data = output - return -} - -// Updates the policy that grants an entity permission to assume a role. For -// more information about roles, go to Using Roles to Delegate Permissions and -// Federate Identities (http://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html). -func (c *IAM) UpdateAssumeRolePolicy(input *UpdateAssumeRolePolicyInput) (*UpdateAssumeRolePolicyOutput, error) { - req, out := c.UpdateAssumeRolePolicyRequest(input) - err := req.Send() - return out, err -} - -const opUpdateGroup = "UpdateGroup" - -// UpdateGroupRequest generates a request for the UpdateGroup operation. -func (c *IAM) UpdateGroupRequest(input *UpdateGroupInput) (req *request.Request, output *UpdateGroupOutput) { - op := &request.Operation{ - Name: opUpdateGroup, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &UpdateGroupInput{} - } - - req = c.newRequest(op, input, output) - output = &UpdateGroupOutput{} - req.Data = output - return -} - -// Updates the name and/or the path of the specified group. -// -// You should understand the implications of changing a group's path or name. -// For more information, see Renaming Users and Groups (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_WorkingWithGroupsAndUsers.html) -// in the IAM User Guide. To change a group name the requester must have appropriate -// permissions on both the source object and the target object. For example, -// to change Managers to MGRs, the entity making the request must have permission -// on Managers and MGRs, or must have permission on all (*). For more information -// about permissions, see Permissions and Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/PermissionsAndPolicies.html" -// target="blank). -func (c *IAM) UpdateGroup(input *UpdateGroupInput) (*UpdateGroupOutput, error) { - req, out := c.UpdateGroupRequest(input) - err := req.Send() - return out, err -} - -const opUpdateLoginProfile = "UpdateLoginProfile" - -// UpdateLoginProfileRequest generates a request for the UpdateLoginProfile operation. -func (c *IAM) UpdateLoginProfileRequest(input *UpdateLoginProfileInput) (req *request.Request, output *UpdateLoginProfileOutput) { - op := &request.Operation{ - Name: opUpdateLoginProfile, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &UpdateLoginProfileInput{} - } - - req = c.newRequest(op, input, output) - output = &UpdateLoginProfileOutput{} - req.Data = output - return -} - -// Changes the password for the specified user. -// -// Users can change their own passwords by calling ChangePassword. For more -// information about modifying passwords, see Managing Passwords (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) -// in the IAM User Guide. -func (c *IAM) UpdateLoginProfile(input *UpdateLoginProfileInput) (*UpdateLoginProfileOutput, error) { - req, out := c.UpdateLoginProfileRequest(input) - err := req.Send() - return out, err -} - -const opUpdateOpenIDConnectProviderThumbprint = "UpdateOpenIDConnectProviderThumbprint" - -// UpdateOpenIDConnectProviderThumbprintRequest generates a request for the UpdateOpenIDConnectProviderThumbprint operation. -func (c *IAM) UpdateOpenIDConnectProviderThumbprintRequest(input *UpdateOpenIDConnectProviderThumbprintInput) (req *request.Request, output *UpdateOpenIDConnectProviderThumbprintOutput) { - op := &request.Operation{ - Name: opUpdateOpenIDConnectProviderThumbprint, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &UpdateOpenIDConnectProviderThumbprintInput{} - } - - req = c.newRequest(op, input, output) - output = &UpdateOpenIDConnectProviderThumbprintOutput{} - req.Data = output - return -} - -// Replaces the existing list of server certificate thumbprints with a new list. -// -// The list that you pass with this action completely replaces the existing -// list of thumbprints. (The lists are not merged.) -// -// Typically, you need to update a thumbprint only when the identity provider's -// certificate changes, which occurs rarely. However, if the provider's certificate -// does change, any attempt to assume an IAM role that specifies the OIDC provider -// as a principal will fail until the certificate thumbprint is updated. -// -// Because trust for the OpenID Connect provider is ultimately derived from -// the provider's certificate and is validated by the thumbprint, it is a best -// practice to limit access to the UpdateOpenIDConnectProviderThumbprint action -// to highly-privileged users. -func (c *IAM) UpdateOpenIDConnectProviderThumbprint(input *UpdateOpenIDConnectProviderThumbprintInput) (*UpdateOpenIDConnectProviderThumbprintOutput, error) { - req, out := c.UpdateOpenIDConnectProviderThumbprintRequest(input) - err := req.Send() - return out, err -} - -const opUpdateSAMLProvider = "UpdateSAMLProvider" - -// UpdateSAMLProviderRequest generates a request for the UpdateSAMLProvider operation. -func (c *IAM) UpdateSAMLProviderRequest(input *UpdateSAMLProviderInput) (req *request.Request, output *UpdateSAMLProviderOutput) { - op := &request.Operation{ - Name: opUpdateSAMLProvider, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &UpdateSAMLProviderInput{} - } - - req = c.newRequest(op, input, output) - output = &UpdateSAMLProviderOutput{} - req.Data = output - return -} - -// Updates the metadata document for an existing SAML provider. -// -// This operation requires Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). -func (c *IAM) UpdateSAMLProvider(input *UpdateSAMLProviderInput) (*UpdateSAMLProviderOutput, error) { - req, out := c.UpdateSAMLProviderRequest(input) - err := req.Send() - return out, err -} - -const opUpdateSSHPublicKey = "UpdateSSHPublicKey" - -// UpdateSSHPublicKeyRequest generates a request for the UpdateSSHPublicKey operation. -func (c *IAM) UpdateSSHPublicKeyRequest(input *UpdateSSHPublicKeyInput) (req *request.Request, output *UpdateSSHPublicKeyOutput) { - op := &request.Operation{ - Name: opUpdateSSHPublicKey, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &UpdateSSHPublicKeyInput{} - } - - req = c.newRequest(op, input, output) - output = &UpdateSSHPublicKeyOutput{} - req.Data = output - return -} - -// Sets the status of the specified SSH public key to active or inactive. SSH -// public keys that are inactive cannot be used for authentication. This action -// can be used to disable a user's SSH public key as part of a key rotation -// work flow. -// -// The SSH public key affected by this action is used only for authenticating -// the associated IAM user to an AWS CodeCommit repository. For more information -// about using SSH keys to authenticate to an AWS CodeCommit repository, see -// Set up AWS CodeCommit for SSH Connections (http://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) -// in the AWS CodeCommit User Guide. -func (c *IAM) UpdateSSHPublicKey(input *UpdateSSHPublicKeyInput) (*UpdateSSHPublicKeyOutput, error) { - req, out := c.UpdateSSHPublicKeyRequest(input) - err := req.Send() - return out, err -} - -const opUpdateServerCertificate = "UpdateServerCertificate" - -// UpdateServerCertificateRequest generates a request for the UpdateServerCertificate operation. -func (c *IAM) UpdateServerCertificateRequest(input *UpdateServerCertificateInput) (req *request.Request, output *UpdateServerCertificateOutput) { - op := &request.Operation{ - Name: opUpdateServerCertificate, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &UpdateServerCertificateInput{} - } - - req = c.newRequest(op, input, output) - output = &UpdateServerCertificateOutput{} - req.Data = output - return -} - -// Updates the name and/or the path of the specified server certificate. -// -// You should understand the implications of changing a server certificate's -// path or name. For more information, see Managing Server Certificates (http://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingServerCerts.html) -// in the IAM User Guide. To change a server certificate name the requester -// must have appropriate permissions on both the source object and the target -// object. For example, to change the name from ProductionCert to ProdCert, -// the entity making the request must have permission on ProductionCert and -// ProdCert, or must have permission on all (*). For more information about -// permissions, see Permissions and Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/PermissionsAndPolicies.html" -// target="blank). -func (c *IAM) UpdateServerCertificate(input *UpdateServerCertificateInput) (*UpdateServerCertificateOutput, error) { - req, out := c.UpdateServerCertificateRequest(input) - err := req.Send() - return out, err -} - -const opUpdateSigningCertificate = "UpdateSigningCertificate" - -// UpdateSigningCertificateRequest generates a request for the UpdateSigningCertificate operation. -func (c *IAM) UpdateSigningCertificateRequest(input *UpdateSigningCertificateInput) (req *request.Request, output *UpdateSigningCertificateOutput) { - op := &request.Operation{ - Name: opUpdateSigningCertificate, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &UpdateSigningCertificateInput{} - } - - req = c.newRequest(op, input, output) - output = &UpdateSigningCertificateOutput{} - req.Data = output - return -} - -// Changes the status of the specified signing certificate from active to disabled, -// or vice versa. This action can be used to disable a user's signing certificate -// as part of a certificate rotation work flow. -// -// If the UserName field is not specified, the UserName is determined implicitly -// based on the AWS access key ID used to sign the request. Because this action -// works for access keys under the AWS account, you can use this action to manage -// root credentials even if the AWS account has no associated users. -func (c *IAM) UpdateSigningCertificate(input *UpdateSigningCertificateInput) (*UpdateSigningCertificateOutput, error) { - req, out := c.UpdateSigningCertificateRequest(input) - err := req.Send() - return out, err -} - -const opUpdateUser = "UpdateUser" - -// UpdateUserRequest generates a request for the UpdateUser operation. -func (c *IAM) UpdateUserRequest(input *UpdateUserInput) (req *request.Request, output *UpdateUserOutput) { - op := &request.Operation{ - Name: opUpdateUser, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &UpdateUserInput{} - } - - req = c.newRequest(op, input, output) - output = &UpdateUserOutput{} - req.Data = output - return -} - -// Updates the name and/or the path of the specified user. -// -// You should understand the implications of changing a user's path or name. -// For more information, see Renaming Users and Groups (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_WorkingWithGroupsAndUsers.html) -// in the IAM User Guide. To change a user name the requester must have appropriate -// permissions on both the source object and the target object. For example, -// to change Bob to Robert, the entity making the request must have permission -// on Bob and Robert, or must have permission on all (*). For more information -// about permissions, see Permissions and Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/PermissionsAndPolicies.html" -// target="blank). -func (c *IAM) UpdateUser(input *UpdateUserInput) (*UpdateUserOutput, error) { - req, out := c.UpdateUserRequest(input) - err := req.Send() - return out, err -} - -const opUploadSSHPublicKey = "UploadSSHPublicKey" - -// UploadSSHPublicKeyRequest generates a request for the UploadSSHPublicKey operation. -func (c *IAM) UploadSSHPublicKeyRequest(input *UploadSSHPublicKeyInput) (req *request.Request, output *UploadSSHPublicKeyOutput) { - op := &request.Operation{ - Name: opUploadSSHPublicKey, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &UploadSSHPublicKeyInput{} - } - - req = c.newRequest(op, input, output) - output = &UploadSSHPublicKeyOutput{} - req.Data = output - return -} - -// Uploads an SSH public key and associates it with the specified IAM user. -// -// The SSH public key uploaded by this action can be used only for authenticating -// the associated IAM user to an AWS CodeCommit repository. For more information -// about using SSH keys to authenticate to an AWS CodeCommit repository, see -// Set up AWS CodeCommit for SSH Connections (http://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) -// in the AWS CodeCommit User Guide. -func (c *IAM) UploadSSHPublicKey(input *UploadSSHPublicKeyInput) (*UploadSSHPublicKeyOutput, error) { - req, out := c.UploadSSHPublicKeyRequest(input) - err := req.Send() - return out, err -} - -const opUploadServerCertificate = "UploadServerCertificate" - -// UploadServerCertificateRequest generates a request for the UploadServerCertificate operation. -func (c *IAM) UploadServerCertificateRequest(input *UploadServerCertificateInput) (req *request.Request, output *UploadServerCertificateOutput) { - op := &request.Operation{ - Name: opUploadServerCertificate, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &UploadServerCertificateInput{} - } - - req = c.newRequest(op, input, output) - output = &UploadServerCertificateOutput{} - req.Data = output - return -} - -// Uploads a server certificate entity for the AWS account. The server certificate -// entity includes a public key certificate, a private key, and an optional -// certificate chain, which should all be PEM-encoded. -// -// For information about the number of server certificates you can upload, -// see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) -// in the IAM User Guide. -// -// Because the body of the public key certificate, private key, and the certificate -// chain can be large, you should use POST rather than GET when calling UploadServerCertificate. -// For information about setting up signatures and authorization through the -// API, go to Signing AWS API Requests (http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html) -// in the AWS General Reference. For general information about using the Query -// API with IAM, go to Making Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) -// in the IAM User Guide. -func (c *IAM) UploadServerCertificate(input *UploadServerCertificateInput) (*UploadServerCertificateOutput, error) { - req, out := c.UploadServerCertificateRequest(input) - err := req.Send() - return out, err -} - -const opUploadSigningCertificate = "UploadSigningCertificate" - -// UploadSigningCertificateRequest generates a request for the UploadSigningCertificate operation. -func (c *IAM) UploadSigningCertificateRequest(input *UploadSigningCertificateInput) (req *request.Request, output *UploadSigningCertificateOutput) { - op := &request.Operation{ - Name: opUploadSigningCertificate, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &UploadSigningCertificateInput{} - } - - req = c.newRequest(op, input, output) - output = &UploadSigningCertificateOutput{} - req.Data = output - return -} - -// Uploads an X.509 signing certificate and associates it with the specified -// user. Some AWS services use X.509 signing certificates to validate requests -// that are signed with a corresponding private key. When you upload the certificate, -// its default status is Active. -// -// If the UserName field is not specified, the user name is determined implicitly -// based on the AWS access key ID used to sign the request. Because this action -// works for access keys under the AWS account, you can use this action to manage -// root credentials even if the AWS account has no associated users. -// -// Because the body of a X.509 certificate can be large, you should use POST -// rather than GET when calling UploadSigningCertificate. For information about -// setting up signatures and authorization through the API, go to Signing AWS -// API Requests (http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html) -// in the AWS General Reference. For general information about using the Query -// API with IAM, go to Making Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) -// in the Using IAMguide. -func (c *IAM) UploadSigningCertificate(input *UploadSigningCertificateInput) (*UploadSigningCertificateOutput, error) { - req, out := c.UploadSigningCertificateRequest(input) - err := req.Send() - return out, err -} - -// Contains information about an AWS access key. -// -// This data type is used as a response element in the CreateAccessKey and -// ListAccessKeys actions. -// -// The SecretAccessKey value is returned only in response to CreateAccessKey. -// You can get a secret access key only when you first create an access key; -// you cannot recover the secret access key later. If you lose a secret access -// key, you must create a new access key. -type AccessKey struct { - // The ID for this access key. - AccessKeyId *string `min:"16" type:"string" required:"true"` - - // The date when the access key was created. - CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - // The secret key used to sign requests. - SecretAccessKey *string `type:"string" required:"true"` - - // The status of the access key. Active means the key is valid for API calls, - // while Inactive means it is not. - Status *string `type:"string" required:"true" enum:"statusType"` - - // The name of the IAM user that the access key is associated with. - UserName *string `min:"1" type:"string" required:"true"` - - metadataAccessKey `json:"-" xml:"-"` -} - -type metadataAccessKey struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s AccessKey) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s AccessKey) GoString() string { - return s.String() -} - -// Contains information about the last time an AWS access key was used. -// -// This data type is used as a response element in the GetAccessKeyLastUsed -// action. -type AccessKeyLastUsed struct { - // The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), - // when the access key was most recently used. This field is null when: - // - // The user does not have an access key. - // - // An access key exists but has never been used, at least not since IAM started - // tracking this information on April 22nd, 2015. - // - // There is no sign-in data associated with the user - LastUsedDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"` - - // The AWS region where this access key was most recently used. This field is - // null when: - // - // The user does not have an access key. - // - // An access key exists but has never been used, at least not since IAM started - // tracking this information on April 22nd, 2015. - // - // There is no sign-in data associated with the user - // - // For more information about AWS regions, see Regions and Endpoints (http://docs.aws.amazon.com/general/latest/gr/rande.html) - // in the Amazon Web Services General Reference. - Region *string `type:"string" required:"true"` - - // The name of the AWS service with which this access key was most recently - // used. This field is null when: - // - // The user does not have an access key. - // - // An access key exists but has never been used, at least not since IAM started - // tracking this information on April 22nd, 2015. - // - // There is no sign-in data associated with the user - ServiceName *string `type:"string" required:"true"` - - metadataAccessKeyLastUsed `json:"-" xml:"-"` -} - -type metadataAccessKeyLastUsed struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s AccessKeyLastUsed) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s AccessKeyLastUsed) GoString() string { - return s.String() -} - -// Contains information about an AWS access key, without its secret key. -// -// This data type is used as a response element in the ListAccessKeys action. -type AccessKeyMetadata struct { - // The ID for this access key. - AccessKeyId *string `min:"16" type:"string"` - - // The date when the access key was created. - CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - // The status of the access key. Active means the key is valid for API calls; - // Inactive means it is not. - Status *string `type:"string" enum:"statusType"` - - // The name of the IAM user that the key is associated with. - UserName *string `min:"1" type:"string"` - - metadataAccessKeyMetadata `json:"-" xml:"-"` -} - -type metadataAccessKeyMetadata struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s AccessKeyMetadata) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s AccessKeyMetadata) GoString() string { - return s.String() -} - -type AddClientIDToOpenIDConnectProviderInput struct { - // The client ID (also known as audience) to add to the IAM OpenID Connect provider. - ClientID *string `min:"1" type:"string" required:"true"` - - // The Amazon Resource Name (ARN) of the IAM OpenID Connect (OIDC) provider - // to add the client ID to. You can get a list of OIDC provider ARNs by using - // the ListOpenIDConnectProviders action. - OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"` - - metadataAddClientIDToOpenIDConnectProviderInput `json:"-" xml:"-"` -} - -type metadataAddClientIDToOpenIDConnectProviderInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s AddClientIDToOpenIDConnectProviderInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s AddClientIDToOpenIDConnectProviderInput) GoString() string { - return s.String() -} - -type AddClientIDToOpenIDConnectProviderOutput struct { - metadataAddClientIDToOpenIDConnectProviderOutput `json:"-" xml:"-"` -} - -type metadataAddClientIDToOpenIDConnectProviderOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s AddClientIDToOpenIDConnectProviderOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s AddClientIDToOpenIDConnectProviderOutput) GoString() string { - return s.String() -} - -type AddRoleToInstanceProfileInput struct { - // The name of the instance profile to update. - InstanceProfileName *string `min:"1" type:"string" required:"true"` - - // The name of the role to add. - RoleName *string `min:"1" type:"string" required:"true"` - - metadataAddRoleToInstanceProfileInput `json:"-" xml:"-"` -} - -type metadataAddRoleToInstanceProfileInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s AddRoleToInstanceProfileInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s AddRoleToInstanceProfileInput) GoString() string { - return s.String() -} - -type AddRoleToInstanceProfileOutput struct { - metadataAddRoleToInstanceProfileOutput `json:"-" xml:"-"` -} - -type metadataAddRoleToInstanceProfileOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s AddRoleToInstanceProfileOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s AddRoleToInstanceProfileOutput) GoString() string { - return s.String() -} - -type AddUserToGroupInput struct { - // The name of the group to update. - GroupName *string `min:"1" type:"string" required:"true"` - - // The name of the user to add. - UserName *string `min:"1" type:"string" required:"true"` - - metadataAddUserToGroupInput `json:"-" xml:"-"` -} - -type metadataAddUserToGroupInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s AddUserToGroupInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s AddUserToGroupInput) GoString() string { - return s.String() -} - -type AddUserToGroupOutput struct { - metadataAddUserToGroupOutput `json:"-" xml:"-"` -} - -type metadataAddUserToGroupOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s AddUserToGroupOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s AddUserToGroupOutput) GoString() string { - return s.String() -} - -type AttachGroupPolicyInput struct { - // The name (friendly name, not ARN) of the group to attach the policy to. - GroupName *string `min:"1" type:"string" required:"true"` - - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - PolicyArn *string `min:"20" type:"string" required:"true"` - - metadataAttachGroupPolicyInput `json:"-" xml:"-"` -} - -type metadataAttachGroupPolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s AttachGroupPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s AttachGroupPolicyInput) GoString() string { - return s.String() -} - -type AttachGroupPolicyOutput struct { - metadataAttachGroupPolicyOutput `json:"-" xml:"-"` -} - -type metadataAttachGroupPolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s AttachGroupPolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s AttachGroupPolicyOutput) GoString() string { - return s.String() -} - -type AttachRolePolicyInput struct { - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - PolicyArn *string `min:"20" type:"string" required:"true"` - - // The name (friendly name, not ARN) of the role to attach the policy to. - RoleName *string `min:"1" type:"string" required:"true"` - - metadataAttachRolePolicyInput `json:"-" xml:"-"` -} - -type metadataAttachRolePolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s AttachRolePolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s AttachRolePolicyInput) GoString() string { - return s.String() -} - -type AttachRolePolicyOutput struct { - metadataAttachRolePolicyOutput `json:"-" xml:"-"` -} - -type metadataAttachRolePolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s AttachRolePolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s AttachRolePolicyOutput) GoString() string { - return s.String() -} - -type AttachUserPolicyInput struct { - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - PolicyArn *string `min:"20" type:"string" required:"true"` - - // The name (friendly name, not ARN) of the user to attach the policy to. - UserName *string `min:"1" type:"string" required:"true"` - - metadataAttachUserPolicyInput `json:"-" xml:"-"` -} - -type metadataAttachUserPolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s AttachUserPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s AttachUserPolicyInput) GoString() string { - return s.String() -} - -type AttachUserPolicyOutput struct { - metadataAttachUserPolicyOutput `json:"-" xml:"-"` -} - -type metadataAttachUserPolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s AttachUserPolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s AttachUserPolicyOutput) GoString() string { - return s.String() -} - -// Contains information about an attached policy. -// -// An attached policy is a managed policy that has been attached to a user, -// group, or role. This data type is used as a response element in the ListAttachedGroupPolicies, -// ListAttachedRolePolicies, ListAttachedUserPolicies, and GetAccountAuthorizationDetails -// actions. -// -// For more information about managed policies, refer to Managed Policies and -// Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the Using IAM guide. -type AttachedPolicy struct { - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - PolicyArn *string `min:"20" type:"string"` - - // The friendly name of the attached policy. - PolicyName *string `min:"1" type:"string"` - - metadataAttachedPolicy `json:"-" xml:"-"` -} - -type metadataAttachedPolicy struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s AttachedPolicy) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s AttachedPolicy) GoString() string { - return s.String() -} - -type ChangePasswordInput struct { - // The new password. The new password must conform to the AWS account's password - // policy, if one exists. - NewPassword *string `min:"1" type:"string" required:"true"` - - // The IAM user's current password. - OldPassword *string `min:"1" type:"string" required:"true"` - - metadataChangePasswordInput `json:"-" xml:"-"` -} - -type metadataChangePasswordInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ChangePasswordInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ChangePasswordInput) GoString() string { - return s.String() -} - -type ChangePasswordOutput struct { - metadataChangePasswordOutput `json:"-" xml:"-"` -} - -type metadataChangePasswordOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ChangePasswordOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ChangePasswordOutput) GoString() string { - return s.String() -} - -// Contains information about a condition context key. It includes the name -// of the key and specifies the value (or values, if the context key supports -// multiple values) to use in the simulation. This information is used when -// evaluating the Condition elements of the input policies. -// -// This data type is used as an input parameter to SimulatePolicy. -type ContextEntry struct { - // The full name of a condition context key, including the service prefix. For - // example, aws:SourceIp or s3:VersionId. - ContextKeyName *string `min:"5" type:"string"` - - // The data type of the value (or values) specified in the ContextKeyValues - // parameter. - ContextKeyType *string `type:"string" enum:"ContextKeyTypeEnum"` - - // The value (or values, if the condition context key supports multiple values) - // to provide to the simulation for use when the key is referenced by a Condition - // element in an input policy. - ContextKeyValues []*string `type:"list"` - - metadataContextEntry `json:"-" xml:"-"` -} - -type metadataContextEntry struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ContextEntry) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ContextEntry) GoString() string { - return s.String() -} - -type CreateAccessKeyInput struct { - // The user name that the new key will belong to. - UserName *string `min:"1" type:"string"` - - metadataCreateAccessKeyInput `json:"-" xml:"-"` -} - -type metadataCreateAccessKeyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateAccessKeyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateAccessKeyInput) GoString() string { - return s.String() -} - -// Contains the response to a successful CreateAccessKey request. -type CreateAccessKeyOutput struct { - // Information about the access key. - AccessKey *AccessKey `type:"structure" required:"true"` - - metadataCreateAccessKeyOutput `json:"-" xml:"-"` -} - -type metadataCreateAccessKeyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateAccessKeyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateAccessKeyOutput) GoString() string { - return s.String() -} - -type CreateAccountAliasInput struct { - // The account alias to create. - AccountAlias *string `min:"3" type:"string" required:"true"` - - metadataCreateAccountAliasInput `json:"-" xml:"-"` -} - -type metadataCreateAccountAliasInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateAccountAliasInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateAccountAliasInput) GoString() string { - return s.String() -} - -type CreateAccountAliasOutput struct { - metadataCreateAccountAliasOutput `json:"-" xml:"-"` -} - -type metadataCreateAccountAliasOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateAccountAliasOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateAccountAliasOutput) GoString() string { - return s.String() -} - -type CreateGroupInput struct { - // The name of the group to create. Do not include the path in this value. - GroupName *string `min:"1" type:"string" required:"true"` - - // The path to the group. For more information about paths, see IAM Identifiers - // (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - // - // This parameter is optional. If it is not included, it defaults to a slash - // (/). - Path *string `min:"1" type:"string"` - - metadataCreateGroupInput `json:"-" xml:"-"` -} - -type metadataCreateGroupInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateGroupInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateGroupInput) GoString() string { - return s.String() -} - -// Contains the response to a successful CreateGroup request. -type CreateGroupOutput struct { - // Information about the group. - Group *Group `type:"structure" required:"true"` - - metadataCreateGroupOutput `json:"-" xml:"-"` -} - -type metadataCreateGroupOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateGroupOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateGroupOutput) GoString() string { - return s.String() -} - -type CreateInstanceProfileInput struct { - // The name of the instance profile to create. - InstanceProfileName *string `min:"1" type:"string" required:"true"` - - // The path to the instance profile. For more information about paths, see IAM - // Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - // - // This parameter is optional. If it is not included, it defaults to a slash - // (/). - Path *string `min:"1" type:"string"` - - metadataCreateInstanceProfileInput `json:"-" xml:"-"` -} - -type metadataCreateInstanceProfileInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateInstanceProfileInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateInstanceProfileInput) GoString() string { - return s.String() -} - -// Contains the response to a successful CreateInstanceProfile request. -type CreateInstanceProfileOutput struct { - // Information about the instance profile. - InstanceProfile *InstanceProfile `type:"structure" required:"true"` - - metadataCreateInstanceProfileOutput `json:"-" xml:"-"` -} - -type metadataCreateInstanceProfileOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateInstanceProfileOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateInstanceProfileOutput) GoString() string { - return s.String() -} - -type CreateLoginProfileInput struct { - // The new password for the user. - Password *string `min:"1" type:"string" required:"true"` - - // Specifies whether the user is required to set a new password on next sign-in. - PasswordResetRequired *bool `type:"boolean"` - - // The name of the user to create a password for. - UserName *string `min:"1" type:"string" required:"true"` - - metadataCreateLoginProfileInput `json:"-" xml:"-"` -} - -type metadataCreateLoginProfileInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateLoginProfileInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateLoginProfileInput) GoString() string { - return s.String() -} - -// Contains the response to a successful CreateLoginProfile request. -type CreateLoginProfileOutput struct { - // The user name and password create date. - LoginProfile *LoginProfile `type:"structure" required:"true"` - - metadataCreateLoginProfileOutput `json:"-" xml:"-"` -} - -type metadataCreateLoginProfileOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateLoginProfileOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateLoginProfileOutput) GoString() string { - return s.String() -} - -type CreateOpenIDConnectProviderInput struct { - // A list of client IDs (also known as audiences). When a mobile or web app - // registers with an OpenID Connect provider, they establish a value that identifies - // the application. (This is the value that's sent as the client_id parameter - // on OAuth requests.) - // - // You can register multiple client IDs with the same provider. For example, - // you might have multiple applications that use the same OIDC provider. You - // cannot register more than 100 client IDs with a single IAM OIDC provider. - // - // There is no defined format for a client ID. The CreateOpenIDConnectProviderRequest - // action accepts client IDs up to 255 characters long. - ClientIDList []*string `type:"list"` - - // A list of server certificate thumbprints for the OpenID Connect (OIDC) identity - // provider's server certificate(s). Typically this list includes only one entry. - // However, IAM lets you have up to five thumbprints for an OIDC provider. This - // lets you maintain multiple thumbprints if the identity provider is rotating - // certificates. - // - // The server certificate thumbprint is the hex-encoded SHA-1 hash value of - // the X.509 certificate used by the domain where the OpenID Connect provider - // makes its keys available. It is always a 40-character string. - // - // You must provide at least one thumbprint when creating an IAM OIDC provider. - // For example, if the OIDC provider is server.example.com and the provider - // stores its keys at "https://keys.server.example.com/openid-connect", the - // thumbprint string would be the hex-encoded SHA-1 hash value of the certificate - // used by https://keys.server.example.com. - // - // For more information about obtaining the OIDC provider's thumbprint, see - // Obtaining the Thumbprint for an OpenID Connect Provider (http://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html) - // in the IAM User Guide. - ThumbprintList []*string `type:"list" required:"true"` - - // The URL of the identity provider. The URL must begin with "https://" and - // should correspond to the iss claim in the provider's OpenID Connect ID tokens. - // Per the OIDC standard, path components are allowed but query parameters are - // not. Typically the URL consists of only a host name, like "https://server.example.org" - // or "https://example.com". - // - // You cannot register the same provider multiple times in a single AWS account. - // If you try to submit a URL that has already been used for an OpenID Connect - // provider in the AWS account, you will get an error. - Url *string `min:"1" type:"string" required:"true"` - - metadataCreateOpenIDConnectProviderInput `json:"-" xml:"-"` -} - -type metadataCreateOpenIDConnectProviderInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateOpenIDConnectProviderInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateOpenIDConnectProviderInput) GoString() string { - return s.String() -} - -// Contains the response to a successful CreateOpenIDConnectProvider request. -type CreateOpenIDConnectProviderOutput struct { - // The Amazon Resource Name (ARN) of the IAM OpenID Connect provider that was - // created. For more information, see OpenIDConnectProviderListEntry. - OpenIDConnectProviderArn *string `min:"20" type:"string"` - - metadataCreateOpenIDConnectProviderOutput `json:"-" xml:"-"` -} - -type metadataCreateOpenIDConnectProviderOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateOpenIDConnectProviderOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateOpenIDConnectProviderOutput) GoString() string { - return s.String() -} - -type CreatePolicyInput struct { - // A friendly description of the policy. - // - // Typically used to store information about the permissions defined in the - // policy. For example, "Grants access to production DynamoDB tables." - // - // The policy description is immutable. After a value is assigned, it cannot - // be changed. - Description *string `type:"string"` - - // The path for the policy. - // - // For more information about paths, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the IAM User Guide. - // - // This parameter is optional. If it is not included, it defaults to a slash - // (/). - Path *string `type:"string"` - - // The policy document. - PolicyDocument *string `min:"1" type:"string" required:"true"` - - // The name of the policy document. - PolicyName *string `min:"1" type:"string" required:"true"` - - metadataCreatePolicyInput `json:"-" xml:"-"` -} - -type metadataCreatePolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreatePolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreatePolicyInput) GoString() string { - return s.String() -} - -// Contains the response to a successful CreatePolicy request. -type CreatePolicyOutput struct { - // Information about the policy. - Policy *Policy `type:"structure"` - - metadataCreatePolicyOutput `json:"-" xml:"-"` -} - -type metadataCreatePolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreatePolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreatePolicyOutput) GoString() string { - return s.String() -} - -type CreatePolicyVersionInput struct { - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - PolicyArn *string `min:"20" type:"string" required:"true"` - - // The policy document. - PolicyDocument *string `min:"1" type:"string" required:"true"` - - // Specifies whether to set this version as the policy's default version. - // - // When this parameter is true, the new policy version becomes the operative - // version; that is, the version that is in effect for the IAM users, groups, - // and roles that the policy is attached to. - // - // For more information about managed policy versions, see Versioning for Managed - // Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) - // in the IAM User Guide. - SetAsDefault *bool `type:"boolean"` - - metadataCreatePolicyVersionInput `json:"-" xml:"-"` -} - -type metadataCreatePolicyVersionInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreatePolicyVersionInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreatePolicyVersionInput) GoString() string { - return s.String() -} - -// Contains the response to a successful CreatePolicyVersion request. -type CreatePolicyVersionOutput struct { - // Information about the policy version. - PolicyVersion *PolicyVersion `type:"structure"` - - metadataCreatePolicyVersionOutput `json:"-" xml:"-"` -} - -type metadataCreatePolicyVersionOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreatePolicyVersionOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreatePolicyVersionOutput) GoString() string { - return s.String() -} - -type CreateRoleInput struct { - // The policy that grants an entity permission to assume the role. - AssumeRolePolicyDocument *string `min:"1" type:"string" required:"true"` - - // The path to the role. For more information about paths, see IAM Identifiers - // (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - // - // This parameter is optional. If it is not included, it defaults to a slash - // (/). - Path *string `min:"1" type:"string"` - - // The name of the role to create. - RoleName *string `min:"1" type:"string" required:"true"` - - metadataCreateRoleInput `json:"-" xml:"-"` -} - -type metadataCreateRoleInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateRoleInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateRoleInput) GoString() string { - return s.String() -} - -// Contains the response to a successful CreateRole request. -type CreateRoleOutput struct { - // Information about the role. - Role *Role `type:"structure" required:"true"` - - metadataCreateRoleOutput `json:"-" xml:"-"` -} - -type metadataCreateRoleOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateRoleOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateRoleOutput) GoString() string { - return s.String() -} - -type CreateSAMLProviderInput struct { - // The name of the provider to create. - Name *string `min:"1" type:"string" required:"true"` - - // An XML document generated by an identity provider (IdP) that supports SAML - // 2.0. The document includes the issuer's name, expiration information, and - // keys that can be used to validate the SAML authentication response (assertions) - // that are received from the IdP. You must generate the metadata document using - // the identity management software that is used as your organization's IdP. - // - // For more information, see About SAML 2.0-based Federation (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) - // in the IAM User Guide - SAMLMetadataDocument *string `min:"1000" type:"string" required:"true"` - - metadataCreateSAMLProviderInput `json:"-" xml:"-"` -} - -type metadataCreateSAMLProviderInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateSAMLProviderInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateSAMLProviderInput) GoString() string { - return s.String() -} - -// Contains the response to a successful CreateSAMLProvider request. -type CreateSAMLProviderOutput struct { - // The Amazon Resource Name (ARN) of the SAML provider. - SAMLProviderArn *string `min:"20" type:"string"` - - metadataCreateSAMLProviderOutput `json:"-" xml:"-"` -} - -type metadataCreateSAMLProviderOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateSAMLProviderOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateSAMLProviderOutput) GoString() string { - return s.String() -} - -type CreateUserInput struct { - // The path for the user name. For more information about paths, see IAM Identifiers - // (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - // - // This parameter is optional. If it is not included, it defaults to a slash - // (/). - Path *string `min:"1" type:"string"` - - // The name of the user to create. - UserName *string `min:"1" type:"string" required:"true"` - - metadataCreateUserInput `json:"-" xml:"-"` -} - -type metadataCreateUserInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateUserInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateUserInput) GoString() string { - return s.String() -} - -// Contains the response to a successful CreateUser request. -type CreateUserOutput struct { - // Information about the user. - User *User `type:"structure"` - - metadataCreateUserOutput `json:"-" xml:"-"` -} - -type metadataCreateUserOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateUserOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateUserOutput) GoString() string { - return s.String() -} - -type CreateVirtualMFADeviceInput struct { - // The path for the virtual MFA device. For more information about paths, see - // IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - // - // This parameter is optional. If it is not included, it defaults to a slash - // (/). - Path *string `min:"1" type:"string"` - - // The name of the virtual MFA device. Use with path to uniquely identify a - // virtual MFA device. - VirtualMFADeviceName *string `min:"1" type:"string" required:"true"` - - metadataCreateVirtualMFADeviceInput `json:"-" xml:"-"` -} - -type metadataCreateVirtualMFADeviceInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateVirtualMFADeviceInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateVirtualMFADeviceInput) GoString() string { - return s.String() -} - -// Contains the response to a successful CreateVirtualMFADevice request. -type CreateVirtualMFADeviceOutput struct { - // A newly created virtual MFA device. - VirtualMFADevice *VirtualMFADevice `type:"structure" required:"true"` - - metadataCreateVirtualMFADeviceOutput `json:"-" xml:"-"` -} - -type metadataCreateVirtualMFADeviceOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s CreateVirtualMFADeviceOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s CreateVirtualMFADeviceOutput) GoString() string { - return s.String() -} - -type DeactivateMFADeviceInput struct { - // The serial number that uniquely identifies the MFA device. For virtual MFA - // devices, the serial number is the device ARN. - SerialNumber *string `min:"9" type:"string" required:"true"` - - // The name of the user whose MFA device you want to deactivate. - UserName *string `min:"1" type:"string" required:"true"` - - metadataDeactivateMFADeviceInput `json:"-" xml:"-"` -} - -type metadataDeactivateMFADeviceInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeactivateMFADeviceInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeactivateMFADeviceInput) GoString() string { - return s.String() -} - -type DeactivateMFADeviceOutput struct { - metadataDeactivateMFADeviceOutput `json:"-" xml:"-"` -} - -type metadataDeactivateMFADeviceOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeactivateMFADeviceOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeactivateMFADeviceOutput) GoString() string { - return s.String() -} - -type DeleteAccessKeyInput struct { - // The access key ID for the access key ID and secret access key you want to - // delete. - AccessKeyId *string `min:"16" type:"string" required:"true"` - - // The name of the user whose key you want to delete. - UserName *string `min:"1" type:"string"` - - metadataDeleteAccessKeyInput `json:"-" xml:"-"` -} - -type metadataDeleteAccessKeyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteAccessKeyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteAccessKeyInput) GoString() string { - return s.String() -} - -type DeleteAccessKeyOutput struct { - metadataDeleteAccessKeyOutput `json:"-" xml:"-"` -} - -type metadataDeleteAccessKeyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteAccessKeyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteAccessKeyOutput) GoString() string { - return s.String() -} - -type DeleteAccountAliasInput struct { - // The name of the account alias to delete. - AccountAlias *string `min:"3" type:"string" required:"true"` - - metadataDeleteAccountAliasInput `json:"-" xml:"-"` -} - -type metadataDeleteAccountAliasInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteAccountAliasInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteAccountAliasInput) GoString() string { - return s.String() -} - -type DeleteAccountAliasOutput struct { - metadataDeleteAccountAliasOutput `json:"-" xml:"-"` -} - -type metadataDeleteAccountAliasOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteAccountAliasOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteAccountAliasOutput) GoString() string { - return s.String() -} - -type DeleteAccountPasswordPolicyInput struct { - metadataDeleteAccountPasswordPolicyInput `json:"-" xml:"-"` -} - -type metadataDeleteAccountPasswordPolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteAccountPasswordPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteAccountPasswordPolicyInput) GoString() string { - return s.String() -} - -type DeleteAccountPasswordPolicyOutput struct { - metadataDeleteAccountPasswordPolicyOutput `json:"-" xml:"-"` -} - -type metadataDeleteAccountPasswordPolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteAccountPasswordPolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteAccountPasswordPolicyOutput) GoString() string { - return s.String() -} - -type DeleteGroupInput struct { - // The name of the group to delete. - GroupName *string `min:"1" type:"string" required:"true"` - - metadataDeleteGroupInput `json:"-" xml:"-"` -} - -type metadataDeleteGroupInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteGroupInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteGroupInput) GoString() string { - return s.String() -} - -type DeleteGroupOutput struct { - metadataDeleteGroupOutput `json:"-" xml:"-"` -} - -type metadataDeleteGroupOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteGroupOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteGroupOutput) GoString() string { - return s.String() -} - -type DeleteGroupPolicyInput struct { - // The name (friendly name, not ARN) identifying the group that the policy is - // embedded in. - GroupName *string `min:"1" type:"string" required:"true"` - - // The name identifying the policy document to delete. - PolicyName *string `min:"1" type:"string" required:"true"` - - metadataDeleteGroupPolicyInput `json:"-" xml:"-"` -} - -type metadataDeleteGroupPolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteGroupPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteGroupPolicyInput) GoString() string { - return s.String() -} - -type DeleteGroupPolicyOutput struct { - metadataDeleteGroupPolicyOutput `json:"-" xml:"-"` -} - -type metadataDeleteGroupPolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteGroupPolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteGroupPolicyOutput) GoString() string { - return s.String() -} - -type DeleteInstanceProfileInput struct { - // The name of the instance profile to delete. - InstanceProfileName *string `min:"1" type:"string" required:"true"` - - metadataDeleteInstanceProfileInput `json:"-" xml:"-"` -} - -type metadataDeleteInstanceProfileInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteInstanceProfileInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteInstanceProfileInput) GoString() string { - return s.String() -} - -type DeleteInstanceProfileOutput struct { - metadataDeleteInstanceProfileOutput `json:"-" xml:"-"` -} - -type metadataDeleteInstanceProfileOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteInstanceProfileOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteInstanceProfileOutput) GoString() string { - return s.String() -} - -type DeleteLoginProfileInput struct { - // The name of the user whose password you want to delete. - UserName *string `min:"1" type:"string" required:"true"` - - metadataDeleteLoginProfileInput `json:"-" xml:"-"` -} - -type metadataDeleteLoginProfileInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteLoginProfileInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteLoginProfileInput) GoString() string { - return s.String() -} - -type DeleteLoginProfileOutput struct { - metadataDeleteLoginProfileOutput `json:"-" xml:"-"` -} - -type metadataDeleteLoginProfileOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteLoginProfileOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteLoginProfileOutput) GoString() string { - return s.String() -} - -type DeleteOpenIDConnectProviderInput struct { - // The Amazon Resource Name (ARN) of the IAM OpenID Connect provider to delete. - // You can get a list of OpenID Connect provider ARNs by using the ListOpenIDConnectProviders - // action. - OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"` - - metadataDeleteOpenIDConnectProviderInput `json:"-" xml:"-"` -} - -type metadataDeleteOpenIDConnectProviderInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteOpenIDConnectProviderInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteOpenIDConnectProviderInput) GoString() string { - return s.String() -} - -type DeleteOpenIDConnectProviderOutput struct { - metadataDeleteOpenIDConnectProviderOutput `json:"-" xml:"-"` -} - -type metadataDeleteOpenIDConnectProviderOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteOpenIDConnectProviderOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteOpenIDConnectProviderOutput) GoString() string { - return s.String() -} - -type DeletePolicyInput struct { - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - PolicyArn *string `min:"20" type:"string" required:"true"` - - metadataDeletePolicyInput `json:"-" xml:"-"` -} - -type metadataDeletePolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeletePolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeletePolicyInput) GoString() string { - return s.String() -} - -type DeletePolicyOutput struct { - metadataDeletePolicyOutput `json:"-" xml:"-"` -} - -type metadataDeletePolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeletePolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeletePolicyOutput) GoString() string { - return s.String() -} - -type DeletePolicyVersionInput struct { - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - PolicyArn *string `min:"20" type:"string" required:"true"` - - // The policy version to delete. - // - // For more information about managed policy versions, see Versioning for Managed - // Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) - // in the IAM User Guide. - VersionId *string `type:"string" required:"true"` - - metadataDeletePolicyVersionInput `json:"-" xml:"-"` -} - -type metadataDeletePolicyVersionInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeletePolicyVersionInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeletePolicyVersionInput) GoString() string { - return s.String() -} - -type DeletePolicyVersionOutput struct { - metadataDeletePolicyVersionOutput `json:"-" xml:"-"` -} - -type metadataDeletePolicyVersionOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeletePolicyVersionOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeletePolicyVersionOutput) GoString() string { - return s.String() -} - -type DeleteRoleInput struct { - // The name of the role to delete. - RoleName *string `min:"1" type:"string" required:"true"` - - metadataDeleteRoleInput `json:"-" xml:"-"` -} - -type metadataDeleteRoleInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteRoleInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteRoleInput) GoString() string { - return s.String() -} - -type DeleteRoleOutput struct { - metadataDeleteRoleOutput `json:"-" xml:"-"` -} - -type metadataDeleteRoleOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteRoleOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteRoleOutput) GoString() string { - return s.String() -} - -type DeleteRolePolicyInput struct { - // The name identifying the policy document to delete. - PolicyName *string `min:"1" type:"string" required:"true"` - - // The name (friendly name, not ARN) identifying the role that the policy is - // embedded in. - RoleName *string `min:"1" type:"string" required:"true"` - - metadataDeleteRolePolicyInput `json:"-" xml:"-"` -} - -type metadataDeleteRolePolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteRolePolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteRolePolicyInput) GoString() string { - return s.String() -} - -type DeleteRolePolicyOutput struct { - metadataDeleteRolePolicyOutput `json:"-" xml:"-"` -} - -type metadataDeleteRolePolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteRolePolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteRolePolicyOutput) GoString() string { - return s.String() -} - -type DeleteSAMLProviderInput struct { - // The Amazon Resource Name (ARN) of the SAML provider to delete. - SAMLProviderArn *string `min:"20" type:"string" required:"true"` - - metadataDeleteSAMLProviderInput `json:"-" xml:"-"` -} - -type metadataDeleteSAMLProviderInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteSAMLProviderInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteSAMLProviderInput) GoString() string { - return s.String() -} - -type DeleteSAMLProviderOutput struct { - metadataDeleteSAMLProviderOutput `json:"-" xml:"-"` -} - -type metadataDeleteSAMLProviderOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteSAMLProviderOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteSAMLProviderOutput) GoString() string { - return s.String() -} - -type DeleteSSHPublicKeyInput struct { - // The unique identifier for the SSH public key. - SSHPublicKeyId *string `min:"20" type:"string" required:"true"` - - // The name of the IAM user associated with the SSH public key. - UserName *string `min:"1" type:"string" required:"true"` - - metadataDeleteSSHPublicKeyInput `json:"-" xml:"-"` -} - -type metadataDeleteSSHPublicKeyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteSSHPublicKeyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteSSHPublicKeyInput) GoString() string { - return s.String() -} - -type DeleteSSHPublicKeyOutput struct { - metadataDeleteSSHPublicKeyOutput `json:"-" xml:"-"` -} - -type metadataDeleteSSHPublicKeyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteSSHPublicKeyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteSSHPublicKeyOutput) GoString() string { - return s.String() -} - -type DeleteServerCertificateInput struct { - // The name of the server certificate you want to delete. - ServerCertificateName *string `min:"1" type:"string" required:"true"` - - metadataDeleteServerCertificateInput `json:"-" xml:"-"` -} - -type metadataDeleteServerCertificateInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteServerCertificateInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteServerCertificateInput) GoString() string { - return s.String() -} - -type DeleteServerCertificateOutput struct { - metadataDeleteServerCertificateOutput `json:"-" xml:"-"` -} - -type metadataDeleteServerCertificateOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteServerCertificateOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteServerCertificateOutput) GoString() string { - return s.String() -} - -type DeleteSigningCertificateInput struct { - // The ID of the signing certificate to delete. - CertificateId *string `min:"24" type:"string" required:"true"` - - // The name of the user the signing certificate belongs to. - UserName *string `min:"1" type:"string"` - - metadataDeleteSigningCertificateInput `json:"-" xml:"-"` -} - -type metadataDeleteSigningCertificateInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteSigningCertificateInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteSigningCertificateInput) GoString() string { - return s.String() -} - -type DeleteSigningCertificateOutput struct { - metadataDeleteSigningCertificateOutput `json:"-" xml:"-"` -} - -type metadataDeleteSigningCertificateOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteSigningCertificateOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteSigningCertificateOutput) GoString() string { - return s.String() -} - -type DeleteUserInput struct { - // The name of the user to delete. - UserName *string `min:"1" type:"string" required:"true"` - - metadataDeleteUserInput `json:"-" xml:"-"` -} - -type metadataDeleteUserInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteUserInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteUserInput) GoString() string { - return s.String() -} - -type DeleteUserOutput struct { - metadataDeleteUserOutput `json:"-" xml:"-"` -} - -type metadataDeleteUserOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteUserOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteUserOutput) GoString() string { - return s.String() -} - -type DeleteUserPolicyInput struct { - // The name identifying the policy document to delete. - PolicyName *string `min:"1" type:"string" required:"true"` - - // The name (friendly name, not ARN) identifying the user that the policy is - // embedded in. - UserName *string `min:"1" type:"string" required:"true"` - - metadataDeleteUserPolicyInput `json:"-" xml:"-"` -} - -type metadataDeleteUserPolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteUserPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteUserPolicyInput) GoString() string { - return s.String() -} - -type DeleteUserPolicyOutput struct { - metadataDeleteUserPolicyOutput `json:"-" xml:"-"` -} - -type metadataDeleteUserPolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteUserPolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteUserPolicyOutput) GoString() string { - return s.String() -} - -type DeleteVirtualMFADeviceInput struct { - // The serial number that uniquely identifies the MFA device. For virtual MFA - // devices, the serial number is the same as the ARN. - SerialNumber *string `min:"9" type:"string" required:"true"` - - metadataDeleteVirtualMFADeviceInput `json:"-" xml:"-"` -} - -type metadataDeleteVirtualMFADeviceInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteVirtualMFADeviceInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteVirtualMFADeviceInput) GoString() string { - return s.String() -} - -type DeleteVirtualMFADeviceOutput struct { - metadataDeleteVirtualMFADeviceOutput `json:"-" xml:"-"` -} - -type metadataDeleteVirtualMFADeviceOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DeleteVirtualMFADeviceOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DeleteVirtualMFADeviceOutput) GoString() string { - return s.String() -} - -type DetachGroupPolicyInput struct { - // The name (friendly name, not ARN) of the group to detach the policy from. - GroupName *string `min:"1" type:"string" required:"true"` - - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - PolicyArn *string `min:"20" type:"string" required:"true"` - - metadataDetachGroupPolicyInput `json:"-" xml:"-"` -} - -type metadataDetachGroupPolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DetachGroupPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DetachGroupPolicyInput) GoString() string { - return s.String() -} - -type DetachGroupPolicyOutput struct { - metadataDetachGroupPolicyOutput `json:"-" xml:"-"` -} - -type metadataDetachGroupPolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DetachGroupPolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DetachGroupPolicyOutput) GoString() string { - return s.String() -} - -type DetachRolePolicyInput struct { - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - PolicyArn *string `min:"20" type:"string" required:"true"` - - // The name (friendly name, not ARN) of the role to detach the policy from. - RoleName *string `min:"1" type:"string" required:"true"` - - metadataDetachRolePolicyInput `json:"-" xml:"-"` -} - -type metadataDetachRolePolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DetachRolePolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DetachRolePolicyInput) GoString() string { - return s.String() -} - -type DetachRolePolicyOutput struct { - metadataDetachRolePolicyOutput `json:"-" xml:"-"` -} - -type metadataDetachRolePolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DetachRolePolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DetachRolePolicyOutput) GoString() string { - return s.String() -} - -type DetachUserPolicyInput struct { - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - PolicyArn *string `min:"20" type:"string" required:"true"` - - // The name (friendly name, not ARN) of the user to detach the policy from. - UserName *string `min:"1" type:"string" required:"true"` - - metadataDetachUserPolicyInput `json:"-" xml:"-"` -} - -type metadataDetachUserPolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DetachUserPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DetachUserPolicyInput) GoString() string { - return s.String() -} - -type DetachUserPolicyOutput struct { - metadataDetachUserPolicyOutput `json:"-" xml:"-"` -} - -type metadataDetachUserPolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s DetachUserPolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s DetachUserPolicyOutput) GoString() string { - return s.String() -} - -type EnableMFADeviceInput struct { - // An authentication code emitted by the device. - AuthenticationCode1 *string `min:"6" type:"string" required:"true"` - - // A subsequent authentication code emitted by the device. - AuthenticationCode2 *string `min:"6" type:"string" required:"true"` - - // The serial number that uniquely identifies the MFA device. For virtual MFA - // devices, the serial number is the device ARN. - SerialNumber *string `min:"9" type:"string" required:"true"` - - // The name of the user for whom you want to enable the MFA device. - UserName *string `min:"1" type:"string" required:"true"` - - metadataEnableMFADeviceInput `json:"-" xml:"-"` -} - -type metadataEnableMFADeviceInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s EnableMFADeviceInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s EnableMFADeviceInput) GoString() string { - return s.String() -} - -type EnableMFADeviceOutput struct { - metadataEnableMFADeviceOutput `json:"-" xml:"-"` -} - -type metadataEnableMFADeviceOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s EnableMFADeviceOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s EnableMFADeviceOutput) GoString() string { - return s.String() -} - -// Contains the results of a simulation. -// -// This data type is used by the return parameter of SimulatePolicy. -type EvaluationResult struct { - // The name of the API action tested on the indicated resource. - EvalActionName *string `min:"3" type:"string" required:"true"` - - // The result of the simulation. - EvalDecision *string `type:"string" required:"true" enum:"PolicyEvaluationDecisionType"` - - // Additional details about the results of the evaluation decision. When there - // are both IAM policies and resource policies, this parameter explains how - // each set of policies contributes to the final evaluation decision. When simulating - // cross-account access to a resource, both the resource-based policy and the - // caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based - // Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_compare-resource-policies.html) - EvalDecisionDetails map[string]*string `type:"map"` - - // The ARN of the resource that the indicated API action was tested on. - EvalResourceName *string `min:"1" type:"string"` - - // A list of the statements in the input policies that determine the result - // for this scenario. Remember that even if multiple statements allow the action - // on the resource, if only one statement denies that action, then the explicit - // deny overrides any allow, and the deny statement is the only entry included - // in the result. - MatchedStatements []*Statement `type:"list"` - - // A list of context keys that are required by the included input policies but - // that were not provided by one of the input parameters. To discover the context - // keys used by a set of policies, you can call GetContextKeysForCustomPolicy - // or GetContextKeysForPrincipalPolicy. - // - // If the response includes any keys in this list, then the reported results - // might be untrustworthy because the simulation could not completely evaluate - // all of the conditions specified in the policies that would occur in a real - // world request. - MissingContextValues []*string `type:"list"` - - // The individual results of the simulation of the API action specified in EvalActionName - // on each resource. - ResourceSpecificResults []*ResourceSpecificResult `type:"list"` - - metadataEvaluationResult `json:"-" xml:"-"` -} - -type metadataEvaluationResult struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s EvaluationResult) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s EvaluationResult) GoString() string { - return s.String() -} - -type GenerateCredentialReportInput struct { - metadataGenerateCredentialReportInput `json:"-" xml:"-"` -} - -type metadataGenerateCredentialReportInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GenerateCredentialReportInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GenerateCredentialReportInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GenerateCredentialReport request. -type GenerateCredentialReportOutput struct { - // Information about the credential report. - Description *string `type:"string"` - - // Information about the state of the credential report. - State *string `type:"string" enum:"ReportStateType"` - - metadataGenerateCredentialReportOutput `json:"-" xml:"-"` -} - -type metadataGenerateCredentialReportOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GenerateCredentialReportOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GenerateCredentialReportOutput) GoString() string { - return s.String() -} - -type GetAccessKeyLastUsedInput struct { - // The identifier of an access key. - AccessKeyId *string `min:"16" type:"string" required:"true"` - - metadataGetAccessKeyLastUsedInput `json:"-" xml:"-"` -} - -type metadataGetAccessKeyLastUsedInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetAccessKeyLastUsedInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetAccessKeyLastUsedInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetAccessKeyLastUsed request. It is -// also returned as a member of the AccessKeyMetaData structure returned by -// the ListAccessKeys action. -type GetAccessKeyLastUsedOutput struct { - // Contains information about the last time the access key was used. - AccessKeyLastUsed *AccessKeyLastUsed `type:"structure"` - - // The name of the AWS IAM user that owns this access key. - UserName *string `min:"1" type:"string"` - - metadataGetAccessKeyLastUsedOutput `json:"-" xml:"-"` -} - -type metadataGetAccessKeyLastUsedOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetAccessKeyLastUsedOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetAccessKeyLastUsedOutput) GoString() string { - return s.String() -} - -type GetAccountAuthorizationDetailsInput struct { - // A list of entity types (user, group, role, local managed policy, or AWS managed - // policy) for filtering the results. - Filter []*string `type:"list"` - - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - metadataGetAccountAuthorizationDetailsInput `json:"-" xml:"-"` -} - -type metadataGetAccountAuthorizationDetailsInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetAccountAuthorizationDetailsInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetAccountAuthorizationDetailsInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetAccountAuthorizationDetails request. -type GetAccountAuthorizationDetailsOutput struct { - // A list containing information about IAM groups. - GroupDetailList []*GroupDetail `type:"list"` - - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - // A list containing information about managed policies. - Policies []*ManagedPolicyDetail `type:"list"` - - // A list containing information about IAM roles. - RoleDetailList []*RoleDetail `type:"list"` - - // A list containing information about IAM users. - UserDetailList []*UserDetail `type:"list"` - - metadataGetAccountAuthorizationDetailsOutput `json:"-" xml:"-"` -} - -type metadataGetAccountAuthorizationDetailsOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetAccountAuthorizationDetailsOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetAccountAuthorizationDetailsOutput) GoString() string { - return s.String() -} - -type GetAccountPasswordPolicyInput struct { - metadataGetAccountPasswordPolicyInput `json:"-" xml:"-"` -} - -type metadataGetAccountPasswordPolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetAccountPasswordPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetAccountPasswordPolicyInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetAccountPasswordPolicy request. -type GetAccountPasswordPolicyOutput struct { - // Contains information about the account password policy. - // - // This data type is used as a response element in the GetAccountPasswordPolicy - // action. - PasswordPolicy *PasswordPolicy `type:"structure" required:"true"` - - metadataGetAccountPasswordPolicyOutput `json:"-" xml:"-"` -} - -type metadataGetAccountPasswordPolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetAccountPasswordPolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetAccountPasswordPolicyOutput) GoString() string { - return s.String() -} - -type GetAccountSummaryInput struct { - metadataGetAccountSummaryInput `json:"-" xml:"-"` -} - -type metadataGetAccountSummaryInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetAccountSummaryInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetAccountSummaryInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetAccountSummary request. -type GetAccountSummaryOutput struct { - // A set of key value pairs containing information about IAM entity usage and - // IAM quotas. - // - // SummaryMap contains the following keys: AccessKeysPerUserQuota - // - // The maximum number of active access keys allowed for each IAM user. - // - // AccountAccessKeysPresent - // - // This value is 1 if the AWS account (root) has an access key, otherwise it - // is 0. - // - // AccountMFAEnabled - // - // This value is 1 if the AWS account (root) has an MFA device assigned, otherwise - // it is 0. - // - // AccountSigningCertificatesPresent - // - // This value is 1 if the AWS account (root) has a signing certificate, otherwise - // it is 0. - // - // AssumeRolePolicySizeQuota - // - // The maximum allowed size for assume role policy documents (trust policies), - // in non-whitespace characters. - // - // AttachedPoliciesPerGroupQuota - // - // The maximum number of managed policies that can be attached to an IAM group. - // - // AttachedPoliciesPerRoleQuota - // - // The maximum number of managed policies that can be attached to an IAM role. - // - // AttachedPoliciesPerUserQuota - // - // The maximum number of managed policies that can be attached to an IAM user. - // - // GroupPolicySizeQuota - // - // The maximum allowed size for the aggregate of all inline policies embedded - // in an IAM group, in non-whitespace characters. - // - // Groups - // - // The number of IAM groups in the AWS account. - // - // GroupsPerUserQuota - // - // The maximum number of IAM groups each IAM user can belong to. - // - // GroupsQuota - // - // The maximum number of IAM groups allowed in the AWS account. - // - // InstanceProfiles - // - // The number of instance profiles in the AWS account. - // - // InstanceProfilesQuota - // - // The maximum number of instance profiles allowed in the AWS account. - // - // MFADevices - // - // The number of MFA devices in the AWS account, including those assigned and - // unassigned. - // - // MFADevicesInUse - // - // The number of MFA devices that have been assigned to an IAM user or to the - // AWS account (root). - // - // Policies - // - // The number of customer managed policies in the AWS account. - // - // PoliciesQuota - // - // The maximum number of customer managed policies allowed in the AWS account. - // - // PolicySizeQuota - // - // The maximum allowed size of a customer managed policy, in non-whitespace - // characters. - // - // PolicyVersionsInUse - // - // The number of managed policies that are attached to IAM users, groups, or - // roles in the AWS account. - // - // PolicyVersionsInUseQuota - // - // The maximum number of managed policies that can be attached to IAM users, - // groups, or roles in the AWS account. - // - // Providers - // - // The number of identity providers in the AWS account. - // - // RolePolicySizeQuota - // - // The maximum allowed size for the aggregate of all inline policies (access - // policies, not the trust policy) embedded in an IAM role, in non-whitespace - // characters. - // - // Roles - // - // The number of IAM roles in the AWS account. - // - // RolesQuota - // - // The maximum number of IAM roles allowed in the AWS account. - // - // ServerCertificates - // - // The number of server certificates in the AWS account. - // - // ServerCertificatesQuota - // - // The maximum number of server certificates allowed in the AWS account. - // - // SigningCertificatesPerUserQuota - // - // The maximum number of X.509 signing certificates allowed for each IAM user. - // - // UserPolicySizeQuota - // - // The maximum allowed size for the aggregate of all inline policies embedded - // in an IAM user, in non-whitespace characters. - // - // Users - // - // The number of IAM users in the AWS account. - // - // UsersQuota - // - // The maximum number of IAM users allowed in the AWS account. - // - // VersionsPerPolicyQuota - // - // The maximum number of policy versions allowed for each managed policy. - SummaryMap map[string]*int64 `type:"map"` - - metadataGetAccountSummaryOutput `json:"-" xml:"-"` -} - -type metadataGetAccountSummaryOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetAccountSummaryOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetAccountSummaryOutput) GoString() string { - return s.String() -} - -type GetContextKeysForCustomPolicyInput struct { - // A list of policies for which you want list of context keys used in Condition - // elements. Each document is specified as a string containing the complete, - // valid JSON text of an IAM policy. - PolicyInputList []*string `type:"list" required:"true"` - - metadataGetContextKeysForCustomPolicyInput `json:"-" xml:"-"` -} - -type metadataGetContextKeysForCustomPolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetContextKeysForCustomPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetContextKeysForCustomPolicyInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetContextKeysForPrincipalPolicy or -// GetContextKeysForCustomPolicy request. -type GetContextKeysForPolicyResponse struct { - // The list of context keys that are used in the Condition elements of the input - // policies. - ContextKeyNames []*string `type:"list"` - - metadataGetContextKeysForPolicyResponse `json:"-" xml:"-"` -} - -type metadataGetContextKeysForPolicyResponse struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetContextKeysForPolicyResponse) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetContextKeysForPolicyResponse) GoString() string { - return s.String() -} - -type GetContextKeysForPrincipalPolicyInput struct { - // A optional list of additional policies for which you want list of context - // keys used in Condition elements. - PolicyInputList []*string `type:"list"` - - // The ARN of a user, group, or role whose policies contain the context keys - // that you want listed. If you specify a user, the list includes context keys - // that are found in all policies attached to the user as well as to all groups - // that the user is a member of. If you pick a group or a role, then it includes - // only those context keys that are found in policies attached to that entity. - // Note that all parameters are shown in unencoded form here for clarity, but - // must be URL encoded to be included as a part of a real HTML request. - PolicySourceArn *string `min:"20" type:"string" required:"true"` - - metadataGetContextKeysForPrincipalPolicyInput `json:"-" xml:"-"` -} - -type metadataGetContextKeysForPrincipalPolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetContextKeysForPrincipalPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetContextKeysForPrincipalPolicyInput) GoString() string { - return s.String() -} - -type GetCredentialReportInput struct { - metadataGetCredentialReportInput `json:"-" xml:"-"` -} - -type metadataGetCredentialReportInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetCredentialReportInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetCredentialReportInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetCredentialReport request. -type GetCredentialReportOutput struct { - // Contains the credential report. The report is Base64-encoded. - Content []byte `type:"blob"` - - // The date and time when the credential report was created, in ISO 8601 date-time - // format (http://www.iso.org/iso/iso8601). - GeneratedTime *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - // The format (MIME type) of the credential report. - ReportFormat *string `type:"string" enum:"ReportFormatType"` - - metadataGetCredentialReportOutput `json:"-" xml:"-"` -} - -type metadataGetCredentialReportOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetCredentialReportOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetCredentialReportOutput) GoString() string { - return s.String() -} - -type GetGroupInput struct { - // The name of the group. - GroupName *string `min:"1" type:"string" required:"true"` - - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - metadataGetGroupInput `json:"-" xml:"-"` -} - -type metadataGetGroupInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetGroupInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetGroupInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetGroup request. -type GetGroupOutput struct { - // Information about the group. - Group *Group `type:"structure" required:"true"` - - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - // A list of users in the group. - Users []*User `type:"list" required:"true"` - - metadataGetGroupOutput `json:"-" xml:"-"` -} - -type metadataGetGroupOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetGroupOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetGroupOutput) GoString() string { - return s.String() -} - -type GetGroupPolicyInput struct { - // The name of the group the policy is associated with. - GroupName *string `min:"1" type:"string" required:"true"` - - // The name of the policy document to get. - PolicyName *string `min:"1" type:"string" required:"true"` - - metadataGetGroupPolicyInput `json:"-" xml:"-"` -} - -type metadataGetGroupPolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetGroupPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetGroupPolicyInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetGroupPolicy request. -type GetGroupPolicyOutput struct { - // The group the policy is associated with. - GroupName *string `min:"1" type:"string" required:"true"` - - // The policy document. - PolicyDocument *string `min:"1" type:"string" required:"true"` - - // The name of the policy. - PolicyName *string `min:"1" type:"string" required:"true"` - - metadataGetGroupPolicyOutput `json:"-" xml:"-"` -} - -type metadataGetGroupPolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetGroupPolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetGroupPolicyOutput) GoString() string { - return s.String() -} - -type GetInstanceProfileInput struct { - // The name of the instance profile to get information about. - InstanceProfileName *string `min:"1" type:"string" required:"true"` - - metadataGetInstanceProfileInput `json:"-" xml:"-"` -} - -type metadataGetInstanceProfileInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetInstanceProfileInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetInstanceProfileInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetInstanceProfile request. -type GetInstanceProfileOutput struct { - // Information about the instance profile. - InstanceProfile *InstanceProfile `type:"structure" required:"true"` - - metadataGetInstanceProfileOutput `json:"-" xml:"-"` -} - -type metadataGetInstanceProfileOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetInstanceProfileOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetInstanceProfileOutput) GoString() string { - return s.String() -} - -type GetLoginProfileInput struct { - // The name of the user whose login profile you want to retrieve. - UserName *string `min:"1" type:"string" required:"true"` - - metadataGetLoginProfileInput `json:"-" xml:"-"` -} - -type metadataGetLoginProfileInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetLoginProfileInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetLoginProfileInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetLoginProfile request. -type GetLoginProfileOutput struct { - // The user name and password create date for the user. - LoginProfile *LoginProfile `type:"structure" required:"true"` - - metadataGetLoginProfileOutput `json:"-" xml:"-"` -} - -type metadataGetLoginProfileOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetLoginProfileOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetLoginProfileOutput) GoString() string { - return s.String() -} - -type GetOpenIDConnectProviderInput struct { - // The Amazon Resource Name (ARN) of the IAM OpenID Connect (OIDC) provider - // to get information for. You can get a list of OIDC provider ARNs by using - // the ListOpenIDConnectProviders action. - OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"` - - metadataGetOpenIDConnectProviderInput `json:"-" xml:"-"` -} - -type metadataGetOpenIDConnectProviderInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetOpenIDConnectProviderInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetOpenIDConnectProviderInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetOpenIDConnectProvider request. -type GetOpenIDConnectProviderOutput struct { - // A list of client IDs (also known as audiences) that are associated with the - // specified IAM OpenID Connect provider. For more information, see CreateOpenIDConnectProvider. - ClientIDList []*string `type:"list"` - - // The date and time when the IAM OpenID Connect provider entity was created - // in the AWS account. - CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - // A list of certificate thumbprints that are associated with the specified - // IAM OpenID Connect provider. For more information, see CreateOpenIDConnectProvider. - ThumbprintList []*string `type:"list"` - - // The URL that the IAM OpenID Connect provider is associated with. For more - // information, see CreateOpenIDConnectProvider. - Url *string `min:"1" type:"string"` - - metadataGetOpenIDConnectProviderOutput `json:"-" xml:"-"` -} - -type metadataGetOpenIDConnectProviderOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetOpenIDConnectProviderOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetOpenIDConnectProviderOutput) GoString() string { - return s.String() -} - -type GetPolicyInput struct { - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - PolicyArn *string `min:"20" type:"string" required:"true"` - - metadataGetPolicyInput `json:"-" xml:"-"` -} - -type metadataGetPolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetPolicyInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetPolicy request. -type GetPolicyOutput struct { - // Information about the policy. - Policy *Policy `type:"structure"` - - metadataGetPolicyOutput `json:"-" xml:"-"` -} - -type metadataGetPolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetPolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetPolicyOutput) GoString() string { - return s.String() -} - -type GetPolicyVersionInput struct { - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - PolicyArn *string `min:"20" type:"string" required:"true"` - - // Identifies the policy version to retrieve. - VersionId *string `type:"string" required:"true"` - - metadataGetPolicyVersionInput `json:"-" xml:"-"` -} - -type metadataGetPolicyVersionInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetPolicyVersionInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetPolicyVersionInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetPolicyVersion request. -type GetPolicyVersionOutput struct { - // Information about the policy version. - // - // For more information about managed policy versions, see Versioning for Managed - // Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) - // in the IAM User Guide. - PolicyVersion *PolicyVersion `type:"structure"` - - metadataGetPolicyVersionOutput `json:"-" xml:"-"` -} - -type metadataGetPolicyVersionOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetPolicyVersionOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetPolicyVersionOutput) GoString() string { - return s.String() -} - -type GetRoleInput struct { - // The name of the role to get information about. - RoleName *string `min:"1" type:"string" required:"true"` - - metadataGetRoleInput `json:"-" xml:"-"` -} - -type metadataGetRoleInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetRoleInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetRoleInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetRole request. -type GetRoleOutput struct { - // Information about the role. - Role *Role `type:"structure" required:"true"` - - metadataGetRoleOutput `json:"-" xml:"-"` -} - -type metadataGetRoleOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetRoleOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetRoleOutput) GoString() string { - return s.String() -} - -type GetRolePolicyInput struct { - // The name of the policy document to get. - PolicyName *string `min:"1" type:"string" required:"true"` - - // The name of the role associated with the policy. - RoleName *string `min:"1" type:"string" required:"true"` - - metadataGetRolePolicyInput `json:"-" xml:"-"` -} - -type metadataGetRolePolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetRolePolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetRolePolicyInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetRolePolicy request. -type GetRolePolicyOutput struct { - // The policy document. - PolicyDocument *string `min:"1" type:"string" required:"true"` - - // The name of the policy. - PolicyName *string `min:"1" type:"string" required:"true"` - - // The role the policy is associated with. - RoleName *string `min:"1" type:"string" required:"true"` - - metadataGetRolePolicyOutput `json:"-" xml:"-"` -} - -type metadataGetRolePolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetRolePolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetRolePolicyOutput) GoString() string { - return s.String() -} - -type GetSAMLProviderInput struct { - // The Amazon Resource Name (ARN) of the SAML provider to get information about. - SAMLProviderArn *string `min:"20" type:"string" required:"true"` - - metadataGetSAMLProviderInput `json:"-" xml:"-"` -} - -type metadataGetSAMLProviderInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetSAMLProviderInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetSAMLProviderInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetSAMLProvider request. -type GetSAMLProviderOutput struct { - // The date and time when the SAML provider was created. - CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - // The XML metadata document that includes information about an identity provider. - SAMLMetadataDocument *string `min:"1000" type:"string"` - - // The expiration date and time for the SAML provider. - ValidUntil *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - metadataGetSAMLProviderOutput `json:"-" xml:"-"` -} - -type metadataGetSAMLProviderOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetSAMLProviderOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetSAMLProviderOutput) GoString() string { - return s.String() -} - -type GetSSHPublicKeyInput struct { - // Specifies the public key encoding format to use in the response. To retrieve - // the public key in ssh-rsa format, use SSH. To retrieve the public key in - // PEM format, use PEM. - Encoding *string `type:"string" required:"true" enum:"encodingType"` - - // The unique identifier for the SSH public key. - SSHPublicKeyId *string `min:"20" type:"string" required:"true"` - - // The name of the IAM user associated with the SSH public key. - UserName *string `min:"1" type:"string" required:"true"` - - metadataGetSSHPublicKeyInput `json:"-" xml:"-"` -} - -type metadataGetSSHPublicKeyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetSSHPublicKeyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetSSHPublicKeyInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetSSHPublicKey request. -type GetSSHPublicKeyOutput struct { - // Information about the SSH public key. - SSHPublicKey *SSHPublicKey `type:"structure"` - - metadataGetSSHPublicKeyOutput `json:"-" xml:"-"` -} - -type metadataGetSSHPublicKeyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetSSHPublicKeyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetSSHPublicKeyOutput) GoString() string { - return s.String() -} - -type GetServerCertificateInput struct { - // The name of the server certificate you want to retrieve information about. - ServerCertificateName *string `min:"1" type:"string" required:"true"` - - metadataGetServerCertificateInput `json:"-" xml:"-"` -} - -type metadataGetServerCertificateInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetServerCertificateInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetServerCertificateInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetServerCertificate request. -type GetServerCertificateOutput struct { - // Information about the server certificate. - ServerCertificate *ServerCertificate `type:"structure" required:"true"` - - metadataGetServerCertificateOutput `json:"-" xml:"-"` -} - -type metadataGetServerCertificateOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetServerCertificateOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetServerCertificateOutput) GoString() string { - return s.String() -} - -type GetUserInput struct { - // The name of the user to get information about. - // - // This parameter is optional. If it is not included, it defaults to the user - // making the request. - UserName *string `min:"1" type:"string"` - - metadataGetUserInput `json:"-" xml:"-"` -} - -type metadataGetUserInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetUserInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetUserInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetUser request. -type GetUserOutput struct { - // Information about the user. - User *User `type:"structure" required:"true"` - - metadataGetUserOutput `json:"-" xml:"-"` -} - -type metadataGetUserOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetUserOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetUserOutput) GoString() string { - return s.String() -} - -type GetUserPolicyInput struct { - // The name of the policy document to get. - PolicyName *string `min:"1" type:"string" required:"true"` - - // The name of the user who the policy is associated with. - UserName *string `min:"1" type:"string" required:"true"` - - metadataGetUserPolicyInput `json:"-" xml:"-"` -} - -type metadataGetUserPolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetUserPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetUserPolicyInput) GoString() string { - return s.String() -} - -// Contains the response to a successful GetUserPolicy request. -type GetUserPolicyOutput struct { - // The policy document. - PolicyDocument *string `min:"1" type:"string" required:"true"` - - // The name of the policy. - PolicyName *string `min:"1" type:"string" required:"true"` - - // The user the policy is associated with. - UserName *string `min:"1" type:"string" required:"true"` - - metadataGetUserPolicyOutput `json:"-" xml:"-"` -} - -type metadataGetUserPolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GetUserPolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GetUserPolicyOutput) GoString() string { - return s.String() -} - -// Contains information about an IAM group entity. -// -// This data type is used as a response element in the following actions: -// -// CreateGroup GetGroup ListGroups -type Group struct { - // The Amazon Resource Name (ARN) specifying the group. For more information - // about ARNs and how to use them in policies, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - Arn *string `min:"20" type:"string" required:"true"` - - // The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), - // when the group was created. - CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"` - - // The stable and unique string identifying the group. For more information - // about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - GroupId *string `min:"16" type:"string" required:"true"` - - // The friendly name that identifies the group. - GroupName *string `min:"1" type:"string" required:"true"` - - // The path to the group. For more information about paths, see IAM Identifiers - // (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - Path *string `min:"1" type:"string" required:"true"` - - metadataGroup `json:"-" xml:"-"` -} - -type metadataGroup struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s Group) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s Group) GoString() string { - return s.String() -} - -// Contains information about an IAM group, including all of the group's policies. -// -// This data type is used as a response element in the GetAccountAuthorizationDetails -// action. -type GroupDetail struct { - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - Arn *string `min:"20" type:"string"` - - // A list of the managed policies attached to the group. - AttachedManagedPolicies []*AttachedPolicy `type:"list"` - - // The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), - // when the group was created. - CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - // The stable and unique string identifying the group. For more information - // about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - GroupId *string `min:"16" type:"string"` - - // The friendly name that identifies the group. - GroupName *string `min:"1" type:"string"` - - // A list of the inline policies embedded in the group. - GroupPolicyList []*PolicyDetail `type:"list"` - - // The path to the group. For more information about paths, see IAM Identifiers - // (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - Path *string `min:"1" type:"string"` - - metadataGroupDetail `json:"-" xml:"-"` -} - -type metadataGroupDetail struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s GroupDetail) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s GroupDetail) GoString() string { - return s.String() -} - -// Contains information about an instance profile. -// -// This data type is used as a response element in the following actions: -// -// CreateInstanceProfile -// -// GetInstanceProfile -// -// ListInstanceProfiles -// -// ListInstanceProfilesForRole -type InstanceProfile struct { - // The Amazon Resource Name (ARN) specifying the instance profile. For more - // information about ARNs and how to use them in policies, see IAM Identifiers - // (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - Arn *string `min:"20" type:"string" required:"true"` - - // The date when the instance profile was created. - CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"` - - // The stable and unique string identifying the instance profile. For more information - // about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - InstanceProfileId *string `min:"16" type:"string" required:"true"` - - // The name identifying the instance profile. - InstanceProfileName *string `min:"1" type:"string" required:"true"` - - // The path to the instance profile. For more information about paths, see IAM - // Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - Path *string `min:"1" type:"string" required:"true"` - - // The role associated with the instance profile. - Roles []*Role `type:"list" required:"true"` - - metadataInstanceProfile `json:"-" xml:"-"` -} - -type metadataInstanceProfile struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s InstanceProfile) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s InstanceProfile) GoString() string { - return s.String() -} - -type ListAccessKeysInput struct { - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // The name of the user. - UserName *string `min:"1" type:"string"` - - metadataListAccessKeysInput `json:"-" xml:"-"` -} - -type metadataListAccessKeysInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListAccessKeysInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListAccessKeysInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListAccessKeys request. -type ListAccessKeysOutput struct { - // A list of access key metadata. - AccessKeyMetadata []*AccessKeyMetadata `type:"list" required:"true"` - - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - metadataListAccessKeysOutput `json:"-" xml:"-"` -} - -type metadataListAccessKeysOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListAccessKeysOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListAccessKeysOutput) GoString() string { - return s.String() -} - -type ListAccountAliasesInput struct { - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - metadataListAccountAliasesInput `json:"-" xml:"-"` -} - -type metadataListAccountAliasesInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListAccountAliasesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListAccountAliasesInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListAccountAliases request. -type ListAccountAliasesOutput struct { - // A list of aliases associated with the account. AWS supports only one alias - // per account. - AccountAliases []*string `type:"list" required:"true"` - - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - metadataListAccountAliasesOutput `json:"-" xml:"-"` -} - -type metadataListAccountAliasesOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListAccountAliasesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListAccountAliasesOutput) GoString() string { - return s.String() -} - -type ListAttachedGroupPoliciesInput struct { - // The name (friendly name, not ARN) of the group to list attached policies - // for. - GroupName *string `min:"1" type:"string" required:"true"` - - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // The path prefix for filtering the results. This parameter is optional. If - // it is not included, it defaults to a slash (/), listing all policies. - PathPrefix *string `type:"string"` - - metadataListAttachedGroupPoliciesInput `json:"-" xml:"-"` -} - -type metadataListAttachedGroupPoliciesInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListAttachedGroupPoliciesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListAttachedGroupPoliciesInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListAttachedGroupPolicies request. -type ListAttachedGroupPoliciesOutput struct { - // A list of the attached policies. - AttachedPolicies []*AttachedPolicy `type:"list"` - - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - metadataListAttachedGroupPoliciesOutput `json:"-" xml:"-"` -} - -type metadataListAttachedGroupPoliciesOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListAttachedGroupPoliciesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListAttachedGroupPoliciesOutput) GoString() string { - return s.String() -} - -type ListAttachedRolePoliciesInput struct { - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // The path prefix for filtering the results. This parameter is optional. If - // it is not included, it defaults to a slash (/), listing all policies. - PathPrefix *string `type:"string"` - - // The name (friendly name, not ARN) of the role to list attached policies for. - RoleName *string `min:"1" type:"string" required:"true"` - - metadataListAttachedRolePoliciesInput `json:"-" xml:"-"` -} - -type metadataListAttachedRolePoliciesInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListAttachedRolePoliciesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListAttachedRolePoliciesInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListAttachedRolePolicies request. -type ListAttachedRolePoliciesOutput struct { - // A list of the attached policies. - AttachedPolicies []*AttachedPolicy `type:"list"` - - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - metadataListAttachedRolePoliciesOutput `json:"-" xml:"-"` -} - -type metadataListAttachedRolePoliciesOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListAttachedRolePoliciesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListAttachedRolePoliciesOutput) GoString() string { - return s.String() -} - -type ListAttachedUserPoliciesInput struct { - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // The path prefix for filtering the results. This parameter is optional. If - // it is not included, it defaults to a slash (/), listing all policies. - PathPrefix *string `type:"string"` - - // The name (friendly name, not ARN) of the user to list attached policies for. - UserName *string `min:"1" type:"string" required:"true"` - - metadataListAttachedUserPoliciesInput `json:"-" xml:"-"` -} - -type metadataListAttachedUserPoliciesInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListAttachedUserPoliciesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListAttachedUserPoliciesInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListAttachedUserPolicies request. -type ListAttachedUserPoliciesOutput struct { - // A list of the attached policies. - AttachedPolicies []*AttachedPolicy `type:"list"` - - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - metadataListAttachedUserPoliciesOutput `json:"-" xml:"-"` -} - -type metadataListAttachedUserPoliciesOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListAttachedUserPoliciesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListAttachedUserPoliciesOutput) GoString() string { - return s.String() -} - -type ListEntitiesForPolicyInput struct { - // The entity type to use for filtering the results. - // - // For example, when EntityFilter is Role, only the roles that are attached - // to the specified policy are returned. This parameter is optional. If it is - // not included, all attached entities (users, groups, and roles) are returned. - EntityFilter *string `type:"string" enum:"EntityType"` - - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // The path prefix for filtering the results. This parameter is optional. If - // it is not included, it defaults to a slash (/), listing all entities. - PathPrefix *string `min:"1" type:"string"` - - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - PolicyArn *string `min:"20" type:"string" required:"true"` - - metadataListEntitiesForPolicyInput `json:"-" xml:"-"` -} - -type metadataListEntitiesForPolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListEntitiesForPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListEntitiesForPolicyInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListEntitiesForPolicy request. -type ListEntitiesForPolicyOutput struct { - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - // A list of groups that the policy is attached to. - PolicyGroups []*PolicyGroup `type:"list"` - - // A list of roles that the policy is attached to. - PolicyRoles []*PolicyRole `type:"list"` - - // A list of users that the policy is attached to. - PolicyUsers []*PolicyUser `type:"list"` - - metadataListEntitiesForPolicyOutput `json:"-" xml:"-"` -} - -type metadataListEntitiesForPolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListEntitiesForPolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListEntitiesForPolicyOutput) GoString() string { - return s.String() -} - -type ListGroupPoliciesInput struct { - // The name of the group to list policies for. - GroupName *string `min:"1" type:"string" required:"true"` - - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - metadataListGroupPoliciesInput `json:"-" xml:"-"` -} - -type metadataListGroupPoliciesInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListGroupPoliciesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListGroupPoliciesInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListGroupPolicies request. -type ListGroupPoliciesOutput struct { - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - // A list of policy names. - PolicyNames []*string `type:"list" required:"true"` - - metadataListGroupPoliciesOutput `json:"-" xml:"-"` -} - -type metadataListGroupPoliciesOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListGroupPoliciesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListGroupPoliciesOutput) GoString() string { - return s.String() -} - -type ListGroupsForUserInput struct { - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // The name of the user to list groups for. - UserName *string `min:"1" type:"string" required:"true"` - - metadataListGroupsForUserInput `json:"-" xml:"-"` -} - -type metadataListGroupsForUserInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListGroupsForUserInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListGroupsForUserInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListGroupsForUser request. -type ListGroupsForUserOutput struct { - // A list of groups. - Groups []*Group `type:"list" required:"true"` - - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - metadataListGroupsForUserOutput `json:"-" xml:"-"` -} - -type metadataListGroupsForUserOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListGroupsForUserOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListGroupsForUserOutput) GoString() string { - return s.String() -} - -type ListGroupsInput struct { - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // The path prefix for filtering the results. For example, the prefix /division_abc/subdivision_xyz/ - // gets all groups whose path starts with /division_abc/subdivision_xyz/. - // - // This parameter is optional. If it is not included, it defaults to a slash - // (/), listing all groups. - PathPrefix *string `min:"1" type:"string"` - - metadataListGroupsInput `json:"-" xml:"-"` -} - -type metadataListGroupsInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListGroupsInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListGroupsInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListGroups request. -type ListGroupsOutput struct { - // A list of groups. - Groups []*Group `type:"list" required:"true"` - - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - metadataListGroupsOutput `json:"-" xml:"-"` -} - -type metadataListGroupsOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListGroupsOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListGroupsOutput) GoString() string { - return s.String() -} - -type ListInstanceProfilesForRoleInput struct { - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // The name of the role to list instance profiles for. - RoleName *string `min:"1" type:"string" required:"true"` - - metadataListInstanceProfilesForRoleInput `json:"-" xml:"-"` -} - -type metadataListInstanceProfilesForRoleInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListInstanceProfilesForRoleInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListInstanceProfilesForRoleInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListInstanceProfilesForRole request. -type ListInstanceProfilesForRoleOutput struct { - // A list of instance profiles. - InstanceProfiles []*InstanceProfile `type:"list" required:"true"` - - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - metadataListInstanceProfilesForRoleOutput `json:"-" xml:"-"` -} - -type metadataListInstanceProfilesForRoleOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListInstanceProfilesForRoleOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListInstanceProfilesForRoleOutput) GoString() string { - return s.String() -} - -type ListInstanceProfilesInput struct { - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // The path prefix for filtering the results. For example, the prefix /application_abc/component_xyz/ - // gets all instance profiles whose path starts with /application_abc/component_xyz/. - // - // This parameter is optional. If it is not included, it defaults to a slash - // (/), listing all instance profiles. - PathPrefix *string `min:"1" type:"string"` - - metadataListInstanceProfilesInput `json:"-" xml:"-"` -} - -type metadataListInstanceProfilesInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListInstanceProfilesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListInstanceProfilesInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListInstanceProfiles request. -type ListInstanceProfilesOutput struct { - // A list of instance profiles. - InstanceProfiles []*InstanceProfile `type:"list" required:"true"` - - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - metadataListInstanceProfilesOutput `json:"-" xml:"-"` -} - -type metadataListInstanceProfilesOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListInstanceProfilesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListInstanceProfilesOutput) GoString() string { - return s.String() -} - -type ListMFADevicesInput struct { - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // The name of the user whose MFA devices you want to list. - UserName *string `min:"1" type:"string"` - - metadataListMFADevicesInput `json:"-" xml:"-"` -} - -type metadataListMFADevicesInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListMFADevicesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListMFADevicesInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListMFADevices request. -type ListMFADevicesOutput struct { - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // A list of MFA devices. - MFADevices []*MFADevice `type:"list" required:"true"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - metadataListMFADevicesOutput `json:"-" xml:"-"` -} - -type metadataListMFADevicesOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListMFADevicesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListMFADevicesOutput) GoString() string { - return s.String() -} - -type ListOpenIDConnectProvidersInput struct { - metadataListOpenIDConnectProvidersInput `json:"-" xml:"-"` -} - -type metadataListOpenIDConnectProvidersInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListOpenIDConnectProvidersInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListOpenIDConnectProvidersInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListOpenIDConnectProviders request. -type ListOpenIDConnectProvidersOutput struct { - // The list of IAM OpenID Connect providers in the AWS account. - OpenIDConnectProviderList []*OpenIDConnectProviderListEntry `type:"list"` - - metadataListOpenIDConnectProvidersOutput `json:"-" xml:"-"` -} - -type metadataListOpenIDConnectProvidersOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListOpenIDConnectProvidersOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListOpenIDConnectProvidersOutput) GoString() string { - return s.String() -} - -type ListPoliciesInput struct { - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // A flag to filter the results to only the attached policies. - // - // When OnlyAttached is true, the returned list contains only the policies - // that are attached to a user, group, or role. When OnlyAttached is false, - // or when the parameter is not included, all policies are returned. - OnlyAttached *bool `type:"boolean"` - - // The path prefix for filtering the results. This parameter is optional. If - // it is not included, it defaults to a slash (/), listing all policies. - PathPrefix *string `type:"string"` - - // The scope to use for filtering the results. - // - // To list only AWS managed policies, set Scope to AWS. To list only the customer - // managed policies in your AWS account, set Scope to Local. - // - // This parameter is optional. If it is not included, or if it is set to All, - // all policies are returned. - Scope *string `type:"string" enum:"policyScopeType"` - - metadataListPoliciesInput `json:"-" xml:"-"` -} - -type metadataListPoliciesInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListPoliciesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListPoliciesInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListPolicies request. -type ListPoliciesOutput struct { - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - // A list of policies. - Policies []*Policy `type:"list"` - - metadataListPoliciesOutput `json:"-" xml:"-"` -} - -type metadataListPoliciesOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListPoliciesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListPoliciesOutput) GoString() string { - return s.String() -} - -type ListPolicyVersionsInput struct { - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - PolicyArn *string `min:"20" type:"string" required:"true"` - - metadataListPolicyVersionsInput `json:"-" xml:"-"` -} - -type metadataListPolicyVersionsInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListPolicyVersionsInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListPolicyVersionsInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListPolicyVersions request. -type ListPolicyVersionsOutput struct { - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - // A list of policy versions. - // - // For more information about managed policy versions, see Versioning for Managed - // Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) - // in the IAM User Guide. - Versions []*PolicyVersion `type:"list"` - - metadataListPolicyVersionsOutput `json:"-" xml:"-"` -} - -type metadataListPolicyVersionsOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListPolicyVersionsOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListPolicyVersionsOutput) GoString() string { - return s.String() -} - -type ListRolePoliciesInput struct { - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // The name of the role to list policies for. - RoleName *string `min:"1" type:"string" required:"true"` - - metadataListRolePoliciesInput `json:"-" xml:"-"` -} - -type metadataListRolePoliciesInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListRolePoliciesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListRolePoliciesInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListRolePolicies request. -type ListRolePoliciesOutput struct { - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - // A list of policy names. - PolicyNames []*string `type:"list" required:"true"` - - metadataListRolePoliciesOutput `json:"-" xml:"-"` -} - -type metadataListRolePoliciesOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListRolePoliciesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListRolePoliciesOutput) GoString() string { - return s.String() -} - -type ListRolesInput struct { - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // The path prefix for filtering the results. For example, the prefix /application_abc/component_xyz/ - // gets all roles whose path starts with /application_abc/component_xyz/. - // - // This parameter is optional. If it is not included, it defaults to a slash - // (/), listing all roles. - PathPrefix *string `min:"1" type:"string"` - - metadataListRolesInput `json:"-" xml:"-"` -} - -type metadataListRolesInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListRolesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListRolesInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListRoles request. -type ListRolesOutput struct { - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - // A list of roles. - Roles []*Role `type:"list" required:"true"` - - metadataListRolesOutput `json:"-" xml:"-"` -} - -type metadataListRolesOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListRolesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListRolesOutput) GoString() string { - return s.String() -} - -type ListSAMLProvidersInput struct { - metadataListSAMLProvidersInput `json:"-" xml:"-"` -} - -type metadataListSAMLProvidersInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListSAMLProvidersInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListSAMLProvidersInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListSAMLProviders request. -type ListSAMLProvidersOutput struct { - // The list of SAML providers for this account. - SAMLProviderList []*SAMLProviderListEntry `type:"list"` - - metadataListSAMLProvidersOutput `json:"-" xml:"-"` -} - -type metadataListSAMLProvidersOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListSAMLProvidersOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListSAMLProvidersOutput) GoString() string { - return s.String() -} - -type ListSSHPublicKeysInput struct { - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // The name of the IAM user to list SSH public keys for. If none is specified, - // the UserName field is determined implicitly based on the AWS access key used - // to sign the request. - UserName *string `min:"1" type:"string"` - - metadataListSSHPublicKeysInput `json:"-" xml:"-"` -} - -type metadataListSSHPublicKeysInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListSSHPublicKeysInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListSSHPublicKeysInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListSSHPublicKeys request. -type ListSSHPublicKeysOutput struct { - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - // A list of SSH public keys. - SSHPublicKeys []*SSHPublicKeyMetadata `type:"list"` - - metadataListSSHPublicKeysOutput `json:"-" xml:"-"` -} - -type metadataListSSHPublicKeysOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListSSHPublicKeysOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListSSHPublicKeysOutput) GoString() string { - return s.String() -} - -type ListServerCertificatesInput struct { - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // The path prefix for filtering the results. For example: /company/servercerts - // would get all server certificates for which the path starts with /company/servercerts. - // - // This parameter is optional. If it is not included, it defaults to a slash - // (/), listing all server certificates. - PathPrefix *string `min:"1" type:"string"` - - metadataListServerCertificatesInput `json:"-" xml:"-"` -} - -type metadataListServerCertificatesInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListServerCertificatesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListServerCertificatesInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListServerCertificates request. -type ListServerCertificatesOutput struct { - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - // A list of server certificates. - ServerCertificateMetadataList []*ServerCertificateMetadata `type:"list" required:"true"` - - metadataListServerCertificatesOutput `json:"-" xml:"-"` -} - -type metadataListServerCertificatesOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListServerCertificatesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListServerCertificatesOutput) GoString() string { - return s.String() -} - -type ListSigningCertificatesInput struct { - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // The name of the user. - UserName *string `min:"1" type:"string"` - - metadataListSigningCertificatesInput `json:"-" xml:"-"` -} - -type metadataListSigningCertificatesInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListSigningCertificatesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListSigningCertificatesInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListSigningCertificates request. -type ListSigningCertificatesOutput struct { - // A list of the user's signing certificate information. - Certificates []*SigningCertificate `type:"list" required:"true"` - - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - metadataListSigningCertificatesOutput `json:"-" xml:"-"` -} - -type metadataListSigningCertificatesOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListSigningCertificatesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListSigningCertificatesOutput) GoString() string { - return s.String() -} - -type ListUserPoliciesInput struct { - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // The name of the user to list policies for. - UserName *string `min:"1" type:"string" required:"true"` - - metadataListUserPoliciesInput `json:"-" xml:"-"` -} - -type metadataListUserPoliciesInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListUserPoliciesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListUserPoliciesInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListUserPolicies request. -type ListUserPoliciesOutput struct { - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - // A list of policy names. - PolicyNames []*string `type:"list" required:"true"` - - metadataListUserPoliciesOutput `json:"-" xml:"-"` -} - -type metadataListUserPoliciesOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListUserPoliciesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListUserPoliciesOutput) GoString() string { - return s.String() -} - -type ListUsersInput struct { - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // The path prefix for filtering the results. For example: /division_abc/subdivision_xyz/, - // which would get all user names whose path starts with /division_abc/subdivision_xyz/. - // - // This parameter is optional. If it is not included, it defaults to a slash - // (/), listing all user names. - PathPrefix *string `min:"1" type:"string"` - - metadataListUsersInput `json:"-" xml:"-"` -} - -type metadataListUsersInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListUsersInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListUsersInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListUsers request. -type ListUsersOutput struct { - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - // A list of users. - Users []*User `type:"list" required:"true"` - - metadataListUsersOutput `json:"-" xml:"-"` -} - -type metadataListUsersOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListUsersOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListUsersOutput) GoString() string { - return s.String() -} - -type ListVirtualMFADevicesInput struct { - // The status (unassigned or assigned) of the devices to list. If you do not - // specify an AssignmentStatus, the action defaults to Any which lists both - // assigned and unassigned virtual MFA devices. - AssignmentStatus *string `type:"string" enum:"assignmentStatusType"` - - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - metadataListVirtualMFADevicesInput `json:"-" xml:"-"` -} - -type metadataListVirtualMFADevicesInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListVirtualMFADevicesInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListVirtualMFADevicesInput) GoString() string { - return s.String() -} - -// Contains the response to a successful ListVirtualMFADevices request. -type ListVirtualMFADevicesOutput struct { - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - // The list of virtual MFA devices in the current account that match the AssignmentStatus - // value that was passed in the request. - VirtualMFADevices []*VirtualMFADevice `type:"list" required:"true"` - - metadataListVirtualMFADevicesOutput `json:"-" xml:"-"` -} - -type metadataListVirtualMFADevicesOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ListVirtualMFADevicesOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ListVirtualMFADevicesOutput) GoString() string { - return s.String() -} - -// Contains the user name and password create date for a user. -// -// This data type is used as a response element in the CreateLoginProfile -// and GetLoginProfile actions. -type LoginProfile struct { - // The date when the password for the user was created. - CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"` - - // Specifies whether the user is required to set a new password on next sign-in. - PasswordResetRequired *bool `type:"boolean"` - - // The name of the user, which can be used for signing in to the AWS Management - // Console. - UserName *string `min:"1" type:"string" required:"true"` - - metadataLoginProfile `json:"-" xml:"-"` -} - -type metadataLoginProfile struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s LoginProfile) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s LoginProfile) GoString() string { - return s.String() -} - -// Contains information about an MFA device. -// -// This data type is used as a response element in the ListMFADevices action. -type MFADevice struct { - // The date when the MFA device was enabled for the user. - EnableDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"` - - // The serial number that uniquely identifies the MFA device. For virtual MFA - // devices, the serial number is the device ARN. - SerialNumber *string `min:"9" type:"string" required:"true"` - - // The user with whom the MFA device is associated. - UserName *string `min:"1" type:"string" required:"true"` - - metadataMFADevice `json:"-" xml:"-"` -} - -type metadataMFADevice struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s MFADevice) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s MFADevice) GoString() string { - return s.String() -} - -// Contains information about a managed policy, including the policy's ARN, -// versions, and the number of principal entities (users, groups, and roles) -// that the policy is attached to. -// -// This data type is used as a response element in the GetAccountAuthorizationDetails -// action. -// -// For more information about managed policies, see Managed Policies and Inline -// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the Using IAM guide. -type ManagedPolicyDetail struct { - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - Arn *string `min:"20" type:"string"` - - // The number of principal entities (users, groups, and roles) that the policy - // is attached to. - AttachmentCount *int64 `type:"integer"` - - // The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), - // when the policy was created. - CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - // The identifier for the version of the policy that is set as the default (operative) - // version. - // - // For more information about policy versions, see Versioning for Managed Policies - // (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) - // in the Using IAM guide. - DefaultVersionId *string `type:"string"` - - // A friendly description of the policy. - Description *string `type:"string"` - - // Specifies whether the policy can be attached to an IAM user, group, or role. - IsAttachable *bool `type:"boolean"` - - // The path to the policy. - // - // For more information about paths, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - Path *string `type:"string"` - - // The stable and unique string identifying the policy. - // - // For more information about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - PolicyId *string `min:"16" type:"string"` - - // The friendly name (not ARN) identifying the policy. - PolicyName *string `min:"1" type:"string"` - - // A list containing information about the versions of the policy. - PolicyVersionList []*PolicyVersion `type:"list"` - - // The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), - // when the policy was last updated. - // - // When a policy has only one version, this field contains the date and time - // when the policy was created. When a policy has more than one version, this - // field contains the date and time when the most recent policy version was - // created. - UpdateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - metadataManagedPolicyDetail `json:"-" xml:"-"` -} - -type metadataManagedPolicyDetail struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ManagedPolicyDetail) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ManagedPolicyDetail) GoString() string { - return s.String() -} - -// Contains the Amazon Resource Name (ARN) for an IAM OpenID Connect provider. -type OpenIDConnectProviderListEntry struct { - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - Arn *string `min:"20" type:"string"` - - metadataOpenIDConnectProviderListEntry `json:"-" xml:"-"` -} - -type metadataOpenIDConnectProviderListEntry struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s OpenIDConnectProviderListEntry) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s OpenIDConnectProviderListEntry) GoString() string { - return s.String() -} - -// Contains information about the account password policy. -// -// This data type is used as a response element in the GetAccountPasswordPolicy -// action. -type PasswordPolicy struct { - // Specifies whether IAM users are allowed to change their own password. - AllowUsersToChangePassword *bool `type:"boolean"` - - // Indicates whether passwords in the account expire. Returns true if MaxPasswordAge - // is contains a value greater than 0. Returns false if MaxPasswordAge is 0 - // or not present. - ExpirePasswords *bool `type:"boolean"` - - // Specifies whether IAM users are prevented from setting a new password after - // their password has expired. - HardExpiry *bool `type:"boolean"` - - // The number of days that an IAM user password is valid. - MaxPasswordAge *int64 `min:"1" type:"integer"` - - // Minimum length to require for IAM user passwords. - MinimumPasswordLength *int64 `min:"6" type:"integer"` - - // Specifies the number of previous passwords that IAM users are prevented from - // reusing. - PasswordReusePrevention *int64 `min:"1" type:"integer"` - - // Specifies whether to require lowercase characters for IAM user passwords. - RequireLowercaseCharacters *bool `type:"boolean"` - - // Specifies whether to require numbers for IAM user passwords. - RequireNumbers *bool `type:"boolean"` - - // Specifies whether to require symbols for IAM user passwords. - RequireSymbols *bool `type:"boolean"` - - // Specifies whether to require uppercase characters for IAM user passwords. - RequireUppercaseCharacters *bool `type:"boolean"` - - metadataPasswordPolicy `json:"-" xml:"-"` -} - -type metadataPasswordPolicy struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s PasswordPolicy) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s PasswordPolicy) GoString() string { - return s.String() -} - -// Contains information about a managed policy. -// -// This data type is used as a response element in the CreatePolicy, GetPolicy, -// and ListPolicies actions. -// -// For more information about managed policies, refer to Managed Policies and -// Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the Using IAM guide. -type Policy struct { - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - Arn *string `min:"20" type:"string"` - - // The number of entities (users, groups, and roles) that the policy is attached - // to. - AttachmentCount *int64 `type:"integer"` - - // The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), - // when the policy was created. - CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - // The identifier for the version of the policy that is set as the default version. - DefaultVersionId *string `type:"string"` - - // A friendly description of the policy. - // - // This element is included in the response to the GetPolicy operation. It - // is not included in the response to the ListPolicies operation. - Description *string `type:"string"` - - // Specifies whether the policy can be attached to an IAM user, group, or role. - IsAttachable *bool `type:"boolean"` - - // The path to the policy. - // - // For more information about paths, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - Path *string `type:"string"` - - // The stable and unique string identifying the policy. - // - // For more information about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - PolicyId *string `min:"16" type:"string"` - - // The friendly name (not ARN) identifying the policy. - PolicyName *string `min:"1" type:"string"` - - // The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), - // when the policy was last updated. - // - // When a policy has only one version, this field contains the date and time - // when the policy was created. When a policy has more than one version, this - // field contains the date and time when the most recent policy version was - // created. - UpdateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - metadataPolicy `json:"-" xml:"-"` -} - -type metadataPolicy struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s Policy) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s Policy) GoString() string { - return s.String() -} - -// Contains information about an IAM policy, including the policy document. -// -// This data type is used as a response element in the GetAccountAuthorizationDetails -// action. -type PolicyDetail struct { - // The policy document. - PolicyDocument *string `min:"1" type:"string"` - - // The name of the policy. - PolicyName *string `min:"1" type:"string"` - - metadataPolicyDetail `json:"-" xml:"-"` -} - -type metadataPolicyDetail struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s PolicyDetail) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s PolicyDetail) GoString() string { - return s.String() -} - -// Contains information about a group that a managed policy is attached to. -// -// This data type is used as a response element in the ListEntitiesForPolicy -// action. -// -// For more information about managed policies, refer to Managed Policies and -// Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the Using IAM guide. -type PolicyGroup struct { - // The name (friendly name, not ARN) identifying the group. - GroupName *string `min:"1" type:"string"` - - metadataPolicyGroup `json:"-" xml:"-"` -} - -type metadataPolicyGroup struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s PolicyGroup) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s PolicyGroup) GoString() string { - return s.String() -} - -// Contains information about a role that a managed policy is attached to. -// -// This data type is used as a response element in the ListEntitiesForPolicy -// action. -// -// For more information about managed policies, refer to Managed Policies and -// Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the Using IAM guide. -type PolicyRole struct { - // The name (friendly name, not ARN) identifying the role. - RoleName *string `min:"1" type:"string"` - - metadataPolicyRole `json:"-" xml:"-"` -} - -type metadataPolicyRole struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s PolicyRole) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s PolicyRole) GoString() string { - return s.String() -} - -// Contains information about a user that a managed policy is attached to. -// -// This data type is used as a response element in the ListEntitiesForPolicy -// action. -// -// For more information about managed policies, refer to Managed Policies and -// Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the Using IAM guide. -type PolicyUser struct { - // The name (friendly name, not ARN) identifying the user. - UserName *string `min:"1" type:"string"` - - metadataPolicyUser `json:"-" xml:"-"` -} - -type metadataPolicyUser struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s PolicyUser) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s PolicyUser) GoString() string { - return s.String() -} - -// Contains information about a version of a managed policy. -// -// This data type is used as a response element in the CreatePolicyVersion, -// GetPolicyVersion, ListPolicyVersions, and GetAccountAuthorizationDetails -// actions. -// -// For more information about managed policies, refer to Managed Policies and -// Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) -// in the Using IAM guide. -type PolicyVersion struct { - // The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), - // when the policy version was created. - CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - // The policy document. - // - // The policy document is returned in the response to the GetPolicyVersion - // and GetAccountAuthorizationDetails operations. It is not returned in the - // response to the CreatePolicyVersion or ListPolicyVersions operations. - Document *string `min:"1" type:"string"` - - // Specifies whether the policy version is set as the policy's default version. - IsDefaultVersion *bool `type:"boolean"` - - // The identifier for the policy version. - // - // Policy version identifiers always begin with v (always lowercase). When - // a policy is created, the first policy version is v1. - VersionId *string `type:"string"` - - metadataPolicyVersion `json:"-" xml:"-"` -} - -type metadataPolicyVersion struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s PolicyVersion) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s PolicyVersion) GoString() string { - return s.String() -} - -// Contains the row and column of a location of a Statement element in a policy -// document. -// -// This data type is used as a member of the Statement type. -type Position struct { - // The column in the line containing the specified position in the document. - Column *int64 `type:"integer"` - - // The line containing the specified position in the document. - Line *int64 `type:"integer"` - - metadataPosition `json:"-" xml:"-"` -} - -type metadataPosition struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s Position) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s Position) GoString() string { - return s.String() -} - -type PutGroupPolicyInput struct { - // The name of the group to associate the policy with. - GroupName *string `min:"1" type:"string" required:"true"` - - // The policy document. - PolicyDocument *string `min:"1" type:"string" required:"true"` - - // The name of the policy document. - PolicyName *string `min:"1" type:"string" required:"true"` - - metadataPutGroupPolicyInput `json:"-" xml:"-"` -} - -type metadataPutGroupPolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s PutGroupPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s PutGroupPolicyInput) GoString() string { - return s.String() -} - -type PutGroupPolicyOutput struct { - metadataPutGroupPolicyOutput `json:"-" xml:"-"` -} - -type metadataPutGroupPolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s PutGroupPolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s PutGroupPolicyOutput) GoString() string { - return s.String() -} - -type PutRolePolicyInput struct { - // The policy document. - PolicyDocument *string `min:"1" type:"string" required:"true"` - - // The name of the policy document. - PolicyName *string `min:"1" type:"string" required:"true"` - - // The name of the role to associate the policy with. - RoleName *string `min:"1" type:"string" required:"true"` - - metadataPutRolePolicyInput `json:"-" xml:"-"` -} - -type metadataPutRolePolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s PutRolePolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s PutRolePolicyInput) GoString() string { - return s.String() -} - -type PutRolePolicyOutput struct { - metadataPutRolePolicyOutput `json:"-" xml:"-"` -} - -type metadataPutRolePolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s PutRolePolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s PutRolePolicyOutput) GoString() string { - return s.String() -} - -type PutUserPolicyInput struct { - // The policy document. - PolicyDocument *string `min:"1" type:"string" required:"true"` - - // The name of the policy document. - PolicyName *string `min:"1" type:"string" required:"true"` - - // The name of the user to associate the policy with. - UserName *string `min:"1" type:"string" required:"true"` - - metadataPutUserPolicyInput `json:"-" xml:"-"` -} - -type metadataPutUserPolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s PutUserPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s PutUserPolicyInput) GoString() string { - return s.String() -} - -type PutUserPolicyOutput struct { - metadataPutUserPolicyOutput `json:"-" xml:"-"` -} - -type metadataPutUserPolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s PutUserPolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s PutUserPolicyOutput) GoString() string { - return s.String() -} - -type RemoveClientIDFromOpenIDConnectProviderInput struct { - // The client ID (also known as audience) to remove from the IAM OpenID Connect - // provider. For more information about client IDs, see CreateOpenIDConnectProvider. - ClientID *string `min:"1" type:"string" required:"true"` - - // The Amazon Resource Name (ARN) of the IAM OpenID Connect (OIDC) provider - // to remove the client ID from. You can get a list of OIDC provider ARNs by - // using the ListOpenIDConnectProviders action. - OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"` - - metadataRemoveClientIDFromOpenIDConnectProviderInput `json:"-" xml:"-"` -} - -type metadataRemoveClientIDFromOpenIDConnectProviderInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s RemoveClientIDFromOpenIDConnectProviderInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s RemoveClientIDFromOpenIDConnectProviderInput) GoString() string { - return s.String() -} - -type RemoveClientIDFromOpenIDConnectProviderOutput struct { - metadataRemoveClientIDFromOpenIDConnectProviderOutput `json:"-" xml:"-"` -} - -type metadataRemoveClientIDFromOpenIDConnectProviderOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s RemoveClientIDFromOpenIDConnectProviderOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s RemoveClientIDFromOpenIDConnectProviderOutput) GoString() string { - return s.String() -} - -type RemoveRoleFromInstanceProfileInput struct { - // The name of the instance profile to update. - InstanceProfileName *string `min:"1" type:"string" required:"true"` - - // The name of the role to remove. - RoleName *string `min:"1" type:"string" required:"true"` - - metadataRemoveRoleFromInstanceProfileInput `json:"-" xml:"-"` -} - -type metadataRemoveRoleFromInstanceProfileInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s RemoveRoleFromInstanceProfileInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s RemoveRoleFromInstanceProfileInput) GoString() string { - return s.String() -} - -type RemoveRoleFromInstanceProfileOutput struct { - metadataRemoveRoleFromInstanceProfileOutput `json:"-" xml:"-"` -} - -type metadataRemoveRoleFromInstanceProfileOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s RemoveRoleFromInstanceProfileOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s RemoveRoleFromInstanceProfileOutput) GoString() string { - return s.String() -} - -type RemoveUserFromGroupInput struct { - // The name of the group to update. - GroupName *string `min:"1" type:"string" required:"true"` - - // The name of the user to remove. - UserName *string `min:"1" type:"string" required:"true"` - - metadataRemoveUserFromGroupInput `json:"-" xml:"-"` -} - -type metadataRemoveUserFromGroupInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s RemoveUserFromGroupInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s RemoveUserFromGroupInput) GoString() string { - return s.String() -} - -type RemoveUserFromGroupOutput struct { - metadataRemoveUserFromGroupOutput `json:"-" xml:"-"` -} - -type metadataRemoveUserFromGroupOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s RemoveUserFromGroupOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s RemoveUserFromGroupOutput) GoString() string { - return s.String() -} - -// Contains the result of the simulation of a single API action call on a single -// resource. -// -// This data type is used by a member of the EvaluationResult data type. -type ResourceSpecificResult struct { - // Additional details about the results of the evaluation decision. When there - // are both IAM policies and resource policies, this parameter explains how - // each set of policies contributes to the final evaluation decision. When simulating - // cross-account access to a resource, both the resource-based policy and the - // caller's IAM policy must grant access. - EvalDecisionDetails map[string]*string `type:"map"` - - // The result of the simulation of the simulated API action on the resource - // specified in EvalResourceName. - EvalResourceDecision *string `type:"string" required:"true" enum:"PolicyEvaluationDecisionType"` - - // The name of the simulated resource, in Amazon Resource Name (ARN) format. - EvalResourceName *string `min:"1" type:"string" required:"true"` - - // A list of the statements in the input policies that determine the result - // for this part of the simulation. Remember that even if multiple statements - // allow the action on the resource, if any statement denies that action, then - // the explicit deny overrides any allow, and the deny statement is the only - // entry included in the result. - MatchedStatements []*Statement `type:"list"` - - // A list of context keys that are required by the included input policies but - // that were not provided by one of the input parameters. To discover the context - // keys used by a set of policies, you can call GetContextKeysForCustomPolicy - // or GetContextKeysForPrincipalPolicy. - MissingContextValues []*string `type:"list"` - - metadataResourceSpecificResult `json:"-" xml:"-"` -} - -type metadataResourceSpecificResult struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ResourceSpecificResult) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ResourceSpecificResult) GoString() string { - return s.String() -} - -type ResyncMFADeviceInput struct { - // An authentication code emitted by the device. - AuthenticationCode1 *string `min:"6" type:"string" required:"true"` - - // A subsequent authentication code emitted by the device. - AuthenticationCode2 *string `min:"6" type:"string" required:"true"` - - // Serial number that uniquely identifies the MFA device. - SerialNumber *string `min:"9" type:"string" required:"true"` - - // The name of the user whose MFA device you want to resynchronize. - UserName *string `min:"1" type:"string" required:"true"` - - metadataResyncMFADeviceInput `json:"-" xml:"-"` -} - -type metadataResyncMFADeviceInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ResyncMFADeviceInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ResyncMFADeviceInput) GoString() string { - return s.String() -} - -type ResyncMFADeviceOutput struct { - metadataResyncMFADeviceOutput `json:"-" xml:"-"` -} - -type metadataResyncMFADeviceOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ResyncMFADeviceOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ResyncMFADeviceOutput) GoString() string { - return s.String() -} - -// Contains information about an IAM role. -// -// This data type is used as a response element in the following actions: -// -// CreateRole -// -// GetRole -// -// ListRoles -type Role struct { - // The Amazon Resource Name (ARN) specifying the role. For more information - // about ARNs and how to use them in policies, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - Arn *string `min:"20" type:"string" required:"true"` - - // The policy that grants an entity permission to assume the role. - AssumeRolePolicyDocument *string `min:"1" type:"string"` - - // The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), - // when the role was created. - CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"` - - // The path to the role. For more information about paths, see IAM Identifiers - // (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - Path *string `min:"1" type:"string" required:"true"` - - // The stable and unique string identifying the role. For more information about - // IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - RoleId *string `min:"16" type:"string" required:"true"` - - // The friendly name that identifies the role. - RoleName *string `min:"1" type:"string" required:"true"` - - metadataRole `json:"-" xml:"-"` -} - -type metadataRole struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s Role) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s Role) GoString() string { - return s.String() -} - -// Contains information about an IAM role, including all of the role's policies. -// -// This data type is used as a response element in the GetAccountAuthorizationDetails -// action. -type RoleDetail struct { - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - Arn *string `min:"20" type:"string"` - - // The trust policy that grants permission to assume the role. - AssumeRolePolicyDocument *string `min:"1" type:"string"` - - // A list of managed policies attached to the role. These policies are the role's - // access (permissions) policies. - AttachedManagedPolicies []*AttachedPolicy `type:"list"` - - // The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), - // when the role was created. - CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - // Contains a list of instance profiles. - InstanceProfileList []*InstanceProfile `type:"list"` - - // The path to the role. For more information about paths, see IAM Identifiers - // (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - Path *string `min:"1" type:"string"` - - // The stable and unique string identifying the role. For more information about - // IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - RoleId *string `min:"16" type:"string"` - - // The friendly name that identifies the role. - RoleName *string `min:"1" type:"string"` - - // A list of inline policies embedded in the role. These policies are the role's - // access (permissions) policies. - RolePolicyList []*PolicyDetail `type:"list"` - - metadataRoleDetail `json:"-" xml:"-"` -} - -type metadataRoleDetail struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s RoleDetail) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s RoleDetail) GoString() string { - return s.String() -} - -// Contains the list of SAML providers for this account. -type SAMLProviderListEntry struct { - // The Amazon Resource Name (ARN) of the SAML provider. - Arn *string `min:"20" type:"string"` - - // The date and time when the SAML provider was created. - CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - // The expiration date and time for the SAML provider. - ValidUntil *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - metadataSAMLProviderListEntry `json:"-" xml:"-"` -} - -type metadataSAMLProviderListEntry struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s SAMLProviderListEntry) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s SAMLProviderListEntry) GoString() string { - return s.String() -} - -// Contains information about an SSH public key. -// -// This data type is used as a response element in the GetSSHPublicKey and -// UploadSSHPublicKey actions. -type SSHPublicKey struct { - // The MD5 message digest of the SSH public key. - Fingerprint *string `min:"48" type:"string" required:"true"` - - // The SSH public key. - SSHPublicKeyBody *string `min:"1" type:"string" required:"true"` - - // The unique identifier for the SSH public key. - SSHPublicKeyId *string `min:"20" type:"string" required:"true"` - - // The status of the SSH public key. Active means the key can be used for authentication - // with an AWS CodeCommit repository. Inactive means the key cannot be used. - Status *string `type:"string" required:"true" enum:"statusType"` - - // The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), - // when the SSH public key was uploaded. - UploadDate *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - // The name of the IAM user associated with the SSH public key. - UserName *string `min:"1" type:"string" required:"true"` - - metadataSSHPublicKey `json:"-" xml:"-"` -} - -type metadataSSHPublicKey struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s SSHPublicKey) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s SSHPublicKey) GoString() string { - return s.String() -} - -// Contains information about an SSH public key, without the key's body or fingerprint. -// -// This data type is used as a response element in the ListSSHPublicKeys action. -type SSHPublicKeyMetadata struct { - // The unique identifier for the SSH public key. - SSHPublicKeyId *string `min:"20" type:"string" required:"true"` - - // The status of the SSH public key. Active means the key can be used for authentication - // with an AWS CodeCommit repository. Inactive means the key cannot be used. - Status *string `type:"string" required:"true" enum:"statusType"` - - // The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), - // when the SSH public key was uploaded. - UploadDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"` - - // The name of the IAM user associated with the SSH public key. - UserName *string `min:"1" type:"string" required:"true"` - - metadataSSHPublicKeyMetadata `json:"-" xml:"-"` -} - -type metadataSSHPublicKeyMetadata struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s SSHPublicKeyMetadata) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s SSHPublicKeyMetadata) GoString() string { - return s.String() -} - -// Contains information about a server certificate. -// -// This data type is used as a response element in the GetServerCertificate -// action. -type ServerCertificate struct { - // The contents of the public key certificate. - CertificateBody *string `min:"1" type:"string" required:"true"` - - // The contents of the public key certificate chain. - CertificateChain *string `min:"1" type:"string"` - - // The meta information of the server certificate, such as its name, path, ID, - // and ARN. - ServerCertificateMetadata *ServerCertificateMetadata `type:"structure" required:"true"` - - metadataServerCertificate `json:"-" xml:"-"` -} - -type metadataServerCertificate struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ServerCertificate) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ServerCertificate) GoString() string { - return s.String() -} - -// Contains information about a server certificate without its certificate body, -// certificate chain, and private key. -// -// This data type is used as a response element in the UploadServerCertificate -// and ListServerCertificates actions. -type ServerCertificateMetadata struct { - // The Amazon Resource Name (ARN) specifying the server certificate. For more - // information about ARNs and how to use them in policies, see IAM Identifiers - // (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - Arn *string `min:"20" type:"string" required:"true"` - - // The date on which the certificate is set to expire. - Expiration *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - // The path to the server certificate. For more information about paths, see - // IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - Path *string `min:"1" type:"string" required:"true"` - - // The stable and unique string identifying the server certificate. For more - // information about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - ServerCertificateId *string `min:"16" type:"string" required:"true"` - - // The name that identifies the server certificate. - ServerCertificateName *string `min:"1" type:"string" required:"true"` - - // The date when the server certificate was uploaded. - UploadDate *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - metadataServerCertificateMetadata `json:"-" xml:"-"` -} - -type metadataServerCertificateMetadata struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s ServerCertificateMetadata) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s ServerCertificateMetadata) GoString() string { - return s.String() -} - -type SetDefaultPolicyVersionInput struct { - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - PolicyArn *string `min:"20" type:"string" required:"true"` - - // The version of the policy to set as the default (operative) version. - // - // For more information about managed policy versions, see Versioning for Managed - // Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) - // in the IAM User Guide. - VersionId *string `type:"string" required:"true"` - - metadataSetDefaultPolicyVersionInput `json:"-" xml:"-"` -} - -type metadataSetDefaultPolicyVersionInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s SetDefaultPolicyVersionInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s SetDefaultPolicyVersionInput) GoString() string { - return s.String() -} - -type SetDefaultPolicyVersionOutput struct { - metadataSetDefaultPolicyVersionOutput `json:"-" xml:"-"` -} - -type metadataSetDefaultPolicyVersionOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s SetDefaultPolicyVersionOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s SetDefaultPolicyVersionOutput) GoString() string { - return s.String() -} - -// Contains information about an X.509 signing certificate. -// -// This data type is used as a response element in the UploadSigningCertificate -// and ListSigningCertificates actions. -type SigningCertificate struct { - // The contents of the signing certificate. - CertificateBody *string `min:"1" type:"string" required:"true"` - - // The ID for the signing certificate. - CertificateId *string `min:"24" type:"string" required:"true"` - - // The status of the signing certificate. Active means the key is valid for - // API calls, while Inactive means it is not. - Status *string `type:"string" required:"true" enum:"statusType"` - - // The date when the signing certificate was uploaded. - UploadDate *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - // The name of the user the signing certificate is associated with. - UserName *string `min:"1" type:"string" required:"true"` - - metadataSigningCertificate `json:"-" xml:"-"` -} - -type metadataSigningCertificate struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s SigningCertificate) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s SigningCertificate) GoString() string { - return s.String() -} - -type SimulateCustomPolicyInput struct { - // A list of names of API actions to evaluate in the simulation. Each action - // is evaluated against each resource. Each action must include the service - // identifier, such as iam:CreateUser. - ActionNames []*string `type:"list" required:"true"` - - // The ARN of the user that you want to use as the simulated caller of the APIs. - // CallerArn is required if you include a ResourcePolicy so that the policy's - // Principal element has a value to use in evaluating the policy. - // - // You can specify only the ARN of an IAM user. You cannot specify the ARN - // of an assumed role, federated user, or a service principal. - CallerArn *string `min:"1" type:"string"` - - // A list of context keys and corresponding values for the simulation to use. - // Whenever a context key is evaluated by a Condition element in one of the - // simulated IAM permission policies, the corresponding value is supplied. - ContextEntries []*ContextEntry `type:"list"` - - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // A list of policy documents to include in the simulation. Each document is - // specified as a string containing the complete, valid JSON text of an IAM - // policy. Do not include any resource-based policies in this parameter. Any - // resource-based policy must be submitted with the ResourcePolicy parameter. - // The policies cannot be "scope-down" policies, such as you could include in - // a call to GetFederationToken (http://docs.aws.amazon.com/IAM/latest/APIReference/API_GetFederationToken.html) - // or one of the AssumeRole (http://docs.aws.amazon.com/IAM/latest/APIReference/API_AssumeRole.html) - // APIs to restrict what a user can do while using the temporary credentials. - PolicyInputList []*string `type:"list" required:"true"` - - // A list of ARNs of AWS resources to include in the simulation. If this parameter - // is not provided then the value defaults to * (all resources). Each API in - // the ActionNames parameter is evaluated for each resource in this list. The - // simulation determines the access result (allowed or denied) of each combination - // and reports it in the response. - // - // The simulation does not automatically retrieve policies for the specified - // resources. If you want to include a resource policy in the simulation, then - // you must include the policy as a string in the ResourcePolicy parameter. - // - // If you include a ResourcePolicy, then it must be applicable to all of the - // resources included in the simulation or you receive an invalid input error. - ResourceArns []*string `type:"list"` - - // Specifies the type of simulation to run. Different APIs that support resource-based - // policies require different combinations of resources. By specifying the type - // of simulation to run, you enable the policy simulator to enforce the presence - // of the required resources to ensure reliable simulation results. If your - // simulation does not match one of the following scenarios, then you can omit - // this parameter. The following list shows each of the supported scenario values - // and the resources that you must define to run the simulation. - // - // Each of the EC2 scenarios requires that you specify instance, image, and - // security-group resources. If your scenario includes an EBS volume, then you - // must specify that volume as a resource. If the EC2 scenario includes VPC, - // then you must supply the network-interface resource. If it includes an IP - // subnet, then you must specify the subnet resource. For more information on - // the EC2 scenario options, see Supported Platforms (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) - // in the AWS EC2 User Guide. - // - // EC2-Classic-InstanceStore - // - // instance, image, security-group - // - // EC2-Classic-EBS - // - // instance, image, security-group, volume - // - // EC2-VPC-InstanceStore - // - // instance, image, security-group, network-interface - // - // EC2-VPC-InstanceStore-Subnet - // - // instance, image, security-group, network-interface, subnet - // - // EC2-VPC-EBS - // - // instance, image, security-group, network-interface, volume - // - // EC2-VPC-EBS-Subnet - // - // instance, image, security-group, network-interface, subnet, volume - ResourceHandlingOption *string `min:"1" type:"string"` - - // An AWS account ID that specifies the owner of any simulated resource that - // does not identify its owner in the resource ARN, such as an S3 bucket or - // object. If ResourceOwner is specified, it is also used as the account owner - // of any ResourcePolicy included in the simulation. If the ResourceOwner parameter - // is not specified, then the owner of the resources and the resource policy - // defaults to the account of the identity provided in CallerArn. This parameter - // is required only if you specify a resource-based policy and account that - // owns the resource is different from the account that owns the simulated calling - // user CallerArn. - ResourceOwner *string `min:"1" type:"string"` - - // A resource-based policy to include in the simulation provided as a string. - // Each resource in the simulation is treated as if it had this policy attached. - // You can include only one resource-based policy in a simulation. - ResourcePolicy *string `min:"1" type:"string"` - - metadataSimulateCustomPolicyInput `json:"-" xml:"-"` -} - -type metadataSimulateCustomPolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s SimulateCustomPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s SimulateCustomPolicyInput) GoString() string { - return s.String() -} - -// Contains the response to a successful SimulatePrincipalPolicy or SimulateCustomPolicy -// request. -type SimulatePolicyResponse struct { - // The results of the simulation. - EvaluationResults []*EvaluationResult `type:"list"` - - // A flag that indicates whether there are more items to return. If your results - // were truncated, you can make a subsequent pagination request using the Marker - // request parameter to retrieve more items. Note that IAM might return fewer - // than the MaxItems number of results even when there are more results available. - // We recommend that you check IsTruncated after every call to ensure that you - // receive all of your results. - IsTruncated *bool `type:"boolean"` - - // When IsTruncated is true, this element is present and contains the value - // to use for the Marker parameter in a subsequent pagination request. - Marker *string `min:"1" type:"string"` - - metadataSimulatePolicyResponse `json:"-" xml:"-"` -} - -type metadataSimulatePolicyResponse struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s SimulatePolicyResponse) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s SimulatePolicyResponse) GoString() string { - return s.String() -} - -type SimulatePrincipalPolicyInput struct { - // A list of names of API actions to evaluate in the simulation. Each action - // is evaluated for each resource. Each action must include the service identifier, - // such as iam:CreateUser. - ActionNames []*string `type:"list" required:"true"` - - // The ARN of the user that you want to specify as the simulated caller of the - // APIs. If you do not specify a CallerArn, it defaults to the ARN of the user - // that you specify in PolicySourceArn, if you specified a user. If you include - // both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David) - // and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result - // is that you simulate calling the APIs as Bob, as if Bob had David's policies. - // - // You can specify only the ARN of an IAM user. You cannot specify the ARN - // of an assumed role, federated user, or a service principal. - // - // CallerArn is required if you include a ResourcePolicy and the PolicySourceArn - // is not the ARN for an IAM user. This is required so that the resource-based - // policy's Principal element has a value to use in evaluating the policy. - CallerArn *string `min:"1" type:"string"` - - // A list of context keys and corresponding values for the simulation to use. - // Whenever a context key is evaluated by a Condition element in one of the - // simulated policies, the corresponding value is supplied. - ContextEntries []*ContextEntry `type:"list"` - - // Use this parameter only when paginating results and only after you receive - // a response indicating that the results are truncated. Set it to the value - // of the Marker element in the response that you received to indicate where - // the next call should start. - Marker *string `min:"1" type:"string"` - - // Use this only when paginating results to indicate the maximum number of items - // you want in the response. If additional items exist beyond the maximum you - // specify, the IsTruncated response element is true. - // - // This parameter is optional. If you do not include it, it defaults to 100. - // Note that IAM might return fewer results, even when there are more results - // available. In that case, the IsTruncated response element returns true and - // Marker contains a value to include in the subsequent call that tells the - // service where to continue from. - MaxItems *int64 `min:"1" type:"integer"` - - // An optional list of additional policy documents to include in the simulation. - // Each document is specified as a string containing the complete, valid JSON - // text of an IAM policy. - PolicyInputList []*string `type:"list"` - - // The Amazon Resource Name (ARN) of a user, group, or role whose policies you - // want to include in the simulation. If you specify a user, group, or role, - // the simulation includes all policies that are associated with that entity. - // If you specify a user, the simulation also includes all policies that are - // attached to any groups the user belongs to. - PolicySourceArn *string `min:"20" type:"string" required:"true"` - - // A list of ARNs of AWS resources to include in the simulation. If this parameter - // is not provided then the value defaults to * (all resources). Each API in - // the ActionNames parameter is evaluated for each resource in this list. The - // simulation determines the access result (allowed or denied) of each combination - // and reports it in the response. - // - // The simulation does not automatically retrieve policies for the specified - // resources. If you want to include a resource policy in the simulation, then - // you must include the policy as a string in the ResourcePolicy parameter. - ResourceArns []*string `type:"list"` - - // Specifies the type of simulation to run. Different APIs that support resource-based - // policies require different combinations of resources. By specifying the type - // of simulation to run, you enable the policy simulator to enforce the presence - // of the required resources to ensure reliable simulation results. If your - // simulation does not match one of the following scenarios, then you can omit - // this parameter. The following list shows each of the supported scenario values - // and the resources that you must define to run the simulation. - // - // Each of the EC2 scenarios requires that you specify instance, image, and - // security-group resources. If your scenario includes an EBS volume, then you - // must specify that volume as a resource. If the EC2 scenario includes VPC, - // then you must supply the network-interface resource. If it includes an IP - // subnet, then you must specify the subnet resource. For more information on - // the EC2 scenario options, see Supported Platforms (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html) - // in the AWS EC2 User Guide. - // - // EC2-Classic-InstanceStore - // - // instance, image, security-group - // - // EC2-Classic-EBS - // - // instance, image, security-group, volume - // - // EC2-VPC-InstanceStore - // - // instance, image, security-group, network-interface - // - // EC2-VPC-InstanceStore-Subnet - // - // instance, image, security-group, network-interface, subnet - // - // EC2-VPC-EBS - // - // instance, image, security-group, network-interface, volume - // - // EC2-VPC-EBS-Subnet - // - // instance, image, security-group, network-interface, subnet, volume - ResourceHandlingOption *string `min:"1" type:"string"` - - // An AWS account ID that specifies the owner of any simulated resource that - // does not identify its owner in the resource ARN, such as an S3 bucket or - // object. If ResourceOwner is specified, it is also used as the account owner - // of any ResourcePolicy included in the simulation. If the ResourceOwner parameter - // is not specified, then the owner of the resources and the resource policy - // defaults to the account of the identity provided in CallerArn. This parameter - // is required only if you specify a resource-based policy and account that - // owns the resource is different from the account that owns the simulated calling - // user CallerArn. - ResourceOwner *string `min:"1" type:"string"` - - // A resource-based policy to include in the simulation provided as a string. - // Each resource in the simulation is treated as if it had this policy attached. - // You can include only one resource-based policy in a simulation. - ResourcePolicy *string `min:"1" type:"string"` - - metadataSimulatePrincipalPolicyInput `json:"-" xml:"-"` -} - -type metadataSimulatePrincipalPolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s SimulatePrincipalPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s SimulatePrincipalPolicyInput) GoString() string { - return s.String() -} - -// Contains a reference to a Statement element in a policy document that determines -// the result of the simulation. -// -// This data type is used by the MatchedStatements member of the EvaluationResult -// type. -type Statement struct { - // The row and column of the end of a Statement in an IAM policy. - EndPosition *Position `type:"structure"` - - // The identifier of the policy that was provided as an input. - SourcePolicyId *string `type:"string"` - - // The type of the policy. - SourcePolicyType *string `type:"string" enum:"PolicySourceType"` - - // The row and column of the beginning of the Statement in an IAM policy. - StartPosition *Position `type:"structure"` - - metadataStatement `json:"-" xml:"-"` -} - -type metadataStatement struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s Statement) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s Statement) GoString() string { - return s.String() -} - -type UpdateAccessKeyInput struct { - // The access key ID of the secret access key you want to update. - AccessKeyId *string `min:"16" type:"string" required:"true"` - - // The status you want to assign to the secret access key. Active means the - // key can be used for API calls to AWS, while Inactive means the key cannot - // be used. - Status *string `type:"string" required:"true" enum:"statusType"` - - // The name of the user whose key you want to update. - UserName *string `min:"1" type:"string"` - - metadataUpdateAccessKeyInput `json:"-" xml:"-"` -} - -type metadataUpdateAccessKeyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateAccessKeyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateAccessKeyInput) GoString() string { - return s.String() -} - -type UpdateAccessKeyOutput struct { - metadataUpdateAccessKeyOutput `json:"-" xml:"-"` -} - -type metadataUpdateAccessKeyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateAccessKeyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateAccessKeyOutput) GoString() string { - return s.String() -} - -type UpdateAccountPasswordPolicyInput struct { - // Allows all IAM users in your account to use the AWS Management Console to - // change their own passwords. For more information, see Letting IAM Users Change - // Their Own Passwords (http://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html) - // in the IAM User Guide. - // - // Default value: false - AllowUsersToChangePassword *bool `type:"boolean"` - - // Prevents IAM users from setting a new password after their password has expired. - // - // Default value: false - HardExpiry *bool `type:"boolean"` - - // The number of days that an IAM user password is valid. The default value - // of 0 means IAM user passwords never expire. - // - // Default value: 0 - MaxPasswordAge *int64 `min:"1" type:"integer"` - - // The minimum number of characters allowed in an IAM user password. - // - // Default value: 6 - MinimumPasswordLength *int64 `min:"6" type:"integer"` - - // Specifies the number of previous passwords that IAM users are prevented from - // reusing. The default value of 0 means IAM users are not prevented from reusing - // previous passwords. - // - // Default value: 0 - PasswordReusePrevention *int64 `min:"1" type:"integer"` - - // Specifies whether IAM user passwords must contain at least one lowercase - // character from the ISO basic Latin alphabet (a to z). - // - // Default value: false - RequireLowercaseCharacters *bool `type:"boolean"` - - // Specifies whether IAM user passwords must contain at least one numeric character - // (0 to 9). - // - // Default value: false - RequireNumbers *bool `type:"boolean"` - - // Specifies whether IAM user passwords must contain at least one of the following - // non-alphanumeric characters: - // - // ! @ # $ % ^ & * ( ) _ + - = [ ] { } | ' - // - // Default value: false - RequireSymbols *bool `type:"boolean"` - - // Specifies whether IAM user passwords must contain at least one uppercase - // character from the ISO basic Latin alphabet (A to Z). - // - // Default value: false - RequireUppercaseCharacters *bool `type:"boolean"` - - metadataUpdateAccountPasswordPolicyInput `json:"-" xml:"-"` -} - -type metadataUpdateAccountPasswordPolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateAccountPasswordPolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateAccountPasswordPolicyInput) GoString() string { - return s.String() -} - -type UpdateAccountPasswordPolicyOutput struct { - metadataUpdateAccountPasswordPolicyOutput `json:"-" xml:"-"` -} - -type metadataUpdateAccountPasswordPolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateAccountPasswordPolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateAccountPasswordPolicyOutput) GoString() string { - return s.String() -} - -type UpdateAssumeRolePolicyInput struct { - // The policy that grants an entity permission to assume the role. - PolicyDocument *string `min:"1" type:"string" required:"true"` - - // The name of the role to update. - RoleName *string `min:"1" type:"string" required:"true"` - - metadataUpdateAssumeRolePolicyInput `json:"-" xml:"-"` -} - -type metadataUpdateAssumeRolePolicyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateAssumeRolePolicyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateAssumeRolePolicyInput) GoString() string { - return s.String() -} - -type UpdateAssumeRolePolicyOutput struct { - metadataUpdateAssumeRolePolicyOutput `json:"-" xml:"-"` -} - -type metadataUpdateAssumeRolePolicyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateAssumeRolePolicyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateAssumeRolePolicyOutput) GoString() string { - return s.String() -} - -type UpdateGroupInput struct { - // Name of the group to update. If you're changing the name of the group, this - // is the original name. - GroupName *string `min:"1" type:"string" required:"true"` - - // New name for the group. Only include this if changing the group's name. - NewGroupName *string `min:"1" type:"string"` - - // New path for the group. Only include this if changing the group's path. - NewPath *string `min:"1" type:"string"` - - metadataUpdateGroupInput `json:"-" xml:"-"` -} - -type metadataUpdateGroupInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateGroupInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateGroupInput) GoString() string { - return s.String() -} - -type UpdateGroupOutput struct { - metadataUpdateGroupOutput `json:"-" xml:"-"` -} - -type metadataUpdateGroupOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateGroupOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateGroupOutput) GoString() string { - return s.String() -} - -type UpdateLoginProfileInput struct { - // The new password for the specified user. - Password *string `min:"1" type:"string"` - - // Require the specified user to set a new password on next sign-in. - PasswordResetRequired *bool `type:"boolean"` - - // The name of the user whose password you want to update. - UserName *string `min:"1" type:"string" required:"true"` - - metadataUpdateLoginProfileInput `json:"-" xml:"-"` -} - -type metadataUpdateLoginProfileInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateLoginProfileInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateLoginProfileInput) GoString() string { - return s.String() -} - -type UpdateLoginProfileOutput struct { - metadataUpdateLoginProfileOutput `json:"-" xml:"-"` -} - -type metadataUpdateLoginProfileOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateLoginProfileOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateLoginProfileOutput) GoString() string { - return s.String() -} - -type UpdateOpenIDConnectProviderThumbprintInput struct { - // The Amazon Resource Name (ARN) of the IAM OpenID Connect (OIDC) provider - // to update the thumbprint for. You can get a list of OIDC provider ARNs by - // using the ListOpenIDConnectProviders action. - OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"` - - // A list of certificate thumbprints that are associated with the specified - // IAM OpenID Connect provider. For more information, see CreateOpenIDConnectProvider. - ThumbprintList []*string `type:"list" required:"true"` - - metadataUpdateOpenIDConnectProviderThumbprintInput `json:"-" xml:"-"` -} - -type metadataUpdateOpenIDConnectProviderThumbprintInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateOpenIDConnectProviderThumbprintInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateOpenIDConnectProviderThumbprintInput) GoString() string { - return s.String() -} - -type UpdateOpenIDConnectProviderThumbprintOutput struct { - metadataUpdateOpenIDConnectProviderThumbprintOutput `json:"-" xml:"-"` -} - -type metadataUpdateOpenIDConnectProviderThumbprintOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateOpenIDConnectProviderThumbprintOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateOpenIDConnectProviderThumbprintOutput) GoString() string { - return s.String() -} - -type UpdateSAMLProviderInput struct { - // An XML document generated by an identity provider (IdP) that supports SAML - // 2.0. The document includes the issuer's name, expiration information, and - // keys that can be used to validate the SAML authentication response (assertions) - // that are received from the IdP. You must generate the metadata document using - // the identity management software that is used as your organization's IdP. - SAMLMetadataDocument *string `min:"1000" type:"string" required:"true"` - - // The Amazon Resource Name (ARN) of the SAML provider to update. - SAMLProviderArn *string `min:"20" type:"string" required:"true"` - - metadataUpdateSAMLProviderInput `json:"-" xml:"-"` -} - -type metadataUpdateSAMLProviderInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateSAMLProviderInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateSAMLProviderInput) GoString() string { - return s.String() -} - -// Contains the response to a successful UpdateSAMLProvider request. -type UpdateSAMLProviderOutput struct { - // The Amazon Resource Name (ARN) of the SAML provider that was updated. - SAMLProviderArn *string `min:"20" type:"string"` - - metadataUpdateSAMLProviderOutput `json:"-" xml:"-"` -} - -type metadataUpdateSAMLProviderOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateSAMLProviderOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateSAMLProviderOutput) GoString() string { - return s.String() -} - -type UpdateSSHPublicKeyInput struct { - // The unique identifier for the SSH public key. - SSHPublicKeyId *string `min:"20" type:"string" required:"true"` - - // The status to assign to the SSH public key. Active means the key can be used - // for authentication with an AWS CodeCommit repository. Inactive means the - // key cannot be used. - Status *string `type:"string" required:"true" enum:"statusType"` - - // The name of the IAM user associated with the SSH public key. - UserName *string `min:"1" type:"string" required:"true"` - - metadataUpdateSSHPublicKeyInput `json:"-" xml:"-"` -} - -type metadataUpdateSSHPublicKeyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateSSHPublicKeyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateSSHPublicKeyInput) GoString() string { - return s.String() -} - -type UpdateSSHPublicKeyOutput struct { - metadataUpdateSSHPublicKeyOutput `json:"-" xml:"-"` -} - -type metadataUpdateSSHPublicKeyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateSSHPublicKeyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateSSHPublicKeyOutput) GoString() string { - return s.String() -} - -type UpdateServerCertificateInput struct { - // The new path for the server certificate. Include this only if you are updating - // the server certificate's path. - NewPath *string `min:"1" type:"string"` - - // The new name for the server certificate. Include this only if you are updating - // the server certificate's name. The name of the certificate cannot contain - // any spaces. - NewServerCertificateName *string `min:"1" type:"string"` - - // The name of the server certificate that you want to update. - ServerCertificateName *string `min:"1" type:"string" required:"true"` - - metadataUpdateServerCertificateInput `json:"-" xml:"-"` -} - -type metadataUpdateServerCertificateInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateServerCertificateInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateServerCertificateInput) GoString() string { - return s.String() -} - -type UpdateServerCertificateOutput struct { - metadataUpdateServerCertificateOutput `json:"-" xml:"-"` -} - -type metadataUpdateServerCertificateOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateServerCertificateOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateServerCertificateOutput) GoString() string { - return s.String() -} - -type UpdateSigningCertificateInput struct { - // The ID of the signing certificate you want to update. - CertificateId *string `min:"24" type:"string" required:"true"` - - // The status you want to assign to the certificate. Active means the certificate - // can be used for API calls to AWS, while Inactive means the certificate cannot - // be used. - Status *string `type:"string" required:"true" enum:"statusType"` - - // The name of the user the signing certificate belongs to. - UserName *string `min:"1" type:"string"` - - metadataUpdateSigningCertificateInput `json:"-" xml:"-"` -} - -type metadataUpdateSigningCertificateInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateSigningCertificateInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateSigningCertificateInput) GoString() string { - return s.String() -} - -type UpdateSigningCertificateOutput struct { - metadataUpdateSigningCertificateOutput `json:"-" xml:"-"` -} - -type metadataUpdateSigningCertificateOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateSigningCertificateOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateSigningCertificateOutput) GoString() string { - return s.String() -} - -type UpdateUserInput struct { - // New path for the user. Include this parameter only if you're changing the - // user's path. - NewPath *string `min:"1" type:"string"` - - // New name for the user. Include this parameter only if you're changing the - // user's name. - NewUserName *string `min:"1" type:"string"` - - // Name of the user to update. If you're changing the name of the user, this - // is the original user name. - UserName *string `min:"1" type:"string" required:"true"` - - metadataUpdateUserInput `json:"-" xml:"-"` -} - -type metadataUpdateUserInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateUserInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateUserInput) GoString() string { - return s.String() -} - -type UpdateUserOutput struct { - metadataUpdateUserOutput `json:"-" xml:"-"` -} - -type metadataUpdateUserOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UpdateUserOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UpdateUserOutput) GoString() string { - return s.String() -} - -type UploadSSHPublicKeyInput struct { - // The SSH public key. The public key must be encoded in ssh-rsa format or PEM - // format. - SSHPublicKeyBody *string `min:"1" type:"string" required:"true"` - - // The name of the IAM user to associate the SSH public key with. - UserName *string `min:"1" type:"string" required:"true"` - - metadataUploadSSHPublicKeyInput `json:"-" xml:"-"` -} - -type metadataUploadSSHPublicKeyInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UploadSSHPublicKeyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UploadSSHPublicKeyInput) GoString() string { - return s.String() -} - -// Contains the response to a successful UploadSSHPublicKey request. -type UploadSSHPublicKeyOutput struct { - // Contains information about the SSH public key. - SSHPublicKey *SSHPublicKey `type:"structure"` - - metadataUploadSSHPublicKeyOutput `json:"-" xml:"-"` -} - -type metadataUploadSSHPublicKeyOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UploadSSHPublicKeyOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UploadSSHPublicKeyOutput) GoString() string { - return s.String() -} - -type UploadServerCertificateInput struct { - // The contents of the public key certificate in PEM-encoded format. - CertificateBody *string `min:"1" type:"string" required:"true"` - - // The contents of the certificate chain. This is typically a concatenation - // of the PEM-encoded public key certificates of the chain. - CertificateChain *string `min:"1" type:"string"` - - // The path for the server certificate. For more information about paths, see - // IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - // - // This parameter is optional. If it is not included, it defaults to a slash - // (/). - // - // If you are uploading a server certificate specifically for use with Amazon - // CloudFront distributions, you must specify a path using the --path option. - // The path must begin with /cloudfront and must include a trailing slash (for - // example, /cloudfront/test/). - Path *string `min:"1" type:"string"` - - // The contents of the private key in PEM-encoded format. - PrivateKey *string `min:"1" type:"string" required:"true"` - - // The name for the server certificate. Do not include the path in this value. - // The name of the certificate cannot contain any spaces. - ServerCertificateName *string `min:"1" type:"string" required:"true"` - - metadataUploadServerCertificateInput `json:"-" xml:"-"` -} - -type metadataUploadServerCertificateInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UploadServerCertificateInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UploadServerCertificateInput) GoString() string { - return s.String() -} - -// Contains the response to a successful UploadServerCertificate request. -type UploadServerCertificateOutput struct { - // The meta information of the uploaded server certificate without its certificate - // body, certificate chain, and private key. - ServerCertificateMetadata *ServerCertificateMetadata `type:"structure"` - - metadataUploadServerCertificateOutput `json:"-" xml:"-"` -} - -type metadataUploadServerCertificateOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UploadServerCertificateOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UploadServerCertificateOutput) GoString() string { - return s.String() -} - -type UploadSigningCertificateInput struct { - // The contents of the signing certificate. - CertificateBody *string `min:"1" type:"string" required:"true"` - - // The name of the user the signing certificate is for. - UserName *string `min:"1" type:"string"` - - metadataUploadSigningCertificateInput `json:"-" xml:"-"` -} - -type metadataUploadSigningCertificateInput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UploadSigningCertificateInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UploadSigningCertificateInput) GoString() string { - return s.String() -} - -// Contains the response to a successful UploadSigningCertificate request. -type UploadSigningCertificateOutput struct { - // Information about the certificate. - Certificate *SigningCertificate `type:"structure" required:"true"` - - metadataUploadSigningCertificateOutput `json:"-" xml:"-"` -} - -type metadataUploadSigningCertificateOutput struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UploadSigningCertificateOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UploadSigningCertificateOutput) GoString() string { - return s.String() -} - -// Contains information about an IAM user entity. -// -// This data type is used as a response element in the following actions: -// -// CreateUser -// -// GetUser -// -// ListUsers -type User struct { - // The Amazon Resource Name (ARN) that identifies the user. For more information - // about ARNs and how to use ARNs in policies, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - Arn *string `min:"20" type:"string" required:"true"` - - // The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), - // when the user was created. - CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"` - - // The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), - // when the user's password was last used to sign in to an AWS website. For - // a list of AWS websites that capture a user's last sign-in time, see the Credential - // Reports (http://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) - // topic in the Using IAM guide. If a password is used more than once in a five-minute - // span, only the first use is returned in this field. This field is null (not - // present) when: - // - // The user does not have a password - // - // The password exists but has never been used (at least not since IAM started - // tracking this information on October 20th, 2014 - // - // there is no sign-in data associated with the user - // - // This value is returned only in the GetUser and ListUsers actions. - PasswordLastUsed *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - // The path to the user. For more information about paths, see IAM Identifiers - // (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - Path *string `min:"1" type:"string" required:"true"` - - // The stable and unique string identifying the user. For more information about - // IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - UserId *string `min:"16" type:"string" required:"true"` - - // The friendly name identifying the user. - UserName *string `min:"1" type:"string" required:"true"` - - metadataUser `json:"-" xml:"-"` -} - -type metadataUser struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s User) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s User) GoString() string { - return s.String() -} - -// Contains information about an IAM user, including all the user's policies -// and all the IAM groups the user is in. -// -// This data type is used as a response element in the GetAccountAuthorizationDetails -// action. -type UserDetail struct { - // The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources. - // - // For more information about ARNs, go to Amazon Resource Names (ARNs) and - // AWS Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - Arn *string `min:"20" type:"string"` - - // A list of the managed policies attached to the user. - AttachedManagedPolicies []*AttachedPolicy `type:"list"` - - // The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601), - // when the user was created. - CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - // A list of IAM groups that the user is in. - GroupList []*string `type:"list"` - - // The path to the user. For more information about paths, see IAM Identifiers - // (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - Path *string `min:"1" type:"string"` - - // The stable and unique string identifying the user. For more information about - // IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) - // in the Using IAM guide. - UserId *string `min:"16" type:"string"` - - // The friendly name identifying the user. - UserName *string `min:"1" type:"string"` - - // A list of the inline policies embedded in the user. - UserPolicyList []*PolicyDetail `type:"list"` - - metadataUserDetail `json:"-" xml:"-"` -} - -type metadataUserDetail struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s UserDetail) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s UserDetail) GoString() string { - return s.String() -} - -// Contains information about a virtual MFA device. -type VirtualMFADevice struct { - // The Base32 seed defined as specified in RFC3548 (http://www.ietf.org/rfc/rfc3548.txt). - // The Base32StringSeed is Base64-encoded. - Base32StringSeed []byte `type:"blob"` - - // The date and time on which the virtual MFA device was enabled. - EnableDate *time.Time `type:"timestamp" timestampFormat:"iso8601"` - - // A QR code PNG image that encodes otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String - // where $virtualMFADeviceName is one of the create call arguments, AccountName - // is the user name if set (otherwise, the account ID otherwise), and Base32String - // is the seed in Base32 format. The Base32String value is Base64-encoded. - QRCodePNG []byte `type:"blob"` - - // The serial number associated with VirtualMFADevice. - SerialNumber *string `min:"9" type:"string" required:"true"` - - // Contains information about an IAM user entity. - // - // This data type is used as a response element in the following actions: - // - // CreateUser - // - // GetUser - // - // ListUsers - User *User `type:"structure"` - - metadataVirtualMFADevice `json:"-" xml:"-"` -} - -type metadataVirtualMFADevice struct { - SDKShapeTraits bool `type:"structure"` -} - -// String returns the string representation -func (s VirtualMFADevice) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation -func (s VirtualMFADevice) GoString() string { - return s.String() -} - -const ( - // @enum ContextKeyTypeEnum - ContextKeyTypeEnumString = "string" - // @enum ContextKeyTypeEnum - ContextKeyTypeEnumStringList = "stringList" - // @enum ContextKeyTypeEnum - ContextKeyTypeEnumNumeric = "numeric" - // @enum ContextKeyTypeEnum - ContextKeyTypeEnumNumericList = "numericList" - // @enum ContextKeyTypeEnum - ContextKeyTypeEnumBoolean = "boolean" - // @enum ContextKeyTypeEnum - ContextKeyTypeEnumBooleanList = "booleanList" - // @enum ContextKeyTypeEnum - ContextKeyTypeEnumIp = "ip" - // @enum ContextKeyTypeEnum - ContextKeyTypeEnumIpList = "ipList" - // @enum ContextKeyTypeEnum - ContextKeyTypeEnumBinary = "binary" - // @enum ContextKeyTypeEnum - ContextKeyTypeEnumBinaryList = "binaryList" - // @enum ContextKeyTypeEnum - ContextKeyTypeEnumDate = "date" - // @enum ContextKeyTypeEnum - ContextKeyTypeEnumDateList = "dateList" -) - -const ( - // @enum EntityType - EntityTypeUser = "User" - // @enum EntityType - EntityTypeRole = "Role" - // @enum EntityType - EntityTypeGroup = "Group" - // @enum EntityType - EntityTypeLocalManagedPolicy = "LocalManagedPolicy" - // @enum EntityType - EntityTypeAwsmanagedPolicy = "AWSManagedPolicy" -) - -const ( - // @enum PolicyEvaluationDecisionType - PolicyEvaluationDecisionTypeAllowed = "allowed" - // @enum PolicyEvaluationDecisionType - PolicyEvaluationDecisionTypeExplicitDeny = "explicitDeny" - // @enum PolicyEvaluationDecisionType - PolicyEvaluationDecisionTypeImplicitDeny = "implicitDeny" -) - -const ( - // @enum PolicySourceType - PolicySourceTypeUser = "user" - // @enum PolicySourceType - PolicySourceTypeGroup = "group" - // @enum PolicySourceType - PolicySourceTypeRole = "role" - // @enum PolicySourceType - PolicySourceTypeAwsManaged = "aws-managed" - // @enum PolicySourceType - PolicySourceTypeUserManaged = "user-managed" - // @enum PolicySourceType - PolicySourceTypeResource = "resource" - // @enum PolicySourceType - PolicySourceTypeNone = "none" -) - -const ( - // @enum ReportFormatType - ReportFormatTypeTextCsv = "text/csv" -) - -const ( - // @enum ReportStateType - ReportStateTypeStarted = "STARTED" - // @enum ReportStateType - ReportStateTypeInprogress = "INPROGRESS" - // @enum ReportStateType - ReportStateTypeComplete = "COMPLETE" -) - -const ( - // @enum assignmentStatusType - AssignmentStatusTypeAssigned = "Assigned" - // @enum assignmentStatusType - AssignmentStatusTypeUnassigned = "Unassigned" - // @enum assignmentStatusType - AssignmentStatusTypeAny = "Any" -) - -const ( - // @enum encodingType - EncodingTypeSsh = "SSH" - // @enum encodingType - EncodingTypePem = "PEM" -) - -const ( - // @enum policyScopeType - PolicyScopeTypeAll = "All" - // @enum policyScopeType - PolicyScopeTypeAws = "AWS" - // @enum policyScopeType - PolicyScopeTypeLocal = "Local" -) - -const ( - // @enum statusType - StatusTypeActive = "Active" - // @enum statusType - StatusTypeInactive = "Inactive" -) - -const ( - // @enum summaryKeyType - SummaryKeyTypeUsers = "Users" - // @enum summaryKeyType - SummaryKeyTypeUsersQuota = "UsersQuota" - // @enum summaryKeyType - SummaryKeyTypeGroups = "Groups" - // @enum summaryKeyType - SummaryKeyTypeGroupsQuota = "GroupsQuota" - // @enum summaryKeyType - SummaryKeyTypeServerCertificates = "ServerCertificates" - // @enum summaryKeyType - SummaryKeyTypeServerCertificatesQuota = "ServerCertificatesQuota" - // @enum summaryKeyType - SummaryKeyTypeUserPolicySizeQuota = "UserPolicySizeQuota" - // @enum summaryKeyType - SummaryKeyTypeGroupPolicySizeQuota = "GroupPolicySizeQuota" - // @enum summaryKeyType - SummaryKeyTypeGroupsPerUserQuota = "GroupsPerUserQuota" - // @enum summaryKeyType - SummaryKeyTypeSigningCertificatesPerUserQuota = "SigningCertificatesPerUserQuota" - // @enum summaryKeyType - SummaryKeyTypeAccessKeysPerUserQuota = "AccessKeysPerUserQuota" - // @enum summaryKeyType - SummaryKeyTypeMfadevices = "MFADevices" - // @enum summaryKeyType - SummaryKeyTypeMfadevicesInUse = "MFADevicesInUse" - // @enum summaryKeyType - SummaryKeyTypeAccountMfaenabled = "AccountMFAEnabled" - // @enum summaryKeyType - SummaryKeyTypeAccountAccessKeysPresent = "AccountAccessKeysPresent" - // @enum summaryKeyType - SummaryKeyTypeAccountSigningCertificatesPresent = "AccountSigningCertificatesPresent" - // @enum summaryKeyType - SummaryKeyTypeAttachedPoliciesPerGroupQuota = "AttachedPoliciesPerGroupQuota" - // @enum summaryKeyType - SummaryKeyTypeAttachedPoliciesPerRoleQuota = "AttachedPoliciesPerRoleQuota" - // @enum summaryKeyType - SummaryKeyTypeAttachedPoliciesPerUserQuota = "AttachedPoliciesPerUserQuota" - // @enum summaryKeyType - SummaryKeyTypePolicies = "Policies" - // @enum summaryKeyType - SummaryKeyTypePoliciesQuota = "PoliciesQuota" - // @enum summaryKeyType - SummaryKeyTypePolicySizeQuota = "PolicySizeQuota" - // @enum summaryKeyType - SummaryKeyTypePolicyVersionsInUse = "PolicyVersionsInUse" - // @enum summaryKeyType - SummaryKeyTypePolicyVersionsInUseQuota = "PolicyVersionsInUseQuota" - // @enum summaryKeyType - SummaryKeyTypeVersionsPerPolicyQuota = "VersionsPerPolicyQuota" -) diff --git a/Godeps/_workspace/src/github.com/aws/aws-sdk-go/service/iam/examples_test.go b/Godeps/_workspace/src/github.com/aws/aws-sdk-go/service/iam/examples_test.go deleted file mode 100644 index 1aebec8cd..000000000 --- a/Godeps/_workspace/src/github.com/aws/aws-sdk-go/service/iam/examples_test.go +++ /dev/null @@ -1,2366 +0,0 @@ -// THIS FILE IS AUTOMATICALLY GENERATED. DO NOT EDIT. - -package iam_test - -import ( - "bytes" - "fmt" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/session" - "github.com/aws/aws-sdk-go/service/iam" -) - -var _ time.Duration -var _ bytes.Buffer - -func ExampleIAM_AddClientIDToOpenIDConnectProvider() { - svc := iam.New(session.New()) - - params := &iam.AddClientIDToOpenIDConnectProviderInput{ - ClientID: aws.String("clientIDType"), // Required - OpenIDConnectProviderArn: aws.String("arnType"), // Required - } - resp, err := svc.AddClientIDToOpenIDConnectProvider(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_AddRoleToInstanceProfile() { - svc := iam.New(session.New()) - - params := &iam.AddRoleToInstanceProfileInput{ - InstanceProfileName: aws.String("instanceProfileNameType"), // Required - RoleName: aws.String("roleNameType"), // Required - } - resp, err := svc.AddRoleToInstanceProfile(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_AddUserToGroup() { - svc := iam.New(session.New()) - - params := &iam.AddUserToGroupInput{ - GroupName: aws.String("groupNameType"), // Required - UserName: aws.String("existingUserNameType"), // Required - } - resp, err := svc.AddUserToGroup(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_AttachGroupPolicy() { - svc := iam.New(session.New()) - - params := &iam.AttachGroupPolicyInput{ - GroupName: aws.String("groupNameType"), // Required - PolicyArn: aws.String("arnType"), // Required - } - resp, err := svc.AttachGroupPolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_AttachRolePolicy() { - svc := iam.New(session.New()) - - params := &iam.AttachRolePolicyInput{ - PolicyArn: aws.String("arnType"), // Required - RoleName: aws.String("roleNameType"), // Required - } - resp, err := svc.AttachRolePolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_AttachUserPolicy() { - svc := iam.New(session.New()) - - params := &iam.AttachUserPolicyInput{ - PolicyArn: aws.String("arnType"), // Required - UserName: aws.String("userNameType"), // Required - } - resp, err := svc.AttachUserPolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ChangePassword() { - svc := iam.New(session.New()) - - params := &iam.ChangePasswordInput{ - NewPassword: aws.String("passwordType"), // Required - OldPassword: aws.String("passwordType"), // Required - } - resp, err := svc.ChangePassword(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_CreateAccessKey() { - svc := iam.New(session.New()) - - params := &iam.CreateAccessKeyInput{ - UserName: aws.String("existingUserNameType"), - } - resp, err := svc.CreateAccessKey(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_CreateAccountAlias() { - svc := iam.New(session.New()) - - params := &iam.CreateAccountAliasInput{ - AccountAlias: aws.String("accountAliasType"), // Required - } - resp, err := svc.CreateAccountAlias(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_CreateGroup() { - svc := iam.New(session.New()) - - params := &iam.CreateGroupInput{ - GroupName: aws.String("groupNameType"), // Required - Path: aws.String("pathType"), - } - resp, err := svc.CreateGroup(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_CreateInstanceProfile() { - svc := iam.New(session.New()) - - params := &iam.CreateInstanceProfileInput{ - InstanceProfileName: aws.String("instanceProfileNameType"), // Required - Path: aws.String("pathType"), - } - resp, err := svc.CreateInstanceProfile(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_CreateLoginProfile() { - svc := iam.New(session.New()) - - params := &iam.CreateLoginProfileInput{ - Password: aws.String("passwordType"), // Required - UserName: aws.String("userNameType"), // Required - PasswordResetRequired: aws.Bool(true), - } - resp, err := svc.CreateLoginProfile(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_CreateOpenIDConnectProvider() { - svc := iam.New(session.New()) - - params := &iam.CreateOpenIDConnectProviderInput{ - ThumbprintList: []*string{ // Required - aws.String("thumbprintType"), // Required - // More values... - }, - Url: aws.String("OpenIDConnectProviderUrlType"), // Required - ClientIDList: []*string{ - aws.String("clientIDType"), // Required - // More values... - }, - } - resp, err := svc.CreateOpenIDConnectProvider(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_CreatePolicy() { - svc := iam.New(session.New()) - - params := &iam.CreatePolicyInput{ - PolicyDocument: aws.String("policyDocumentType"), // Required - PolicyName: aws.String("policyNameType"), // Required - Description: aws.String("policyDescriptionType"), - Path: aws.String("policyPathType"), - } - resp, err := svc.CreatePolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_CreatePolicyVersion() { - svc := iam.New(session.New()) - - params := &iam.CreatePolicyVersionInput{ - PolicyArn: aws.String("arnType"), // Required - PolicyDocument: aws.String("policyDocumentType"), // Required - SetAsDefault: aws.Bool(true), - } - resp, err := svc.CreatePolicyVersion(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_CreateRole() { - svc := iam.New(session.New()) - - params := &iam.CreateRoleInput{ - AssumeRolePolicyDocument: aws.String("policyDocumentType"), // Required - RoleName: aws.String("roleNameType"), // Required - Path: aws.String("pathType"), - } - resp, err := svc.CreateRole(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_CreateSAMLProvider() { - svc := iam.New(session.New()) - - params := &iam.CreateSAMLProviderInput{ - Name: aws.String("SAMLProviderNameType"), // Required - SAMLMetadataDocument: aws.String("SAMLMetadataDocumentType"), // Required - } - resp, err := svc.CreateSAMLProvider(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_CreateUser() { - svc := iam.New(session.New()) - - params := &iam.CreateUserInput{ - UserName: aws.String("userNameType"), // Required - Path: aws.String("pathType"), - } - resp, err := svc.CreateUser(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_CreateVirtualMFADevice() { - svc := iam.New(session.New()) - - params := &iam.CreateVirtualMFADeviceInput{ - VirtualMFADeviceName: aws.String("virtualMFADeviceName"), // Required - Path: aws.String("pathType"), - } - resp, err := svc.CreateVirtualMFADevice(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeactivateMFADevice() { - svc := iam.New(session.New()) - - params := &iam.DeactivateMFADeviceInput{ - SerialNumber: aws.String("serialNumberType"), // Required - UserName: aws.String("existingUserNameType"), // Required - } - resp, err := svc.DeactivateMFADevice(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeleteAccessKey() { - svc := iam.New(session.New()) - - params := &iam.DeleteAccessKeyInput{ - AccessKeyId: aws.String("accessKeyIdType"), // Required - UserName: aws.String("existingUserNameType"), - } - resp, err := svc.DeleteAccessKey(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeleteAccountAlias() { - svc := iam.New(session.New()) - - params := &iam.DeleteAccountAliasInput{ - AccountAlias: aws.String("accountAliasType"), // Required - } - resp, err := svc.DeleteAccountAlias(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeleteAccountPasswordPolicy() { - svc := iam.New(session.New()) - - var params *iam.DeleteAccountPasswordPolicyInput - resp, err := svc.DeleteAccountPasswordPolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeleteGroup() { - svc := iam.New(session.New()) - - params := &iam.DeleteGroupInput{ - GroupName: aws.String("groupNameType"), // Required - } - resp, err := svc.DeleteGroup(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeleteGroupPolicy() { - svc := iam.New(session.New()) - - params := &iam.DeleteGroupPolicyInput{ - GroupName: aws.String("groupNameType"), // Required - PolicyName: aws.String("policyNameType"), // Required - } - resp, err := svc.DeleteGroupPolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeleteInstanceProfile() { - svc := iam.New(session.New()) - - params := &iam.DeleteInstanceProfileInput{ - InstanceProfileName: aws.String("instanceProfileNameType"), // Required - } - resp, err := svc.DeleteInstanceProfile(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeleteLoginProfile() { - svc := iam.New(session.New()) - - params := &iam.DeleteLoginProfileInput{ - UserName: aws.String("userNameType"), // Required - } - resp, err := svc.DeleteLoginProfile(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeleteOpenIDConnectProvider() { - svc := iam.New(session.New()) - - params := &iam.DeleteOpenIDConnectProviderInput{ - OpenIDConnectProviderArn: aws.String("arnType"), // Required - } - resp, err := svc.DeleteOpenIDConnectProvider(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeletePolicy() { - svc := iam.New(session.New()) - - params := &iam.DeletePolicyInput{ - PolicyArn: aws.String("arnType"), // Required - } - resp, err := svc.DeletePolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeletePolicyVersion() { - svc := iam.New(session.New()) - - params := &iam.DeletePolicyVersionInput{ - PolicyArn: aws.String("arnType"), // Required - VersionId: aws.String("policyVersionIdType"), // Required - } - resp, err := svc.DeletePolicyVersion(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeleteRole() { - svc := iam.New(session.New()) - - params := &iam.DeleteRoleInput{ - RoleName: aws.String("roleNameType"), // Required - } - resp, err := svc.DeleteRole(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeleteRolePolicy() { - svc := iam.New(session.New()) - - params := &iam.DeleteRolePolicyInput{ - PolicyName: aws.String("policyNameType"), // Required - RoleName: aws.String("roleNameType"), // Required - } - resp, err := svc.DeleteRolePolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeleteSAMLProvider() { - svc := iam.New(session.New()) - - params := &iam.DeleteSAMLProviderInput{ - SAMLProviderArn: aws.String("arnType"), // Required - } - resp, err := svc.DeleteSAMLProvider(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeleteSSHPublicKey() { - svc := iam.New(session.New()) - - params := &iam.DeleteSSHPublicKeyInput{ - SSHPublicKeyId: aws.String("publicKeyIdType"), // Required - UserName: aws.String("userNameType"), // Required - } - resp, err := svc.DeleteSSHPublicKey(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeleteServerCertificate() { - svc := iam.New(session.New()) - - params := &iam.DeleteServerCertificateInput{ - ServerCertificateName: aws.String("serverCertificateNameType"), // Required - } - resp, err := svc.DeleteServerCertificate(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeleteSigningCertificate() { - svc := iam.New(session.New()) - - params := &iam.DeleteSigningCertificateInput{ - CertificateId: aws.String("certificateIdType"), // Required - UserName: aws.String("existingUserNameType"), - } - resp, err := svc.DeleteSigningCertificate(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeleteUser() { - svc := iam.New(session.New()) - - params := &iam.DeleteUserInput{ - UserName: aws.String("existingUserNameType"), // Required - } - resp, err := svc.DeleteUser(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeleteUserPolicy() { - svc := iam.New(session.New()) - - params := &iam.DeleteUserPolicyInput{ - PolicyName: aws.String("policyNameType"), // Required - UserName: aws.String("existingUserNameType"), // Required - } - resp, err := svc.DeleteUserPolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DeleteVirtualMFADevice() { - svc := iam.New(session.New()) - - params := &iam.DeleteVirtualMFADeviceInput{ - SerialNumber: aws.String("serialNumberType"), // Required - } - resp, err := svc.DeleteVirtualMFADevice(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DetachGroupPolicy() { - svc := iam.New(session.New()) - - params := &iam.DetachGroupPolicyInput{ - GroupName: aws.String("groupNameType"), // Required - PolicyArn: aws.String("arnType"), // Required - } - resp, err := svc.DetachGroupPolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DetachRolePolicy() { - svc := iam.New(session.New()) - - params := &iam.DetachRolePolicyInput{ - PolicyArn: aws.String("arnType"), // Required - RoleName: aws.String("roleNameType"), // Required - } - resp, err := svc.DetachRolePolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_DetachUserPolicy() { - svc := iam.New(session.New()) - - params := &iam.DetachUserPolicyInput{ - PolicyArn: aws.String("arnType"), // Required - UserName: aws.String("userNameType"), // Required - } - resp, err := svc.DetachUserPolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_EnableMFADevice() { - svc := iam.New(session.New()) - - params := &iam.EnableMFADeviceInput{ - AuthenticationCode1: aws.String("authenticationCodeType"), // Required - AuthenticationCode2: aws.String("authenticationCodeType"), // Required - SerialNumber: aws.String("serialNumberType"), // Required - UserName: aws.String("existingUserNameType"), // Required - } - resp, err := svc.EnableMFADevice(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GenerateCredentialReport() { - svc := iam.New(session.New()) - - var params *iam.GenerateCredentialReportInput - resp, err := svc.GenerateCredentialReport(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetAccessKeyLastUsed() { - svc := iam.New(session.New()) - - params := &iam.GetAccessKeyLastUsedInput{ - AccessKeyId: aws.String("accessKeyIdType"), // Required - } - resp, err := svc.GetAccessKeyLastUsed(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetAccountAuthorizationDetails() { - svc := iam.New(session.New()) - - params := &iam.GetAccountAuthorizationDetailsInput{ - Filter: []*string{ - aws.String("EntityType"), // Required - // More values... - }, - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - } - resp, err := svc.GetAccountAuthorizationDetails(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetAccountPasswordPolicy() { - svc := iam.New(session.New()) - - var params *iam.GetAccountPasswordPolicyInput - resp, err := svc.GetAccountPasswordPolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetAccountSummary() { - svc := iam.New(session.New()) - - var params *iam.GetAccountSummaryInput - resp, err := svc.GetAccountSummary(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetContextKeysForCustomPolicy() { - svc := iam.New(session.New()) - - params := &iam.GetContextKeysForCustomPolicyInput{ - PolicyInputList: []*string{ // Required - aws.String("policyDocumentType"), // Required - // More values... - }, - } - resp, err := svc.GetContextKeysForCustomPolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetContextKeysForPrincipalPolicy() { - svc := iam.New(session.New()) - - params := &iam.GetContextKeysForPrincipalPolicyInput{ - PolicySourceArn: aws.String("arnType"), // Required - PolicyInputList: []*string{ - aws.String("policyDocumentType"), // Required - // More values... - }, - } - resp, err := svc.GetContextKeysForPrincipalPolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetCredentialReport() { - svc := iam.New(session.New()) - - var params *iam.GetCredentialReportInput - resp, err := svc.GetCredentialReport(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetGroup() { - svc := iam.New(session.New()) - - params := &iam.GetGroupInput{ - GroupName: aws.String("groupNameType"), // Required - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - } - resp, err := svc.GetGroup(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetGroupPolicy() { - svc := iam.New(session.New()) - - params := &iam.GetGroupPolicyInput{ - GroupName: aws.String("groupNameType"), // Required - PolicyName: aws.String("policyNameType"), // Required - } - resp, err := svc.GetGroupPolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetInstanceProfile() { - svc := iam.New(session.New()) - - params := &iam.GetInstanceProfileInput{ - InstanceProfileName: aws.String("instanceProfileNameType"), // Required - } - resp, err := svc.GetInstanceProfile(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetLoginProfile() { - svc := iam.New(session.New()) - - params := &iam.GetLoginProfileInput{ - UserName: aws.String("userNameType"), // Required - } - resp, err := svc.GetLoginProfile(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetOpenIDConnectProvider() { - svc := iam.New(session.New()) - - params := &iam.GetOpenIDConnectProviderInput{ - OpenIDConnectProviderArn: aws.String("arnType"), // Required - } - resp, err := svc.GetOpenIDConnectProvider(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetPolicy() { - svc := iam.New(session.New()) - - params := &iam.GetPolicyInput{ - PolicyArn: aws.String("arnType"), // Required - } - resp, err := svc.GetPolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetPolicyVersion() { - svc := iam.New(session.New()) - - params := &iam.GetPolicyVersionInput{ - PolicyArn: aws.String("arnType"), // Required - VersionId: aws.String("policyVersionIdType"), // Required - } - resp, err := svc.GetPolicyVersion(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetRole() { - svc := iam.New(session.New()) - - params := &iam.GetRoleInput{ - RoleName: aws.String("roleNameType"), // Required - } - resp, err := svc.GetRole(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetRolePolicy() { - svc := iam.New(session.New()) - - params := &iam.GetRolePolicyInput{ - PolicyName: aws.String("policyNameType"), // Required - RoleName: aws.String("roleNameType"), // Required - } - resp, err := svc.GetRolePolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetSAMLProvider() { - svc := iam.New(session.New()) - - params := &iam.GetSAMLProviderInput{ - SAMLProviderArn: aws.String("arnType"), // Required - } - resp, err := svc.GetSAMLProvider(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetSSHPublicKey() { - svc := iam.New(session.New()) - - params := &iam.GetSSHPublicKeyInput{ - Encoding: aws.String("encodingType"), // Required - SSHPublicKeyId: aws.String("publicKeyIdType"), // Required - UserName: aws.String("userNameType"), // Required - } - resp, err := svc.GetSSHPublicKey(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetServerCertificate() { - svc := iam.New(session.New()) - - params := &iam.GetServerCertificateInput{ - ServerCertificateName: aws.String("serverCertificateNameType"), // Required - } - resp, err := svc.GetServerCertificate(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetUser() { - svc := iam.New(session.New()) - - params := &iam.GetUserInput{ - UserName: aws.String("existingUserNameType"), - } - resp, err := svc.GetUser(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_GetUserPolicy() { - svc := iam.New(session.New()) - - params := &iam.GetUserPolicyInput{ - PolicyName: aws.String("policyNameType"), // Required - UserName: aws.String("existingUserNameType"), // Required - } - resp, err := svc.GetUserPolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListAccessKeys() { - svc := iam.New(session.New()) - - params := &iam.ListAccessKeysInput{ - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - UserName: aws.String("existingUserNameType"), - } - resp, err := svc.ListAccessKeys(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListAccountAliases() { - svc := iam.New(session.New()) - - params := &iam.ListAccountAliasesInput{ - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - } - resp, err := svc.ListAccountAliases(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListAttachedGroupPolicies() { - svc := iam.New(session.New()) - - params := &iam.ListAttachedGroupPoliciesInput{ - GroupName: aws.String("groupNameType"), // Required - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - PathPrefix: aws.String("policyPathType"), - } - resp, err := svc.ListAttachedGroupPolicies(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListAttachedRolePolicies() { - svc := iam.New(session.New()) - - params := &iam.ListAttachedRolePoliciesInput{ - RoleName: aws.String("roleNameType"), // Required - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - PathPrefix: aws.String("policyPathType"), - } - resp, err := svc.ListAttachedRolePolicies(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListAttachedUserPolicies() { - svc := iam.New(session.New()) - - params := &iam.ListAttachedUserPoliciesInput{ - UserName: aws.String("userNameType"), // Required - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - PathPrefix: aws.String("policyPathType"), - } - resp, err := svc.ListAttachedUserPolicies(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListEntitiesForPolicy() { - svc := iam.New(session.New()) - - params := &iam.ListEntitiesForPolicyInput{ - PolicyArn: aws.String("arnType"), // Required - EntityFilter: aws.String("EntityType"), - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - PathPrefix: aws.String("pathType"), - } - resp, err := svc.ListEntitiesForPolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListGroupPolicies() { - svc := iam.New(session.New()) - - params := &iam.ListGroupPoliciesInput{ - GroupName: aws.String("groupNameType"), // Required - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - } - resp, err := svc.ListGroupPolicies(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListGroups() { - svc := iam.New(session.New()) - - params := &iam.ListGroupsInput{ - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - PathPrefix: aws.String("pathPrefixType"), - } - resp, err := svc.ListGroups(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListGroupsForUser() { - svc := iam.New(session.New()) - - params := &iam.ListGroupsForUserInput{ - UserName: aws.String("existingUserNameType"), // Required - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - } - resp, err := svc.ListGroupsForUser(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListInstanceProfiles() { - svc := iam.New(session.New()) - - params := &iam.ListInstanceProfilesInput{ - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - PathPrefix: aws.String("pathPrefixType"), - } - resp, err := svc.ListInstanceProfiles(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListInstanceProfilesForRole() { - svc := iam.New(session.New()) - - params := &iam.ListInstanceProfilesForRoleInput{ - RoleName: aws.String("roleNameType"), // Required - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - } - resp, err := svc.ListInstanceProfilesForRole(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListMFADevices() { - svc := iam.New(session.New()) - - params := &iam.ListMFADevicesInput{ - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - UserName: aws.String("existingUserNameType"), - } - resp, err := svc.ListMFADevices(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListOpenIDConnectProviders() { - svc := iam.New(session.New()) - - var params *iam.ListOpenIDConnectProvidersInput - resp, err := svc.ListOpenIDConnectProviders(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListPolicies() { - svc := iam.New(session.New()) - - params := &iam.ListPoliciesInput{ - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - OnlyAttached: aws.Bool(true), - PathPrefix: aws.String("policyPathType"), - Scope: aws.String("policyScopeType"), - } - resp, err := svc.ListPolicies(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListPolicyVersions() { - svc := iam.New(session.New()) - - params := &iam.ListPolicyVersionsInput{ - PolicyArn: aws.String("arnType"), // Required - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - } - resp, err := svc.ListPolicyVersions(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListRolePolicies() { - svc := iam.New(session.New()) - - params := &iam.ListRolePoliciesInput{ - RoleName: aws.String("roleNameType"), // Required - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - } - resp, err := svc.ListRolePolicies(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListRoles() { - svc := iam.New(session.New()) - - params := &iam.ListRolesInput{ - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - PathPrefix: aws.String("pathPrefixType"), - } - resp, err := svc.ListRoles(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListSAMLProviders() { - svc := iam.New(session.New()) - - var params *iam.ListSAMLProvidersInput - resp, err := svc.ListSAMLProviders(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListSSHPublicKeys() { - svc := iam.New(session.New()) - - params := &iam.ListSSHPublicKeysInput{ - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - UserName: aws.String("userNameType"), - } - resp, err := svc.ListSSHPublicKeys(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListServerCertificates() { - svc := iam.New(session.New()) - - params := &iam.ListServerCertificatesInput{ - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - PathPrefix: aws.String("pathPrefixType"), - } - resp, err := svc.ListServerCertificates(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListSigningCertificates() { - svc := iam.New(session.New()) - - params := &iam.ListSigningCertificatesInput{ - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - UserName: aws.String("existingUserNameType"), - } - resp, err := svc.ListSigningCertificates(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListUserPolicies() { - svc := iam.New(session.New()) - - params := &iam.ListUserPoliciesInput{ - UserName: aws.String("existingUserNameType"), // Required - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - } - resp, err := svc.ListUserPolicies(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListUsers() { - svc := iam.New(session.New()) - - params := &iam.ListUsersInput{ - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - PathPrefix: aws.String("pathPrefixType"), - } - resp, err := svc.ListUsers(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ListVirtualMFADevices() { - svc := iam.New(session.New()) - - params := &iam.ListVirtualMFADevicesInput{ - AssignmentStatus: aws.String("assignmentStatusType"), - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - } - resp, err := svc.ListVirtualMFADevices(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_PutGroupPolicy() { - svc := iam.New(session.New()) - - params := &iam.PutGroupPolicyInput{ - GroupName: aws.String("groupNameType"), // Required - PolicyDocument: aws.String("policyDocumentType"), // Required - PolicyName: aws.String("policyNameType"), // Required - } - resp, err := svc.PutGroupPolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_PutRolePolicy() { - svc := iam.New(session.New()) - - params := &iam.PutRolePolicyInput{ - PolicyDocument: aws.String("policyDocumentType"), // Required - PolicyName: aws.String("policyNameType"), // Required - RoleName: aws.String("roleNameType"), // Required - } - resp, err := svc.PutRolePolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_PutUserPolicy() { - svc := iam.New(session.New()) - - params := &iam.PutUserPolicyInput{ - PolicyDocument: aws.String("policyDocumentType"), // Required - PolicyName: aws.String("policyNameType"), // Required - UserName: aws.String("existingUserNameType"), // Required - } - resp, err := svc.PutUserPolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_RemoveClientIDFromOpenIDConnectProvider() { - svc := iam.New(session.New()) - - params := &iam.RemoveClientIDFromOpenIDConnectProviderInput{ - ClientID: aws.String("clientIDType"), // Required - OpenIDConnectProviderArn: aws.String("arnType"), // Required - } - resp, err := svc.RemoveClientIDFromOpenIDConnectProvider(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_RemoveRoleFromInstanceProfile() { - svc := iam.New(session.New()) - - params := &iam.RemoveRoleFromInstanceProfileInput{ - InstanceProfileName: aws.String("instanceProfileNameType"), // Required - RoleName: aws.String("roleNameType"), // Required - } - resp, err := svc.RemoveRoleFromInstanceProfile(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_RemoveUserFromGroup() { - svc := iam.New(session.New()) - - params := &iam.RemoveUserFromGroupInput{ - GroupName: aws.String("groupNameType"), // Required - UserName: aws.String("existingUserNameType"), // Required - } - resp, err := svc.RemoveUserFromGroup(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_ResyncMFADevice() { - svc := iam.New(session.New()) - - params := &iam.ResyncMFADeviceInput{ - AuthenticationCode1: aws.String("authenticationCodeType"), // Required - AuthenticationCode2: aws.String("authenticationCodeType"), // Required - SerialNumber: aws.String("serialNumberType"), // Required - UserName: aws.String("existingUserNameType"), // Required - } - resp, err := svc.ResyncMFADevice(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_SetDefaultPolicyVersion() { - svc := iam.New(session.New()) - - params := &iam.SetDefaultPolicyVersionInput{ - PolicyArn: aws.String("arnType"), // Required - VersionId: aws.String("policyVersionIdType"), // Required - } - resp, err := svc.SetDefaultPolicyVersion(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_SimulateCustomPolicy() { - svc := iam.New(session.New()) - - params := &iam.SimulateCustomPolicyInput{ - ActionNames: []*string{ // Required - aws.String("ActionNameType"), // Required - // More values... - }, - PolicyInputList: []*string{ // Required - aws.String("policyDocumentType"), // Required - // More values... - }, - CallerArn: aws.String("ResourceNameType"), - ContextEntries: []*iam.ContextEntry{ - { // Required - ContextKeyName: aws.String("ContextKeyNameType"), - ContextKeyType: aws.String("ContextKeyTypeEnum"), - ContextKeyValues: []*string{ - aws.String("ContextKeyValueType"), // Required - // More values... - }, - }, - // More values... - }, - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - ResourceArns: []*string{ - aws.String("ResourceNameType"), // Required - // More values... - }, - ResourceHandlingOption: aws.String("ResourceHandlingOptionType"), - ResourceOwner: aws.String("ResourceNameType"), - ResourcePolicy: aws.String("policyDocumentType"), - } - resp, err := svc.SimulateCustomPolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_SimulatePrincipalPolicy() { - svc := iam.New(session.New()) - - params := &iam.SimulatePrincipalPolicyInput{ - ActionNames: []*string{ // Required - aws.String("ActionNameType"), // Required - // More values... - }, - PolicySourceArn: aws.String("arnType"), // Required - CallerArn: aws.String("ResourceNameType"), - ContextEntries: []*iam.ContextEntry{ - { // Required - ContextKeyName: aws.String("ContextKeyNameType"), - ContextKeyType: aws.String("ContextKeyTypeEnum"), - ContextKeyValues: []*string{ - aws.String("ContextKeyValueType"), // Required - // More values... - }, - }, - // More values... - }, - Marker: aws.String("markerType"), - MaxItems: aws.Int64(1), - PolicyInputList: []*string{ - aws.String("policyDocumentType"), // Required - // More values... - }, - ResourceArns: []*string{ - aws.String("ResourceNameType"), // Required - // More values... - }, - ResourceHandlingOption: aws.String("ResourceHandlingOptionType"), - ResourceOwner: aws.String("ResourceNameType"), - ResourcePolicy: aws.String("policyDocumentType"), - } - resp, err := svc.SimulatePrincipalPolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_UpdateAccessKey() { - svc := iam.New(session.New()) - - params := &iam.UpdateAccessKeyInput{ - AccessKeyId: aws.String("accessKeyIdType"), // Required - Status: aws.String("statusType"), // Required - UserName: aws.String("existingUserNameType"), - } - resp, err := svc.UpdateAccessKey(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_UpdateAccountPasswordPolicy() { - svc := iam.New(session.New()) - - params := &iam.UpdateAccountPasswordPolicyInput{ - AllowUsersToChangePassword: aws.Bool(true), - HardExpiry: aws.Bool(true), - MaxPasswordAge: aws.Int64(1), - MinimumPasswordLength: aws.Int64(1), - PasswordReusePrevention: aws.Int64(1), - RequireLowercaseCharacters: aws.Bool(true), - RequireNumbers: aws.Bool(true), - RequireSymbols: aws.Bool(true), - RequireUppercaseCharacters: aws.Bool(true), - } - resp, err := svc.UpdateAccountPasswordPolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_UpdateAssumeRolePolicy() { - svc := iam.New(session.New()) - - params := &iam.UpdateAssumeRolePolicyInput{ - PolicyDocument: aws.String("policyDocumentType"), // Required - RoleName: aws.String("roleNameType"), // Required - } - resp, err := svc.UpdateAssumeRolePolicy(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_UpdateGroup() { - svc := iam.New(session.New()) - - params := &iam.UpdateGroupInput{ - GroupName: aws.String("groupNameType"), // Required - NewGroupName: aws.String("groupNameType"), - NewPath: aws.String("pathType"), - } - resp, err := svc.UpdateGroup(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_UpdateLoginProfile() { - svc := iam.New(session.New()) - - params := &iam.UpdateLoginProfileInput{ - UserName: aws.String("userNameType"), // Required - Password: aws.String("passwordType"), - PasswordResetRequired: aws.Bool(true), - } - resp, err := svc.UpdateLoginProfile(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_UpdateOpenIDConnectProviderThumbprint() { - svc := iam.New(session.New()) - - params := &iam.UpdateOpenIDConnectProviderThumbprintInput{ - OpenIDConnectProviderArn: aws.String("arnType"), // Required - ThumbprintList: []*string{ // Required - aws.String("thumbprintType"), // Required - // More values... - }, - } - resp, err := svc.UpdateOpenIDConnectProviderThumbprint(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_UpdateSAMLProvider() { - svc := iam.New(session.New()) - - params := &iam.UpdateSAMLProviderInput{ - SAMLMetadataDocument: aws.String("SAMLMetadataDocumentType"), // Required - SAMLProviderArn: aws.String("arnType"), // Required - } - resp, err := svc.UpdateSAMLProvider(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_UpdateSSHPublicKey() { - svc := iam.New(session.New()) - - params := &iam.UpdateSSHPublicKeyInput{ - SSHPublicKeyId: aws.String("publicKeyIdType"), // Required - Status: aws.String("statusType"), // Required - UserName: aws.String("userNameType"), // Required - } - resp, err := svc.UpdateSSHPublicKey(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_UpdateServerCertificate() { - svc := iam.New(session.New()) - - params := &iam.UpdateServerCertificateInput{ - ServerCertificateName: aws.String("serverCertificateNameType"), // Required - NewPath: aws.String("pathType"), - NewServerCertificateName: aws.String("serverCertificateNameType"), - } - resp, err := svc.UpdateServerCertificate(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_UpdateSigningCertificate() { - svc := iam.New(session.New()) - - params := &iam.UpdateSigningCertificateInput{ - CertificateId: aws.String("certificateIdType"), // Required - Status: aws.String("statusType"), // Required - UserName: aws.String("existingUserNameType"), - } - resp, err := svc.UpdateSigningCertificate(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_UpdateUser() { - svc := iam.New(session.New()) - - params := &iam.UpdateUserInput{ - UserName: aws.String("existingUserNameType"), // Required - NewPath: aws.String("pathType"), - NewUserName: aws.String("userNameType"), - } - resp, err := svc.UpdateUser(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_UploadSSHPublicKey() { - svc := iam.New(session.New()) - - params := &iam.UploadSSHPublicKeyInput{ - SSHPublicKeyBody: aws.String("publicKeyMaterialType"), // Required - UserName: aws.String("userNameType"), // Required - } - resp, err := svc.UploadSSHPublicKey(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_UploadServerCertificate() { - svc := iam.New(session.New()) - - params := &iam.UploadServerCertificateInput{ - CertificateBody: aws.String("certificateBodyType"), // Required - PrivateKey: aws.String("privateKeyType"), // Required - ServerCertificateName: aws.String("serverCertificateNameType"), // Required - CertificateChain: aws.String("certificateChainType"), - Path: aws.String("pathType"), - } - resp, err := svc.UploadServerCertificate(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} - -func ExampleIAM_UploadSigningCertificate() { - svc := iam.New(session.New()) - - params := &iam.UploadSigningCertificateInput{ - CertificateBody: aws.String("certificateBodyType"), // Required - UserName: aws.String("existingUserNameType"), - } - resp, err := svc.UploadSigningCertificate(params) - - if err != nil { - // Print the error, cast err to awserr.Error to get the Code and - // Message from an error. - fmt.Println(err.Error()) - return - } - - // Pretty-print the response data. - fmt.Println(resp) -} diff --git a/Godeps/_workspace/src/github.com/aws/aws-sdk-go/service/iam/iamiface/interface.go b/Godeps/_workspace/src/github.com/aws/aws-sdk-go/service/iam/iamiface/interface.go deleted file mode 100644 index 3df15410a..000000000 --- a/Godeps/_workspace/src/github.com/aws/aws-sdk-go/service/iam/iamiface/interface.go +++ /dev/null @@ -1,510 +0,0 @@ -// THIS FILE IS AUTOMATICALLY GENERATED. DO NOT EDIT. - -// Package iamiface provides an interface for the AWS Identity and Access Management. -package iamiface - -import ( - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/service/iam" -) - -// IAMAPI is the interface type for iam.IAM. -type IAMAPI interface { - AddClientIDToOpenIDConnectProviderRequest(*iam.AddClientIDToOpenIDConnectProviderInput) (*request.Request, *iam.AddClientIDToOpenIDConnectProviderOutput) - - AddClientIDToOpenIDConnectProvider(*iam.AddClientIDToOpenIDConnectProviderInput) (*iam.AddClientIDToOpenIDConnectProviderOutput, error) - - AddRoleToInstanceProfileRequest(*iam.AddRoleToInstanceProfileInput) (*request.Request, *iam.AddRoleToInstanceProfileOutput) - - AddRoleToInstanceProfile(*iam.AddRoleToInstanceProfileInput) (*iam.AddRoleToInstanceProfileOutput, error) - - AddUserToGroupRequest(*iam.AddUserToGroupInput) (*request.Request, *iam.AddUserToGroupOutput) - - AddUserToGroup(*iam.AddUserToGroupInput) (*iam.AddUserToGroupOutput, error) - - AttachGroupPolicyRequest(*iam.AttachGroupPolicyInput) (*request.Request, *iam.AttachGroupPolicyOutput) - - AttachGroupPolicy(*iam.AttachGroupPolicyInput) (*iam.AttachGroupPolicyOutput, error) - - AttachRolePolicyRequest(*iam.AttachRolePolicyInput) (*request.Request, *iam.AttachRolePolicyOutput) - - AttachRolePolicy(*iam.AttachRolePolicyInput) (*iam.AttachRolePolicyOutput, error) - - AttachUserPolicyRequest(*iam.AttachUserPolicyInput) (*request.Request, *iam.AttachUserPolicyOutput) - - AttachUserPolicy(*iam.AttachUserPolicyInput) (*iam.AttachUserPolicyOutput, error) - - ChangePasswordRequest(*iam.ChangePasswordInput) (*request.Request, *iam.ChangePasswordOutput) - - ChangePassword(*iam.ChangePasswordInput) (*iam.ChangePasswordOutput, error) - - CreateAccessKeyRequest(*iam.CreateAccessKeyInput) (*request.Request, *iam.CreateAccessKeyOutput) - - CreateAccessKey(*iam.CreateAccessKeyInput) (*iam.CreateAccessKeyOutput, error) - - CreateAccountAliasRequest(*iam.CreateAccountAliasInput) (*request.Request, *iam.CreateAccountAliasOutput) - - CreateAccountAlias(*iam.CreateAccountAliasInput) (*iam.CreateAccountAliasOutput, error) - - CreateGroupRequest(*iam.CreateGroupInput) (*request.Request, *iam.CreateGroupOutput) - - CreateGroup(*iam.CreateGroupInput) (*iam.CreateGroupOutput, error) - - CreateInstanceProfileRequest(*iam.CreateInstanceProfileInput) (*request.Request, *iam.CreateInstanceProfileOutput) - - CreateInstanceProfile(*iam.CreateInstanceProfileInput) (*iam.CreateInstanceProfileOutput, error) - - CreateLoginProfileRequest(*iam.CreateLoginProfileInput) (*request.Request, *iam.CreateLoginProfileOutput) - - CreateLoginProfile(*iam.CreateLoginProfileInput) (*iam.CreateLoginProfileOutput, error) - - CreateOpenIDConnectProviderRequest(*iam.CreateOpenIDConnectProviderInput) (*request.Request, *iam.CreateOpenIDConnectProviderOutput) - - CreateOpenIDConnectProvider(*iam.CreateOpenIDConnectProviderInput) (*iam.CreateOpenIDConnectProviderOutput, error) - - CreatePolicyRequest(*iam.CreatePolicyInput) (*request.Request, *iam.CreatePolicyOutput) - - CreatePolicy(*iam.CreatePolicyInput) (*iam.CreatePolicyOutput, error) - - CreatePolicyVersionRequest(*iam.CreatePolicyVersionInput) (*request.Request, *iam.CreatePolicyVersionOutput) - - CreatePolicyVersion(*iam.CreatePolicyVersionInput) (*iam.CreatePolicyVersionOutput, error) - - CreateRoleRequest(*iam.CreateRoleInput) (*request.Request, *iam.CreateRoleOutput) - - CreateRole(*iam.CreateRoleInput) (*iam.CreateRoleOutput, error) - - CreateSAMLProviderRequest(*iam.CreateSAMLProviderInput) (*request.Request, *iam.CreateSAMLProviderOutput) - - CreateSAMLProvider(*iam.CreateSAMLProviderInput) (*iam.CreateSAMLProviderOutput, error) - - CreateUserRequest(*iam.CreateUserInput) (*request.Request, *iam.CreateUserOutput) - - CreateUser(*iam.CreateUserInput) (*iam.CreateUserOutput, error) - - CreateVirtualMFADeviceRequest(*iam.CreateVirtualMFADeviceInput) (*request.Request, *iam.CreateVirtualMFADeviceOutput) - - CreateVirtualMFADevice(*iam.CreateVirtualMFADeviceInput) (*iam.CreateVirtualMFADeviceOutput, error) - - DeactivateMFADeviceRequest(*iam.DeactivateMFADeviceInput) (*request.Request, *iam.DeactivateMFADeviceOutput) - - DeactivateMFADevice(*iam.DeactivateMFADeviceInput) (*iam.DeactivateMFADeviceOutput, error) - - DeleteAccessKeyRequest(*iam.DeleteAccessKeyInput) (*request.Request, *iam.DeleteAccessKeyOutput) - - DeleteAccessKey(*iam.DeleteAccessKeyInput) (*iam.DeleteAccessKeyOutput, error) - - DeleteAccountAliasRequest(*iam.DeleteAccountAliasInput) (*request.Request, *iam.DeleteAccountAliasOutput) - - DeleteAccountAlias(*iam.DeleteAccountAliasInput) (*iam.DeleteAccountAliasOutput, error) - - DeleteAccountPasswordPolicyRequest(*iam.DeleteAccountPasswordPolicyInput) (*request.Request, *iam.DeleteAccountPasswordPolicyOutput) - - DeleteAccountPasswordPolicy(*iam.DeleteAccountPasswordPolicyInput) (*iam.DeleteAccountPasswordPolicyOutput, error) - - DeleteGroupRequest(*iam.DeleteGroupInput) (*request.Request, *iam.DeleteGroupOutput) - - DeleteGroup(*iam.DeleteGroupInput) (*iam.DeleteGroupOutput, error) - - DeleteGroupPolicyRequest(*iam.DeleteGroupPolicyInput) (*request.Request, *iam.DeleteGroupPolicyOutput) - - DeleteGroupPolicy(*iam.DeleteGroupPolicyInput) (*iam.DeleteGroupPolicyOutput, error) - - DeleteInstanceProfileRequest(*iam.DeleteInstanceProfileInput) (*request.Request, *iam.DeleteInstanceProfileOutput) - - DeleteInstanceProfile(*iam.DeleteInstanceProfileInput) (*iam.DeleteInstanceProfileOutput, error) - - DeleteLoginProfileRequest(*iam.DeleteLoginProfileInput) (*request.Request, *iam.DeleteLoginProfileOutput) - - DeleteLoginProfile(*iam.DeleteLoginProfileInput) (*iam.DeleteLoginProfileOutput, error) - - DeleteOpenIDConnectProviderRequest(*iam.DeleteOpenIDConnectProviderInput) (*request.Request, *iam.DeleteOpenIDConnectProviderOutput) - - DeleteOpenIDConnectProvider(*iam.DeleteOpenIDConnectProviderInput) (*iam.DeleteOpenIDConnectProviderOutput, error) - - DeletePolicyRequest(*iam.DeletePolicyInput) (*request.Request, *iam.DeletePolicyOutput) - - DeletePolicy(*iam.DeletePolicyInput) (*iam.DeletePolicyOutput, error) - - DeletePolicyVersionRequest(*iam.DeletePolicyVersionInput) (*request.Request, *iam.DeletePolicyVersionOutput) - - DeletePolicyVersion(*iam.DeletePolicyVersionInput) (*iam.DeletePolicyVersionOutput, error) - - DeleteRoleRequest(*iam.DeleteRoleInput) (*request.Request, *iam.DeleteRoleOutput) - - DeleteRole(*iam.DeleteRoleInput) (*iam.DeleteRoleOutput, error) - - DeleteRolePolicyRequest(*iam.DeleteRolePolicyInput) (*request.Request, *iam.DeleteRolePolicyOutput) - - DeleteRolePolicy(*iam.DeleteRolePolicyInput) (*iam.DeleteRolePolicyOutput, error) - - DeleteSAMLProviderRequest(*iam.DeleteSAMLProviderInput) (*request.Request, *iam.DeleteSAMLProviderOutput) - - DeleteSAMLProvider(*iam.DeleteSAMLProviderInput) (*iam.DeleteSAMLProviderOutput, error) - - DeleteSSHPublicKeyRequest(*iam.DeleteSSHPublicKeyInput) (*request.Request, *iam.DeleteSSHPublicKeyOutput) - - DeleteSSHPublicKey(*iam.DeleteSSHPublicKeyInput) (*iam.DeleteSSHPublicKeyOutput, error) - - DeleteServerCertificateRequest(*iam.DeleteServerCertificateInput) (*request.Request, *iam.DeleteServerCertificateOutput) - - DeleteServerCertificate(*iam.DeleteServerCertificateInput) (*iam.DeleteServerCertificateOutput, error) - - DeleteSigningCertificateRequest(*iam.DeleteSigningCertificateInput) (*request.Request, *iam.DeleteSigningCertificateOutput) - - DeleteSigningCertificate(*iam.DeleteSigningCertificateInput) (*iam.DeleteSigningCertificateOutput, error) - - DeleteUserRequest(*iam.DeleteUserInput) (*request.Request, *iam.DeleteUserOutput) - - DeleteUser(*iam.DeleteUserInput) (*iam.DeleteUserOutput, error) - - DeleteUserPolicyRequest(*iam.DeleteUserPolicyInput) (*request.Request, *iam.DeleteUserPolicyOutput) - - DeleteUserPolicy(*iam.DeleteUserPolicyInput) (*iam.DeleteUserPolicyOutput, error) - - DeleteVirtualMFADeviceRequest(*iam.DeleteVirtualMFADeviceInput) (*request.Request, *iam.DeleteVirtualMFADeviceOutput) - - DeleteVirtualMFADevice(*iam.DeleteVirtualMFADeviceInput) (*iam.DeleteVirtualMFADeviceOutput, error) - - DetachGroupPolicyRequest(*iam.DetachGroupPolicyInput) (*request.Request, *iam.DetachGroupPolicyOutput) - - DetachGroupPolicy(*iam.DetachGroupPolicyInput) (*iam.DetachGroupPolicyOutput, error) - - DetachRolePolicyRequest(*iam.DetachRolePolicyInput) (*request.Request, *iam.DetachRolePolicyOutput) - - DetachRolePolicy(*iam.DetachRolePolicyInput) (*iam.DetachRolePolicyOutput, error) - - DetachUserPolicyRequest(*iam.DetachUserPolicyInput) (*request.Request, *iam.DetachUserPolicyOutput) - - DetachUserPolicy(*iam.DetachUserPolicyInput) (*iam.DetachUserPolicyOutput, error) - - EnableMFADeviceRequest(*iam.EnableMFADeviceInput) (*request.Request, *iam.EnableMFADeviceOutput) - - EnableMFADevice(*iam.EnableMFADeviceInput) (*iam.EnableMFADeviceOutput, error) - - GenerateCredentialReportRequest(*iam.GenerateCredentialReportInput) (*request.Request, *iam.GenerateCredentialReportOutput) - - GenerateCredentialReport(*iam.GenerateCredentialReportInput) (*iam.GenerateCredentialReportOutput, error) - - GetAccessKeyLastUsedRequest(*iam.GetAccessKeyLastUsedInput) (*request.Request, *iam.GetAccessKeyLastUsedOutput) - - GetAccessKeyLastUsed(*iam.GetAccessKeyLastUsedInput) (*iam.GetAccessKeyLastUsedOutput, error) - - GetAccountAuthorizationDetailsRequest(*iam.GetAccountAuthorizationDetailsInput) (*request.Request, *iam.GetAccountAuthorizationDetailsOutput) - - GetAccountAuthorizationDetails(*iam.GetAccountAuthorizationDetailsInput) (*iam.GetAccountAuthorizationDetailsOutput, error) - - GetAccountAuthorizationDetailsPages(*iam.GetAccountAuthorizationDetailsInput, func(*iam.GetAccountAuthorizationDetailsOutput, bool) bool) error - - GetAccountPasswordPolicyRequest(*iam.GetAccountPasswordPolicyInput) (*request.Request, *iam.GetAccountPasswordPolicyOutput) - - GetAccountPasswordPolicy(*iam.GetAccountPasswordPolicyInput) (*iam.GetAccountPasswordPolicyOutput, error) - - GetAccountSummaryRequest(*iam.GetAccountSummaryInput) (*request.Request, *iam.GetAccountSummaryOutput) - - GetAccountSummary(*iam.GetAccountSummaryInput) (*iam.GetAccountSummaryOutput, error) - - GetContextKeysForCustomPolicyRequest(*iam.GetContextKeysForCustomPolicyInput) (*request.Request, *iam.GetContextKeysForPolicyResponse) - - GetContextKeysForCustomPolicy(*iam.GetContextKeysForCustomPolicyInput) (*iam.GetContextKeysForPolicyResponse, error) - - GetContextKeysForPrincipalPolicyRequest(*iam.GetContextKeysForPrincipalPolicyInput) (*request.Request, *iam.GetContextKeysForPolicyResponse) - - GetContextKeysForPrincipalPolicy(*iam.GetContextKeysForPrincipalPolicyInput) (*iam.GetContextKeysForPolicyResponse, error) - - GetCredentialReportRequest(*iam.GetCredentialReportInput) (*request.Request, *iam.GetCredentialReportOutput) - - GetCredentialReport(*iam.GetCredentialReportInput) (*iam.GetCredentialReportOutput, error) - - GetGroupRequest(*iam.GetGroupInput) (*request.Request, *iam.GetGroupOutput) - - GetGroup(*iam.GetGroupInput) (*iam.GetGroupOutput, error) - - GetGroupPages(*iam.GetGroupInput, func(*iam.GetGroupOutput, bool) bool) error - - GetGroupPolicyRequest(*iam.GetGroupPolicyInput) (*request.Request, *iam.GetGroupPolicyOutput) - - GetGroupPolicy(*iam.GetGroupPolicyInput) (*iam.GetGroupPolicyOutput, error) - - GetInstanceProfileRequest(*iam.GetInstanceProfileInput) (*request.Request, *iam.GetInstanceProfileOutput) - - GetInstanceProfile(*iam.GetInstanceProfileInput) (*iam.GetInstanceProfileOutput, error) - - GetLoginProfileRequest(*iam.GetLoginProfileInput) (*request.Request, *iam.GetLoginProfileOutput) - - GetLoginProfile(*iam.GetLoginProfileInput) (*iam.GetLoginProfileOutput, error) - - GetOpenIDConnectProviderRequest(*iam.GetOpenIDConnectProviderInput) (*request.Request, *iam.GetOpenIDConnectProviderOutput) - - GetOpenIDConnectProvider(*iam.GetOpenIDConnectProviderInput) (*iam.GetOpenIDConnectProviderOutput, error) - - GetPolicyRequest(*iam.GetPolicyInput) (*request.Request, *iam.GetPolicyOutput) - - GetPolicy(*iam.GetPolicyInput) (*iam.GetPolicyOutput, error) - - GetPolicyVersionRequest(*iam.GetPolicyVersionInput) (*request.Request, *iam.GetPolicyVersionOutput) - - GetPolicyVersion(*iam.GetPolicyVersionInput) (*iam.GetPolicyVersionOutput, error) - - GetRoleRequest(*iam.GetRoleInput) (*request.Request, *iam.GetRoleOutput) - - GetRole(*iam.GetRoleInput) (*iam.GetRoleOutput, error) - - GetRolePolicyRequest(*iam.GetRolePolicyInput) (*request.Request, *iam.GetRolePolicyOutput) - - GetRolePolicy(*iam.GetRolePolicyInput) (*iam.GetRolePolicyOutput, error) - - GetSAMLProviderRequest(*iam.GetSAMLProviderInput) (*request.Request, *iam.GetSAMLProviderOutput) - - GetSAMLProvider(*iam.GetSAMLProviderInput) (*iam.GetSAMLProviderOutput, error) - - GetSSHPublicKeyRequest(*iam.GetSSHPublicKeyInput) (*request.Request, *iam.GetSSHPublicKeyOutput) - - GetSSHPublicKey(*iam.GetSSHPublicKeyInput) (*iam.GetSSHPublicKeyOutput, error) - - GetServerCertificateRequest(*iam.GetServerCertificateInput) (*request.Request, *iam.GetServerCertificateOutput) - - GetServerCertificate(*iam.GetServerCertificateInput) (*iam.GetServerCertificateOutput, error) - - GetUserRequest(*iam.GetUserInput) (*request.Request, *iam.GetUserOutput) - - GetUser(*iam.GetUserInput) (*iam.GetUserOutput, error) - - GetUserPolicyRequest(*iam.GetUserPolicyInput) (*request.Request, *iam.GetUserPolicyOutput) - - GetUserPolicy(*iam.GetUserPolicyInput) (*iam.GetUserPolicyOutput, error) - - ListAccessKeysRequest(*iam.ListAccessKeysInput) (*request.Request, *iam.ListAccessKeysOutput) - - ListAccessKeys(*iam.ListAccessKeysInput) (*iam.ListAccessKeysOutput, error) - - ListAccessKeysPages(*iam.ListAccessKeysInput, func(*iam.ListAccessKeysOutput, bool) bool) error - - ListAccountAliasesRequest(*iam.ListAccountAliasesInput) (*request.Request, *iam.ListAccountAliasesOutput) - - ListAccountAliases(*iam.ListAccountAliasesInput) (*iam.ListAccountAliasesOutput, error) - - ListAccountAliasesPages(*iam.ListAccountAliasesInput, func(*iam.ListAccountAliasesOutput, bool) bool) error - - ListAttachedGroupPoliciesRequest(*iam.ListAttachedGroupPoliciesInput) (*request.Request, *iam.ListAttachedGroupPoliciesOutput) - - ListAttachedGroupPolicies(*iam.ListAttachedGroupPoliciesInput) (*iam.ListAttachedGroupPoliciesOutput, error) - - ListAttachedGroupPoliciesPages(*iam.ListAttachedGroupPoliciesInput, func(*iam.ListAttachedGroupPoliciesOutput, bool) bool) error - - ListAttachedRolePoliciesRequest(*iam.ListAttachedRolePoliciesInput) (*request.Request, *iam.ListAttachedRolePoliciesOutput) - - ListAttachedRolePolicies(*iam.ListAttachedRolePoliciesInput) (*iam.ListAttachedRolePoliciesOutput, error) - - ListAttachedRolePoliciesPages(*iam.ListAttachedRolePoliciesInput, func(*iam.ListAttachedRolePoliciesOutput, bool) bool) error - - ListAttachedUserPoliciesRequest(*iam.ListAttachedUserPoliciesInput) (*request.Request, *iam.ListAttachedUserPoliciesOutput) - - ListAttachedUserPolicies(*iam.ListAttachedUserPoliciesInput) (*iam.ListAttachedUserPoliciesOutput, error) - - ListAttachedUserPoliciesPages(*iam.ListAttachedUserPoliciesInput, func(*iam.ListAttachedUserPoliciesOutput, bool) bool) error - - ListEntitiesForPolicyRequest(*iam.ListEntitiesForPolicyInput) (*request.Request, *iam.ListEntitiesForPolicyOutput) - - ListEntitiesForPolicy(*iam.ListEntitiesForPolicyInput) (*iam.ListEntitiesForPolicyOutput, error) - - ListEntitiesForPolicyPages(*iam.ListEntitiesForPolicyInput, func(*iam.ListEntitiesForPolicyOutput, bool) bool) error - - ListGroupPoliciesRequest(*iam.ListGroupPoliciesInput) (*request.Request, *iam.ListGroupPoliciesOutput) - - ListGroupPolicies(*iam.ListGroupPoliciesInput) (*iam.ListGroupPoliciesOutput, error) - - ListGroupPoliciesPages(*iam.ListGroupPoliciesInput, func(*iam.ListGroupPoliciesOutput, bool) bool) error - - ListGroupsRequest(*iam.ListGroupsInput) (*request.Request, *iam.ListGroupsOutput) - - ListGroups(*iam.ListGroupsInput) (*iam.ListGroupsOutput, error) - - ListGroupsPages(*iam.ListGroupsInput, func(*iam.ListGroupsOutput, bool) bool) error - - ListGroupsForUserRequest(*iam.ListGroupsForUserInput) (*request.Request, *iam.ListGroupsForUserOutput) - - ListGroupsForUser(*iam.ListGroupsForUserInput) (*iam.ListGroupsForUserOutput, error) - - ListGroupsForUserPages(*iam.ListGroupsForUserInput, func(*iam.ListGroupsForUserOutput, bool) bool) error - - ListInstanceProfilesRequest(*iam.ListInstanceProfilesInput) (*request.Request, *iam.ListInstanceProfilesOutput) - - ListInstanceProfiles(*iam.ListInstanceProfilesInput) (*iam.ListInstanceProfilesOutput, error) - - ListInstanceProfilesPages(*iam.ListInstanceProfilesInput, func(*iam.ListInstanceProfilesOutput, bool) bool) error - - ListInstanceProfilesForRoleRequest(*iam.ListInstanceProfilesForRoleInput) (*request.Request, *iam.ListInstanceProfilesForRoleOutput) - - ListInstanceProfilesForRole(*iam.ListInstanceProfilesForRoleInput) (*iam.ListInstanceProfilesForRoleOutput, error) - - ListInstanceProfilesForRolePages(*iam.ListInstanceProfilesForRoleInput, func(*iam.ListInstanceProfilesForRoleOutput, bool) bool) error - - ListMFADevicesRequest(*iam.ListMFADevicesInput) (*request.Request, *iam.ListMFADevicesOutput) - - ListMFADevices(*iam.ListMFADevicesInput) (*iam.ListMFADevicesOutput, error) - - ListMFADevicesPages(*iam.ListMFADevicesInput, func(*iam.ListMFADevicesOutput, bool) bool) error - - ListOpenIDConnectProvidersRequest(*iam.ListOpenIDConnectProvidersInput) (*request.Request, *iam.ListOpenIDConnectProvidersOutput) - - ListOpenIDConnectProviders(*iam.ListOpenIDConnectProvidersInput) (*iam.ListOpenIDConnectProvidersOutput, error) - - ListPoliciesRequest(*iam.ListPoliciesInput) (*request.Request, *iam.ListPoliciesOutput) - - ListPolicies(*iam.ListPoliciesInput) (*iam.ListPoliciesOutput, error) - - ListPoliciesPages(*iam.ListPoliciesInput, func(*iam.ListPoliciesOutput, bool) bool) error - - ListPolicyVersionsRequest(*iam.ListPolicyVersionsInput) (*request.Request, *iam.ListPolicyVersionsOutput) - - ListPolicyVersions(*iam.ListPolicyVersionsInput) (*iam.ListPolicyVersionsOutput, error) - - ListRolePoliciesRequest(*iam.ListRolePoliciesInput) (*request.Request, *iam.ListRolePoliciesOutput) - - ListRolePolicies(*iam.ListRolePoliciesInput) (*iam.ListRolePoliciesOutput, error) - - ListRolePoliciesPages(*iam.ListRolePoliciesInput, func(*iam.ListRolePoliciesOutput, bool) bool) error - - ListRolesRequest(*iam.ListRolesInput) (*request.Request, *iam.ListRolesOutput) - - ListRoles(*iam.ListRolesInput) (*iam.ListRolesOutput, error) - - ListRolesPages(*iam.ListRolesInput, func(*iam.ListRolesOutput, bool) bool) error - - ListSAMLProvidersRequest(*iam.ListSAMLProvidersInput) (*request.Request, *iam.ListSAMLProvidersOutput) - - ListSAMLProviders(*iam.ListSAMLProvidersInput) (*iam.ListSAMLProvidersOutput, error) - - ListSSHPublicKeysRequest(*iam.ListSSHPublicKeysInput) (*request.Request, *iam.ListSSHPublicKeysOutput) - - ListSSHPublicKeys(*iam.ListSSHPublicKeysInput) (*iam.ListSSHPublicKeysOutput, error) - - ListServerCertificatesRequest(*iam.ListServerCertificatesInput) (*request.Request, *iam.ListServerCertificatesOutput) - - ListServerCertificates(*iam.ListServerCertificatesInput) (*iam.ListServerCertificatesOutput, error) - - ListServerCertificatesPages(*iam.ListServerCertificatesInput, func(*iam.ListServerCertificatesOutput, bool) bool) error - - ListSigningCertificatesRequest(*iam.ListSigningCertificatesInput) (*request.Request, *iam.ListSigningCertificatesOutput) - - ListSigningCertificates(*iam.ListSigningCertificatesInput) (*iam.ListSigningCertificatesOutput, error) - - ListSigningCertificatesPages(*iam.ListSigningCertificatesInput, func(*iam.ListSigningCertificatesOutput, bool) bool) error - - ListUserPoliciesRequest(*iam.ListUserPoliciesInput) (*request.Request, *iam.ListUserPoliciesOutput) - - ListUserPolicies(*iam.ListUserPoliciesInput) (*iam.ListUserPoliciesOutput, error) - - ListUserPoliciesPages(*iam.ListUserPoliciesInput, func(*iam.ListUserPoliciesOutput, bool) bool) error - - ListUsersRequest(*iam.ListUsersInput) (*request.Request, *iam.ListUsersOutput) - - ListUsers(*iam.ListUsersInput) (*iam.ListUsersOutput, error) - - ListUsersPages(*iam.ListUsersInput, func(*iam.ListUsersOutput, bool) bool) error - - ListVirtualMFADevicesRequest(*iam.ListVirtualMFADevicesInput) (*request.Request, *iam.ListVirtualMFADevicesOutput) - - ListVirtualMFADevices(*iam.ListVirtualMFADevicesInput) (*iam.ListVirtualMFADevicesOutput, error) - - ListVirtualMFADevicesPages(*iam.ListVirtualMFADevicesInput, func(*iam.ListVirtualMFADevicesOutput, bool) bool) error - - PutGroupPolicyRequest(*iam.PutGroupPolicyInput) (*request.Request, *iam.PutGroupPolicyOutput) - - PutGroupPolicy(*iam.PutGroupPolicyInput) (*iam.PutGroupPolicyOutput, error) - - PutRolePolicyRequest(*iam.PutRolePolicyInput) (*request.Request, *iam.PutRolePolicyOutput) - - PutRolePolicy(*iam.PutRolePolicyInput) (*iam.PutRolePolicyOutput, error) - - PutUserPolicyRequest(*iam.PutUserPolicyInput) (*request.Request, *iam.PutUserPolicyOutput) - - PutUserPolicy(*iam.PutUserPolicyInput) (*iam.PutUserPolicyOutput, error) - - RemoveClientIDFromOpenIDConnectProviderRequest(*iam.RemoveClientIDFromOpenIDConnectProviderInput) (*request.Request, *iam.RemoveClientIDFromOpenIDConnectProviderOutput) - - RemoveClientIDFromOpenIDConnectProvider(*iam.RemoveClientIDFromOpenIDConnectProviderInput) (*iam.RemoveClientIDFromOpenIDConnectProviderOutput, error) - - RemoveRoleFromInstanceProfileRequest(*iam.RemoveRoleFromInstanceProfileInput) (*request.Request, *iam.RemoveRoleFromInstanceProfileOutput) - - RemoveRoleFromInstanceProfile(*iam.RemoveRoleFromInstanceProfileInput) (*iam.RemoveRoleFromInstanceProfileOutput, error) - - RemoveUserFromGroupRequest(*iam.RemoveUserFromGroupInput) (*request.Request, *iam.RemoveUserFromGroupOutput) - - RemoveUserFromGroup(*iam.RemoveUserFromGroupInput) (*iam.RemoveUserFromGroupOutput, error) - - ResyncMFADeviceRequest(*iam.ResyncMFADeviceInput) (*request.Request, *iam.ResyncMFADeviceOutput) - - ResyncMFADevice(*iam.ResyncMFADeviceInput) (*iam.ResyncMFADeviceOutput, error) - - SetDefaultPolicyVersionRequest(*iam.SetDefaultPolicyVersionInput) (*request.Request, *iam.SetDefaultPolicyVersionOutput) - - SetDefaultPolicyVersion(*iam.SetDefaultPolicyVersionInput) (*iam.SetDefaultPolicyVersionOutput, error) - - SimulateCustomPolicyRequest(*iam.SimulateCustomPolicyInput) (*request.Request, *iam.SimulatePolicyResponse) - - SimulateCustomPolicy(*iam.SimulateCustomPolicyInput) (*iam.SimulatePolicyResponse, error) - - SimulatePrincipalPolicyRequest(*iam.SimulatePrincipalPolicyInput) (*request.Request, *iam.SimulatePolicyResponse) - - SimulatePrincipalPolicy(*iam.SimulatePrincipalPolicyInput) (*iam.SimulatePolicyResponse, error) - - UpdateAccessKeyRequest(*iam.UpdateAccessKeyInput) (*request.Request, *iam.UpdateAccessKeyOutput) - - UpdateAccessKey(*iam.UpdateAccessKeyInput) (*iam.UpdateAccessKeyOutput, error) - - UpdateAccountPasswordPolicyRequest(*iam.UpdateAccountPasswordPolicyInput) (*request.Request, *iam.UpdateAccountPasswordPolicyOutput) - - UpdateAccountPasswordPolicy(*iam.UpdateAccountPasswordPolicyInput) (*iam.UpdateAccountPasswordPolicyOutput, error) - - UpdateAssumeRolePolicyRequest(*iam.UpdateAssumeRolePolicyInput) (*request.Request, *iam.UpdateAssumeRolePolicyOutput) - - UpdateAssumeRolePolicy(*iam.UpdateAssumeRolePolicyInput) (*iam.UpdateAssumeRolePolicyOutput, error) - - UpdateGroupRequest(*iam.UpdateGroupInput) (*request.Request, *iam.UpdateGroupOutput) - - UpdateGroup(*iam.UpdateGroupInput) (*iam.UpdateGroupOutput, error) - - UpdateLoginProfileRequest(*iam.UpdateLoginProfileInput) (*request.Request, *iam.UpdateLoginProfileOutput) - - UpdateLoginProfile(*iam.UpdateLoginProfileInput) (*iam.UpdateLoginProfileOutput, error) - - UpdateOpenIDConnectProviderThumbprintRequest(*iam.UpdateOpenIDConnectProviderThumbprintInput) (*request.Request, *iam.UpdateOpenIDConnectProviderThumbprintOutput) - - UpdateOpenIDConnectProviderThumbprint(*iam.UpdateOpenIDConnectProviderThumbprintInput) (*iam.UpdateOpenIDConnectProviderThumbprintOutput, error) - - UpdateSAMLProviderRequest(*iam.UpdateSAMLProviderInput) (*request.Request, *iam.UpdateSAMLProviderOutput) - - UpdateSAMLProvider(*iam.UpdateSAMLProviderInput) (*iam.UpdateSAMLProviderOutput, error) - - UpdateSSHPublicKeyRequest(*iam.UpdateSSHPublicKeyInput) (*request.Request, *iam.UpdateSSHPublicKeyOutput) - - UpdateSSHPublicKey(*iam.UpdateSSHPublicKeyInput) (*iam.UpdateSSHPublicKeyOutput, error) - - UpdateServerCertificateRequest(*iam.UpdateServerCertificateInput) (*request.Request, *iam.UpdateServerCertificateOutput) - - UpdateServerCertificate(*iam.UpdateServerCertificateInput) (*iam.UpdateServerCertificateOutput, error) - - UpdateSigningCertificateRequest(*iam.UpdateSigningCertificateInput) (*request.Request, *iam.UpdateSigningCertificateOutput) - - UpdateSigningCertificate(*iam.UpdateSigningCertificateInput) (*iam.UpdateSigningCertificateOutput, error) - - UpdateUserRequest(*iam.UpdateUserInput) (*request.Request, *iam.UpdateUserOutput) - - UpdateUser(*iam.UpdateUserInput) (*iam.UpdateUserOutput, error) - - UploadSSHPublicKeyRequest(*iam.UploadSSHPublicKeyInput) (*request.Request, *iam.UploadSSHPublicKeyOutput) - - UploadSSHPublicKey(*iam.UploadSSHPublicKeyInput) (*iam.UploadSSHPublicKeyOutput, error) - - UploadServerCertificateRequest(*iam.UploadServerCertificateInput) (*request.Request, *iam.UploadServerCertificateOutput) - - UploadServerCertificate(*iam.UploadServerCertificateInput) (*iam.UploadServerCertificateOutput, error) - - UploadSigningCertificateRequest(*iam.UploadSigningCertificateInput) (*request.Request, *iam.UploadSigningCertificateOutput) - - UploadSigningCertificate(*iam.UploadSigningCertificateInput) (*iam.UploadSigningCertificateOutput, error) -} - -var _ IAMAPI = (*iam.IAM)(nil) diff --git a/Godeps/_workspace/src/github.com/aws/aws-sdk-go/service/iam/service.go b/Godeps/_workspace/src/github.com/aws/aws-sdk-go/service/iam/service.go deleted file mode 100644 index e8cfb9c6f..000000000 --- a/Godeps/_workspace/src/github.com/aws/aws-sdk-go/service/iam/service.go +++ /dev/null @@ -1,133 +0,0 @@ -// THIS FILE IS AUTOMATICALLY GENERATED. DO NOT EDIT. - -package iam - -import ( - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/client" - "github.com/aws/aws-sdk-go/aws/client/metadata" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/private/protocol/query" - "github.com/aws/aws-sdk-go/private/signer/v4" -) - -// AWS Identity and Access Management (IAM) is a web service that you can use -// to manage users and user permissions under your AWS account. This guide provides -// descriptions of IAM actions that you can call programmatically. For general -// information about IAM, see AWS Identity and Access Management (IAM) (http://aws.amazon.com/iam/). -// For the user guide for IAM, see Using IAM (http://docs.aws.amazon.com/IAM/latest/UserGuide/). -// -// AWS provides SDKs that consist of libraries and sample code for various -// programming languages and platforms (Java, Ruby, .NET, iOS, Android, etc.). -// The SDKs provide a convenient way to create programmatic access to IAM and -// AWS. For example, the SDKs take care of tasks such as cryptographically signing -// requests (see below), managing errors, and retrying requests automatically. -// For information about the AWS SDKs, including how to download and install -// them, see the Tools for Amazon Web Services (http://aws.amazon.com/tools/) -// page. We recommend that you use the AWS SDKs to make programmatic API calls -// to IAM. However, you can also use the IAM Query API to make direct calls -// to the IAM web service. To learn more about the IAM Query API, see Making -// Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) -// in the Using IAM guide. IAM supports GET and POST requests for all actions. -// That is, the API does not require you to use GET for some actions and POST -// for others. However, GET requests are subject to the limitation size of a -// URL. Therefore, for operations that require larger sizes, use a POST request. -// -// Signing Requests -// -// Requests must be signed using an access key ID and a secret access key. -// We strongly recommend that you do not use your AWS account access key ID -// and secret access key for everyday work with IAM. You can use the access -// key ID and secret access key for an IAM user or you can use the AWS Security -// Token Service to generate temporary security credentials and use those to -// sign requests. -// -// To sign requests, we recommend that you use Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). -// If you have an existing application that uses Signature Version 2, you do -// not have to update it to use Signature Version 4. However, some operations -// now require Signature Version 4. The documentation for operations that require -// version 4 indicate this requirement. -// -// Additional Resources -// -// For more information, see the following: -// -// AWS Security Credentials (http://docs.aws.amazon.com/general/latest/gr/aws-security-credentials.html). -// This topic provides general information about the types of credentials used -// for accessing AWS. IAM Best Practices (http://docs.aws.amazon.com/IAM/latest/UserGuide/IAMBestPractices.html). -// This topic presents a list of suggestions for using the IAM service to help -// secure your AWS resources. Signing AWS API Requests (http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html). -// This set of topics walk you through the process of signing a request using -// an access key ID and secret access key. -//The service client's operations are safe to be used concurrently. -// It is not safe to mutate any of the client's properties though. -type IAM struct { - *client.Client -} - -// Used for custom client initialization logic -var initClient func(*client.Client) - -// Used for custom request initialization logic -var initRequest func(*request.Request) - -// A ServiceName is the name of the service the client will make API calls to. -const ServiceName = "iam" - -// New creates a new instance of the IAM client with a session. -// If additional configuration is needed for the client instance use the optional -// aws.Config parameter to add your extra config. -// -// Example: -// // Create a IAM client from just a session. -// svc := iam.New(mySession) -// -// // Create a IAM client with additional configuration -// svc := iam.New(mySession, aws.NewConfig().WithRegion("us-west-2")) -func New(p client.ConfigProvider, cfgs ...*aws.Config) *IAM { - c := p.ClientConfig(ServiceName, cfgs...) - return newClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion) -} - -// newClient creates, initializes and returns a new service client instance. -func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegion string) *IAM { - svc := &IAM{ - Client: client.New( - cfg, - metadata.ClientInfo{ - ServiceName: ServiceName, - SigningRegion: signingRegion, - Endpoint: endpoint, - APIVersion: "2010-05-08", - }, - handlers, - ), - } - - // Handlers - svc.Handlers.Sign.PushBack(v4.Sign) - svc.Handlers.Build.PushBack(query.Build) - svc.Handlers.Unmarshal.PushBack(query.Unmarshal) - svc.Handlers.UnmarshalMeta.PushBack(query.UnmarshalMeta) - svc.Handlers.UnmarshalError.PushBack(query.UnmarshalError) - - // Run custom client initialization if present - if initClient != nil { - initClient(svc.Client) - } - - return svc -} - -// newRequest creates a new request for a IAM operation and runs any -// custom request initialization. -func (c *IAM) newRequest(op *request.Operation, params, data interface{}) *request.Request { - req := c.NewRequest(op, params, data) - - // Run custom request initialization if present - if initRequest != nil { - initRequest(req) - } - - return req -} diff --git a/Godeps/_workspace/src/github.com/aws/aws-sdk-go/service/iam/waiters.go b/Godeps/_workspace/src/github.com/aws/aws-sdk-go/service/iam/waiters.go deleted file mode 100644 index b27303052..000000000 --- a/Godeps/_workspace/src/github.com/aws/aws-sdk-go/service/iam/waiters.go +++ /dev/null @@ -1,65 +0,0 @@ -// THIS FILE IS AUTOMATICALLY GENERATED. DO NOT EDIT. - -package iam - -import ( - "github.com/aws/aws-sdk-go/private/waiter" -) - -func (c *IAM) WaitUntilInstanceProfileExists(input *GetInstanceProfileInput) error { - waiterCfg := waiter.Config{ - Operation: "GetInstanceProfile", - Delay: 1, - MaxAttempts: 40, - Acceptors: []waiter.WaitAcceptor{ - { - State: "success", - Matcher: "status", - Argument: "", - Expected: 200, - }, - { - State: "retry", - Matcher: "status", - Argument: "", - Expected: 404, - }, - }, - } - - w := waiter.Waiter{ - Client: c, - Input: input, - Config: waiterCfg, - } - return w.Wait() -} - -func (c *IAM) WaitUntilUserExists(input *GetUserInput) error { - waiterCfg := waiter.Config{ - Operation: "GetUser", - Delay: 1, - MaxAttempts: 20, - Acceptors: []waiter.WaitAcceptor{ - { - State: "success", - Matcher: "status", - Argument: "", - Expected: 200, - }, - { - State: "retry", - Matcher: "error", - Argument: "", - Expected: "NoSuchEntity", - }, - }, - } - - w := waiter.Waiter{ - Client: c, - Input: input, - Config: waiterCfg, - } - return w.Wait() -} diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/Godeps b/Godeps/_workspace/src/github.com/bgentry/heroku-go/Godeps deleted file mode 100644 index 64ac2b644..000000000 --- a/Godeps/_workspace/src/github.com/bgentry/heroku-go/Godeps +++ /dev/null @@ -1,19 +0,0 @@ -{ - "ImportPath": "github.com/bgentry/heroku-go", - "GoVersion": "go1.2", - "Deps": [ - { - "ImportPath": "code.google.com/p/go-uuid/uuid", - "Comment": "null-10", - "Rev": "5fac954758f5aa282478dc07fbb8709fe9575184" - }, - { - "ImportPath": "github.com/bgentry/testnet", - "Rev": "05450cdcf16c84d5b08dc9bb617250aa7b63c8ff" - }, - { - "ImportPath": "github.com/stretchr/testify/assert", - "Rev": "4c55a02a9da3f9b9daf583332a2a82c38a4521be" - } - ] -} diff --git a/Godeps/_workspace/src/github.com/bgentry/testnet/LICENSE b/Godeps/_workspace/src/github.com/bgentry/testnet/LICENSE new file mode 100644 index 000000000..ff177f612 --- /dev/null +++ b/Godeps/_workspace/src/github.com/bgentry/testnet/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + +TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + +1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + +2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + +3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + +4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + +5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + +6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + +7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + +8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + +9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + +END OF TERMS AND CONDITIONS + +APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + +Copyright [2013] [the CloudFoundry Authors] + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/Godeps/_workspace/src/github.com/bgentry/testnet/Readme.md b/Godeps/_workspace/src/github.com/bgentry/testnet/Readme.md new file mode 100644 index 000000000..a8b4b6e5b --- /dev/null +++ b/Godeps/_workspace/src/github.com/bgentry/testnet/Readme.md @@ -0,0 +1,13 @@ +# Testnet + +This package provides helpers for testing interactions with an HTTP API in the +Go (#golang) programming language. It allows you to test that the expected HTTP +requests are received by the `httptest.Server`, and return mock responses. + +Testnet was imported directly from the [CloudFoundry Go CLI][cf-cli]'s [test +helpers](cf-testnet). The [license](./LICENSE) has been copied exactly from the +source (though I attempted to fill in the correct owner in the boilerplate +copyright notice). + +[cf-cli]: https://github.com/cloudfoundry/cli "CloudFoundry Go CLI" +[cf-testnet]: https://github.com/cloudfoundry/cli/commits/master/src/testhelpers/net/ "CloudFoundry Go CLI testhelpers/net" diff --git a/Godeps/_workspace/src/github.com/bgentry/testnet/matcher.go b/Godeps/_workspace/src/github.com/bgentry/testnet/matcher.go new file mode 100644 index 000000000..af27635dd --- /dev/null +++ b/Godeps/_workspace/src/github.com/bgentry/testnet/matcher.go @@ -0,0 +1,36 @@ +package testnet + +import ( + "github.com/stretchr/testify/assert" + "io/ioutil" + "net/http" + "strings" + "testing" +) + +func RequestBodyMatcher(expectedBody string) RequestMatcher { + return RequestBodyMatcherWithContentType(expectedBody, "application/json") +} + +func RequestBodyMatcherWithContentType(expectedBody, expectedContentType string) RequestMatcher { + return func(t *testing.T, request *http.Request) { + bodyBytes, err := ioutil.ReadAll(request.Body) + if err != nil { + assert.Fail(t, "Error reading request body: %s", err) + } + + actualBody := string(bodyBytes) + assert.Equal(t, RemoveWhiteSpaceFromBody(actualBody), RemoveWhiteSpaceFromBody(expectedBody), "Body did not match.") + + actualContentType := request.Header.Get("content-type") + assert.Equal(t, actualContentType, expectedContentType, "Content Type did not match.") + } +} + +func RemoveWhiteSpaceFromBody(body string) string { + body = strings.Replace(body, " ", "", -1) + body = strings.Replace(body, "\n", "", -1) + body = strings.Replace(body, "\r", "", -1) + body = strings.Replace(body, "\t", "", -1) + return body +} diff --git a/Godeps/_workspace/src/github.com/bgentry/testnet/server.go b/Godeps/_workspace/src/github.com/bgentry/testnet/server.go new file mode 100644 index 000000000..62b27fec2 --- /dev/null +++ b/Godeps/_workspace/src/github.com/bgentry/testnet/server.go @@ -0,0 +1,120 @@ +// This package provides helpers for testing interactions with an HTTP API in +// the Go (#golang) programming language. It allows you to test that the +// expected HTTP requests are received by the `httptest.Server`, and return mock +// responses. +package testnet + +import ( + "fmt" + "net/http" + "net/http/httptest" + "strings" + "testing" +) + +type TestRequest struct { + Method string + Path string + Header http.Header + Matcher RequestMatcher + Response TestResponse +} + +type RequestMatcher func(*testing.T, *http.Request) + +type TestResponse struct { + Body string + Status int + Header http.Header +} + +type Handler struct { + Requests []TestRequest + CallCount int + T *testing.T +} + +func (h *Handler) AllRequestsCalled() bool { + return h.CallCount == len(h.Requests) +} + +func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) { + if len(h.Requests) <= h.CallCount { + h.logError("Index out of range! Test server called too many times. Final Request:", r.Method, r.RequestURI) + return + } + + tester := h.Requests[h.CallCount] + h.CallCount++ + + // match method + if tester.Method != r.Method { + h.logError("Method does not match.\nExpected: %s\nActual: %s", tester.Method, r.Method) + } + + // match path + paths := strings.Split(tester.Path, "?") + if paths[0] != r.URL.Path { + h.logError("Path does not match.\nExpected: %s\nActual: %s", paths[0], r.URL.Path) + } + // match query string + if len(paths) > 1 { + if !strings.Contains(r.URL.RawQuery, paths[1]) { + h.logError("Query string does not match.\nExpected: %s\nActual: %s", paths[1], r.URL.RawQuery) + } + } + + for key, values := range tester.Header { + key = http.CanonicalHeaderKey(key) + actualValues := strings.Join(r.Header[key], ";") + expectedValues := strings.Join(values, ";") + + if key == "Authorization" && !strings.Contains(actualValues, expectedValues) { + h.logError("%s header is not contained in actual value.\nExpected: %s\nActual: %s", key, expectedValues, actualValues) + } + if key != "Authorization" && actualValues != expectedValues { + h.logError("%s header did not match.\nExpected: %s\nActual: %s", key, expectedValues, actualValues) + } + } + + // match custom request matcher + if tester.Matcher != nil { + tester.Matcher(h.T, r) + } + + // set response headers + header := w.Header() + for name, values := range tester.Response.Header { + if len(values) < 1 { + continue + } + header.Set(name, values[0]) + } + + // write response + w.WriteHeader(tester.Response.Status) + fmt.Fprintln(w, tester.Response.Body) +} + +func NewServer(t *testing.T, requests []TestRequest) (s *httptest.Server, h *Handler) { + h = &Handler{ + Requests: requests, + T: t, + } + s = httptest.NewServer(h) + return +} + +func NewTLSServer(t *testing.T, requests []TestRequest) (s *httptest.Server, h *Handler) { + h = &Handler{ + Requests: requests, + T: t, + } + s = httptest.NewTLSServer(h) + return +} + +func (h *Handler) logError(msg string, args ...interface{}) { + h.T.Logf(msg, args...) + h.T.Fail() +} diff --git a/apps.go b/apps.go index 785f507e6..94eff7d71 100644 --- a/apps.go +++ b/apps.go @@ -43,11 +43,12 @@ type App struct { Repo *string - Certificates []*Certificate - // Valid values are empire.ExposePrivate and empire.ExposePublic. Exposure string + // The name of an SSL cert for the web process of this app. + Cert string + CreatedAt *time.Time } @@ -106,7 +107,6 @@ func (q AppsQuery) Scope(db *gorm.DB) *gorm.DB { // AppsFirst returns the first matching release. func (s *store) AppsFirst(scope Scope) (*App, error) { var app App - scope = ComposedScope{scope, Preload("Certificates")} return &app, s.First(scope, &app) } diff --git a/certs.go b/certs.go new file mode 100644 index 000000000..663d8038a --- /dev/null +++ b/certs.go @@ -0,0 +1,25 @@ +package empire + +import "golang.org/x/net/context" + +type certsService struct { + *Empire +} + +func (s *certsService) CertsAttach(ctx context.Context, app *App, cert string) error { + app.Cert = cert + + if err := s.store.AppsUpdate(app); err != nil { + return err + } + + if err := s.releaser.ReleaseApp(ctx, app); err != nil { + if err == ErrNoReleases { + return nil + } + + return err + } + + return nil +} diff --git a/cmd/empire/factories.go b/cmd/empire/factories.go index 671a1a863..b80e409e8 100644 --- a/cmd/empire/factories.go +++ b/cmd/empire/factories.go @@ -15,7 +15,6 @@ import ( "github.com/remind101/empire" "github.com/remind101/empire/pkg/dockerutil" "github.com/remind101/empire/pkg/runner" - "github.com/remind101/empire/pkg/sslcert" "github.com/remind101/empire/scheduler" "github.com/remind101/empire/scheduler/ecs" "github.com/remind101/pkg/reporter" @@ -51,11 +50,6 @@ func newEmpire(c *cli.Context) (*empire.Empire, error) { return nil, err } - certManager, err := newCertManager(c) - if err != nil { - return nil, err - } - logs, err := newLogsStreamer(c) if err != nil { return nil, err @@ -66,7 +60,6 @@ func newEmpire(c *cli.Context) (*empire.Empire, error) { }) e.Reporter = reporter e.Scheduler = scheduler - e.CertManager = certManager e.LogsStreamer = logs e.ExtractProcfile = empire.PullAndExtract(docker) e.Logger = newLogger() @@ -150,16 +143,6 @@ func newDockerClient(c *cli.Context) (*dockerutil.Client, error) { return dockerutil.NewClient(auth, socket, certPath) } -// CertManager ========================= - -func newCertManager(c *cli.Context) (sslcert.Manager, error) { - return newIAMCertManager(c) -} - -func newIAMCertManager(c *cli.Context) (sslcert.Manager, error) { - return sslcert.NewIAMManager(newConfigProvider(c), "/empire/certs/"), nil -} - // LogStreamer ========================= func newLogsStreamer(c *cli.Context) (empire.LogsStreamer, error) { diff --git a/docs/ssl_certs.md b/docs/ssl_certs.md index e69de29bb..35033bd67 100644 --- a/docs/ssl_certs.md +++ b/docs/ssl_certs.md @@ -0,0 +1,17 @@ +# Empire :: SSL Certs + +Empire allows you to attach IAM server certificates to an applications web process. Follow these steps to attach an SSL certificate. + +First, [upload a certificate to IAM](http://docs.aws.amazon.com/cli/latest/reference/iam/upload-server-certificate.html): + +```console +$ aws iam upload-server-certificate --server-certificate-name myServerCertificate --certificate-body file://public_key_cert_file.pem --private-key file://my_private_key.pem --certificate-chain file://my_certificate_chain_file.pem +``` + +Then attach it to the application: + +```console +$ emp certs-attach myServerCertificate -a +``` + +**Caveat**: Currently, attaching SSL certificates must happen before you deploy anything to the application (e.g. `emp create` then `emp certs-attach` immediately after). diff --git a/empire.go b/empire.go index ef71d4039..4bc50fc0a 100644 --- a/empire.go +++ b/empire.go @@ -12,7 +12,6 @@ import ( "github.com/mattes/migrate/migrate" "github.com/remind101/empire/pkg/dockerutil" "github.com/remind101/empire/pkg/image" - "github.com/remind101/empire/pkg/sslcert" "github.com/remind101/empire/procfile" "github.com/remind101/empire/scheduler" "github.com/remind101/pkg/reporter" @@ -57,7 +56,6 @@ type Empire struct { accessTokens *accessTokensService apps *appsService - certs *certificatesService configs *configsService domains *domainsService jobStates *processStatesService @@ -68,13 +66,11 @@ type Empire struct { restarter *restarter runner *runnerService slugs *slugsService + certs *certsService // Scheduler is the backend scheduler used to run applications. Scheduler scheduler.Scheduler - // CertManager is the backend used to store SSL/TLS certificates. - CertManager sslcert.Manager - // LogsStreamer is the backend used to stream application logs. LogsStreamer LogsStreamer @@ -93,7 +89,6 @@ func New(db *gorm.DB, options Options) *Empire { e.accessTokens = &accessTokensService{Secret: []byte(options.Secret)} e.apps = &appsService{Empire: e} - e.certs = &certificatesService{Empire: e} e.configs = &configsService{Empire: e} e.deployer = &deployerService{Empire: e} e.domains = &domainsService{Empire: e} @@ -104,6 +99,7 @@ func New(db *gorm.DB, options Options) *Empire { e.runner = &runnerService{Empire: e} e.releases = &releasesService{Empire: e} e.releaser = &releaser{Empire: e} + e.certs = &certsService{Empire: e} return e } @@ -137,26 +133,6 @@ func (e *Empire) AppsDestroy(ctx context.Context, app *App) error { return e.apps.AppsDestroy(ctx, app) } -// CertificatesFirst returns a certificate for the given ID -func (e *Empire) CertificatesFirst(ctx context.Context, q CertificatesQuery) (*Certificate, error) { - return e.store.CertificatesFirst(q) -} - -// CertificatesCreate creates a certificate. -func (e *Empire) CertificatesCreate(ctx context.Context, cert *Certificate) (*Certificate, error) { - return e.certs.CertificatesCreate(ctx, cert) -} - -// CertificatesUpdate updates a certificate. -func (e *Empire) CertificatesUpdate(ctx context.Context, cert *Certificate) (*Certificate, error) { - return e.certs.CertificatesUpdate(ctx, cert) -} - -// CertificatesDestroy destroys a certificate. -func (e *Empire) CertificatesDestroy(ctx context.Context, cert *Certificate) error { - return e.certs.CertificatesDestroy(ctx, cert) -} - // ConfigsCurrent returns the current Config for a given app. func (e *Empire) ConfigsCurrent(app *App) (*Config, error) { return e.configs.ConfigsCurrent(app) @@ -241,6 +217,11 @@ func (e *Empire) StreamLogs(app *App, w io.Writer) error { return e.LogsStreamer.StreamLogs(app, w) } +// CertsAttach attaches an SSL certificate to the app. +func (e *Empire) CertsAttach(ctx context.Context, app *App, cert string) error { + return e.certs.CertsAttach(ctx, app, cert) +} + // Reset resets empire. func (e *Empire) Reset() error { return e.store.Reset() diff --git a/empiretest/test.go b/empiretest/test.go index 29dda3abe..ca7cc78ac 100644 --- a/empiretest/test.go +++ b/empiretest/test.go @@ -14,7 +14,6 @@ import ( "github.com/ejholmes/flock" "github.com/remind101/empire" "github.com/remind101/empire/pkg/image" - "github.com/remind101/empire/pkg/sslcert" "github.com/remind101/empire/procfile" "github.com/remind101/empire/scheduler" "github.com/remind101/empire/server" @@ -37,7 +36,6 @@ func NewEmpire(t testing.TB) *empire.Empire { e := empire.New(db, empire.DefaultOptions) e.Scheduler = scheduler.NewFakeScheduler() - e.CertManager = sslcert.NewFakeManager() e.ExtractProcfile = ExtractProcfile if err := e.Reset(); err != nil { diff --git a/migrations/0011_move_certs.down.sql b/migrations/0011_move_certs.down.sql new file mode 100644 index 000000000..3fc3e6ede --- /dev/null +++ b/migrations/0011_move_certs.down.sql @@ -0,0 +1 @@ +ALTER TABLE apps DROP COLUMN cert text; diff --git a/migrations/0011_move_certs.up.sql b/migrations/0011_move_certs.up.sql new file mode 100644 index 000000000..857c02155 --- /dev/null +++ b/migrations/0011_move_certs.up.sql @@ -0,0 +1,2 @@ +ALTER TABLE apps ADD COLUMN cert text; +UPDATE apps SET cert = (select name from certificates where certificates.app_id = apps.id); diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/.travis.yml b/pkg/heroku/.travis.yml similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/.travis.yml rename to pkg/heroku/.travis.yml diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/LICENSE b/pkg/heroku/LICENSE similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/LICENSE rename to pkg/heroku/LICENSE diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/README.md b/pkg/heroku/README.md similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/README.md rename to pkg/heroku/README.md diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/account.go b/pkg/heroku/account.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/account.go rename to pkg/heroku/account.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/account_feature.go b/pkg/heroku/account_feature.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/account_feature.go rename to pkg/heroku/account_feature.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/addon.go b/pkg/heroku/addon.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/addon.go rename to pkg/heroku/addon.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/addon_service.go b/pkg/heroku/addon_service.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/addon_service.go rename to pkg/heroku/addon_service.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/app.go b/pkg/heroku/app.go similarity index 96% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/app.go rename to pkg/heroku/app.go index efd987ed5..0dfc54f33 100644 --- a/Godeps/_workspace/src/github.com/bgentry/heroku-go/app.go +++ b/pkg/heroku/app.go @@ -64,6 +64,9 @@ type App struct { // web URL of app WebURL string `json:"web_url"` + + // certificate for the app + Cert string `json:"cert,omitempty"` } // Create a new app. @@ -132,4 +135,6 @@ type AppUpdateOpts struct { Maintenance *bool `json:"maintenance,omitempty"` // unique name of app Name *string `json:"name,omitempty"` + // certificate for the app + Cert *string `json:"cert,omitempty"` } diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/app_feature.go b/pkg/heroku/app_feature.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/app_feature.go rename to pkg/heroku/app_feature.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/app_test.go b/pkg/heroku/app_test.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/app_test.go rename to pkg/heroku/app_test.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/app_transfer.go b/pkg/heroku/app_transfer.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/app_transfer.go rename to pkg/heroku/app_transfer.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/collaborator.go b/pkg/heroku/collaborator.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/collaborator.go rename to pkg/heroku/collaborator.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/config_var.go b/pkg/heroku/config_var.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/config_var.go rename to pkg/heroku/config_var.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/doc.go b/pkg/heroku/doc.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/doc.go rename to pkg/heroku/doc.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/domain.go b/pkg/heroku/domain.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/domain.go rename to pkg/heroku/domain.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/dyno.go b/pkg/heroku/dyno.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/dyno.go rename to pkg/heroku/dyno.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/formation.go b/pkg/heroku/formation.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/formation.go rename to pkg/heroku/formation.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/gen/gen.rb b/pkg/heroku/gen/gen.rb similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/gen/gen.rb rename to pkg/heroku/gen/gen.rb diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/gen/schema.json b/pkg/heroku/gen/schema.json similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/gen/schema.json rename to pkg/heroku/gen/schema.json diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/heroku.go b/pkg/heroku/heroku.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/heroku.go rename to pkg/heroku/heroku.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/heroku_test.go b/pkg/heroku/heroku_test.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/heroku_test.go rename to pkg/heroku/heroku_test.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/key.go b/pkg/heroku/key.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/key.go rename to pkg/heroku/key.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/log_drain.go b/pkg/heroku/log_drain.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/log_drain.go rename to pkg/heroku/log_drain.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/log_session.go b/pkg/heroku/log_session.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/log_session.go rename to pkg/heroku/log_session.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/oauth_authorization.go b/pkg/heroku/oauth_authorization.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/oauth_authorization.go rename to pkg/heroku/oauth_authorization.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/oauth_client.go b/pkg/heroku/oauth_client.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/oauth_client.go rename to pkg/heroku/oauth_client.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/oauth_token.go b/pkg/heroku/oauth_token.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/oauth_token.go rename to pkg/heroku/oauth_token.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/organization.go b/pkg/heroku/organization.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/organization.go rename to pkg/heroku/organization.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/organization_app.go b/pkg/heroku/organization_app.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/organization_app.go rename to pkg/heroku/organization_app.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/organization_app_collaborator.go b/pkg/heroku/organization_app_collaborator.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/organization_app_collaborator.go rename to pkg/heroku/organization_app_collaborator.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/organization_member.go b/pkg/heroku/organization_member.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/organization_member.go rename to pkg/heroku/organization_member.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/plan.go b/pkg/heroku/plan.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/plan.go rename to pkg/heroku/plan.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/rate_limit.go b/pkg/heroku/rate_limit.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/rate_limit.go rename to pkg/heroku/rate_limit.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/region.go b/pkg/heroku/region.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/region.go rename to pkg/heroku/region.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/release.go b/pkg/heroku/release.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/release.go rename to pkg/heroku/release.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/slug.go b/pkg/heroku/slug.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/slug.go rename to pkg/heroku/slug.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/ssl_endpoint.go b/pkg/heroku/ssl_endpoint.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/ssl_endpoint.go rename to pkg/heroku/ssl_endpoint.go diff --git a/Godeps/_workspace/src/github.com/bgentry/heroku-go/stack.go b/pkg/heroku/stack.go similarity index 100% rename from Godeps/_workspace/src/github.com/bgentry/heroku-go/stack.go rename to pkg/heroku/stack.go diff --git a/pkg/sslcert/aws.go b/pkg/sslcert/aws.go deleted file mode 100644 index 263f04c0d..000000000 --- a/pkg/sslcert/aws.go +++ /dev/null @@ -1,73 +0,0 @@ -package sslcert - -import ( - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/client" - "github.com/aws/aws-sdk-go/service/iam" -) - -type IAMManager struct { - iam *iam.IAM - path string -} - -func NewIAMManager(config client.ConfigProvider, path string) *IAMManager { - return &IAMManager{ - iam: iam.New(config), - path: path, - } -} - -func (m *IAMManager) Add(name string, cert string, key string) (string, error) { - primary, chain := SplitCertChain(cert) - input := &iam.UploadServerCertificateInput{ - CertificateBody: aws.String(primary), - PrivateKey: aws.String(key), - ServerCertificateName: aws.String(name), - Path: aws.String(m.path), - } - - if len(chain) > 0 { - input.CertificateChain = aws.String(chain) - } - - output, err := m.iam.UploadServerCertificate(input) - if err != nil { - return "", err - } - - return *output.ServerCertificateMetadata.Arn, nil -} - -func (m *IAMManager) Remove(name string) error { - _, err := m.iam.DeleteServerCertificate(&iam.DeleteServerCertificateInput{ServerCertificateName: aws.String(name)}) - if noCertificate(err) { - return nil - } - return err -} - -func (m *IAMManager) MetaData(name string) (map[string]string, error) { - data := map[string]string{} - out, err := m.iam.GetServerCertificate(&iam.GetServerCertificateInput{ServerCertificateName: aws.String(name)}) - if err != nil { - return data, err - } - - if out.ServerCertificate.ServerCertificateMetadata.Arn != nil { - data["ARN"] = *out.ServerCertificate.ServerCertificateMetadata.Arn - } - - return data, nil -} - -func noCertificate(err error) bool { - if err, ok := err.(awserr.Error); ok { - if err.Code() == "NoSuchEntity" { - return true - } - } - - return false -} diff --git a/pkg/sslcert/fake.go b/pkg/sslcert/fake.go deleted file mode 100644 index cee3800a2..000000000 --- a/pkg/sslcert/fake.go +++ /dev/null @@ -1,19 +0,0 @@ -package sslcert - -type FakeManager struct{} - -func NewFakeManager() *FakeManager { - return &FakeManager{} -} - -func (m *FakeManager) Add(name string, crt string, key string) (string, error) { - return "fake", nil -} - -func (m *FakeManager) Remove(id string) error { - return nil -} - -func (m *FakeManager) MetaData(id string) (map[string]string, error) { - return map[string]string{}, nil -} diff --git a/pkg/sslcert/sslcert.go b/pkg/sslcert/sslcert.go deleted file mode 100644 index ac44d7ca0..000000000 --- a/pkg/sslcert/sslcert.go +++ /dev/null @@ -1,33 +0,0 @@ -package sslcert - -import ( - "bytes" - "encoding/pem" -) - -type Manager interface { - // Add adds a new certificate and returns a unique id for the added certificate. - Add(name string, crt string, key string) (id string, err error) - - // Metadata returns any metadata about the certificate for the given id. - MetaData(id string) (data map[string]string, err error) - - // Remove removes the certificate for the given id. - Remove(id string) (err error) -} - -// SplitCertChain takes a complete certificate chain (including the primary cert) and -// returns two strings: the primary cert and the rest of the certificate chain, if any. -func SplitCertChain(chain string) (string, string) { - block, rest := pem.Decode([]byte(chain)) - if block == nil { - return "", "" - } - - var out bytes.Buffer - if err := pem.Encode(&out, block); err != nil { - return "", "" - } - - return out.String(), string(rest) -} diff --git a/pkg/sslcert/sslcert_test.go b/pkg/sslcert/sslcert_test.go deleted file mode 100644 index c08232863..000000000 --- a/pkg/sslcert/sslcert_test.go +++ /dev/null @@ -1,89 +0,0 @@ -package sslcert - -import "testing" - -func TestPrimaryCertFromChain(t *testing.T) { - primary := `-----BEGIN CERTIFICATE----- -MIIEdjCCA16gAwIBAgIIavTkiJZO79swDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE -BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl -cm5ldCBBdXRob3JpdHkgRzIwHhcNMTUwNDIyMTM0NjQyWhcNMTUwNzIxMDAwMDAw -WjBoMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN -TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEXMBUGA1UEAwwOd3d3 -Lmdvb2dsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAB/W1 -HE/ZA8NvB/oOrg6WN4zK6vdt9uqTpk3KAQzQ/e2qwy5WoewNmJgx9RPLIuHReTH+ -Orh8vF1jk27rC89Pns9rRsE/FVjpaefNHi3trVFbDHcVdrU6JW0XjsG1+wbL8uSU -vDMiey4ZNqUfopX3MJ6LHpFr5FgrRW1RsemTs/BfXjC4MoBdwnt6xoljh+KHzycy -8OgmCVXPONubyUKUeY/Ui9PaX0GWh5dE5uF72jG8NVPs67K7qpfmrdVSGHvRxH3P -AwA90eKlakelqCSfcrZXD8q7EsMBQvRQbbFeuh/TexdiX+8hA1PXNMEURK5y2EBz -5jAbLuuLbQPN/DqZAgMBAAGjggFBMIIBPTAdBgNVHSUEFjAUBggrBgEFBQcDAQYI -KwYBBQUHAwIwGQYDVR0RBBIwEIIOd3d3Lmdvb2dsZS5jb20waAYIKwYBBQUHAQEE -XDBaMCsGCCsGAQUFBzAChh9odHRwOi8vcGtpLmdvb2dsZS5jb20vR0lBRzIuY3J0 -MCsGCCsGAQUFBzABhh9odHRwOi8vY2xpZW50czEuZ29vZ2xlLmNvbS9vY3NwMB0G -A1UdDgQWBBSgAQj1VB+R5iA9ZysggEXxg+oRFzAMBgNVHRMBAf8EAjAAMB8GA1Ud -IwQYMBaAFErdBhYbvPZotXb1gba7Yhq6WoEvMBcGA1UdIAQQMA4wDAYKKwYBBAHW -eQIFATAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vcGtpLmdvb2dsZS5jb20vR0lB -RzIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQBlViFXxmddM6J6cVgUBHWw9nsSoJba -SuwHE3Bfo9rrgzV80MazeDaM/tdVSCCA4jD/8jyJr3jl4wtazH9fkn7oBUxYEC22 -Xy68txnKMu5LNze+eMbSs7MKSqcPd1ZdUm+3xcsnSc3bmvm/AuOd4WPueMhYdr4c -qwUht+yFSBqEp856JjxsYDlX61h9i7Kq2EAPxA+9GvT2c5j9upUXmUYVnLrx4xjX -LqbbahlsKd+fwvZZ7bFSuyFS8zs5HRfL1kuW1i79cHpuNqQmzC+DrFF2ouJi7uCR -/A6Yfa2DF67oyHZKXuogVwko+cfVe91v+aAQVyltkzAcZy/xaypI8WFj ------END CERTIFICATE----- -` - - chain := ` ------BEGIN CERTIFICATE----- -MIID8DCCAtigAwIBAgIDAjp2MA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT -MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i -YWwgQ0EwHhcNMTMwNDA1MTUxNTU1WhcNMTYxMjMxMjM1OTU5WjBJMQswCQYDVQQG -EwJVUzETMBEGA1UEChMKR29vZ2xlIEluYzElMCMGA1UEAxMcR29vZ2xlIEludGVy -bmV0IEF1dGhvcml0eSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB -AJwqBHdc2FCROgajguDYUEi8iT/xGXAaiEZ+4I/F8YnOIe5a/mENtzJEiaB0C1NP -VaTOgmKV7utZX8bhBYASxF6UP7xbSDj0U/ck5vuR6RXEz/RTDfRK/J9U3n2+oGtv -h8DQUB8oMANA2ghzUWx//zo8pzcGjr1LEQTrfSTe5vn8MXH7lNVg8y5Kr0LSy+rE -ahqyzFPdFUuLH8gZYR/Nnag+YyuENWllhMgZxUYi+FOVvuOAShDGKuy6lyARxzmZ -EASg8GF6lSWMTlJ14rbtCMoU/M4iarNOz0YDl5cDfsCx3nuvRTPPuj5xt970JSXC -DTWJnZ37DhF5iR43xa+OcmkCAwEAAaOB5zCB5DAfBgNVHSMEGDAWgBTAephojYn7 -qwVkDBF9qn1luMrMTjAdBgNVHQ4EFgQUSt0GFhu89mi1dvWBtrtiGrpagS8wEgYD -VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwNQYDVR0fBC4wLDAqoCig -JoYkaHR0cDovL2cuc3ltY2IuY29tL2NybHMvZ3RnbG9iYWwuY3JsMC4GCCsGAQUF -BwEBBCIwIDAeBggrBgEFBQcwAYYSaHR0cDovL2cuc3ltY2QuY29tMBcGA1UdIAQQ -MA4wDAYKKwYBBAHWeQIFATANBgkqhkiG9w0BAQUFAAOCAQEAJ4zP6cc7vsBv6JaE -+5xcXZDkd9uLMmCbZdiFJrW6nx7eZE4fxsggWwmfq6ngCTRFomUlNz1/Wm8gzPn6 -8R2PEAwCOsTJAXaWvpv5Fdg50cUDR3a4iowx1mDV5I/b+jzG1Zgo+ByPF5E0y8tS -etH7OiDk4Yax2BgPvtaHZI3FCiVCUe+yOLjgHdDh/Ob0r0a678C/xbQF9ZR1DP6i -vgK66oZb+TWzZvXFjYWhGiN3GhkXVBNgnwvhtJwoKvmuAjRtJZOcgqgXe/GFsNMP -WOH7sf6coaPo/ck/9Ndx3L2MpBngISMjVROPpBYCCX65r+7bU2S9cS+5Oc4wt7S8 -VOBHBw== ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIDfTCCAuagAwIBAgIDErvmMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT -MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0 -aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDIwNTIxMDQwMDAwWhcNMTgwODIxMDQwMDAw -WjBCMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UE -AxMSR2VvVHJ1c3QgR2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB -CgKCAQEA2swYYzD99BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9m -OSm9BXiLnTjoBbdqfnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIu -T8rxh0PBFpVXLVDviS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6c -JmTM386DGXHKTubU1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmR -Cw7+OC7RHQWa9k0+bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5asz -PeE4uwc2hGKceeoWMPRfwCvocWvk+QIDAQABo4HwMIHtMB8GA1UdIwQYMBaAFEjm -aPkr0rKV10fYIyAQTzOYkJ/UMB0GA1UdDgQWBBTAephojYn7qwVkDBF9qn1luMrM -TjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjA6BgNVHR8EMzAxMC+g -LaArhilodHRwOi8vY3JsLmdlb3RydXN0LmNvbS9jcmxzL3NlY3VyZWNhLmNybDBO -BgNVHSAERzBFMEMGBFUdIAAwOzA5BggrBgEFBQcCARYtaHR0cHM6Ly93d3cuZ2Vv -dHJ1c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5MA0GCSqGSIb3DQEBBQUAA4GB -AHbhEm5OSxYShjAGsoEIz/AIx8dxfmbuwu3UOx//8PDITtZDOLC5MH0Y0FWDomrL -NhGc6Ehmo21/uBPUR/6LWlxz/K7ZGzIZOKuXNBSqltLroxwUCEm2u+WR74M26x1W -b8ravHNjkOR/ez4iyz0H7V84dJzjA1BOoa+Y7mHyhD8S ------END CERTIFICATE----- -` - - pri, rest := SplitCertChain(primary + chain) - if pri != primary { - t.Errorf("SplitCertChain() => %v; want %v", pri, primary) - } - if rest != chain { - t.Errorf("SplitCertChain() => %v; want %v", rest, chain) - } -} diff --git a/releases.go b/releases.go index 91e79ac77..e3439f9b2 100644 --- a/releases.go +++ b/releases.go @@ -1,6 +1,7 @@ package empire import ( + "errors" "fmt" "time" @@ -11,6 +12,8 @@ import ( "golang.org/x/net/context" ) +var ErrNoReleases = errors.New("no releases") + // Release is a combination of a Config and a Slug, which form a deployable // release. type Release struct { @@ -94,9 +97,7 @@ func (q ReleasesQuery) DefaultRange() headerutil.Range { // ReleasesFirst returns the first matching release. func (s *store) ReleasesFirst(scope Scope) (*Release, error) { var release Release - // TODO: Wrap the store with this. Gorm blows up when preloading - // App.Certificates on a collection of releases. - scope = ComposedScope{scope, Preload("App.Certificates")} + if err := s.First(scope, &release); err != nil { return &release, err } @@ -256,6 +257,10 @@ func (r *releaser) Release(ctx context.Context, release *Release) error { func (r *releaser) ReleaseApp(ctx context.Context, app *App) error { release, err := r.store.ReleasesFirst(ReleasesQuery{App: app}) if err != nil { + if err == gorm.RecordNotFound { + return ErrNoReleases + } + return err } @@ -306,8 +311,6 @@ func newServiceProcess(release *Release, p *Process) *scheduler.Process { procExp = serviceExposure(release.App.Exposure) } - cert := serviceSSLCertName(release.App.Certificates) - return &scheduler.Process{ Type: string(p.Type), Env: env, @@ -319,7 +322,7 @@ func newServiceProcess(release *Release, p *Process) *scheduler.Process { CPUShares: uint(p.Constraints.CPUShare), Ports: ports, Exposure: procExp, - SSLCert: cert, + SSLCert: release.App.Cert, } } @@ -360,10 +363,3 @@ func serviceExposure(appExp string) (exp scheduler.Exposure) { return exp } - -func serviceSSLCertName(certs []*Certificate) (name string) { - if len(certs) > 0 { - name = certs[0].Name - } - return name -} diff --git a/server/heroku/apps.go b/server/heroku/apps.go index 33f974fb4..7fe6ccc7d 100644 --- a/server/heroku/apps.go +++ b/server/heroku/apps.go @@ -3,8 +3,8 @@ package heroku import ( "net/http" - "github.com/bgentry/heroku-go" "github.com/remind101/empire" + "github.com/remind101/empire/pkg/heroku" "github.com/remind101/pkg/httpx" "github.com/remind101/pkg/reporter" "golang.org/x/net/context" @@ -17,6 +17,7 @@ func newApp(a *empire.App) *App { Id: a.ID, Name: a.Name, CreatedAt: *a.CreatedAt, + Cert: a.Cert, } } @@ -123,6 +124,31 @@ func (h *PostApps) ServeHTTPContext(ctx context.Context, w http.ResponseWriter, return Encode(w, newApp(a)) } +type PatchApp struct { + *empire.Empire +} + +func (h *PatchApp) ServeHTTPContext(ctx context.Context, w http.ResponseWriter, r *http.Request) error { + a, err := findApp(ctx, h) + if err != nil { + return err + } + + var form heroku.AppUpdateOpts + + if err := Decode(r, &form); err != nil { + return err + } + + if form.Cert != nil { + if err := h.CertsAttach(ctx, a, *form.Cert); err != nil { + return err + } + } + + return Encode(w, newApp(a)) +} + func findApp(ctx context.Context, e interface { AppsFirst(empire.AppsQuery) (*empire.App, error) }) (*empire.App, error) { diff --git a/server/heroku/domains.go b/server/heroku/domains.go index f0847b0f8..309d0b963 100644 --- a/server/heroku/domains.go +++ b/server/heroku/domains.go @@ -4,7 +4,7 @@ import ( "fmt" "net/http" - "github.com/bgentry/heroku-go" + "github.com/remind101/empire/pkg/heroku" "github.com/jinzhu/gorm" "github.com/remind101/empire" "github.com/remind101/pkg/httpx" diff --git a/server/heroku/errors.go b/server/heroku/errors.go index 11bb1f3cf..26cf85283 100644 --- a/server/heroku/errors.go +++ b/server/heroku/errors.go @@ -3,9 +3,12 @@ package heroku import ( "net/http" + "golang.org/x/net/context" + "github.com/jinzhu/gorm" "github.com/remind101/empire" "github.com/remind101/empire/server/auth" + "github.com/remind101/pkg/httpx" ) // Named matching heroku's error codes. See @@ -36,6 +39,12 @@ var ( ID: "two_factor", Message: "Two factor code is required.", } + ErrSSLRemoved = &ErrorResource{ + Status: http.StatusNotFound, + ID: "not_found", + Message: "Support for uploading SSL certificates through Empire has been removed and replaced with certificate attachments.", + URL: "http://empire.readthedocs.org/en/latest/ssl_certs/", + } ) // ErrorResource represents the error response format that we return. @@ -83,3 +92,10 @@ func errUnauthorized(err *auth.UnauthorizedError) *ErrorResource { Message: err.Reason, } } + +// errHandler returns an httpx.Handler that responds with the given error. +func errHandler(err error) httpx.Handler { + return httpx.HandlerFunc(func(ctx context.Context, w http.ResponseWriter, r *http.Request) error { + return err + }) +} diff --git a/server/heroku/formations.go b/server/heroku/formations.go index cea22af80..d08d2cfbd 100644 --- a/server/heroku/formations.go +++ b/server/heroku/formations.go @@ -3,7 +3,7 @@ package heroku import ( "net/http" - "github.com/bgentry/heroku-go" + "github.com/remind101/empire/pkg/heroku" "github.com/remind101/empire" "golang.org/x/net/context" ) diff --git a/server/heroku/heroku.go b/server/heroku/heroku.go index 66df5d50f..aa3f9e7e8 100644 --- a/server/heroku/heroku.go +++ b/server/heroku/heroku.go @@ -23,6 +23,7 @@ func New(e *empire.Empire, authenticator auth.Authenticator) httpx.Handler { r.Handle("/apps", &GetApps{e}).Methods("GET") // hk apps r.Handle("/apps/{app}", &GetAppInfo{e}).Methods("GET") // hk info r.Handle("/apps/{app}", &DeleteApp{e}).Methods("DELETE") // hk destroy + r.Handle("/apps/{app}", &PatchApp{e}).Methods("PATCH") // hk destroy r.Handle("/apps/{app}/deploys", &DeployApp{e}).Methods("POST") // Deploy an image to an app r.Handle("/apps", &PostApps{e}).Methods("POST") // hk create r.Handle("/organizations/apps", &PostApps{e}).Methods("POST") // hk create @@ -58,10 +59,11 @@ func New(e *empire.Empire, authenticator auth.Authenticator) httpx.Handler { r.Handle("/oauth/authorizations", &PostAuthorizations{e}).Methods("POST") // SSL - r.Handle("/apps/{app}/ssl-endpoints", &GetSSLEndpoints{e}).Methods("GET") // hk ssl - r.Handle("/apps/{app}/ssl-endpoints", &PostSSLEndpoints{e}).Methods("POST") // hk ssl-cert-add - r.Handle("/apps/{app}/ssl-endpoints/{cert}", &PatchSSLEndpoint{e}).Methods("PATCH") // hk ssl-cert-add, hk ssl-cert-rollback - r.Handle("/apps/{app}/ssl-endpoints/{cert}", &DeleteSSLEndpoint{e}).Methods("DELETE") // hk ssl-destroy + sslRemoved := errHandler(ErrSSLRemoved) + r.Handle("/apps/{app}/ssl-endpoints", sslRemoved).Methods("GET") // hk ssl + r.Handle("/apps/{app}/ssl-endpoints", sslRemoved).Methods("POST") // hk ssl-cert-add + r.Handle("/apps/{app}/ssl-endpoints/{cert}", sslRemoved).Methods("PATCH") // hk ssl-cert-add, hk ssl-cert-rollback + r.Handle("/apps/{app}/ssl-endpoints/{cert}", sslRemoved).Methods("DELETE") // hk ssl-destroy // Logs r.Handle("/apps/{app}/log-sessions", &PostLogs{e}).Methods("POST") // hk log diff --git a/server/heroku/oauth.go b/server/heroku/oauth.go index ed0b0e71d..99d79f56f 100644 --- a/server/heroku/oauth.go +++ b/server/heroku/oauth.go @@ -3,7 +3,7 @@ package heroku import ( "net/http" - "github.com/bgentry/heroku-go" + "github.com/remind101/empire/pkg/heroku" "github.com/remind101/empire" "golang.org/x/net/context" ) diff --git a/server/heroku/processes.go b/server/heroku/processes.go index 65f4dab2d..4279c89b8 100644 --- a/server/heroku/processes.go +++ b/server/heroku/processes.go @@ -6,7 +6,7 @@ import ( "net/http" "time" - "github.com/bgentry/heroku-go" + "github.com/remind101/empire/pkg/heroku" "github.com/remind101/empire" streamhttp "github.com/remind101/empire/pkg/stream/http" "github.com/remind101/pkg/httpx" diff --git a/server/heroku/releases.go b/server/heroku/releases.go index 1c14a441c..30da6edea 100644 --- a/server/heroku/releases.go +++ b/server/heroku/releases.go @@ -4,7 +4,7 @@ import ( "net/http" "strconv" - "github.com/bgentry/heroku-go" + "github.com/remind101/empire/pkg/heroku" "github.com/remind101/empire" "github.com/remind101/pkg/httpx" "golang.org/x/net/context" diff --git a/server/heroku/ssl.go b/server/heroku/ssl.go deleted file mode 100644 index e9f0bc6bb..000000000 --- a/server/heroku/ssl.go +++ /dev/null @@ -1,155 +0,0 @@ -package heroku - -import ( - "net/http" - - "github.com/bgentry/heroku-go" - "github.com/jinzhu/gorm" - "github.com/remind101/empire" - "github.com/remind101/pkg/httpx" - "golang.org/x/net/context" -) - -type SSLEndpoint heroku.SSLEndpoint - -func newSSLEndpoint(cert *empire.Certificate) *SSLEndpoint { - return &SSLEndpoint{ - Id: cert.ID, - Name: cert.Name, - CertificateChain: cert.CertificateChain, - CreatedAt: *cert.CreatedAt, - UpdatedAt: *cert.UpdatedAt, - } -} - -type GetSSLEndpoints struct { - *empire.Empire -} - -func (h *GetSSLEndpoints) ServeHTTPContext(ctx context.Context, w http.ResponseWriter, r *http.Request) error { - a, err := findApp(ctx, h) - if err != nil { - return err - } - endpoints := make([]*SSLEndpoint, 0) - - cert, err := h.CertificatesFirst(ctx, empire.CertificatesQuery{App: a}) - if err != nil && err != gorm.RecordNotFound { - return err - } - - if err != gorm.RecordNotFound { - endpoints = append(endpoints, newSSLEndpoint(cert)) - } - - w.WriteHeader(200) - return Encode(w, endpoints) -} - -type PostSSLEndpointsForm struct { - CertificateChain string `json:"certificate_chain"` - Preprocess bool `json:"preprocess"` - PrivateKey string `json:"private_key"` -} - -type PostSSLEndpoints struct { - *empire.Empire -} - -func (h *PostSSLEndpoints) ServeHTTPContext(ctx context.Context, w http.ResponseWriter, r *http.Request) error { - a, err := findApp(ctx, h) - if err != nil { - return err - } - - var form PostSSLEndpointsForm - if err := Decode(r, &form); err != nil { - return err - } - - cert, err := h.CertificatesCreate(ctx, &empire.Certificate{ - AppID: a.ID, - CertificateChain: form.CertificateChain, - PrivateKey: form.PrivateKey, - }) - if err != nil { - return err - } - - w.WriteHeader(201) - return Encode(w, newSSLEndpoint(cert)) -} - -type PatchSSLEndpoint struct { - *empire.Empire -} - -func (h *PatchSSLEndpoint) ServeHTTPContext(ctx context.Context, w http.ResponseWriter, r *http.Request) error { - a, err := findApp(ctx, h) - if err != nil { - return err - } - - cert, err := findCert(ctx, a, h) - if err != nil { - return err - } - - var form PostSSLEndpointsForm - if err := Decode(r, &form); err != nil { - return err - } - - cert.CertificateChain = form.CertificateChain - cert.PrivateKey = form.PrivateKey - - cert, err = h.CertificatesUpdate(ctx, cert) - if err != nil { - return err - } - - w.WriteHeader(200) - return Encode(w, newSSLEndpoint(cert)) -} - -type DeleteSSLEndpoint struct { - *empire.Empire -} - -func (h *DeleteSSLEndpoint) ServeHTTPContext(ctx context.Context, w http.ResponseWriter, r *http.Request) error { - a, err := findApp(ctx, h) - if err != nil { - return err - } - - cert, err := findCert(ctx, a, h) - if err != nil { - return err - } - - if err := h.CertificatesDestroy(ctx, cert); err != nil { - return err - } - - w.WriteHeader(200) - return Encode(w, newSSLEndpoint(cert)) -} - -type CertFinder interface { - CertificatesFirst(ctx context.Context, q empire.CertificatesQuery) (*empire.Certificate, error) -} - -func findCert(ctx context.Context, app *empire.App, f CertFinder) (*empire.Certificate, error) { - vars := httpx.Vars(ctx) - name := vars["cert"] - - cert, err := f.CertificatesFirst(ctx, empire.CertificatesQuery{ - ID: &name, - App: app, - }) - if err != nil { - return cert, err - } - - return cert, err -} diff --git a/ssl.go b/ssl.go deleted file mode 100644 index 78ed626b5..000000000 --- a/ssl.go +++ /dev/null @@ -1,132 +0,0 @@ -package empire - -import ( - "time" - - "github.com/jinzhu/gorm" - "github.com/remind101/pkg/timex" - "golang.org/x/net/context" -) - -type Certificate struct { - ID string - Name string - CertificateChain string - PrivateKey string `sql:"-"` - CreatedAt *time.Time - UpdatedAt *time.Time - - AppID string - App *App -} - -// PreInsert implements a pre insert hook for the db interface -func (c *Certificate) BeforeCreate() error { - t := timex.Now() - c.CreatedAt = &t - c.UpdatedAt = &t - return nil -} - -// PreUpdate implements a pre insert hook for the db interface -func (c *Certificate) BeforeUpdate() error { - t := timex.Now() - c.UpdatedAt = &t - return nil -} - -type certificatesService struct { - *Empire -} - -func (s *certificatesService) CertificatesCreate(ctx context.Context, cert *Certificate) (*Certificate, error) { - id, err := s.CertManager.Add(certName(cert), cert.CertificateChain, cert.PrivateKey) - if err != nil { - return cert, err - } - - cert.Name = id - return s.store.CertificatesCreate(cert) -} - -func (s *certificatesService) CertificatesUpdate(ctx context.Context, cert *Certificate) (*Certificate, error) { - if err := s.CertManager.Remove(certName(cert)); err != nil { - return cert, err - } - id, err := s.CertManager.Add(certName(cert), cert.CertificateChain, cert.PrivateKey) - if err != nil { - return cert, err - } - - cert.Name = id - return cert, s.store.CertificatesUpdate(cert) -} - -func (s *certificatesService) CertificatesDestroy(ctx context.Context, cert *Certificate) error { - if err := s.CertManager.Remove(certName(cert)); err != nil { - return err - } - return s.store.CertificatesDestroy(cert) -} - -// certName is the cert name we pass to our cert manager. -func certName(cert *Certificate) string { - return cert.AppID -} - -// CertificatesQuery is a Scope implementation for common things to filter -// certificates by. -type CertificatesQuery struct { - // If provided, finds the certificate with the given id. - ID *string - - // If provided, filters certificates belong to the given app. - App *App -} - -// Scope implements the Scope interface. -func (q CertificatesQuery) Scope(db *gorm.DB) *gorm.DB { - var scope ComposedScope - - if q.ID != nil { - scope = append(scope, ID(*q.ID)) - } - - if q.App != nil { - scope = append(scope, ForApp(q.App)) - } - - return scope.Scope(db) -} - -// CertificatesFirst returns the first matching certificate. -func (s *store) CertificatesFirst(scope Scope) (*Certificate, error) { - var cert Certificate - return &cert, s.First(scope, &cert) -} - -// CertificatesCreate persists the certificate. -func (s *store) CertificatesCreate(cert *Certificate) (*Certificate, error) { - return certificatesCreate(s.db, cert) -} - -// CertificatesUpdate updates the certificate. -func (s *store) CertificatesUpdate(cert *Certificate) error { - return certificatesUpdate(s.db, cert) -} - -// CertificatesDestroy destroys the certificate. -func (s *store) CertificatesDestroy(cert *Certificate) error { - return certificatesDestroy(s.db, cert) -} - -func certificatesCreate(db *gorm.DB, cert *Certificate) (*Certificate, error) { - return cert, db.Create(cert).Error -} - -func certificatesUpdate(db *gorm.DB, cert *Certificate) error { - return db.Save(cert).Error -} -func certificatesDestroy(db *gorm.DB, cert *Certificate) error { - return db.Delete(cert).Error -} diff --git a/ssl_test.go b/ssl_test.go deleted file mode 100644 index 4059591cd..000000000 --- a/ssl_test.go +++ /dev/null @@ -1,16 +0,0 @@ -package empire - -import "testing" - -func TestCertificatesQuery(t *testing.T) { - id := "1234" - app := &App{ID: "4321"} - - tests := scopeTests{ - {CertificatesQuery{}, "", []interface{}{}}, - {CertificatesQuery{ID: &id}, "WHERE (id = $1)", []interface{}{id}}, - {CertificatesQuery{App: app}, "WHERE (app_id = $1)", []interface{}{app.ID}}, - } - - tests.Run(t) -} diff --git a/tests/api/api_test.go b/tests/api/api_test.go index 9656ebd88..dc1b7c909 100644 --- a/tests/api/api_test.go +++ b/tests/api/api_test.go @@ -4,7 +4,7 @@ import ( "net/http/httptest" "testing" - "github.com/bgentry/heroku-go" + "github.com/remind101/empire/pkg/heroku" "github.com/remind101/empire/empiretest" ) diff --git a/tests/api/apps_test.go b/tests/api/apps_test.go index 1a4e741a6..fa81ccc63 100644 --- a/tests/api/apps_test.go +++ b/tests/api/apps_test.go @@ -5,8 +5,9 @@ import ( "io/ioutil" "testing" - "github.com/bgentry/heroku-go" "github.com/remind101/empire" + "github.com/remind101/empire/pkg/heroku" + "github.com/stretchr/testify/assert" ) func TestAppCreate(t *testing.T) { @@ -22,6 +23,26 @@ func TestAppCreate(t *testing.T) { } } +func TestAttachCert(t *testing.T) { + c, s := NewTestClient(t) + defer s.Close() + + appName := "acme-inc" + mustAppCreate(t, c, empire.App{ + Name: appName, + }) + + cert := "serverCertificate" + app, err := c.AppUpdate(appName, &heroku.AppUpdateOpts{ + Cert: &cert, + }) + if err != nil { + t.Fatal(err) + } + + assert.Equal(t, cert, app.Cert) +} + func TestAppList(t *testing.T) { c, s := NewTestClient(t) defer s.Close() diff --git a/tests/api/configs_test.go b/tests/api/configs_test.go index 99a672fce..9660b2e65 100644 --- a/tests/api/configs_test.go +++ b/tests/api/configs_test.go @@ -4,7 +4,7 @@ import ( "reflect" "testing" - "github.com/bgentry/heroku-go" + "github.com/remind101/empire/pkg/heroku" "github.com/remind101/empire" ) diff --git a/tests/api/deploys_test.go b/tests/api/deploys_test.go index 464d6c0d9..d3e42db27 100644 --- a/tests/api/deploys_test.go +++ b/tests/api/deploys_test.go @@ -4,7 +4,7 @@ import ( "io/ioutil" "testing" - "github.com/bgentry/heroku-go" + "github.com/remind101/empire/pkg/heroku" ) type DeployForm struct { diff --git a/tests/api/formations_test.go b/tests/api/formations_test.go index 80a60af35..3c2fa51f7 100644 --- a/tests/api/formations_test.go +++ b/tests/api/formations_test.go @@ -3,7 +3,7 @@ package api_test import ( "testing" - "github.com/bgentry/heroku-go" + "github.com/remind101/empire/pkg/heroku" ) func TestFormationBatchUpdate(t *testing.T) { diff --git a/tests/api/processes_test.go b/tests/api/processes_test.go index 991f5cd50..b9b35804c 100644 --- a/tests/api/processes_test.go +++ b/tests/api/processes_test.go @@ -3,7 +3,7 @@ package api_test import ( "testing" - "github.com/bgentry/heroku-go" + "github.com/remind101/empire/pkg/heroku" ) func TestProcessesGet(t *testing.T) { diff --git a/tests/api/releases_test.go b/tests/api/releases_test.go index 2f01a8daf..1457fda66 100644 --- a/tests/api/releases_test.go +++ b/tests/api/releases_test.go @@ -3,7 +3,7 @@ package api_test import ( "testing" - "github.com/bgentry/heroku-go" + "github.com/remind101/empire/pkg/heroku" ) func TestReleaseList(t *testing.T) { diff --git a/tests/api/ssl_test.go b/tests/api/ssl_test.go deleted file mode 100644 index 9e36668dc..000000000 --- a/tests/api/ssl_test.go +++ /dev/null @@ -1,55 +0,0 @@ -package api_test - -import ( - "testing" - - "github.com/bgentry/heroku-go" - "github.com/remind101/empire" -) - -func TestSSLEndpoint(t *testing.T) { - c, s := NewTestClient(t) - defer s.Close() - - mustAppCreate(t, c, empire.App{Name: "acme-inc"}) - mustSSLEndpointsCreate(t, c, "acme-inc", "CertificateChain", "PrivateKey") - - endpoints := mustSSLEndpointsList(t, c, "acme-inc") - - if len(endpoints) != 1 { - t.Fatal("Expected an SSL endpoint") - } - - if got, want := endpoints[0].Name, "fake"; got != want { - t.Fatalf("Name => %s; want %s", got, want) - } - - mustSSLEndpointsDelete(t, c, "acme-inc", endpoints[0].Id) - - endpoints = mustSSLEndpointsList(t, c, "acme-inc") - if len(endpoints) != 0 { - t.Fatal("Expected no SSL endpoints") - } -} - -func mustSSLEndpointsCreate(t *testing.T, c *heroku.Client, app string, cert string, key string) *heroku.SSLEndpoint { - e, err := c.SSLEndpointCreate(app, cert, key, nil) - if err != nil { - t.Fatal(err) - } - return e -} - -func mustSSLEndpointsList(t *testing.T, c *heroku.Client, app string) []heroku.SSLEndpoint { - e, err := c.SSLEndpointList(app, nil) - if err != nil { - t.Fatal(err) - } - return e -} - -func mustSSLEndpointsDelete(t *testing.T, c *heroku.Client, app string, cert string) { - if err := c.SSLEndpointDelete(app, cert); err != nil { - t.Fatal(err) - } -} diff --git a/tests/cli/ssl_test.go b/tests/cli/ssl_test.go deleted file mode 100644 index a68676830..000000000 --- a/tests/cli/ssl_test.go +++ /dev/null @@ -1,37 +0,0 @@ -package cli_test - -import ( - "fmt" - "io/ioutil" - "os" - "testing" -) - -func TestSSLCertAdd(t *testing.T) { - crt := mustCreateTempfile(t, "server.crt") - key := mustCreateTempfile(t, "server.key") - - defer os.Remove(crt.Name()) - defer os.Remove(key.Name()) - - run(t, []Command{ - DeployCommand("latest", "v1"), - { - fmt.Sprintf("ssl-cert-add -a acme-inc %s %s", crt.Name(), key.Name()), - `Added cert for acme-inc.`, - }, - { - `set FOO=bar -a acme-inc`, // Trigger a release - `Set env vars and restarted acme-inc.`, - }, - }) -} - -func mustCreateTempfile(t *testing.T, name string) *os.File { - f, err := ioutil.TempFile("", name) - if err != nil { - t.Fatal(err) - } - - return f -} diff --git a/tests/empire/README.md b/tests/empire/README.md new file mode 100644 index 000000000..01f92c775 --- /dev/null +++ b/tests/empire/README.md @@ -0,0 +1 @@ +These are integration tests against the public API for `empire.Empire`. They primarily check that Empire interacts with the scheduling backend correctly. diff --git a/tests/empire/empire_test.go b/tests/empire/empire_test.go new file mode 100644 index 000000000..17603f9c9 --- /dev/null +++ b/tests/empire/empire_test.go @@ -0,0 +1,43 @@ +package empire_test + +import ( + "testing" + + "golang.org/x/net/context" + + "github.com/remind101/empire" + "github.com/remind101/empire/empiretest" + "github.com/remind101/empire/scheduler" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/mock" +) + +// Run the tests with empiretest.Run, which will lock access to the database +// since it can't be shared by parallel tests. +func TestMain(m *testing.M) { + empiretest.Run(m) +} + +func TestEmpire_CertsAttach(t *testing.T) { + e := empiretest.NewEmpire(t) + s := new(mockScheduler) + e.Scheduler = s + + app, err := e.AppsCreate(&empire.App{ + Name: "acme-inc", + }) + assert.NoError(t, err) + + cert := "serverCertificate" + err = e.CertsAttach(context.Background(), app, cert) + assert.NoError(t, err) + + app, err = e.AppsFirst(empire.AppsQuery{ID: &app.ID}) + assert.NoError(t, err) + assert.Equal(t, cert, app.Cert) +} + +type mockScheduler struct { + scheduler.Scheduler + mock.Mock +}