iam

package
v1.13.30-0...-9126c90 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 5, 2018 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Overview

Package iam provides the client and types for making API requests to AWS Identity and Access Management.

AWS Identity and Access Management (IAM) is a web service that you can use to manage users and user permissions under your AWS account. This guide provides descriptions of IAM actions that you can call programmatically. For general information about IAM, see AWS Identity and Access Management (IAM) (http://aws.amazon.com/iam/). For the user guide for IAM, see Using IAM (http://docs.aws.amazon.com/IAM/latest/UserGuide/).

AWS provides SDKs that consist of libraries and sample code for various programming languages and platforms (Java, Ruby, .NET, iOS, Android, etc.). The SDKs provide a convenient way to create programmatic access to IAM and AWS. For example, the SDKs take care of tasks such as cryptographically signing requests (see below), managing errors, and retrying requests automatically. For information about the AWS SDKs, including how to download and install them, see the Tools for Amazon Web Services (http://aws.amazon.com/tools/) page.

We recommend that you use the AWS SDKs to make programmatic API calls to IAM. However, you can also use the IAM Query API to make direct calls to the IAM web service. To learn more about the IAM Query API, see Making Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) in the Using IAM guide. IAM supports GET and POST requests for all actions. That is, the API does not require you to use GET for some actions and POST for others. However, GET requests are subject to the limitation size of a URL. Therefore, for operations that require larger sizes, use a POST request.

Signing Requests

Requests must be signed using an access key ID and a secret access key. We strongly recommend that you do not use your AWS account access key ID and secret access key for everyday work with IAM. You can use the access key ID and secret access key for an IAM user or you can use the AWS Security Token Service to generate temporary security credentials and use those to sign requests.

To sign requests, we recommend that you use Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html). If you have an existing application that uses Signature Version 2, you do not have to update it to use Signature Version 4. However, some operations now require Signature Version 4. The documentation for operations that require version 4 indicate this requirement.

Additional Resources

For more information, see the following:

See https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08 for more information on this service.

See iam package documentation for more information. https://docs.aws.amazon.com/sdk-for-go/api/service/iam/

Using the Client

To contact AWS Identity and Access Management with the SDK use the New function to create a new service client. With that client you can make API requests to the service. These clients are safe to use concurrently.

See the SDK's documentation for more information on how to use the SDK. https://docs.aws.amazon.com/sdk-for-go/api/

See aws.Config documentation for more information on configuring SDK clients. https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config

See the AWS Identity and Access Management client IAM for more information on creating client for this service. https://docs.aws.amazon.com/sdk-for-go/api/service/iam/#New

Index

Examples

Constants

View Source
const (
	// ContextKeyTypeEnumString is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumString = "string"

	// ContextKeyTypeEnumStringList is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumStringList = "stringList"

	// ContextKeyTypeEnumNumeric is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumNumeric = "numeric"

	// ContextKeyTypeEnumNumericList is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumNumericList = "numericList"

	// ContextKeyTypeEnumBoolean is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumBoolean = "boolean"

	// ContextKeyTypeEnumBooleanList is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumBooleanList = "booleanList"

	// ContextKeyTypeEnumIp is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumIp = "ip"

	// ContextKeyTypeEnumIpList is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumIpList = "ipList"

	// ContextKeyTypeEnumBinary is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumBinary = "binary"

	// ContextKeyTypeEnumBinaryList is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumBinaryList = "binaryList"

	// ContextKeyTypeEnumDate is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumDate = "date"

	// ContextKeyTypeEnumDateList is a ContextKeyTypeEnum enum value
	ContextKeyTypeEnumDateList = "dateList"
)
View Source
const (
	// DeletionTaskStatusTypeSucceeded is a DeletionTaskStatusType enum value
	DeletionTaskStatusTypeSucceeded = "SUCCEEDED"

	// DeletionTaskStatusTypeInProgress is a DeletionTaskStatusType enum value
	DeletionTaskStatusTypeInProgress = "IN_PROGRESS"

	// DeletionTaskStatusTypeFailed is a DeletionTaskStatusType enum value
	DeletionTaskStatusTypeFailed = "FAILED"

	// DeletionTaskStatusTypeNotStarted is a DeletionTaskStatusType enum value
	DeletionTaskStatusTypeNotStarted = "NOT_STARTED"
)
View Source
const (
	// EntityTypeUser is a EntityType enum value
	EntityTypeUser = "User"

	// EntityTypeRole is a EntityType enum value
	EntityTypeRole = "Role"

	// EntityTypeGroup is a EntityType enum value
	EntityTypeGroup = "Group"

	// EntityTypeLocalManagedPolicy is a EntityType enum value
	EntityTypeLocalManagedPolicy = "LocalManagedPolicy"

	// EntityTypeAwsmanagedPolicy is a EntityType enum value
	EntityTypeAwsmanagedPolicy = "AWSManagedPolicy"
)
View Source
const (
	// PolicyEvaluationDecisionTypeAllowed is a PolicyEvaluationDecisionType enum value
	PolicyEvaluationDecisionTypeAllowed = "allowed"

	// PolicyEvaluationDecisionTypeExplicitDeny is a PolicyEvaluationDecisionType enum value
	PolicyEvaluationDecisionTypeExplicitDeny = "explicitDeny"

	// PolicyEvaluationDecisionTypeImplicitDeny is a PolicyEvaluationDecisionType enum value
	PolicyEvaluationDecisionTypeImplicitDeny = "implicitDeny"
)
View Source
const (
	// PolicySourceTypeUser is a PolicySourceType enum value
	PolicySourceTypeUser = "user"

	// PolicySourceTypeGroup is a PolicySourceType enum value
	PolicySourceTypeGroup = "group"

	// PolicySourceTypeRole is a PolicySourceType enum value
	PolicySourceTypeRole = "role"

	// PolicySourceTypeAwsManaged is a PolicySourceType enum value
	PolicySourceTypeAwsManaged = "aws-managed"

	// PolicySourceTypeUserManaged is a PolicySourceType enum value
	PolicySourceTypeUserManaged = "user-managed"

	// PolicySourceTypeResource is a PolicySourceType enum value
	PolicySourceTypeResource = "resource"

	// PolicySourceTypeNone is a PolicySourceType enum value
	PolicySourceTypeNone = "none"
)
View Source
const (
	// ReportStateTypeStarted is a ReportStateType enum value
	ReportStateTypeStarted = "STARTED"

	// ReportStateTypeInprogress is a ReportStateType enum value
	ReportStateTypeInprogress = "INPROGRESS"

	// ReportStateTypeComplete is a ReportStateType enum value
	ReportStateTypeComplete = "COMPLETE"
)
View Source
const (
	// AssignmentStatusTypeAssigned is a assignmentStatusType enum value
	AssignmentStatusTypeAssigned = "Assigned"

	// AssignmentStatusTypeUnassigned is a assignmentStatusType enum value
	AssignmentStatusTypeUnassigned = "Unassigned"

	// AssignmentStatusTypeAny is a assignmentStatusType enum value
	AssignmentStatusTypeAny = "Any"
)
View Source
const (
	// EncodingTypeSsh is a encodingType enum value
	EncodingTypeSsh = "SSH"

	// EncodingTypePem is a encodingType enum value
	EncodingTypePem = "PEM"
)
View Source
const (
	// PolicyScopeTypeAll is a policyScopeType enum value
	PolicyScopeTypeAll = "All"

	// PolicyScopeTypeAws is a policyScopeType enum value
	PolicyScopeTypeAws = "AWS"

	// PolicyScopeTypeLocal is a policyScopeType enum value
	PolicyScopeTypeLocal = "Local"
)
View Source
const (
	// StatusTypeActive is a statusType enum value
	StatusTypeActive = "Active"

	// StatusTypeInactive is a statusType enum value
	StatusTypeInactive = "Inactive"
)
View Source
const (
	// SummaryKeyTypeUsers is a summaryKeyType enum value
	SummaryKeyTypeUsers = "Users"

	// SummaryKeyTypeUsersQuota is a summaryKeyType enum value
	SummaryKeyTypeUsersQuota = "UsersQuota"

	// SummaryKeyTypeGroups is a summaryKeyType enum value
	SummaryKeyTypeGroups = "Groups"

	// SummaryKeyTypeGroupsQuota is a summaryKeyType enum value
	SummaryKeyTypeGroupsQuota = "GroupsQuota"

	// SummaryKeyTypeServerCertificates is a summaryKeyType enum value
	SummaryKeyTypeServerCertificates = "ServerCertificates"

	// SummaryKeyTypeServerCertificatesQuota is a summaryKeyType enum value
	SummaryKeyTypeServerCertificatesQuota = "ServerCertificatesQuota"

	// SummaryKeyTypeUserPolicySizeQuota is a summaryKeyType enum value
	SummaryKeyTypeUserPolicySizeQuota = "UserPolicySizeQuota"

	// SummaryKeyTypeGroupPolicySizeQuota is a summaryKeyType enum value
	SummaryKeyTypeGroupPolicySizeQuota = "GroupPolicySizeQuota"

	// SummaryKeyTypeGroupsPerUserQuota is a summaryKeyType enum value
	SummaryKeyTypeGroupsPerUserQuota = "GroupsPerUserQuota"

	// SummaryKeyTypeSigningCertificatesPerUserQuota is a summaryKeyType enum value
	SummaryKeyTypeSigningCertificatesPerUserQuota = "SigningCertificatesPerUserQuota"

	// SummaryKeyTypeAccessKeysPerUserQuota is a summaryKeyType enum value
	SummaryKeyTypeAccessKeysPerUserQuota = "AccessKeysPerUserQuota"

	// SummaryKeyTypeMfadevices is a summaryKeyType enum value
	SummaryKeyTypeMfadevices = "MFADevices"

	// SummaryKeyTypeMfadevicesInUse is a summaryKeyType enum value
	SummaryKeyTypeMfadevicesInUse = "MFADevicesInUse"

	// SummaryKeyTypeAccountMfaenabled is a summaryKeyType enum value
	SummaryKeyTypeAccountMfaenabled = "AccountMFAEnabled"

	// SummaryKeyTypeAccountAccessKeysPresent is a summaryKeyType enum value
	SummaryKeyTypeAccountAccessKeysPresent = "AccountAccessKeysPresent"

	// SummaryKeyTypeAccountSigningCertificatesPresent is a summaryKeyType enum value
	SummaryKeyTypeAccountSigningCertificatesPresent = "AccountSigningCertificatesPresent"

	// SummaryKeyTypeAttachedPoliciesPerGroupQuota is a summaryKeyType enum value
	SummaryKeyTypeAttachedPoliciesPerGroupQuota = "AttachedPoliciesPerGroupQuota"

	// SummaryKeyTypeAttachedPoliciesPerRoleQuota is a summaryKeyType enum value
	SummaryKeyTypeAttachedPoliciesPerRoleQuota = "AttachedPoliciesPerRoleQuota"

	// SummaryKeyTypeAttachedPoliciesPerUserQuota is a summaryKeyType enum value
	SummaryKeyTypeAttachedPoliciesPerUserQuota = "AttachedPoliciesPerUserQuota"

	// SummaryKeyTypePolicies is a summaryKeyType enum value
	SummaryKeyTypePolicies = "Policies"

	// SummaryKeyTypePoliciesQuota is a summaryKeyType enum value
	SummaryKeyTypePoliciesQuota = "PoliciesQuota"

	// SummaryKeyTypePolicySizeQuota is a summaryKeyType enum value
	SummaryKeyTypePolicySizeQuota = "PolicySizeQuota"

	// SummaryKeyTypePolicyVersionsInUse is a summaryKeyType enum value
	SummaryKeyTypePolicyVersionsInUse = "PolicyVersionsInUse"

	// SummaryKeyTypePolicyVersionsInUseQuota is a summaryKeyType enum value
	SummaryKeyTypePolicyVersionsInUseQuota = "PolicyVersionsInUseQuota"

	// SummaryKeyTypeVersionsPerPolicyQuota is a summaryKeyType enum value
	SummaryKeyTypeVersionsPerPolicyQuota = "VersionsPerPolicyQuota"
)
View Source
const (

	// ErrCodeCredentialReportExpiredException for service response error code
	// "ReportExpired".
	//
	// The request was rejected because the most recent credential report has expired.
	// To generate a new credential report, use GenerateCredentialReport. For more
	// information about credential report expiration, see Getting Credential Reports
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
	// in the IAM User Guide.
	ErrCodeCredentialReportExpiredException = "ReportExpired"

	// ErrCodeCredentialReportNotPresentException for service response error code
	// "ReportNotPresent".
	//
	// The request was rejected because the credential report does not exist. To
	// generate a credential report, use GenerateCredentialReport.
	ErrCodeCredentialReportNotPresentException = "ReportNotPresent"

	// ErrCodeCredentialReportNotReadyException for service response error code
	// "ReportInProgress".
	//
	// The request was rejected because the credential report is still being generated.
	ErrCodeCredentialReportNotReadyException = "ReportInProgress"

	// ErrCodeDeleteConflictException for service response error code
	// "DeleteConflict".
	//
	// The request was rejected because it attempted to delete a resource that has
	// attached subordinate entities. The error message describes these entities.
	ErrCodeDeleteConflictException = "DeleteConflict"

	// ErrCodeDuplicateCertificateException for service response error code
	// "DuplicateCertificate".
	//
	// The request was rejected because the same certificate is associated with
	// an IAM user in the account.
	ErrCodeDuplicateCertificateException = "DuplicateCertificate"

	// ErrCodeDuplicateSSHPublicKeyException for service response error code
	// "DuplicateSSHPublicKey".
	//
	// The request was rejected because the SSH public key is already associated
	// with the specified IAM user.
	ErrCodeDuplicateSSHPublicKeyException = "DuplicateSSHPublicKey"

	// ErrCodeEntityAlreadyExistsException for service response error code
	// "EntityAlreadyExists".
	//
	// The request was rejected because it attempted to create a resource that already
	// exists.
	ErrCodeEntityAlreadyExistsException = "EntityAlreadyExists"

	// ErrCodeEntityTemporarilyUnmodifiableException for service response error code
	// "EntityTemporarilyUnmodifiable".
	//
	// The request was rejected because it referenced an entity that is temporarily
	// unmodifiable, such as a user name that was deleted and then recreated. The
	// error indicates that the request is likely to succeed if you try again after
	// waiting several minutes. The error message describes the entity.
	ErrCodeEntityTemporarilyUnmodifiableException = "EntityTemporarilyUnmodifiable"

	// ErrCodeInvalidAuthenticationCodeException for service response error code
	// "InvalidAuthenticationCode".
	//
	// The request was rejected because the authentication code was not recognized.
	// The error message describes the specific error.
	ErrCodeInvalidAuthenticationCodeException = "InvalidAuthenticationCode"

	// ErrCodeInvalidCertificateException for service response error code
	// "InvalidCertificate".
	//
	// The request was rejected because the certificate is invalid.
	ErrCodeInvalidCertificateException = "InvalidCertificate"

	// ErrCodeInvalidInputException for service response error code
	// "InvalidInput".
	//
	// The request was rejected because an invalid or out-of-range value was supplied
	// for an input parameter.
	ErrCodeInvalidInputException = "InvalidInput"

	// ErrCodeInvalidPublicKeyException for service response error code
	// "InvalidPublicKey".
	//
	// The request was rejected because the public key is malformed or otherwise
	// invalid.
	ErrCodeInvalidPublicKeyException = "InvalidPublicKey"

	// ErrCodeInvalidUserTypeException for service response error code
	// "InvalidUserType".
	//
	// The request was rejected because the type of user for the transaction was
	// incorrect.
	ErrCodeInvalidUserTypeException = "InvalidUserType"

	// ErrCodeKeyPairMismatchException for service response error code
	// "KeyPairMismatch".
	//
	// The request was rejected because the public key certificate and the private
	// key do not match.
	ErrCodeKeyPairMismatchException = "KeyPairMismatch"

	// ErrCodeLimitExceededException for service response error code
	// "LimitExceeded".
	//
	// The request was rejected because it attempted to create resources beyond
	// the current AWS account limits. The error message describes the limit exceeded.
	ErrCodeLimitExceededException = "LimitExceeded"

	// ErrCodeMalformedCertificateException for service response error code
	// "MalformedCertificate".
	//
	// The request was rejected because the certificate was malformed or expired.
	// The error message describes the specific error.
	ErrCodeMalformedCertificateException = "MalformedCertificate"

	// ErrCodeMalformedPolicyDocumentException for service response error code
	// "MalformedPolicyDocument".
	//
	// The request was rejected because the policy document was malformed. The error
	// message describes the specific error.
	ErrCodeMalformedPolicyDocumentException = "MalformedPolicyDocument"

	// ErrCodeNoSuchEntityException for service response error code
	// "NoSuchEntity".
	//
	// The request was rejected because it referenced an entity that does not exist.
	// The error message describes the entity.
	ErrCodeNoSuchEntityException = "NoSuchEntity"

	// ErrCodePasswordPolicyViolationException for service response error code
	// "PasswordPolicyViolation".
	//
	// The request was rejected because the provided password did not meet the requirements
	// imposed by the account password policy.
	ErrCodePasswordPolicyViolationException = "PasswordPolicyViolation"

	// ErrCodePolicyEvaluationException for service response error code
	// "PolicyEvaluation".
	//
	// The request failed because a provided policy could not be successfully evaluated.
	// An additional detailed message indicates the source of the failure.
	ErrCodePolicyEvaluationException = "PolicyEvaluation"

	// ErrCodePolicyNotAttachableException for service response error code
	// "PolicyNotAttachable".
	//
	// The request failed because AWS service role policies can only be attached
	// to the service-linked role for that service.
	ErrCodePolicyNotAttachableException = "PolicyNotAttachable"

	// ErrCodeServiceFailureException for service response error code
	// "ServiceFailure".
	//
	// The request processing has failed because of an unknown error, exception
	// or failure.
	ErrCodeServiceFailureException = "ServiceFailure"

	// ErrCodeServiceNotSupportedException for service response error code
	// "NotSupportedService".
	//
	// The specified service does not support service-specific credentials.
	ErrCodeServiceNotSupportedException = "NotSupportedService"

	// ErrCodeUnmodifiableEntityException for service response error code
	// "UnmodifiableEntity".
	//
	// The request was rejected because only the service that depends on the service-linked
	// role can modify or delete the role on your behalf. The error message includes
	// the name of the service that depends on this service-linked role. You must
	// request the change through that service.
	ErrCodeUnmodifiableEntityException = "UnmodifiableEntity"

	// ErrCodeUnrecognizedPublicKeyEncodingException for service response error code
	// "UnrecognizedPublicKeyEncoding".
	//
	// The request was rejected because the public key encoding format is unsupported
	// or unrecognized.
	ErrCodeUnrecognizedPublicKeyEncodingException = "UnrecognizedPublicKeyEncoding"
)
View Source
const (
	ServiceName = "iam"       // Service endpoint prefix API calls made to.
	EndpointsID = ServiceName // Service ID for Regions and Endpoints metadata.
)

Service information constants

View Source
const (
	// ReportFormatTypeTextCsv is a ReportFormatType enum value
	ReportFormatTypeTextCsv = "text/csv"
)

Variables

This section is empty.

Functions

This section is empty.

Types

type AccessKey

type AccessKey struct {

	// The ID for this access key.
	//
	// AccessKeyId is a required field
	AccessKeyId *string `min:"16" type:"string" required:"true"`

	// The date when the access key was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The secret key used to sign requests.
	//
	// SecretAccessKey is a required field
	SecretAccessKey *string `type:"string" required:"true"`

	// The status of the access key. Active means that the key is valid for API
	// calls, while Inactive means it is not.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The name of the IAM user that the access key is associated with.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an AWS access key.

This data type is used as a response element in the CreateAccessKey and ListAccessKeys operations.

The SecretAccessKey value is returned only in response to CreateAccessKey. You can get a secret access key only when you first create an access key; you cannot recover the secret access key later. If you lose a secret access key, you must create a new access key.

func (AccessKey) GoString

func (s AccessKey) GoString() string

GoString returns the string representation

func (*AccessKey) SetAccessKeyId

func (s *AccessKey) SetAccessKeyId(v string) *AccessKey

SetAccessKeyId sets the AccessKeyId field's value.

func (*AccessKey) SetCreateDate

func (s *AccessKey) SetCreateDate(v time.Time) *AccessKey

SetCreateDate sets the CreateDate field's value.

func (*AccessKey) SetSecretAccessKey

func (s *AccessKey) SetSecretAccessKey(v string) *AccessKey

SetSecretAccessKey sets the SecretAccessKey field's value.

func (*AccessKey) SetStatus

func (s *AccessKey) SetStatus(v string) *AccessKey

SetStatus sets the Status field's value.

func (*AccessKey) SetUserName

func (s *AccessKey) SetUserName(v string) *AccessKey

SetUserName sets the UserName field's value.

func (AccessKey) String

func (s AccessKey) String() string

String returns the string representation

type AccessKeyLastUsed

type AccessKeyLastUsed struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the access key was most recently used. This field is null in the following
	// situations:
	//
	//    * The user does not have an access key.
	//
	//    * An access key exists but has never been used, at least not since IAM
	//    started tracking this information on April 22nd, 2015.
	//
	//    * There is no sign-in data associated with the user
	//
	// LastUsedDate is a required field
	LastUsedDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The AWS region where this access key was most recently used. This field is
	// displays "N/A" in the following situations:
	//
	//    * The user does not have an access key.
	//
	//    * An access key exists but has never been used, at least not since IAM
	//    started tracking this information on April 22nd, 2015.
	//
	//    * There is no sign-in data associated with the user
	//
	// For more information about AWS regions, see Regions and Endpoints (http://docs.aws.amazon.com/general/latest/gr/rande.html)
	// in the Amazon Web Services General Reference.
	//
	// Region is a required field
	Region *string `type:"string" required:"true"`

	// The name of the AWS service with which this access key was most recently
	// used. This field displays "N/A" in the following situations:
	//
	//    * The user does not have an access key.
	//
	//    * An access key exists but has never been used, at least not since IAM
	//    started tracking this information on April 22nd, 2015.
	//
	//    * There is no sign-in data associated with the user
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about the last time an AWS access key was used.

This data type is used as a response element in the GetAccessKeyLastUsed operation.

func (AccessKeyLastUsed) GoString

func (s AccessKeyLastUsed) GoString() string

GoString returns the string representation

func (*AccessKeyLastUsed) SetLastUsedDate

func (s *AccessKeyLastUsed) SetLastUsedDate(v time.Time) *AccessKeyLastUsed

SetLastUsedDate sets the LastUsedDate field's value.

func (*AccessKeyLastUsed) SetRegion

func (s *AccessKeyLastUsed) SetRegion(v string) *AccessKeyLastUsed

SetRegion sets the Region field's value.

func (*AccessKeyLastUsed) SetServiceName

func (s *AccessKeyLastUsed) SetServiceName(v string) *AccessKeyLastUsed

SetServiceName sets the ServiceName field's value.

func (AccessKeyLastUsed) String

func (s AccessKeyLastUsed) String() string

String returns the string representation

type AccessKeyMetadata

type AccessKeyMetadata struct {

	// The ID for this access key.
	AccessKeyId *string `min:"16" type:"string"`

	// The date when the access key was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The status of the access key. Active means the key is valid for API calls;
	// Inactive means it is not.
	Status *string `type:"string" enum:"statusType"`

	// The name of the IAM user that the key is associated with.
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about an AWS access key, without its secret key.

This data type is used as a response element in the ListAccessKeys operation.

func (AccessKeyMetadata) GoString

func (s AccessKeyMetadata) GoString() string

GoString returns the string representation

func (*AccessKeyMetadata) SetAccessKeyId

func (s *AccessKeyMetadata) SetAccessKeyId(v string) *AccessKeyMetadata

SetAccessKeyId sets the AccessKeyId field's value.

func (*AccessKeyMetadata) SetCreateDate

func (s *AccessKeyMetadata) SetCreateDate(v time.Time) *AccessKeyMetadata

SetCreateDate sets the CreateDate field's value.

func (*AccessKeyMetadata) SetStatus

func (s *AccessKeyMetadata) SetStatus(v string) *AccessKeyMetadata

SetStatus sets the Status field's value.

func (*AccessKeyMetadata) SetUserName

func (s *AccessKeyMetadata) SetUserName(v string) *AccessKeyMetadata

SetUserName sets the UserName field's value.

func (AccessKeyMetadata) String

func (s AccessKeyMetadata) String() string

String returns the string representation

type AddClientIDToOpenIDConnectProviderInput

type AddClientIDToOpenIDConnectProviderInput struct {

	// The client ID (also known as audience) to add to the IAM OpenID Connect provider
	// resource.
	//
	// ClientID is a required field
	ClientID *string `min:"1" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the IAM OpenID Connect (OIDC) provider
	// resource to add the client ID to. You can get a list of OIDC provider ARNs
	// by using the ListOpenIDConnectProviders operation.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AddClientIDToOpenIDConnectProviderInput) GoString

GoString returns the string representation

func (*AddClientIDToOpenIDConnectProviderInput) SetClientID

SetClientID sets the ClientID field's value.

func (*AddClientIDToOpenIDConnectProviderInput) SetOpenIDConnectProviderArn

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (AddClientIDToOpenIDConnectProviderInput) String

String returns the string representation

func (*AddClientIDToOpenIDConnectProviderInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type AddClientIDToOpenIDConnectProviderOutput

type AddClientIDToOpenIDConnectProviderOutput struct {
	// contains filtered or unexported fields
}

func (AddClientIDToOpenIDConnectProviderOutput) GoString

GoString returns the string representation

func (AddClientIDToOpenIDConnectProviderOutput) String

String returns the string representation

type AddRoleToInstanceProfileInput

type AddRoleToInstanceProfileInput struct {

	// The name of the instance profile to update.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`

	// The name of the role to add.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AddRoleToInstanceProfileInput) GoString

GoString returns the string representation

func (*AddRoleToInstanceProfileInput) SetInstanceProfileName

SetInstanceProfileName sets the InstanceProfileName field's value.

func (*AddRoleToInstanceProfileInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (AddRoleToInstanceProfileInput) String

String returns the string representation

func (*AddRoleToInstanceProfileInput) Validate

func (s *AddRoleToInstanceProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AddRoleToInstanceProfileOutput

type AddRoleToInstanceProfileOutput struct {
	// contains filtered or unexported fields
}

func (AddRoleToInstanceProfileOutput) GoString

GoString returns the string representation

func (AddRoleToInstanceProfileOutput) String

String returns the string representation

type AddUserToGroupInput

type AddUserToGroupInput struct {

	// The name of the group to update.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The name of the user to add.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AddUserToGroupInput) GoString

func (s AddUserToGroupInput) GoString() string

GoString returns the string representation

func (*AddUserToGroupInput) SetGroupName

func (s *AddUserToGroupInput) SetGroupName(v string) *AddUserToGroupInput

SetGroupName sets the GroupName field's value.

func (*AddUserToGroupInput) SetUserName

func (s *AddUserToGroupInput) SetUserName(v string) *AddUserToGroupInput

SetUserName sets the UserName field's value.

func (AddUserToGroupInput) String

func (s AddUserToGroupInput) String() string

String returns the string representation

func (*AddUserToGroupInput) Validate

func (s *AddUserToGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AddUserToGroupOutput

type AddUserToGroupOutput struct {
	// contains filtered or unexported fields
}

func (AddUserToGroupOutput) GoString

func (s AddUserToGroupOutput) GoString() string

GoString returns the string representation

func (AddUserToGroupOutput) String

func (s AddUserToGroupOutput) String() string

String returns the string representation

type AttachGroupPolicyInput

type AttachGroupPolicyInput struct {

	// The name (friendly name, not ARN) of the group to attach the policy to.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AttachGroupPolicyInput) GoString

func (s AttachGroupPolicyInput) GoString() string

GoString returns the string representation

func (*AttachGroupPolicyInput) SetGroupName

SetGroupName sets the GroupName field's value.

func (*AttachGroupPolicyInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (AttachGroupPolicyInput) String

func (s AttachGroupPolicyInput) String() string

String returns the string representation

func (*AttachGroupPolicyInput) Validate

func (s *AttachGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AttachGroupPolicyOutput

type AttachGroupPolicyOutput struct {
	// contains filtered or unexported fields
}

func (AttachGroupPolicyOutput) GoString

func (s AttachGroupPolicyOutput) GoString() string

GoString returns the string representation

func (AttachGroupPolicyOutput) String

func (s AttachGroupPolicyOutput) String() string

String returns the string representation

type AttachRolePolicyInput

type AttachRolePolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the role to attach the policy to.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AttachRolePolicyInput) GoString

func (s AttachRolePolicyInput) GoString() string

GoString returns the string representation

func (*AttachRolePolicyInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (*AttachRolePolicyInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (AttachRolePolicyInput) String

func (s AttachRolePolicyInput) String() string

String returns the string representation

func (*AttachRolePolicyInput) Validate

func (s *AttachRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AttachRolePolicyOutput

type AttachRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (AttachRolePolicyOutput) GoString

func (s AttachRolePolicyOutput) GoString() string

GoString returns the string representation

func (AttachRolePolicyOutput) String

func (s AttachRolePolicyOutput) String() string

String returns the string representation

type AttachUserPolicyInput

type AttachUserPolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to attach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the IAM user to attach the policy to.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (AttachUserPolicyInput) GoString

func (s AttachUserPolicyInput) GoString() string

GoString returns the string representation

func (*AttachUserPolicyInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (*AttachUserPolicyInput) SetUserName

SetUserName sets the UserName field's value.

func (AttachUserPolicyInput) String

func (s AttachUserPolicyInput) String() string

String returns the string representation

func (*AttachUserPolicyInput) Validate

func (s *AttachUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type AttachUserPolicyOutput

type AttachUserPolicyOutput struct {
	// contains filtered or unexported fields
}

func (AttachUserPolicyOutput) GoString

func (s AttachUserPolicyOutput) GoString() string

GoString returns the string representation

func (AttachUserPolicyOutput) String

func (s AttachUserPolicyOutput) String() string

String returns the string representation

type AttachedPolicy

type AttachedPolicy struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	PolicyArn *string `min:"20" type:"string"`

	// The friendly name of the attached policy.
	PolicyName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about an attached policy.

An attached policy is a managed policy that has been attached to a user, group, or role. This data type is used as a response element in the ListAttachedGroupPolicies, ListAttachedRolePolicies, ListAttachedUserPolicies, and GetAccountAuthorizationDetails operations.

For more information about managed policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (AttachedPolicy) GoString

func (s AttachedPolicy) GoString() string

GoString returns the string representation

func (*AttachedPolicy) SetPolicyArn

func (s *AttachedPolicy) SetPolicyArn(v string) *AttachedPolicy

SetPolicyArn sets the PolicyArn field's value.

func (*AttachedPolicy) SetPolicyName

func (s *AttachedPolicy) SetPolicyName(v string) *AttachedPolicy

SetPolicyName sets the PolicyName field's value.

func (AttachedPolicy) String

func (s AttachedPolicy) String() string

String returns the string representation

type ChangePasswordInput

type ChangePasswordInput struct {

	// The new password. The new password must conform to the AWS account's password
	// policy, if one exists.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
	// this parameter is a string of characters. That string can include almost
	// any printable ASCII character from the space (\u0020) through the end of
	// the ASCII character range (\u00FF). You can also include the tab (\u0009),
	// line feed (\u000A), and carriage return (\u000D) characters. Any of these
	// characters are valid in a password. However, many tools, such as the AWS
	// Management Console, might restrict the ability to type certain characters
	// because they have special meaning within that tool.
	//
	// NewPassword is a required field
	NewPassword *string `min:"1" type:"string" required:"true"`

	// The IAM user's current password.
	//
	// OldPassword is a required field
	OldPassword *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ChangePasswordInput) GoString

func (s ChangePasswordInput) GoString() string

GoString returns the string representation

func (*ChangePasswordInput) SetNewPassword

func (s *ChangePasswordInput) SetNewPassword(v string) *ChangePasswordInput

SetNewPassword sets the NewPassword field's value.

func (*ChangePasswordInput) SetOldPassword

func (s *ChangePasswordInput) SetOldPassword(v string) *ChangePasswordInput

SetOldPassword sets the OldPassword field's value.

func (ChangePasswordInput) String

func (s ChangePasswordInput) String() string

String returns the string representation

func (*ChangePasswordInput) Validate

func (s *ChangePasswordInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ChangePasswordOutput

type ChangePasswordOutput struct {
	// contains filtered or unexported fields
}

func (ChangePasswordOutput) GoString

func (s ChangePasswordOutput) GoString() string

GoString returns the string representation

func (ChangePasswordOutput) String

func (s ChangePasswordOutput) String() string

String returns the string representation

type ContextEntry

type ContextEntry struct {

	// The full name of a condition context key, including the service prefix. For
	// example, aws:SourceIp or s3:VersionId.
	ContextKeyName *string `min:"5" type:"string"`

	// The data type of the value (or values) specified in the ContextKeyValues
	// parameter.
	ContextKeyType *string `type:"string" enum:"ContextKeyTypeEnum"`

	// The value (or values, if the condition context key supports multiple values)
	// to provide to the simulation when the key is referenced by a Condition element
	// in an input policy.
	ContextKeyValues []*string `type:"list"`
	// contains filtered or unexported fields
}

Contains information about a condition context key. It includes the name of the key and specifies the value (or values, if the context key supports multiple values) to use in the simulation. This information is used when evaluating the Condition elements of the input policies.

This data type is used as an input parameter to SimulateCustomPolicy and SimulateCustomPolicy.

func (ContextEntry) GoString

func (s ContextEntry) GoString() string

GoString returns the string representation

func (*ContextEntry) SetContextKeyName

func (s *ContextEntry) SetContextKeyName(v string) *ContextEntry

SetContextKeyName sets the ContextKeyName field's value.

func (*ContextEntry) SetContextKeyType

func (s *ContextEntry) SetContextKeyType(v string) *ContextEntry

SetContextKeyType sets the ContextKeyType field's value.

func (*ContextEntry) SetContextKeyValues

func (s *ContextEntry) SetContextKeyValues(v []*string) *ContextEntry

SetContextKeyValues sets the ContextKeyValues field's value.

func (ContextEntry) String

func (s ContextEntry) String() string

String returns the string representation

func (*ContextEntry) Validate

func (s *ContextEntry) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateAccessKeyInput

type CreateAccessKeyInput struct {

	// The name of the IAM user that the new key will belong to.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (CreateAccessKeyInput) GoString

func (s CreateAccessKeyInput) GoString() string

GoString returns the string representation

func (*CreateAccessKeyInput) SetUserName

SetUserName sets the UserName field's value.

func (CreateAccessKeyInput) String

func (s CreateAccessKeyInput) String() string

String returns the string representation

func (*CreateAccessKeyInput) Validate

func (s *CreateAccessKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateAccessKeyOutput

type CreateAccessKeyOutput struct {

	// A structure with details about the access key.
	//
	// AccessKey is a required field
	AccessKey *AccessKey `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateAccessKey request.

func (CreateAccessKeyOutput) GoString

func (s CreateAccessKeyOutput) GoString() string

GoString returns the string representation

func (*CreateAccessKeyOutput) SetAccessKey

SetAccessKey sets the AccessKey field's value.

func (CreateAccessKeyOutput) String

func (s CreateAccessKeyOutput) String() string

String returns the string representation

type CreateAccountAliasInput

type CreateAccountAliasInput struct {

	// The account alias to create.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of lowercase letters, digits, and dashes.
	// You cannot start or finish with a dash, nor can you have two dashes in a
	// row.
	//
	// AccountAlias is a required field
	AccountAlias *string `min:"3" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateAccountAliasInput) GoString

func (s CreateAccountAliasInput) GoString() string

GoString returns the string representation

func (*CreateAccountAliasInput) SetAccountAlias

SetAccountAlias sets the AccountAlias field's value.

func (CreateAccountAliasInput) String

func (s CreateAccountAliasInput) String() string

String returns the string representation

func (*CreateAccountAliasInput) Validate

func (s *CreateAccountAliasInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateAccountAliasOutput

type CreateAccountAliasOutput struct {
	// contains filtered or unexported fields
}

func (CreateAccountAliasOutput) GoString

func (s CreateAccountAliasOutput) GoString() string

GoString returns the string representation

func (CreateAccountAliasOutput) String

func (s CreateAccountAliasOutput) String() string

String returns the string representation

type CreateGroupInput

type CreateGroupInput struct {

	// The name of the group to create. Do not include the path in this value.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-.
	// The group name must be unique within the account. Group names are not distinguished
	// by case. For example, you cannot create groups named both "ADMINS" and "admins".
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The path to the group. For more information about paths, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (CreateGroupInput) GoString

func (s CreateGroupInput) GoString() string

GoString returns the string representation

func (*CreateGroupInput) SetGroupName

func (s *CreateGroupInput) SetGroupName(v string) *CreateGroupInput

SetGroupName sets the GroupName field's value.

func (*CreateGroupInput) SetPath

func (s *CreateGroupInput) SetPath(v string) *CreateGroupInput

SetPath sets the Path field's value.

func (CreateGroupInput) String

func (s CreateGroupInput) String() string

String returns the string representation

func (*CreateGroupInput) Validate

func (s *CreateGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateGroupOutput

type CreateGroupOutput struct {

	// A structure containing details about the new group.
	//
	// Group is a required field
	Group *Group `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateGroup request.

func (CreateGroupOutput) GoString

func (s CreateGroupOutput) GoString() string

GoString returns the string representation

func (*CreateGroupOutput) SetGroup

func (s *CreateGroupOutput) SetGroup(v *Group) *CreateGroupOutput

SetGroup sets the Group field's value.

func (CreateGroupOutput) String

func (s CreateGroupOutput) String() string

String returns the string representation

type CreateInstanceProfileInput

type CreateInstanceProfileInput struct {

	// The name of the instance profile to create.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`

	// The path to the instance profile. For more information about paths, see IAM
	// Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (CreateInstanceProfileInput) GoString

func (s CreateInstanceProfileInput) GoString() string

GoString returns the string representation

func (*CreateInstanceProfileInput) SetInstanceProfileName

func (s *CreateInstanceProfileInput) SetInstanceProfileName(v string) *CreateInstanceProfileInput

SetInstanceProfileName sets the InstanceProfileName field's value.

func (*CreateInstanceProfileInput) SetPath

SetPath sets the Path field's value.

func (CreateInstanceProfileInput) String

String returns the string representation

func (*CreateInstanceProfileInput) Validate

func (s *CreateInstanceProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateInstanceProfileOutput

type CreateInstanceProfileOutput struct {

	// A structure containing details about the new instance profile.
	//
	// InstanceProfile is a required field
	InstanceProfile *InstanceProfile `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateInstanceProfile request.

func (CreateInstanceProfileOutput) GoString

func (s CreateInstanceProfileOutput) GoString() string

GoString returns the string representation

func (*CreateInstanceProfileOutput) SetInstanceProfile

SetInstanceProfile sets the InstanceProfile field's value.

func (CreateInstanceProfileOutput) String

String returns the string representation

type CreateLoginProfileInput

type CreateLoginProfileInput struct {

	// The new password for the user.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) that is used to validate
	// this parameter is a string of characters. That string can include almost
	// any printable ASCII character from the space (\u0020) through the end of
	// the ASCII character range (\u00FF). You can also include the tab (\u0009),
	// line feed (\u000A), and carriage return (\u000D) characters. Any of these
	// characters are valid in a password. However, many tools, such as the AWS
	// Management Console, might restrict the ability to type certain characters
	// because they have special meaning within that tool.
	//
	// Password is a required field
	Password *string `min:"1" type:"string" required:"true"`

	// Specifies whether the user is required to set a new password on next sign-in.
	PasswordResetRequired *bool `type:"boolean"`

	// The name of the IAM user to create a password for. The user must already
	// exist.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateLoginProfileInput) GoString

func (s CreateLoginProfileInput) GoString() string

GoString returns the string representation

func (*CreateLoginProfileInput) SetPassword

SetPassword sets the Password field's value.

func (*CreateLoginProfileInput) SetPasswordResetRequired

func (s *CreateLoginProfileInput) SetPasswordResetRequired(v bool) *CreateLoginProfileInput

SetPasswordResetRequired sets the PasswordResetRequired field's value.

func (*CreateLoginProfileInput) SetUserName

SetUserName sets the UserName field's value.

func (CreateLoginProfileInput) String

func (s CreateLoginProfileInput) String() string

String returns the string representation

func (*CreateLoginProfileInput) Validate

func (s *CreateLoginProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateLoginProfileOutput

type CreateLoginProfileOutput struct {

	// A structure containing the user name and password create date.
	//
	// LoginProfile is a required field
	LoginProfile *LoginProfile `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateLoginProfile request.

func (CreateLoginProfileOutput) GoString

func (s CreateLoginProfileOutput) GoString() string

GoString returns the string representation

func (*CreateLoginProfileOutput) SetLoginProfile

SetLoginProfile sets the LoginProfile field's value.

func (CreateLoginProfileOutput) String

func (s CreateLoginProfileOutput) String() string

String returns the string representation

type CreateOpenIDConnectProviderInput

type CreateOpenIDConnectProviderInput struct {

	// A list of client IDs (also known as audiences). When a mobile or web app
	// registers with an OpenID Connect provider, they establish a value that identifies
	// the application. (This is the value that's sent as the client_id parameter
	// on OAuth requests.)
	//
	// You can register multiple client IDs with the same provider. For example,
	// you might have multiple applications that use the same OIDC provider. You
	// cannot register more than 100 client IDs with a single IAM OIDC provider.
	//
	// There is no defined format for a client ID. The CreateOpenIDConnectProviderRequest
	// operation accepts client IDs up to 255 characters long.
	ClientIDList []*string `type:"list"`

	// A list of server certificate thumbprints for the OpenID Connect (OIDC) identity
	// provider's server certificates. Typically this list includes only one entry.
	// However, IAM lets you have up to five thumbprints for an OIDC provider. This
	// lets you maintain multiple thumbprints if the identity provider is rotating
	// certificates.
	//
	// The server certificate thumbprint is the hex-encoded SHA-1 hash value of
	// the X.509 certificate used by the domain where the OpenID Connect provider
	// makes its keys available. It is always a 40-character string.
	//
	// You must provide at least one thumbprint when creating an IAM OIDC provider.
	// For example, assume that the OIDC provider is server.example.com and the
	// provider stores its keys at https://keys.server.example.com/openid-connect.
	// In that case, the thumbprint string would be the hex-encoded SHA-1 hash value
	// of the certificate used by https://keys.server.example.com.
	//
	// For more information about obtaining the OIDC provider's thumbprint, see
	// Obtaining the Thumbprint for an OpenID Connect Provider (http://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html)
	// in the IAM User Guide.
	//
	// ThumbprintList is a required field
	ThumbprintList []*string `type:"list" required:"true"`

	// The URL of the identity provider. The URL must begin with https:// and should
	// correspond to the iss claim in the provider's OpenID Connect ID tokens. Per
	// the OIDC standard, path components are allowed but query parameters are not.
	// Typically the URL consists of only a hostname, like https://server.example.org
	// or https://example.com.
	//
	// You cannot register the same provider multiple times in a single AWS account.
	// If you try to submit a URL that has already been used for an OpenID Connect
	// provider in the AWS account, you will get an error.
	//
	// Url is a required field
	Url *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateOpenIDConnectProviderInput) GoString

GoString returns the string representation

func (*CreateOpenIDConnectProviderInput) SetClientIDList

SetClientIDList sets the ClientIDList field's value.

func (*CreateOpenIDConnectProviderInput) SetThumbprintList

SetThumbprintList sets the ThumbprintList field's value.

func (*CreateOpenIDConnectProviderInput) SetUrl

SetUrl sets the Url field's value.

func (CreateOpenIDConnectProviderInput) String

String returns the string representation

func (*CreateOpenIDConnectProviderInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type CreateOpenIDConnectProviderOutput

type CreateOpenIDConnectProviderOutput struct {

	// The Amazon Resource Name (ARN) of the new IAM OpenID Connect provider that
	// is created. For more information, see OpenIDConnectProviderListEntry.
	OpenIDConnectProviderArn *string `min:"20" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateOpenIDConnectProvider request.

func (CreateOpenIDConnectProviderOutput) GoString

GoString returns the string representation

func (*CreateOpenIDConnectProviderOutput) SetOpenIDConnectProviderArn

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (CreateOpenIDConnectProviderOutput) String

String returns the string representation

type CreatePolicyInput

type CreatePolicyInput struct {

	// A friendly description of the policy.
	//
	// Typically used to store information about the permissions defined in the
	// policy. For example, "Grants access to production DynamoDB tables."
	//
	// The policy description is immutable. After a value is assigned, it cannot
	// be changed.
	Description *string `type:"string"`

	// The path for the policy.
	//
	// For more information about paths, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `type:"string"`

	// The JSON policy document that you want to use as the content for the new
	// policy.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The friendly name of the policy.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreatePolicyInput) GoString

func (s CreatePolicyInput) GoString() string

GoString returns the string representation

func (*CreatePolicyInput) SetDescription

func (s *CreatePolicyInput) SetDescription(v string) *CreatePolicyInput

SetDescription sets the Description field's value.

func (*CreatePolicyInput) SetPath

SetPath sets the Path field's value.

func (*CreatePolicyInput) SetPolicyDocument

func (s *CreatePolicyInput) SetPolicyDocument(v string) *CreatePolicyInput

SetPolicyDocument sets the PolicyDocument field's value.

func (*CreatePolicyInput) SetPolicyName

func (s *CreatePolicyInput) SetPolicyName(v string) *CreatePolicyInput

SetPolicyName sets the PolicyName field's value.

func (CreatePolicyInput) String

func (s CreatePolicyInput) String() string

String returns the string representation

func (*CreatePolicyInput) Validate

func (s *CreatePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreatePolicyOutput

type CreatePolicyOutput struct {

	// A structure containing details about the new policy.
	Policy *Policy `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreatePolicy request.

func (CreatePolicyOutput) GoString

func (s CreatePolicyOutput) GoString() string

GoString returns the string representation

func (*CreatePolicyOutput) SetPolicy

func (s *CreatePolicyOutput) SetPolicy(v *Policy) *CreatePolicyOutput

SetPolicy sets the Policy field's value.

func (CreatePolicyOutput) String

func (s CreatePolicyOutput) String() string

String returns the string representation

type CreatePolicyVersionInput

type CreatePolicyVersionInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy to which you want to add
	// a new version.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The JSON policy document that you want to use as the content for this new
	// version of the policy.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// Specifies whether to set this version as the policy's default version.
	//
	// When this parameter is true, the new policy version becomes the operative
	// version. That is, it becomes the version that is in effect for the IAM users,
	// groups, and roles that the policy is attached to.
	//
	// For more information about managed policy versions, see Versioning for Managed
	// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the IAM User Guide.
	SetAsDefault *bool `type:"boolean"`
	// contains filtered or unexported fields
}

func (CreatePolicyVersionInput) GoString

func (s CreatePolicyVersionInput) GoString() string

GoString returns the string representation

func (*CreatePolicyVersionInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (*CreatePolicyVersionInput) SetPolicyDocument

func (s *CreatePolicyVersionInput) SetPolicyDocument(v string) *CreatePolicyVersionInput

SetPolicyDocument sets the PolicyDocument field's value.

func (*CreatePolicyVersionInput) SetSetAsDefault

SetSetAsDefault sets the SetAsDefault field's value.

func (CreatePolicyVersionInput) String

func (s CreatePolicyVersionInput) String() string

String returns the string representation

func (*CreatePolicyVersionInput) Validate

func (s *CreatePolicyVersionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreatePolicyVersionOutput

type CreatePolicyVersionOutput struct {

	// A structure containing details about the new policy version.
	PolicyVersion *PolicyVersion `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreatePolicyVersion request.

func (CreatePolicyVersionOutput) GoString

func (s CreatePolicyVersionOutput) GoString() string

GoString returns the string representation

func (*CreatePolicyVersionOutput) SetPolicyVersion

SetPolicyVersion sets the PolicyVersion field's value.

func (CreatePolicyVersionOutput) String

func (s CreatePolicyVersionOutput) String() string

String returns the string representation

type CreateRoleInput

type CreateRoleInput struct {

	// The trust relationship policy document that grants an entity permission to
	// assume the role.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// AssumeRolePolicyDocument is a required field
	AssumeRolePolicyDocument *string `min:"1" type:"string" required:"true"`

	// A description of the role.
	Description *string `type:"string"`

	// The maximum session duration (in seconds) that you want to set for the specified
	// role. If you do not specify a value for this setting, the default maximum
	// of one hour is applied. This setting can have a value from 1 hour to 12 hours.
	//
	// Anyone who assumes the role from the AWS CLI or API can use the DurationSeconds
	// API parameter or the duration-seconds CLI parameter to request a longer session.
	// The MaxSessionDuration setting determines the maximum duration that can be
	// requested using the DurationSeconds parameter. If users don't specify a value
	// for the DurationSeconds parameter, their security credentials are valid for
	// one hour by default. This applies when you use the AssumeRole* API operations
	// or the assume-role* CLI operations but does not apply when you use those
	// operations to create a console URL. For more information, see Using IAM Roles
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the
	// IAM User Guide.
	MaxSessionDuration *int64 `min:"3600" type:"integer"`

	// The path to the role. For more information about paths, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`

	// The name of the role to create.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// Role names are not distinguished by case. For example, you cannot create
	// roles named both "PRODROLE" and "prodrole".
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateRoleInput) GoString

func (s CreateRoleInput) GoString() string

GoString returns the string representation

func (*CreateRoleInput) SetAssumeRolePolicyDocument

func (s *CreateRoleInput) SetAssumeRolePolicyDocument(v string) *CreateRoleInput

SetAssumeRolePolicyDocument sets the AssumeRolePolicyDocument field's value.

func (*CreateRoleInput) SetDescription

func (s *CreateRoleInput) SetDescription(v string) *CreateRoleInput

SetDescription sets the Description field's value.

func (*CreateRoleInput) SetMaxSessionDuration

func (s *CreateRoleInput) SetMaxSessionDuration(v int64) *CreateRoleInput

SetMaxSessionDuration sets the MaxSessionDuration field's value.

func (*CreateRoleInput) SetPath

func (s *CreateRoleInput) SetPath(v string) *CreateRoleInput

SetPath sets the Path field's value.

func (*CreateRoleInput) SetRoleName

func (s *CreateRoleInput) SetRoleName(v string) *CreateRoleInput

SetRoleName sets the RoleName field's value.

func (CreateRoleInput) String

func (s CreateRoleInput) String() string

String returns the string representation

func (*CreateRoleInput) Validate

func (s *CreateRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateRoleOutput

type CreateRoleOutput struct {

	// A structure containing details about the new role.
	//
	// Role is a required field
	Role *Role `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateRole request.

func (CreateRoleOutput) GoString

func (s CreateRoleOutput) GoString() string

GoString returns the string representation

func (*CreateRoleOutput) SetRole

func (s *CreateRoleOutput) SetRole(v *Role) *CreateRoleOutput

SetRole sets the Role field's value.

func (CreateRoleOutput) String

func (s CreateRoleOutput) String() string

String returns the string representation

type CreateSAMLProviderInput

type CreateSAMLProviderInput struct {

	// The name of the provider to create.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// Name is a required field
	Name *string `min:"1" type:"string" required:"true"`

	// An XML document generated by an identity provider (IdP) that supports SAML
	// 2.0. The document includes the issuer's name, expiration information, and
	// keys that can be used to validate the SAML authentication response (assertions)
	// that are received from the IdP. You must generate the metadata document using
	// the identity management software that is used as your organization's IdP.
	//
	// For more information, see About SAML 2.0-based Federation (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html)
	// in the IAM User Guide
	//
	// SAMLMetadataDocument is a required field
	SAMLMetadataDocument *string `min:"1000" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateSAMLProviderInput) GoString

func (s CreateSAMLProviderInput) GoString() string

GoString returns the string representation

func (*CreateSAMLProviderInput) SetName

SetName sets the Name field's value.

func (*CreateSAMLProviderInput) SetSAMLMetadataDocument

func (s *CreateSAMLProviderInput) SetSAMLMetadataDocument(v string) *CreateSAMLProviderInput

SetSAMLMetadataDocument sets the SAMLMetadataDocument field's value.

func (CreateSAMLProviderInput) String

func (s CreateSAMLProviderInput) String() string

String returns the string representation

func (*CreateSAMLProviderInput) Validate

func (s *CreateSAMLProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateSAMLProviderOutput

type CreateSAMLProviderOutput struct {

	// The Amazon Resource Name (ARN) of the new SAML provider resource in IAM.
	SAMLProviderArn *string `min:"20" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateSAMLProvider request.

func (CreateSAMLProviderOutput) GoString

func (s CreateSAMLProviderOutput) GoString() string

GoString returns the string representation

func (*CreateSAMLProviderOutput) SetSAMLProviderArn

func (s *CreateSAMLProviderOutput) SetSAMLProviderArn(v string) *CreateSAMLProviderOutput

SetSAMLProviderArn sets the SAMLProviderArn field's value.

func (CreateSAMLProviderOutput) String

func (s CreateSAMLProviderOutput) String() string

String returns the string representation

type CreateServiceLinkedRoleInput

type CreateServiceLinkedRoleInput struct {

	// The AWS service to which this role is attached. You use a string similar
	// to a URL but without the http:// in front. For example: elasticbeanstalk.amazonaws.com
	//
	// AWSServiceName is a required field
	AWSServiceName *string `min:"1" type:"string" required:"true"`

	// A string that you provide, which is combined with the service name to form
	// the complete role name. If you make multiple requests for the same service,
	// then you must supply a different CustomSuffix for each request. Otherwise
	// the request fails with a duplicate role name error. For example, you could
	// add -1 or -debug to the suffix.
	CustomSuffix *string `min:"1" type:"string"`

	// The description of the role.
	Description *string `type:"string"`
	// contains filtered or unexported fields
}

func (CreateServiceLinkedRoleInput) GoString

func (s CreateServiceLinkedRoleInput) GoString() string

GoString returns the string representation

func (*CreateServiceLinkedRoleInput) SetAWSServiceName

SetAWSServiceName sets the AWSServiceName field's value.

func (*CreateServiceLinkedRoleInput) SetCustomSuffix

SetCustomSuffix sets the CustomSuffix field's value.

func (*CreateServiceLinkedRoleInput) SetDescription

SetDescription sets the Description field's value.

func (CreateServiceLinkedRoleInput) String

String returns the string representation

func (*CreateServiceLinkedRoleInput) Validate

func (s *CreateServiceLinkedRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateServiceLinkedRoleOutput

type CreateServiceLinkedRoleOutput struct {

	// A Role object that contains details about the newly created role.
	Role *Role `type:"structure"`
	// contains filtered or unexported fields
}

func (CreateServiceLinkedRoleOutput) GoString

GoString returns the string representation

func (*CreateServiceLinkedRoleOutput) SetRole

SetRole sets the Role field's value.

func (CreateServiceLinkedRoleOutput) String

String returns the string representation

type CreateServiceSpecificCredentialInput

type CreateServiceSpecificCredentialInput struct {

	// The name of the AWS service that is to be associated with the credentials.
	// The service you specify here is the only service that can be accessed using
	// these credentials.
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`

	// The name of the IAM user that is to be associated with the credentials. The
	// new service-specific credentials have the same permissions as the associated
	// user except that they can be used only to access the specified service.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateServiceSpecificCredentialInput) GoString

GoString returns the string representation

func (*CreateServiceSpecificCredentialInput) SetServiceName

SetServiceName sets the ServiceName field's value.

func (*CreateServiceSpecificCredentialInput) SetUserName

SetUserName sets the UserName field's value.

func (CreateServiceSpecificCredentialInput) String

String returns the string representation

func (*CreateServiceSpecificCredentialInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type CreateServiceSpecificCredentialOutput

type CreateServiceSpecificCredentialOutput struct {

	// A structure that contains information about the newly created service-specific
	// credential.
	//
	// This is the only time that the password for this credential set is available.
	// It cannot be recovered later. Instead, you will have to reset the password
	// with ResetServiceSpecificCredential.
	ServiceSpecificCredential *ServiceSpecificCredential `type:"structure"`
	// contains filtered or unexported fields
}

func (CreateServiceSpecificCredentialOutput) GoString

GoString returns the string representation

func (*CreateServiceSpecificCredentialOutput) SetServiceSpecificCredential

SetServiceSpecificCredential sets the ServiceSpecificCredential field's value.

func (CreateServiceSpecificCredentialOutput) String

String returns the string representation

type CreateUserInput

type CreateUserInput struct {

	// The path for the user name. For more information about paths, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`

	// The name of the user to create.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-.
	// User names are not distinguished by case. For example, you cannot create
	// users named both "TESTUSER" and "testuser".
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateUserInput) GoString

func (s CreateUserInput) GoString() string

GoString returns the string representation

func (*CreateUserInput) SetPath

func (s *CreateUserInput) SetPath(v string) *CreateUserInput

SetPath sets the Path field's value.

func (*CreateUserInput) SetUserName

func (s *CreateUserInput) SetUserName(v string) *CreateUserInput

SetUserName sets the UserName field's value.

func (CreateUserInput) String

func (s CreateUserInput) String() string

String returns the string representation

func (*CreateUserInput) Validate

func (s *CreateUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateUserOutput

type CreateUserOutput struct {

	// A structure with details about the new IAM user.
	User *User `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateUser request.

func (CreateUserOutput) GoString

func (s CreateUserOutput) GoString() string

GoString returns the string representation

func (*CreateUserOutput) SetUser

func (s *CreateUserOutput) SetUser(v *User) *CreateUserOutput

SetUser sets the User field's value.

func (CreateUserOutput) String

func (s CreateUserOutput) String() string

String returns the string representation

type CreateVirtualMFADeviceInput

type CreateVirtualMFADeviceInput struct {

	// The path for the virtual MFA device. For more information about paths, see
	// IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/).
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	Path *string `min:"1" type:"string"`

	// The name of the virtual MFA device. Use with path to uniquely identify a
	// virtual MFA device.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// VirtualMFADeviceName is a required field
	VirtualMFADeviceName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (CreateVirtualMFADeviceInput) GoString

func (s CreateVirtualMFADeviceInput) GoString() string

GoString returns the string representation

func (*CreateVirtualMFADeviceInput) SetPath

SetPath sets the Path field's value.

func (*CreateVirtualMFADeviceInput) SetVirtualMFADeviceName

func (s *CreateVirtualMFADeviceInput) SetVirtualMFADeviceName(v string) *CreateVirtualMFADeviceInput

SetVirtualMFADeviceName sets the VirtualMFADeviceName field's value.

func (CreateVirtualMFADeviceInput) String

String returns the string representation

func (*CreateVirtualMFADeviceInput) Validate

func (s *CreateVirtualMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type CreateVirtualMFADeviceOutput

type CreateVirtualMFADeviceOutput struct {

	// A structure containing details about the new virtual MFA device.
	//
	// VirtualMFADevice is a required field
	VirtualMFADevice *VirtualMFADevice `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful CreateVirtualMFADevice request.

func (CreateVirtualMFADeviceOutput) GoString

func (s CreateVirtualMFADeviceOutput) GoString() string

GoString returns the string representation

func (*CreateVirtualMFADeviceOutput) SetVirtualMFADevice

SetVirtualMFADevice sets the VirtualMFADevice field's value.

func (CreateVirtualMFADeviceOutput) String

String returns the string representation

type DeactivateMFADeviceInput

type DeactivateMFADeviceInput struct {

	// The serial number that uniquely identifies the MFA device. For virtual MFA
	// devices, the serial number is the device ARN.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: =,.@:/-
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The name of the user whose MFA device you want to deactivate.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeactivateMFADeviceInput) GoString

func (s DeactivateMFADeviceInput) GoString() string

GoString returns the string representation

func (*DeactivateMFADeviceInput) SetSerialNumber

SetSerialNumber sets the SerialNumber field's value.

func (*DeactivateMFADeviceInput) SetUserName

SetUserName sets the UserName field's value.

func (DeactivateMFADeviceInput) String

func (s DeactivateMFADeviceInput) String() string

String returns the string representation

func (*DeactivateMFADeviceInput) Validate

func (s *DeactivateMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeactivateMFADeviceOutput

type DeactivateMFADeviceOutput struct {
	// contains filtered or unexported fields
}

func (DeactivateMFADeviceOutput) GoString

func (s DeactivateMFADeviceOutput) GoString() string

GoString returns the string representation

func (DeactivateMFADeviceOutput) String

func (s DeactivateMFADeviceOutput) String() string

String returns the string representation

type DeleteAccessKeyInput

type DeleteAccessKeyInput struct {

	// The access key ID for the access key ID and secret access key you want to
	// delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// AccessKeyId is a required field
	AccessKeyId *string `min:"16" type:"string" required:"true"`

	// The name of the user whose access key pair you want to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (DeleteAccessKeyInput) GoString

func (s DeleteAccessKeyInput) GoString() string

GoString returns the string representation

func (*DeleteAccessKeyInput) SetAccessKeyId

func (s *DeleteAccessKeyInput) SetAccessKeyId(v string) *DeleteAccessKeyInput

SetAccessKeyId sets the AccessKeyId field's value.

func (*DeleteAccessKeyInput) SetUserName

SetUserName sets the UserName field's value.

func (DeleteAccessKeyInput) String

func (s DeleteAccessKeyInput) String() string

String returns the string representation

func (*DeleteAccessKeyInput) Validate

func (s *DeleteAccessKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteAccessKeyOutput

type DeleteAccessKeyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteAccessKeyOutput) GoString

func (s DeleteAccessKeyOutput) GoString() string

GoString returns the string representation

func (DeleteAccessKeyOutput) String

func (s DeleteAccessKeyOutput) String() string

String returns the string representation

type DeleteAccountAliasInput

type DeleteAccountAliasInput struct {

	// The name of the account alias to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of lowercase letters, digits, and dashes.
	// You cannot start or finish with a dash, nor can you have two dashes in a
	// row.
	//
	// AccountAlias is a required field
	AccountAlias *string `min:"3" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteAccountAliasInput) GoString

func (s DeleteAccountAliasInput) GoString() string

GoString returns the string representation

func (*DeleteAccountAliasInput) SetAccountAlias

SetAccountAlias sets the AccountAlias field's value.

func (DeleteAccountAliasInput) String

func (s DeleteAccountAliasInput) String() string

String returns the string representation

func (*DeleteAccountAliasInput) Validate

func (s *DeleteAccountAliasInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteAccountAliasOutput

type DeleteAccountAliasOutput struct {
	// contains filtered or unexported fields
}

func (DeleteAccountAliasOutput) GoString

func (s DeleteAccountAliasOutput) GoString() string

GoString returns the string representation

func (DeleteAccountAliasOutput) String

func (s DeleteAccountAliasOutput) String() string

String returns the string representation

type DeleteAccountPasswordPolicyInput

type DeleteAccountPasswordPolicyInput struct {
	// contains filtered or unexported fields
}

func (DeleteAccountPasswordPolicyInput) GoString

GoString returns the string representation

func (DeleteAccountPasswordPolicyInput) String

String returns the string representation

type DeleteAccountPasswordPolicyOutput

type DeleteAccountPasswordPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteAccountPasswordPolicyOutput) GoString

GoString returns the string representation

func (DeleteAccountPasswordPolicyOutput) String

String returns the string representation

type DeleteGroupInput

type DeleteGroupInput struct {

	// The name of the IAM group to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteGroupInput) GoString

func (s DeleteGroupInput) GoString() string

GoString returns the string representation

func (*DeleteGroupInput) SetGroupName

func (s *DeleteGroupInput) SetGroupName(v string) *DeleteGroupInput

SetGroupName sets the GroupName field's value.

func (DeleteGroupInput) String

func (s DeleteGroupInput) String() string

String returns the string representation

func (*DeleteGroupInput) Validate

func (s *DeleteGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteGroupOutput

type DeleteGroupOutput struct {
	// contains filtered or unexported fields
}

func (DeleteGroupOutput) GoString

func (s DeleteGroupOutput) GoString() string

GoString returns the string representation

func (DeleteGroupOutput) String

func (s DeleteGroupOutput) String() string

String returns the string representation

type DeleteGroupPolicyInput

type DeleteGroupPolicyInput struct {

	// The name (friendly name, not ARN) identifying the group that the policy is
	// embedded in.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The name identifying the policy document to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteGroupPolicyInput) GoString

func (s DeleteGroupPolicyInput) GoString() string

GoString returns the string representation

func (*DeleteGroupPolicyInput) SetGroupName

SetGroupName sets the GroupName field's value.

func (*DeleteGroupPolicyInput) SetPolicyName

SetPolicyName sets the PolicyName field's value.

func (DeleteGroupPolicyInput) String

func (s DeleteGroupPolicyInput) String() string

String returns the string representation

func (*DeleteGroupPolicyInput) Validate

func (s *DeleteGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteGroupPolicyOutput

type DeleteGroupPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteGroupPolicyOutput) GoString

func (s DeleteGroupPolicyOutput) GoString() string

GoString returns the string representation

func (DeleteGroupPolicyOutput) String

func (s DeleteGroupPolicyOutput) String() string

String returns the string representation

type DeleteInstanceProfileInput

type DeleteInstanceProfileInput struct {

	// The name of the instance profile to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteInstanceProfileInput) GoString

func (s DeleteInstanceProfileInput) GoString() string

GoString returns the string representation

func (*DeleteInstanceProfileInput) SetInstanceProfileName

func (s *DeleteInstanceProfileInput) SetInstanceProfileName(v string) *DeleteInstanceProfileInput

SetInstanceProfileName sets the InstanceProfileName field's value.

func (DeleteInstanceProfileInput) String

String returns the string representation

func (*DeleteInstanceProfileInput) Validate

func (s *DeleteInstanceProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteInstanceProfileOutput

type DeleteInstanceProfileOutput struct {
	// contains filtered or unexported fields
}

func (DeleteInstanceProfileOutput) GoString

func (s DeleteInstanceProfileOutput) GoString() string

GoString returns the string representation

func (DeleteInstanceProfileOutput) String

String returns the string representation

type DeleteLoginProfileInput

type DeleteLoginProfileInput struct {

	// The name of the user whose password you want to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteLoginProfileInput) GoString

func (s DeleteLoginProfileInput) GoString() string

GoString returns the string representation

func (*DeleteLoginProfileInput) SetUserName

SetUserName sets the UserName field's value.

func (DeleteLoginProfileInput) String

func (s DeleteLoginProfileInput) String() string

String returns the string representation

func (*DeleteLoginProfileInput) Validate

func (s *DeleteLoginProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteLoginProfileOutput

type DeleteLoginProfileOutput struct {
	// contains filtered or unexported fields
}

func (DeleteLoginProfileOutput) GoString

func (s DeleteLoginProfileOutput) GoString() string

GoString returns the string representation

func (DeleteLoginProfileOutput) String

func (s DeleteLoginProfileOutput) String() string

String returns the string representation

type DeleteOpenIDConnectProviderInput

type DeleteOpenIDConnectProviderInput struct {

	// The Amazon Resource Name (ARN) of the IAM OpenID Connect provider resource
	// object to delete. You can get a list of OpenID Connect provider resource
	// ARNs by using the ListOpenIDConnectProviders operation.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteOpenIDConnectProviderInput) GoString

GoString returns the string representation

func (*DeleteOpenIDConnectProviderInput) SetOpenIDConnectProviderArn

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (DeleteOpenIDConnectProviderInput) String

String returns the string representation

func (*DeleteOpenIDConnectProviderInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type DeleteOpenIDConnectProviderOutput

type DeleteOpenIDConnectProviderOutput struct {
	// contains filtered or unexported fields
}

func (DeleteOpenIDConnectProviderOutput) GoString

GoString returns the string representation

func (DeleteOpenIDConnectProviderOutput) String

String returns the string representation

type DeletePolicyInput

type DeletePolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to delete.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeletePolicyInput) GoString

func (s DeletePolicyInput) GoString() string

GoString returns the string representation

func (*DeletePolicyInput) SetPolicyArn

func (s *DeletePolicyInput) SetPolicyArn(v string) *DeletePolicyInput

SetPolicyArn sets the PolicyArn field's value.

func (DeletePolicyInput) String

func (s DeletePolicyInput) String() string

String returns the string representation

func (*DeletePolicyInput) Validate

func (s *DeletePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeletePolicyOutput

type DeletePolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeletePolicyOutput) GoString

func (s DeletePolicyOutput) GoString() string

GoString returns the string representation

func (DeletePolicyOutput) String

func (s DeletePolicyOutput) String() string

String returns the string representation

type DeletePolicyVersionInput

type DeletePolicyVersionInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy from which you want to delete
	// a version.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The policy version to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that consists of the lowercase letter 'v' followed
	// by one or two digits, and optionally followed by a period '.' and a string
	// of letters and digits.
	//
	// For more information about managed policy versions, see Versioning for Managed
	// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the IAM User Guide.
	//
	// VersionId is a required field
	VersionId *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeletePolicyVersionInput) GoString

func (s DeletePolicyVersionInput) GoString() string

GoString returns the string representation

func (*DeletePolicyVersionInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (*DeletePolicyVersionInput) SetVersionId

SetVersionId sets the VersionId field's value.

func (DeletePolicyVersionInput) String

func (s DeletePolicyVersionInput) String() string

String returns the string representation

func (*DeletePolicyVersionInput) Validate

func (s *DeletePolicyVersionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeletePolicyVersionOutput

type DeletePolicyVersionOutput struct {
	// contains filtered or unexported fields
}

func (DeletePolicyVersionOutput) GoString

func (s DeletePolicyVersionOutput) GoString() string

GoString returns the string representation

func (DeletePolicyVersionOutput) String

func (s DeletePolicyVersionOutput) String() string

String returns the string representation

type DeleteRoleInput

type DeleteRoleInput struct {

	// The name of the role to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteRoleInput) GoString

func (s DeleteRoleInput) GoString() string

GoString returns the string representation

func (*DeleteRoleInput) SetRoleName

func (s *DeleteRoleInput) SetRoleName(v string) *DeleteRoleInput

SetRoleName sets the RoleName field's value.

func (DeleteRoleInput) String

func (s DeleteRoleInput) String() string

String returns the string representation

func (*DeleteRoleInput) Validate

func (s *DeleteRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteRoleOutput

type DeleteRoleOutput struct {
	// contains filtered or unexported fields
}

func (DeleteRoleOutput) GoString

func (s DeleteRoleOutput) GoString() string

GoString returns the string representation

func (DeleteRoleOutput) String

func (s DeleteRoleOutput) String() string

String returns the string representation

type DeleteRolePolicyInput

type DeleteRolePolicyInput struct {

	// The name of the inline policy to delete from the specified IAM role.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name (friendly name, not ARN) identifying the role that the policy is
	// embedded in.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteRolePolicyInput) GoString

func (s DeleteRolePolicyInput) GoString() string

GoString returns the string representation

func (*DeleteRolePolicyInput) SetPolicyName

func (s *DeleteRolePolicyInput) SetPolicyName(v string) *DeleteRolePolicyInput

SetPolicyName sets the PolicyName field's value.

func (*DeleteRolePolicyInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (DeleteRolePolicyInput) String

func (s DeleteRolePolicyInput) String() string

String returns the string representation

func (*DeleteRolePolicyInput) Validate

func (s *DeleteRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteRolePolicyOutput

type DeleteRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteRolePolicyOutput) GoString

func (s DeleteRolePolicyOutput) GoString() string

GoString returns the string representation

func (DeleteRolePolicyOutput) String

func (s DeleteRolePolicyOutput) String() string

String returns the string representation

type DeleteSAMLProviderInput

type DeleteSAMLProviderInput struct {

	// The Amazon Resource Name (ARN) of the SAML provider to delete.
	//
	// SAMLProviderArn is a required field
	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteSAMLProviderInput) GoString

func (s DeleteSAMLProviderInput) GoString() string

GoString returns the string representation

func (*DeleteSAMLProviderInput) SetSAMLProviderArn

func (s *DeleteSAMLProviderInput) SetSAMLProviderArn(v string) *DeleteSAMLProviderInput

SetSAMLProviderArn sets the SAMLProviderArn field's value.

func (DeleteSAMLProviderInput) String

func (s DeleteSAMLProviderInput) String() string

String returns the string representation

func (*DeleteSAMLProviderInput) Validate

func (s *DeleteSAMLProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteSAMLProviderOutput

type DeleteSAMLProviderOutput struct {
	// contains filtered or unexported fields
}

func (DeleteSAMLProviderOutput) GoString

func (s DeleteSAMLProviderOutput) GoString() string

GoString returns the string representation

func (DeleteSAMLProviderOutput) String

func (s DeleteSAMLProviderOutput) String() string

String returns the string representation

type DeleteSSHPublicKeyInput

type DeleteSSHPublicKeyInput struct {

	// The unique identifier for the SSH public key.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The name of the IAM user associated with the SSH public key.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteSSHPublicKeyInput) GoString

func (s DeleteSSHPublicKeyInput) GoString() string

GoString returns the string representation

func (*DeleteSSHPublicKeyInput) SetSSHPublicKeyId

func (s *DeleteSSHPublicKeyInput) SetSSHPublicKeyId(v string) *DeleteSSHPublicKeyInput

SetSSHPublicKeyId sets the SSHPublicKeyId field's value.

func (*DeleteSSHPublicKeyInput) SetUserName

SetUserName sets the UserName field's value.

func (DeleteSSHPublicKeyInput) String

func (s DeleteSSHPublicKeyInput) String() string

String returns the string representation

func (*DeleteSSHPublicKeyInput) Validate

func (s *DeleteSSHPublicKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteSSHPublicKeyOutput

type DeleteSSHPublicKeyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteSSHPublicKeyOutput) GoString

func (s DeleteSSHPublicKeyOutput) GoString() string

GoString returns the string representation

func (DeleteSSHPublicKeyOutput) String

func (s DeleteSSHPublicKeyOutput) String() string

String returns the string representation

type DeleteServerCertificateInput

type DeleteServerCertificateInput struct {

	// The name of the server certificate you want to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteServerCertificateInput) GoString

func (s DeleteServerCertificateInput) GoString() string

GoString returns the string representation

func (*DeleteServerCertificateInput) SetServerCertificateName

func (s *DeleteServerCertificateInput) SetServerCertificateName(v string) *DeleteServerCertificateInput

SetServerCertificateName sets the ServerCertificateName field's value.

func (DeleteServerCertificateInput) String

String returns the string representation

func (*DeleteServerCertificateInput) Validate

func (s *DeleteServerCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteServerCertificateOutput

type DeleteServerCertificateOutput struct {
	// contains filtered or unexported fields
}

func (DeleteServerCertificateOutput) GoString

GoString returns the string representation

func (DeleteServerCertificateOutput) String

String returns the string representation

type DeleteServiceLinkedRoleInput

type DeleteServiceLinkedRoleInput struct {

	// The name of the service-linked role to be deleted.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteServiceLinkedRoleInput) GoString

func (s DeleteServiceLinkedRoleInput) GoString() string

GoString returns the string representation

func (*DeleteServiceLinkedRoleInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (DeleteServiceLinkedRoleInput) String

String returns the string representation

func (*DeleteServiceLinkedRoleInput) Validate

func (s *DeleteServiceLinkedRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteServiceLinkedRoleOutput

type DeleteServiceLinkedRoleOutput struct {

	// The deletion task identifier that you can use to check the status of the
	// deletion. This identifier is returned in the format task/aws-service-role/<service-principal-name>/<role-name>/<task-uuid>.
	//
	// DeletionTaskId is a required field
	DeletionTaskId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteServiceLinkedRoleOutput) GoString

GoString returns the string representation

func (*DeleteServiceLinkedRoleOutput) SetDeletionTaskId

SetDeletionTaskId sets the DeletionTaskId field's value.

func (DeleteServiceLinkedRoleOutput) String

String returns the string representation

type DeleteServiceSpecificCredentialInput

type DeleteServiceSpecificCredentialInput struct {

	// The unique identifier of the service-specific credential. You can get this
	// value by calling ListServiceSpecificCredentials.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The name of the IAM user associated with the service-specific credential.
	// If this value is not specified, then the operation assumes the user whose
	// credentials are used to call the operation.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (DeleteServiceSpecificCredentialInput) GoString

GoString returns the string representation

func (*DeleteServiceSpecificCredentialInput) SetServiceSpecificCredentialId

SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.

func (*DeleteServiceSpecificCredentialInput) SetUserName

SetUserName sets the UserName field's value.

func (DeleteServiceSpecificCredentialInput) String

String returns the string representation

func (*DeleteServiceSpecificCredentialInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type DeleteServiceSpecificCredentialOutput

type DeleteServiceSpecificCredentialOutput struct {
	// contains filtered or unexported fields
}

func (DeleteServiceSpecificCredentialOutput) GoString

GoString returns the string representation

func (DeleteServiceSpecificCredentialOutput) String

String returns the string representation

type DeleteSigningCertificateInput

type DeleteSigningCertificateInput struct {

	// The ID of the signing certificate to delete.
	//
	// The format of this parameter, as described by its regex (http://wikipedia.org/wiki/regex)
	// pattern, is a string of characters that can be upper- or lower-cased letters
	// or digits.
	//
	// CertificateId is a required field
	CertificateId *string `min:"24" type:"string" required:"true"`

	// The name of the user the signing certificate belongs to.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (DeleteSigningCertificateInput) GoString

GoString returns the string representation

func (*DeleteSigningCertificateInput) SetCertificateId

SetCertificateId sets the CertificateId field's value.

func (*DeleteSigningCertificateInput) SetUserName

SetUserName sets the UserName field's value.

func (DeleteSigningCertificateInput) String

String returns the string representation

func (*DeleteSigningCertificateInput) Validate

func (s *DeleteSigningCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteSigningCertificateOutput

type DeleteSigningCertificateOutput struct {
	// contains filtered or unexported fields
}

func (DeleteSigningCertificateOutput) GoString

GoString returns the string representation

func (DeleteSigningCertificateOutput) String

String returns the string representation

type DeleteUserInput

type DeleteUserInput struct {

	// The name of the user to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteUserInput) GoString

func (s DeleteUserInput) GoString() string

GoString returns the string representation

func (*DeleteUserInput) SetUserName

func (s *DeleteUserInput) SetUserName(v string) *DeleteUserInput

SetUserName sets the UserName field's value.

func (DeleteUserInput) String

func (s DeleteUserInput) String() string

String returns the string representation

func (*DeleteUserInput) Validate

func (s *DeleteUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteUserOutput

type DeleteUserOutput struct {
	// contains filtered or unexported fields
}

func (DeleteUserOutput) GoString

func (s DeleteUserOutput) GoString() string

GoString returns the string representation

func (DeleteUserOutput) String

func (s DeleteUserOutput) String() string

String returns the string representation

type DeleteUserPolicyInput

type DeleteUserPolicyInput struct {

	// The name identifying the policy document to delete.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name (friendly name, not ARN) identifying the user that the policy is
	// embedded in.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteUserPolicyInput) GoString

func (s DeleteUserPolicyInput) GoString() string

GoString returns the string representation

func (*DeleteUserPolicyInput) SetPolicyName

func (s *DeleteUserPolicyInput) SetPolicyName(v string) *DeleteUserPolicyInput

SetPolicyName sets the PolicyName field's value.

func (*DeleteUserPolicyInput) SetUserName

SetUserName sets the UserName field's value.

func (DeleteUserPolicyInput) String

func (s DeleteUserPolicyInput) String() string

String returns the string representation

func (*DeleteUserPolicyInput) Validate

func (s *DeleteUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteUserPolicyOutput

type DeleteUserPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DeleteUserPolicyOutput) GoString

func (s DeleteUserPolicyOutput) GoString() string

GoString returns the string representation

func (DeleteUserPolicyOutput) String

func (s DeleteUserPolicyOutput) String() string

String returns the string representation

type DeleteVirtualMFADeviceInput

type DeleteVirtualMFADeviceInput struct {

	// The serial number that uniquely identifies the MFA device. For virtual MFA
	// devices, the serial number is the same as the ARN.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: =,.@:/-
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DeleteVirtualMFADeviceInput) GoString

func (s DeleteVirtualMFADeviceInput) GoString() string

GoString returns the string representation

func (*DeleteVirtualMFADeviceInput) SetSerialNumber

SetSerialNumber sets the SerialNumber field's value.

func (DeleteVirtualMFADeviceInput) String

String returns the string representation

func (*DeleteVirtualMFADeviceInput) Validate

func (s *DeleteVirtualMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DeleteVirtualMFADeviceOutput

type DeleteVirtualMFADeviceOutput struct {
	// contains filtered or unexported fields
}

func (DeleteVirtualMFADeviceOutput) GoString

func (s DeleteVirtualMFADeviceOutput) GoString() string

GoString returns the string representation

func (DeleteVirtualMFADeviceOutput) String

String returns the string representation

type DeletionTaskFailureReasonType

type DeletionTaskFailureReasonType struct {

	// A short description of the reason that the service-linked role deletion failed.
	Reason *string `type:"string"`

	// A list of objects that contains details about the service-linked role deletion
	// failure, if that information is returned by the service. If the service-linked
	// role has active sessions or if any resources that were used by the role have
	// not been deleted from the linked service, the role can't be deleted. This
	// parameter includes a list of the resources that are associated with the role
	// and the region in which the resources are being used.
	RoleUsageList []*RoleUsageType `type:"list"`
	// contains filtered or unexported fields
}

The reason that the service-linked role deletion failed.

This data type is used as a response element in the GetServiceLinkedRoleDeletionStatus operation.

func (DeletionTaskFailureReasonType) GoString

GoString returns the string representation

func (*DeletionTaskFailureReasonType) SetReason

SetReason sets the Reason field's value.

func (*DeletionTaskFailureReasonType) SetRoleUsageList

SetRoleUsageList sets the RoleUsageList field's value.

func (DeletionTaskFailureReasonType) String

String returns the string representation

type DetachGroupPolicyInput

type DetachGroupPolicyInput struct {

	// The name (friendly name, not ARN) of the IAM group to detach the policy from.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DetachGroupPolicyInput) GoString

func (s DetachGroupPolicyInput) GoString() string

GoString returns the string representation

func (*DetachGroupPolicyInput) SetGroupName

SetGroupName sets the GroupName field's value.

func (*DetachGroupPolicyInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (DetachGroupPolicyInput) String

func (s DetachGroupPolicyInput) String() string

String returns the string representation

func (*DetachGroupPolicyInput) Validate

func (s *DetachGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DetachGroupPolicyOutput

type DetachGroupPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DetachGroupPolicyOutput) GoString

func (s DetachGroupPolicyOutput) GoString() string

GoString returns the string representation

func (DetachGroupPolicyOutput) String

func (s DetachGroupPolicyOutput) String() string

String returns the string representation

type DetachRolePolicyInput

type DetachRolePolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the IAM role to detach the policy from.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DetachRolePolicyInput) GoString

func (s DetachRolePolicyInput) GoString() string

GoString returns the string representation

func (*DetachRolePolicyInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (*DetachRolePolicyInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (DetachRolePolicyInput) String

func (s DetachRolePolicyInput) String() string

String returns the string representation

func (*DetachRolePolicyInput) Validate

func (s *DetachRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DetachRolePolicyOutput

type DetachRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (DetachRolePolicyOutput) GoString

func (s DetachRolePolicyOutput) GoString() string

GoString returns the string representation

func (DetachRolePolicyOutput) String

func (s DetachRolePolicyOutput) String() string

String returns the string representation

type DetachUserPolicyInput

type DetachUserPolicyInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy you want to detach.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The name (friendly name, not ARN) of the IAM user to detach the policy from.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (DetachUserPolicyInput) GoString

func (s DetachUserPolicyInput) GoString() string

GoString returns the string representation

func (*DetachUserPolicyInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (*DetachUserPolicyInput) SetUserName

SetUserName sets the UserName field's value.

func (DetachUserPolicyInput) String

func (s DetachUserPolicyInput) String() string

String returns the string representation

func (*DetachUserPolicyInput) Validate

func (s *DetachUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type DetachUserPolicyOutput

type DetachUserPolicyOutput struct {
	// contains filtered or unexported fields
}

func (DetachUserPolicyOutput) GoString

func (s DetachUserPolicyOutput) GoString() string

GoString returns the string representation

func (DetachUserPolicyOutput) String

func (s DetachUserPolicyOutput) String() string

String returns the string representation

type EnableMFADeviceInput

type EnableMFADeviceInput struct {

	// An authentication code emitted by the device.
	//
	// The format for this parameter is a string of six digits.
	//
	// Submit your request immediately after generating the authentication codes.
	// If you generate the codes and then wait too long to submit the request, the
	// MFA device successfully associates with the user but the MFA device becomes
	// out of sync. This happens because time-based one-time passwords (TOTP) expire
	// after a short period of time. If this happens, you can resync the device
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html).
	//
	// AuthenticationCode1 is a required field
	AuthenticationCode1 *string `min:"6" type:"string" required:"true"`

	// A subsequent authentication code emitted by the device.
	//
	// The format for this parameter is a string of six digits.
	//
	// Submit your request immediately after generating the authentication codes.
	// If you generate the codes and then wait too long to submit the request, the
	// MFA device successfully associates with the user but the MFA device becomes
	// out of sync. This happens because time-based one-time passwords (TOTP) expire
	// after a short period of time. If this happens, you can resync the device
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_sync.html).
	//
	// AuthenticationCode2 is a required field
	AuthenticationCode2 *string `min:"6" type:"string" required:"true"`

	// The serial number that uniquely identifies the MFA device. For virtual MFA
	// devices, the serial number is the device ARN.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: =,.@:/-
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The name of the IAM user for whom you want to enable the MFA device.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (EnableMFADeviceInput) GoString

func (s EnableMFADeviceInput) GoString() string

GoString returns the string representation

func (*EnableMFADeviceInput) SetAuthenticationCode1

func (s *EnableMFADeviceInput) SetAuthenticationCode1(v string) *EnableMFADeviceInput

SetAuthenticationCode1 sets the AuthenticationCode1 field's value.

func (*EnableMFADeviceInput) SetAuthenticationCode2

func (s *EnableMFADeviceInput) SetAuthenticationCode2(v string) *EnableMFADeviceInput

SetAuthenticationCode2 sets the AuthenticationCode2 field's value.

func (*EnableMFADeviceInput) SetSerialNumber

func (s *EnableMFADeviceInput) SetSerialNumber(v string) *EnableMFADeviceInput

SetSerialNumber sets the SerialNumber field's value.

func (*EnableMFADeviceInput) SetUserName

SetUserName sets the UserName field's value.

func (EnableMFADeviceInput) String

func (s EnableMFADeviceInput) String() string

String returns the string representation

func (*EnableMFADeviceInput) Validate

func (s *EnableMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type EnableMFADeviceOutput

type EnableMFADeviceOutput struct {
	// contains filtered or unexported fields
}

func (EnableMFADeviceOutput) GoString

func (s EnableMFADeviceOutput) GoString() string

GoString returns the string representation

func (EnableMFADeviceOutput) String

func (s EnableMFADeviceOutput) String() string

String returns the string representation

type EvaluationResult

type EvaluationResult struct {

	// The name of the API operation tested on the indicated resource.
	//
	// EvalActionName is a required field
	EvalActionName *string `min:"3" type:"string" required:"true"`

	// The result of the simulation.
	//
	// EvalDecision is a required field
	EvalDecision *string `type:"string" required:"true" enum:"PolicyEvaluationDecisionType"`

	// Additional details about the results of the evaluation decision. When there
	// are both IAM policies and resource policies, this parameter explains how
	// each set of policies contributes to the final evaluation decision. When simulating
	// cross-account access to a resource, both the resource-based policy and the
	// caller's IAM policy must grant access. See How IAM Roles Differ from Resource-based
	// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_compare-resource-policies.html)
	EvalDecisionDetails map[string]*string `type:"map"`

	// The ARN of the resource that the indicated API operation was tested on.
	EvalResourceName *string `min:"1" type:"string"`

	// A list of the statements in the input policies that determine the result
	// for this scenario. Remember that even if multiple statements allow the operation
	// on the resource, if only one statement denies that operation, then the explicit
	// deny overrides any allow, and the deny statement is the only entry included
	// in the result.
	MatchedStatements []*Statement `type:"list"`

	// A list of context keys that are required by the included input policies but
	// that were not provided by one of the input parameters. This list is used
	// when the resource in a simulation is "*", either explicitly, or when the
	// ResourceArns parameter blank. If you include a list of resources, then any
	// missing context values are instead included under the ResourceSpecificResults
	// section. To discover the context keys used by a set of policies, you can
	// call GetContextKeysForCustomPolicy or GetContextKeysForPrincipalPolicy.
	MissingContextValues []*string `type:"list"`

	// A structure that details how AWS Organizations and its service control policies
	// affect the results of the simulation. Only applies if the simulated user's
	// account is part of an organization.
	OrganizationsDecisionDetail *OrganizationsDecisionDetail `type:"structure"`

	// The individual results of the simulation of the API operation specified in
	// EvalActionName on each resource.
	ResourceSpecificResults []*ResourceSpecificResult `type:"list"`
	// contains filtered or unexported fields
}

Contains the results of a simulation.

This data type is used by the return parameter of SimulateCustomPolicy and SimulatePrincipalPolicy.

func (EvaluationResult) GoString

func (s EvaluationResult) GoString() string

GoString returns the string representation

func (*EvaluationResult) SetEvalActionName

func (s *EvaluationResult) SetEvalActionName(v string) *EvaluationResult

SetEvalActionName sets the EvalActionName field's value.

func (*EvaluationResult) SetEvalDecision

func (s *EvaluationResult) SetEvalDecision(v string) *EvaluationResult

SetEvalDecision sets the EvalDecision field's value.

func (*EvaluationResult) SetEvalDecisionDetails

func (s *EvaluationResult) SetEvalDecisionDetails(v map[string]*string) *EvaluationResult

SetEvalDecisionDetails sets the EvalDecisionDetails field's value.

func (*EvaluationResult) SetEvalResourceName

func (s *EvaluationResult) SetEvalResourceName(v string) *EvaluationResult

SetEvalResourceName sets the EvalResourceName field's value.

func (*EvaluationResult) SetMatchedStatements

func (s *EvaluationResult) SetMatchedStatements(v []*Statement) *EvaluationResult

SetMatchedStatements sets the MatchedStatements field's value.

func (*EvaluationResult) SetMissingContextValues

func (s *EvaluationResult) SetMissingContextValues(v []*string) *EvaluationResult

SetMissingContextValues sets the MissingContextValues field's value.

func (*EvaluationResult) SetOrganizationsDecisionDetail

func (s *EvaluationResult) SetOrganizationsDecisionDetail(v *OrganizationsDecisionDetail) *EvaluationResult

SetOrganizationsDecisionDetail sets the OrganizationsDecisionDetail field's value.

func (*EvaluationResult) SetResourceSpecificResults

func (s *EvaluationResult) SetResourceSpecificResults(v []*ResourceSpecificResult) *EvaluationResult

SetResourceSpecificResults sets the ResourceSpecificResults field's value.

func (EvaluationResult) String

func (s EvaluationResult) String() string

String returns the string representation

type GenerateCredentialReportInput

type GenerateCredentialReportInput struct {
	// contains filtered or unexported fields
}

func (GenerateCredentialReportInput) GoString

GoString returns the string representation

func (GenerateCredentialReportInput) String

String returns the string representation

type GenerateCredentialReportOutput

type GenerateCredentialReportOutput struct {

	// Information about the credential report.
	Description *string `type:"string"`

	// Information about the state of the credential report.
	State *string `type:"string" enum:"ReportStateType"`
	// contains filtered or unexported fields
}

Contains the response to a successful GenerateCredentialReport request.

func (GenerateCredentialReportOutput) GoString

GoString returns the string representation

func (*GenerateCredentialReportOutput) SetDescription

SetDescription sets the Description field's value.

func (*GenerateCredentialReportOutput) SetState

SetState sets the State field's value.

func (GenerateCredentialReportOutput) String

String returns the string representation

type GetAccessKeyLastUsedInput

type GetAccessKeyLastUsedInput struct {

	// The identifier of an access key.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// AccessKeyId is a required field
	AccessKeyId *string `min:"16" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetAccessKeyLastUsedInput) GoString

func (s GetAccessKeyLastUsedInput) GoString() string

GoString returns the string representation

func (*GetAccessKeyLastUsedInput) SetAccessKeyId

SetAccessKeyId sets the AccessKeyId field's value.

func (GetAccessKeyLastUsedInput) String

func (s GetAccessKeyLastUsedInput) String() string

String returns the string representation

func (*GetAccessKeyLastUsedInput) Validate

func (s *GetAccessKeyLastUsedInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetAccessKeyLastUsedOutput

type GetAccessKeyLastUsedOutput struct {

	// Contains information about the last time the access key was used.
	AccessKeyLastUsed *AccessKeyLastUsed `type:"structure"`

	// The name of the AWS IAM user that owns this access key.
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetAccessKeyLastUsed request. It is also returned as a member of the AccessKeyMetaData structure returned by the ListAccessKeys action.

func (GetAccessKeyLastUsedOutput) GoString

func (s GetAccessKeyLastUsedOutput) GoString() string

GoString returns the string representation

func (*GetAccessKeyLastUsedOutput) SetAccessKeyLastUsed

SetAccessKeyLastUsed sets the AccessKeyLastUsed field's value.

func (*GetAccessKeyLastUsedOutput) SetUserName

SetUserName sets the UserName field's value.

func (GetAccessKeyLastUsedOutput) String

String returns the string representation

type GetAccountAuthorizationDetailsInput

type GetAccountAuthorizationDetailsInput struct {

	// A list of entity types used to filter the results. Only the entities that
	// match the types you specify are included in the output. Use the value LocalManagedPolicy
	// to include customer managed policies.
	//
	// The format for this parameter is a comma-separated (if more than one) list
	// of strings. Each string value in the list must be one of the valid values
	// listed below.
	Filter []*string `type:"list"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (GetAccountAuthorizationDetailsInput) GoString

GoString returns the string representation

func (*GetAccountAuthorizationDetailsInput) SetFilter

SetFilter sets the Filter field's value.

func (*GetAccountAuthorizationDetailsInput) SetMarker

SetMarker sets the Marker field's value.

func (*GetAccountAuthorizationDetailsInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (GetAccountAuthorizationDetailsInput) String

String returns the string representation

func (*GetAccountAuthorizationDetailsInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type GetAccountAuthorizationDetailsOutput

type GetAccountAuthorizationDetailsOutput struct {

	// A list containing information about IAM groups.
	GroupDetailList []*GroupDetail `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list containing information about managed policies.
	Policies []*ManagedPolicyDetail `type:"list"`

	// A list containing information about IAM roles.
	RoleDetailList []*RoleDetail `type:"list"`

	// A list containing information about IAM users.
	UserDetailList []*UserDetail `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetAccountAuthorizationDetails request.

func (GetAccountAuthorizationDetailsOutput) GoString

GoString returns the string representation

func (*GetAccountAuthorizationDetailsOutput) SetGroupDetailList

SetGroupDetailList sets the GroupDetailList field's value.

func (*GetAccountAuthorizationDetailsOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*GetAccountAuthorizationDetailsOutput) SetMarker

SetMarker sets the Marker field's value.

func (*GetAccountAuthorizationDetailsOutput) SetPolicies

SetPolicies sets the Policies field's value.

func (*GetAccountAuthorizationDetailsOutput) SetRoleDetailList

SetRoleDetailList sets the RoleDetailList field's value.

func (*GetAccountAuthorizationDetailsOutput) SetUserDetailList

SetUserDetailList sets the UserDetailList field's value.

func (GetAccountAuthorizationDetailsOutput) String

String returns the string representation

type GetAccountPasswordPolicyInput

type GetAccountPasswordPolicyInput struct {
	// contains filtered or unexported fields
}

func (GetAccountPasswordPolicyInput) GoString

GoString returns the string representation

func (GetAccountPasswordPolicyInput) String

String returns the string representation

type GetAccountPasswordPolicyOutput

type GetAccountPasswordPolicyOutput struct {

	// A structure that contains details about the account's password policy.
	//
	// PasswordPolicy is a required field
	PasswordPolicy *PasswordPolicy `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetAccountPasswordPolicy request.

func (GetAccountPasswordPolicyOutput) GoString

GoString returns the string representation

func (*GetAccountPasswordPolicyOutput) SetPasswordPolicy

SetPasswordPolicy sets the PasswordPolicy field's value.

func (GetAccountPasswordPolicyOutput) String

String returns the string representation

type GetAccountSummaryInput

type GetAccountSummaryInput struct {
	// contains filtered or unexported fields
}

func (GetAccountSummaryInput) GoString

func (s GetAccountSummaryInput) GoString() string

GoString returns the string representation

func (GetAccountSummaryInput) String

func (s GetAccountSummaryInput) String() string

String returns the string representation

type GetAccountSummaryOutput

type GetAccountSummaryOutput struct {

	// A set of key value pairs containing information about IAM entity usage and
	// IAM quotas.
	SummaryMap map[string]*int64 `type:"map"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetAccountSummary request.

func (GetAccountSummaryOutput) GoString

func (s GetAccountSummaryOutput) GoString() string

GoString returns the string representation

func (*GetAccountSummaryOutput) SetSummaryMap

func (s *GetAccountSummaryOutput) SetSummaryMap(v map[string]*int64) *GetAccountSummaryOutput

SetSummaryMap sets the SummaryMap field's value.

func (GetAccountSummaryOutput) String

func (s GetAccountSummaryOutput) String() string

String returns the string representation

type GetContextKeysForCustomPolicyInput

type GetContextKeysForCustomPolicyInput struct {

	// A list of policies for which you want the list of context keys referenced
	// in those policies. Each document is specified as a string containing the
	// complete, valid JSON text of an IAM policy.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyInputList is a required field
	PolicyInputList []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (GetContextKeysForCustomPolicyInput) GoString

GoString returns the string representation

func (*GetContextKeysForCustomPolicyInput) SetPolicyInputList

SetPolicyInputList sets the PolicyInputList field's value.

func (GetContextKeysForCustomPolicyInput) String

String returns the string representation

func (*GetContextKeysForCustomPolicyInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type GetContextKeysForPolicyResponse

type GetContextKeysForPolicyResponse struct {

	// The list of context keys that are referenced in the input policies.
	ContextKeyNames []*string `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetContextKeysForPrincipalPolicy or GetContextKeysForCustomPolicy request.

func (GetContextKeysForPolicyResponse) GoString

GoString returns the string representation

func (*GetContextKeysForPolicyResponse) SetContextKeyNames

SetContextKeyNames sets the ContextKeyNames field's value.

func (GetContextKeysForPolicyResponse) String

String returns the string representation

type GetContextKeysForPrincipalPolicyInput

type GetContextKeysForPrincipalPolicyInput struct {

	// An optional list of additional policies for which you want the list of context
	// keys that are referenced.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	PolicyInputList []*string `type:"list"`

	// The ARN of a user, group, or role whose policies contain the context keys
	// that you want listed. If you specify a user, the list includes context keys
	// that are found in all policies that are attached to the user. The list also
	// includes all groups that the user is a member of. If you pick a group or
	// a role, then it includes only those context keys that are found in policies
	// attached to that entity. Note that all parameters are shown in unencoded
	// form here for clarity, but must be URL encoded to be included as a part of
	// a real HTML request.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicySourceArn is a required field
	PolicySourceArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetContextKeysForPrincipalPolicyInput) GoString

GoString returns the string representation

func (*GetContextKeysForPrincipalPolicyInput) SetPolicyInputList

SetPolicyInputList sets the PolicyInputList field's value.

func (*GetContextKeysForPrincipalPolicyInput) SetPolicySourceArn

SetPolicySourceArn sets the PolicySourceArn field's value.

func (GetContextKeysForPrincipalPolicyInput) String

String returns the string representation

func (*GetContextKeysForPrincipalPolicyInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type GetCredentialReportInput

type GetCredentialReportInput struct {
	// contains filtered or unexported fields
}

func (GetCredentialReportInput) GoString

func (s GetCredentialReportInput) GoString() string

GoString returns the string representation

func (GetCredentialReportInput) String

func (s GetCredentialReportInput) String() string

String returns the string representation

type GetCredentialReportOutput

type GetCredentialReportOutput struct {

	// Contains the credential report. The report is Base64-encoded.
	//
	// Content is automatically base64 encoded/decoded by the SDK.
	Content []byte `type:"blob"`

	// The date and time when the credential report was created, in ISO 8601 date-time
	// format (http://www.iso.org/iso/iso8601).
	GeneratedTime *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The format (MIME type) of the credential report.
	ReportFormat *string `type:"string" enum:"ReportFormatType"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetCredentialReport request.

func (GetCredentialReportOutput) GoString

func (s GetCredentialReportOutput) GoString() string

GoString returns the string representation

func (*GetCredentialReportOutput) SetContent

SetContent sets the Content field's value.

func (*GetCredentialReportOutput) SetGeneratedTime

SetGeneratedTime sets the GeneratedTime field's value.

func (*GetCredentialReportOutput) SetReportFormat

SetReportFormat sets the ReportFormat field's value.

func (GetCredentialReportOutput) String

func (s GetCredentialReportOutput) String() string

String returns the string representation

type GetGroupInput

type GetGroupInput struct {

	// The name of the group.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (GetGroupInput) GoString

func (s GetGroupInput) GoString() string

GoString returns the string representation

func (*GetGroupInput) SetGroupName

func (s *GetGroupInput) SetGroupName(v string) *GetGroupInput

SetGroupName sets the GroupName field's value.

func (*GetGroupInput) SetMarker

func (s *GetGroupInput) SetMarker(v string) *GetGroupInput

SetMarker sets the Marker field's value.

func (*GetGroupInput) SetMaxItems

func (s *GetGroupInput) SetMaxItems(v int64) *GetGroupInput

SetMaxItems sets the MaxItems field's value.

func (GetGroupInput) String

func (s GetGroupInput) String() string

String returns the string representation

func (*GetGroupInput) Validate

func (s *GetGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetGroupOutput

type GetGroupOutput struct {

	// A structure that contains details about the group.
	//
	// Group is a required field
	Group *Group `type:"structure" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of users in the group.
	//
	// Users is a required field
	Users []*User `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetGroup request.

func (GetGroupOutput) GoString

func (s GetGroupOutput) GoString() string

GoString returns the string representation

func (*GetGroupOutput) SetGroup

func (s *GetGroupOutput) SetGroup(v *Group) *GetGroupOutput

SetGroup sets the Group field's value.

func (*GetGroupOutput) SetIsTruncated

func (s *GetGroupOutput) SetIsTruncated(v bool) *GetGroupOutput

SetIsTruncated sets the IsTruncated field's value.

func (*GetGroupOutput) SetMarker

func (s *GetGroupOutput) SetMarker(v string) *GetGroupOutput

SetMarker sets the Marker field's value.

func (*GetGroupOutput) SetUsers

func (s *GetGroupOutput) SetUsers(v []*User) *GetGroupOutput

SetUsers sets the Users field's value.

func (GetGroupOutput) String

func (s GetGroupOutput) String() string

String returns the string representation

type GetGroupPolicyInput

type GetGroupPolicyInput struct {

	// The name of the group the policy is associated with.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The name of the policy document to get.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetGroupPolicyInput) GoString

func (s GetGroupPolicyInput) GoString() string

GoString returns the string representation

func (*GetGroupPolicyInput) SetGroupName

func (s *GetGroupPolicyInput) SetGroupName(v string) *GetGroupPolicyInput

SetGroupName sets the GroupName field's value.

func (*GetGroupPolicyInput) SetPolicyName

func (s *GetGroupPolicyInput) SetPolicyName(v string) *GetGroupPolicyInput

SetPolicyName sets the PolicyName field's value.

func (GetGroupPolicyInput) String

func (s GetGroupPolicyInput) String() string

String returns the string representation

func (*GetGroupPolicyInput) Validate

func (s *GetGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetGroupPolicyOutput

type GetGroupPolicyOutput struct {

	// The group the policy is associated with.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The policy document.
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy.
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetGroupPolicy request.

func (GetGroupPolicyOutput) GoString

func (s GetGroupPolicyOutput) GoString() string

GoString returns the string representation

func (*GetGroupPolicyOutput) SetGroupName

func (s *GetGroupPolicyOutput) SetGroupName(v string) *GetGroupPolicyOutput

SetGroupName sets the GroupName field's value.

func (*GetGroupPolicyOutput) SetPolicyDocument

func (s *GetGroupPolicyOutput) SetPolicyDocument(v string) *GetGroupPolicyOutput

SetPolicyDocument sets the PolicyDocument field's value.

func (*GetGroupPolicyOutput) SetPolicyName

func (s *GetGroupPolicyOutput) SetPolicyName(v string) *GetGroupPolicyOutput

SetPolicyName sets the PolicyName field's value.

func (GetGroupPolicyOutput) String

func (s GetGroupPolicyOutput) String() string

String returns the string representation

type GetInstanceProfileInput

type GetInstanceProfileInput struct {

	// The name of the instance profile to get information about.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetInstanceProfileInput) GoString

func (s GetInstanceProfileInput) GoString() string

GoString returns the string representation

func (*GetInstanceProfileInput) SetInstanceProfileName

func (s *GetInstanceProfileInput) SetInstanceProfileName(v string) *GetInstanceProfileInput

SetInstanceProfileName sets the InstanceProfileName field's value.

func (GetInstanceProfileInput) String

func (s GetInstanceProfileInput) String() string

String returns the string representation

func (*GetInstanceProfileInput) Validate

func (s *GetInstanceProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetInstanceProfileOutput

type GetInstanceProfileOutput struct {

	// A structure containing details about the instance profile.
	//
	// InstanceProfile is a required field
	InstanceProfile *InstanceProfile `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetInstanceProfile request.

func (GetInstanceProfileOutput) GoString

func (s GetInstanceProfileOutput) GoString() string

GoString returns the string representation

func (*GetInstanceProfileOutput) SetInstanceProfile

SetInstanceProfile sets the InstanceProfile field's value.

func (GetInstanceProfileOutput) String

func (s GetInstanceProfileOutput) String() string

String returns the string representation

type GetLoginProfileInput

type GetLoginProfileInput struct {

	// The name of the user whose login profile you want to retrieve.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetLoginProfileInput) GoString

func (s GetLoginProfileInput) GoString() string

GoString returns the string representation

func (*GetLoginProfileInput) SetUserName

SetUserName sets the UserName field's value.

func (GetLoginProfileInput) String

func (s GetLoginProfileInput) String() string

String returns the string representation

func (*GetLoginProfileInput) Validate

func (s *GetLoginProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetLoginProfileOutput

type GetLoginProfileOutput struct {

	// A structure containing the user name and password create date for the user.
	//
	// LoginProfile is a required field
	LoginProfile *LoginProfile `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetLoginProfile request.

func (GetLoginProfileOutput) GoString

func (s GetLoginProfileOutput) GoString() string

GoString returns the string representation

func (*GetLoginProfileOutput) SetLoginProfile

SetLoginProfile sets the LoginProfile field's value.

func (GetLoginProfileOutput) String

func (s GetLoginProfileOutput) String() string

String returns the string representation

type GetOpenIDConnectProviderInput

type GetOpenIDConnectProviderInput struct {

	// The Amazon Resource Name (ARN) of the OIDC provider resource object in IAM
	// to get information for. You can get a list of OIDC provider resource ARNs
	// by using the ListOpenIDConnectProviders operation.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetOpenIDConnectProviderInput) GoString

GoString returns the string representation

func (*GetOpenIDConnectProviderInput) SetOpenIDConnectProviderArn

func (s *GetOpenIDConnectProviderInput) SetOpenIDConnectProviderArn(v string) *GetOpenIDConnectProviderInput

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (GetOpenIDConnectProviderInput) String

String returns the string representation

func (*GetOpenIDConnectProviderInput) Validate

func (s *GetOpenIDConnectProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetOpenIDConnectProviderOutput

type GetOpenIDConnectProviderOutput struct {

	// A list of client IDs (also known as audiences) that are associated with the
	// specified IAM OIDC provider resource object. For more information, see CreateOpenIDConnectProvider.
	ClientIDList []*string `type:"list"`

	// The date and time when the IAM OIDC provider resource object was created
	// in the AWS account.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// A list of certificate thumbprints that are associated with the specified
	// IAM OIDC provider resource object. For more information, see CreateOpenIDConnectProvider.
	ThumbprintList []*string `type:"list"`

	// The URL that the IAM OIDC provider resource object is associated with. For
	// more information, see CreateOpenIDConnectProvider.
	Url *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetOpenIDConnectProvider request.

func (GetOpenIDConnectProviderOutput) GoString

GoString returns the string representation

func (*GetOpenIDConnectProviderOutput) SetClientIDList

SetClientIDList sets the ClientIDList field's value.

func (*GetOpenIDConnectProviderOutput) SetCreateDate

SetCreateDate sets the CreateDate field's value.

func (*GetOpenIDConnectProviderOutput) SetThumbprintList

SetThumbprintList sets the ThumbprintList field's value.

func (*GetOpenIDConnectProviderOutput) SetUrl

SetUrl sets the Url field's value.

func (GetOpenIDConnectProviderOutput) String

String returns the string representation

type GetPolicyInput

type GetPolicyInput struct {

	// The Amazon Resource Name (ARN) of the managed policy that you want information
	// about.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetPolicyInput) GoString

func (s GetPolicyInput) GoString() string

GoString returns the string representation

func (*GetPolicyInput) SetPolicyArn

func (s *GetPolicyInput) SetPolicyArn(v string) *GetPolicyInput

SetPolicyArn sets the PolicyArn field's value.

func (GetPolicyInput) String

func (s GetPolicyInput) String() string

String returns the string representation

func (*GetPolicyInput) Validate

func (s *GetPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetPolicyOutput

type GetPolicyOutput struct {

	// A structure containing details about the policy.
	Policy *Policy `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetPolicy request.

func (GetPolicyOutput) GoString

func (s GetPolicyOutput) GoString() string

GoString returns the string representation

func (*GetPolicyOutput) SetPolicy

func (s *GetPolicyOutput) SetPolicy(v *Policy) *GetPolicyOutput

SetPolicy sets the Policy field's value.

func (GetPolicyOutput) String

func (s GetPolicyOutput) String() string

String returns the string representation

type GetPolicyVersionInput

type GetPolicyVersionInput struct {

	// The Amazon Resource Name (ARN) of the managed policy that you want information
	// about.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// Identifies the policy version to retrieve.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that consists of the lowercase letter 'v' followed
	// by one or two digits, and optionally followed by a period '.' and a string
	// of letters and digits.
	//
	// VersionId is a required field
	VersionId *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetPolicyVersionInput) GoString

func (s GetPolicyVersionInput) GoString() string

GoString returns the string representation

func (*GetPolicyVersionInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (*GetPolicyVersionInput) SetVersionId

SetVersionId sets the VersionId field's value.

func (GetPolicyVersionInput) String

func (s GetPolicyVersionInput) String() string

String returns the string representation

func (*GetPolicyVersionInput) Validate

func (s *GetPolicyVersionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetPolicyVersionOutput

type GetPolicyVersionOutput struct {

	// A structure containing details about the policy version.
	PolicyVersion *PolicyVersion `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetPolicyVersion request.

func (GetPolicyVersionOutput) GoString

func (s GetPolicyVersionOutput) GoString() string

GoString returns the string representation

func (*GetPolicyVersionOutput) SetPolicyVersion

SetPolicyVersion sets the PolicyVersion field's value.

func (GetPolicyVersionOutput) String

func (s GetPolicyVersionOutput) String() string

String returns the string representation

type GetRoleInput

type GetRoleInput struct {

	// The name of the IAM role to get information about.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetRoleInput) GoString

func (s GetRoleInput) GoString() string

GoString returns the string representation

func (*GetRoleInput) SetRoleName

func (s *GetRoleInput) SetRoleName(v string) *GetRoleInput

SetRoleName sets the RoleName field's value.

func (GetRoleInput) String

func (s GetRoleInput) String() string

String returns the string representation

func (*GetRoleInput) Validate

func (s *GetRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetRoleOutput

type GetRoleOutput struct {

	// A structure containing details about the IAM role.
	//
	// Role is a required field
	Role *Role `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetRole request.

func (GetRoleOutput) GoString

func (s GetRoleOutput) GoString() string

GoString returns the string representation

func (*GetRoleOutput) SetRole

func (s *GetRoleOutput) SetRole(v *Role) *GetRoleOutput

SetRole sets the Role field's value.

func (GetRoleOutput) String

func (s GetRoleOutput) String() string

String returns the string representation

type GetRolePolicyInput

type GetRolePolicyInput struct {

	// The name of the policy document to get.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name of the role associated with the policy.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetRolePolicyInput) GoString

func (s GetRolePolicyInput) GoString() string

GoString returns the string representation

func (*GetRolePolicyInput) SetPolicyName

func (s *GetRolePolicyInput) SetPolicyName(v string) *GetRolePolicyInput

SetPolicyName sets the PolicyName field's value.

func (*GetRolePolicyInput) SetRoleName

func (s *GetRolePolicyInput) SetRoleName(v string) *GetRolePolicyInput

SetRoleName sets the RoleName field's value.

func (GetRolePolicyInput) String

func (s GetRolePolicyInput) String() string

String returns the string representation

func (*GetRolePolicyInput) Validate

func (s *GetRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetRolePolicyOutput

type GetRolePolicyOutput struct {

	// The policy document.
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy.
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The role the policy is associated with.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetRolePolicy request.

func (GetRolePolicyOutput) GoString

func (s GetRolePolicyOutput) GoString() string

GoString returns the string representation

func (*GetRolePolicyOutput) SetPolicyDocument

func (s *GetRolePolicyOutput) SetPolicyDocument(v string) *GetRolePolicyOutput

SetPolicyDocument sets the PolicyDocument field's value.

func (*GetRolePolicyOutput) SetPolicyName

func (s *GetRolePolicyOutput) SetPolicyName(v string) *GetRolePolicyOutput

SetPolicyName sets the PolicyName field's value.

func (*GetRolePolicyOutput) SetRoleName

func (s *GetRolePolicyOutput) SetRoleName(v string) *GetRolePolicyOutput

SetRoleName sets the RoleName field's value.

func (GetRolePolicyOutput) String

func (s GetRolePolicyOutput) String() string

String returns the string representation

type GetSAMLProviderInput

type GetSAMLProviderInput struct {

	// The Amazon Resource Name (ARN) of the SAML provider resource object in IAM
	// to get information about.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// SAMLProviderArn is a required field
	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetSAMLProviderInput) GoString

func (s GetSAMLProviderInput) GoString() string

GoString returns the string representation

func (*GetSAMLProviderInput) SetSAMLProviderArn

func (s *GetSAMLProviderInput) SetSAMLProviderArn(v string) *GetSAMLProviderInput

SetSAMLProviderArn sets the SAMLProviderArn field's value.

func (GetSAMLProviderInput) String

func (s GetSAMLProviderInput) String() string

String returns the string representation

func (*GetSAMLProviderInput) Validate

func (s *GetSAMLProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetSAMLProviderOutput

type GetSAMLProviderOutput struct {

	// The date and time when the SAML provider was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The XML metadata document that includes information about an identity provider.
	SAMLMetadataDocument *string `min:"1000" type:"string"`

	// The expiration date and time for the SAML provider.
	ValidUntil *time.Time `type:"timestamp" timestampFormat:"iso8601"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetSAMLProvider request.

func (GetSAMLProviderOutput) GoString

func (s GetSAMLProviderOutput) GoString() string

GoString returns the string representation

func (*GetSAMLProviderOutput) SetCreateDate

SetCreateDate sets the CreateDate field's value.

func (*GetSAMLProviderOutput) SetSAMLMetadataDocument

func (s *GetSAMLProviderOutput) SetSAMLMetadataDocument(v string) *GetSAMLProviderOutput

SetSAMLMetadataDocument sets the SAMLMetadataDocument field's value.

func (*GetSAMLProviderOutput) SetValidUntil

SetValidUntil sets the ValidUntil field's value.

func (GetSAMLProviderOutput) String

func (s GetSAMLProviderOutput) String() string

String returns the string representation

type GetSSHPublicKeyInput

type GetSSHPublicKeyInput struct {

	// Specifies the public key encoding format to use in the response. To retrieve
	// the public key in ssh-rsa format, use SSH. To retrieve the public key in
	// PEM format, use PEM.
	//
	// Encoding is a required field
	Encoding *string `type:"string" required:"true" enum:"encodingType"`

	// The unique identifier for the SSH public key.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The name of the IAM user associated with the SSH public key.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetSSHPublicKeyInput) GoString

func (s GetSSHPublicKeyInput) GoString() string

GoString returns the string representation

func (*GetSSHPublicKeyInput) SetEncoding

SetEncoding sets the Encoding field's value.

func (*GetSSHPublicKeyInput) SetSSHPublicKeyId

func (s *GetSSHPublicKeyInput) SetSSHPublicKeyId(v string) *GetSSHPublicKeyInput

SetSSHPublicKeyId sets the SSHPublicKeyId field's value.

func (*GetSSHPublicKeyInput) SetUserName

SetUserName sets the UserName field's value.

func (GetSSHPublicKeyInput) String

func (s GetSSHPublicKeyInput) String() string

String returns the string representation

func (*GetSSHPublicKeyInput) Validate

func (s *GetSSHPublicKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetSSHPublicKeyOutput

type GetSSHPublicKeyOutput struct {

	// A structure containing details about the SSH public key.
	SSHPublicKey *SSHPublicKey `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetSSHPublicKey request.

func (GetSSHPublicKeyOutput) GoString

func (s GetSSHPublicKeyOutput) GoString() string

GoString returns the string representation

func (*GetSSHPublicKeyOutput) SetSSHPublicKey

SetSSHPublicKey sets the SSHPublicKey field's value.

func (GetSSHPublicKeyOutput) String

func (s GetSSHPublicKeyOutput) String() string

String returns the string representation

type GetServerCertificateInput

type GetServerCertificateInput struct {

	// The name of the server certificate you want to retrieve information about.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetServerCertificateInput) GoString

func (s GetServerCertificateInput) GoString() string

GoString returns the string representation

func (*GetServerCertificateInput) SetServerCertificateName

func (s *GetServerCertificateInput) SetServerCertificateName(v string) *GetServerCertificateInput

SetServerCertificateName sets the ServerCertificateName field's value.

func (GetServerCertificateInput) String

func (s GetServerCertificateInput) String() string

String returns the string representation

func (*GetServerCertificateInput) Validate

func (s *GetServerCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetServerCertificateOutput

type GetServerCertificateOutput struct {

	// A structure containing details about the server certificate.
	//
	// ServerCertificate is a required field
	ServerCertificate *ServerCertificate `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetServerCertificate request.

func (GetServerCertificateOutput) GoString

func (s GetServerCertificateOutput) GoString() string

GoString returns the string representation

func (*GetServerCertificateOutput) SetServerCertificate

SetServerCertificate sets the ServerCertificate field's value.

func (GetServerCertificateOutput) String

String returns the string representation

type GetServiceLinkedRoleDeletionStatusInput

type GetServiceLinkedRoleDeletionStatusInput struct {

	// The deletion task identifier. This identifier is returned by the DeleteServiceLinkedRole
	// operation in the format task/aws-service-role/<service-principal-name>/<role-name>/<task-uuid>.
	//
	// DeletionTaskId is a required field
	DeletionTaskId *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetServiceLinkedRoleDeletionStatusInput) GoString

GoString returns the string representation

func (*GetServiceLinkedRoleDeletionStatusInput) SetDeletionTaskId

SetDeletionTaskId sets the DeletionTaskId field's value.

func (GetServiceLinkedRoleDeletionStatusInput) String

String returns the string representation

func (*GetServiceLinkedRoleDeletionStatusInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type GetServiceLinkedRoleDeletionStatusOutput

type GetServiceLinkedRoleDeletionStatusOutput struct {

	// An object that contains details about the reason the deletion failed.
	Reason *DeletionTaskFailureReasonType `type:"structure"`

	// The status of the deletion.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"DeletionTaskStatusType"`
	// contains filtered or unexported fields
}

func (GetServiceLinkedRoleDeletionStatusOutput) GoString

GoString returns the string representation

func (*GetServiceLinkedRoleDeletionStatusOutput) SetReason

SetReason sets the Reason field's value.

func (*GetServiceLinkedRoleDeletionStatusOutput) SetStatus

SetStatus sets the Status field's value.

func (GetServiceLinkedRoleDeletionStatusOutput) String

String returns the string representation

type GetUserInput

type GetUserInput struct {

	// The name of the user to get information about.
	//
	// This parameter is optional. If it is not included, it defaults to the user
	// making the request. This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (GetUserInput) GoString

func (s GetUserInput) GoString() string

GoString returns the string representation

func (*GetUserInput) SetUserName

func (s *GetUserInput) SetUserName(v string) *GetUserInput

SetUserName sets the UserName field's value.

func (GetUserInput) String

func (s GetUserInput) String() string

String returns the string representation

func (*GetUserInput) Validate

func (s *GetUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetUserOutput

type GetUserOutput struct {

	// A structure containing details about the IAM user.
	//
	// User is a required field
	User *User `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetUser request.

func (GetUserOutput) GoString

func (s GetUserOutput) GoString() string

GoString returns the string representation

func (*GetUserOutput) SetUser

func (s *GetUserOutput) SetUser(v *User) *GetUserOutput

SetUser sets the User field's value.

func (GetUserOutput) String

func (s GetUserOutput) String() string

String returns the string representation

type GetUserPolicyInput

type GetUserPolicyInput struct {

	// The name of the policy document to get.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name of the user who the policy is associated with.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (GetUserPolicyInput) GoString

func (s GetUserPolicyInput) GoString() string

GoString returns the string representation

func (*GetUserPolicyInput) SetPolicyName

func (s *GetUserPolicyInput) SetPolicyName(v string) *GetUserPolicyInput

SetPolicyName sets the PolicyName field's value.

func (*GetUserPolicyInput) SetUserName

func (s *GetUserPolicyInput) SetUserName(v string) *GetUserPolicyInput

SetUserName sets the UserName field's value.

func (GetUserPolicyInput) String

func (s GetUserPolicyInput) String() string

String returns the string representation

func (*GetUserPolicyInput) Validate

func (s *GetUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type GetUserPolicyOutput

type GetUserPolicyOutput struct {

	// The policy document.
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy.
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The user the policy is associated with.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful GetUserPolicy request.

func (GetUserPolicyOutput) GoString

func (s GetUserPolicyOutput) GoString() string

GoString returns the string representation

func (*GetUserPolicyOutput) SetPolicyDocument

func (s *GetUserPolicyOutput) SetPolicyDocument(v string) *GetUserPolicyOutput

SetPolicyDocument sets the PolicyDocument field's value.

func (*GetUserPolicyOutput) SetPolicyName

func (s *GetUserPolicyOutput) SetPolicyName(v string) *GetUserPolicyOutput

SetPolicyName sets the PolicyName field's value.

func (*GetUserPolicyOutput) SetUserName

func (s *GetUserPolicyOutput) SetUserName(v string) *GetUserPolicyOutput

SetUserName sets the UserName field's value.

func (GetUserPolicyOutput) String

func (s GetUserPolicyOutput) String() string

String returns the string representation

type Group

type Group struct {

	// The Amazon Resource Name (ARN) specifying the group. For more information
	// about ARNs and how to use them in policies, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the group was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The stable and unique string identifying the group. For more information
	// about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// GroupId is a required field
	GroupId *string `min:"16" type:"string" required:"true"`

	// The friendly name that identifies the group.
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The path to the group. For more information about paths, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an IAM group entity.

This data type is used as a response element in the following operations:

  • CreateGroup

  • GetGroup

  • ListGroups

func (Group) GoString

func (s Group) GoString() string

GoString returns the string representation

func (*Group) SetArn

func (s *Group) SetArn(v string) *Group

SetArn sets the Arn field's value.

func (*Group) SetCreateDate

func (s *Group) SetCreateDate(v time.Time) *Group

SetCreateDate sets the CreateDate field's value.

func (*Group) SetGroupId

func (s *Group) SetGroupId(v string) *Group

SetGroupId sets the GroupId field's value.

func (*Group) SetGroupName

func (s *Group) SetGroupName(v string) *Group

SetGroupName sets the GroupName field's value.

func (*Group) SetPath

func (s *Group) SetPath(v string) *Group

SetPath sets the Path field's value.

func (Group) String

func (s Group) String() string

String returns the string representation

type GroupDetail

type GroupDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	Arn *string `min:"20" type:"string"`

	// A list of the managed policies attached to the group.
	AttachedManagedPolicies []*AttachedPolicy `type:"list"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the group was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The stable and unique string identifying the group. For more information
	// about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	GroupId *string `min:"16" type:"string"`

	// The friendly name that identifies the group.
	GroupName *string `min:"1" type:"string"`

	// A list of the inline policies embedded in the group.
	GroupPolicyList []*PolicyDetail `type:"list"`

	// The path to the group. For more information about paths, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	Path *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about an IAM group, including all of the group's policies.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

func (GroupDetail) GoString

func (s GroupDetail) GoString() string

GoString returns the string representation

func (*GroupDetail) SetArn

func (s *GroupDetail) SetArn(v string) *GroupDetail

SetArn sets the Arn field's value.

func (*GroupDetail) SetAttachedManagedPolicies

func (s *GroupDetail) SetAttachedManagedPolicies(v []*AttachedPolicy) *GroupDetail

SetAttachedManagedPolicies sets the AttachedManagedPolicies field's value.

func (*GroupDetail) SetCreateDate

func (s *GroupDetail) SetCreateDate(v time.Time) *GroupDetail

SetCreateDate sets the CreateDate field's value.

func (*GroupDetail) SetGroupId

func (s *GroupDetail) SetGroupId(v string) *GroupDetail

SetGroupId sets the GroupId field's value.

func (*GroupDetail) SetGroupName

func (s *GroupDetail) SetGroupName(v string) *GroupDetail

SetGroupName sets the GroupName field's value.

func (*GroupDetail) SetGroupPolicyList

func (s *GroupDetail) SetGroupPolicyList(v []*PolicyDetail) *GroupDetail

SetGroupPolicyList sets the GroupPolicyList field's value.

func (*GroupDetail) SetPath

func (s *GroupDetail) SetPath(v string) *GroupDetail

SetPath sets the Path field's value.

func (GroupDetail) String

func (s GroupDetail) String() string

String returns the string representation

type IAM

type IAM struct {
	*client.Client
}

IAM provides the API operation methods for making requests to AWS Identity and Access Management. See this package's package overview docs for details on the service.

IAM methods are safe to use concurrently. It is not safe to modify mutate any of the struct's properties though.

func New

func New(p client.ConfigProvider, cfgs ...*aws.Config) *IAM

New creates a new instance of the IAM client with a session. If additional configuration is needed for the client instance use the optional aws.Config parameter to add your extra config.

Example:

// Create a IAM client from just a session.
svc := iam.New(mySession)

// Create a IAM client with additional configuration
svc := iam.New(mySession, aws.NewConfig().WithRegion("us-west-2"))

func (*IAM) AddClientIDToOpenIDConnectProvider

func (c *IAM) AddClientIDToOpenIDConnectProvider(input *AddClientIDToOpenIDConnectProviderInput) (*AddClientIDToOpenIDConnectProviderOutput, error)

AddClientIDToOpenIDConnectProvider API operation for AWS Identity and Access Management.

Adds a new client ID (also known as audience) to the list of client IDs already registered for the specified IAM OpenID Connect (OIDC) provider resource.

This operation is idempotent; it does not fail or return an error if you add an existing client ID to the provider.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation AddClientIDToOpenIDConnectProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddClientIDToOpenIDConnectProvider

Example (Shared00)

To add a client ID (audience) to an Open-ID Connect (OIDC) provider

The following add-client-id-to-open-id-connect-provider command adds the client ID my-application-ID to the OIDC provider named server.example.com:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.AddClientIDToOpenIDConnectProviderInput{
		ClientID:                 aws.String("my-application-ID"),
		OpenIDConnectProviderArn: aws.String("arn:aws:iam::123456789012:oidc-provider/server.example.com"),
	}

	result, err := svc.AddClientIDToOpenIDConnectProvider(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) AddClientIDToOpenIDConnectProviderRequest

func (c *IAM) AddClientIDToOpenIDConnectProviderRequest(input *AddClientIDToOpenIDConnectProviderInput) (req *request.Request, output *AddClientIDToOpenIDConnectProviderOutput)

AddClientIDToOpenIDConnectProviderRequest generates a "aws/request.Request" representing the client's request for the AddClientIDToOpenIDConnectProvider operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AddClientIDToOpenIDConnectProvider for more information on using the AddClientIDToOpenIDConnectProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AddClientIDToOpenIDConnectProviderRequest method.
req, resp := client.AddClientIDToOpenIDConnectProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddClientIDToOpenIDConnectProvider

func (*IAM) AddClientIDToOpenIDConnectProviderWithContext

func (c *IAM) AddClientIDToOpenIDConnectProviderWithContext(ctx aws.Context, input *AddClientIDToOpenIDConnectProviderInput, opts ...request.Option) (*AddClientIDToOpenIDConnectProviderOutput, error)

AddClientIDToOpenIDConnectProviderWithContext is the same as AddClientIDToOpenIDConnectProvider with the addition of the ability to pass a context and additional request options.

See AddClientIDToOpenIDConnectProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) AddRoleToInstanceProfile

func (c *IAM) AddRoleToInstanceProfile(input *AddRoleToInstanceProfileInput) (*AddRoleToInstanceProfileOutput, error)

AddRoleToInstanceProfile API operation for AWS Identity and Access Management.

Adds the specified IAM role to the specified instance profile. An instance profile can contain only one role, and this limit cannot be increased. You can remove the existing role and then add a different role to an instance profile. You must then wait for the change to appear across all of AWS because of eventual consistency (https://en.wikipedia.org/wiki/Eventual_consistency). To force the change, you must disassociate the instance profile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateIamInstanceProfile.html) and then associate the instance profile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AssociateIamInstanceProfile.html), or you can stop your instance and then restart it.

The caller of this API must be granted the PassRole permission on the IAM role by a permission policy.

For more information about roles, go to Working with Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). For more information about instance profiles, go to About Instance Profiles (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation AddRoleToInstanceProfile for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddRoleToInstanceProfile

Example (Shared00)

To add a role to an instance profile

The following command adds the role named S3Access to the instance profile named Webserver:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.AddRoleToInstanceProfileInput{
		InstanceProfileName: aws.String("Webserver"),
		RoleName:            aws.String("S3Access"),
	}

	result, err := svc.AddRoleToInstanceProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) AddRoleToInstanceProfileRequest

func (c *IAM) AddRoleToInstanceProfileRequest(input *AddRoleToInstanceProfileInput) (req *request.Request, output *AddRoleToInstanceProfileOutput)

AddRoleToInstanceProfileRequest generates a "aws/request.Request" representing the client's request for the AddRoleToInstanceProfile operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AddRoleToInstanceProfile for more information on using the AddRoleToInstanceProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AddRoleToInstanceProfileRequest method.
req, resp := client.AddRoleToInstanceProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddRoleToInstanceProfile

func (*IAM) AddRoleToInstanceProfileWithContext

func (c *IAM) AddRoleToInstanceProfileWithContext(ctx aws.Context, input *AddRoleToInstanceProfileInput, opts ...request.Option) (*AddRoleToInstanceProfileOutput, error)

AddRoleToInstanceProfileWithContext is the same as AddRoleToInstanceProfile with the addition of the ability to pass a context and additional request options.

See AddRoleToInstanceProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) AddUserToGroup

func (c *IAM) AddUserToGroup(input *AddUserToGroupInput) (*AddUserToGroupOutput, error)

AddUserToGroup API operation for AWS Identity and Access Management.

Adds the specified user to the specified group.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation AddUserToGroup for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddUserToGroup

Example (Shared00)

To add a user to an IAM group

The following command adds an IAM user named Bob to the IAM group named Admins:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.AddUserToGroupInput{
		GroupName: aws.String("Admins"),
		UserName:  aws.String("Bob"),
	}

	result, err := svc.AddUserToGroup(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) AddUserToGroupRequest

func (c *IAM) AddUserToGroupRequest(input *AddUserToGroupInput) (req *request.Request, output *AddUserToGroupOutput)

AddUserToGroupRequest generates a "aws/request.Request" representing the client's request for the AddUserToGroup operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AddUserToGroup for more information on using the AddUserToGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AddUserToGroupRequest method.
req, resp := client.AddUserToGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AddUserToGroup

func (*IAM) AddUserToGroupWithContext

func (c *IAM) AddUserToGroupWithContext(ctx aws.Context, input *AddUserToGroupInput, opts ...request.Option) (*AddUserToGroupOutput, error)

AddUserToGroupWithContext is the same as AddUserToGroup with the addition of the ability to pass a context and additional request options.

See AddUserToGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) AttachGroupPolicy

func (c *IAM) AttachGroupPolicy(input *AttachGroupPolicyInput) (*AttachGroupPolicyOutput, error)

AttachGroupPolicy API operation for AWS Identity and Access Management.

Attaches the specified managed policy to the specified IAM group.

You use this API to attach a managed policy to a group. To embed an inline policy in a group, use PutGroupPolicy.

For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation AttachGroupPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodePolicyNotAttachableException "PolicyNotAttachable" The request failed because AWS service role policies can only be attached to the service-linked role for that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachGroupPolicy

Example (Shared00)

To attach a managed policy to an IAM group

The following command attaches the AWS managed policy named ReadOnlyAccess to the IAM group named Finance.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.AttachGroupPolicyInput{
		GroupName: aws.String("Finance"),
		PolicyArn: aws.String("arn:aws:iam::aws:policy/ReadOnlyAccess"),
	}

	result, err := svc.AttachGroupPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodePolicyNotAttachableException:
				fmt.Println(iam.ErrCodePolicyNotAttachableException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) AttachGroupPolicyRequest

func (c *IAM) AttachGroupPolicyRequest(input *AttachGroupPolicyInput) (req *request.Request, output *AttachGroupPolicyOutput)

AttachGroupPolicyRequest generates a "aws/request.Request" representing the client's request for the AttachGroupPolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AttachGroupPolicy for more information on using the AttachGroupPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AttachGroupPolicyRequest method.
req, resp := client.AttachGroupPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachGroupPolicy

func (*IAM) AttachGroupPolicyWithContext

func (c *IAM) AttachGroupPolicyWithContext(ctx aws.Context, input *AttachGroupPolicyInput, opts ...request.Option) (*AttachGroupPolicyOutput, error)

AttachGroupPolicyWithContext is the same as AttachGroupPolicy with the addition of the ability to pass a context and additional request options.

See AttachGroupPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) AttachRolePolicy

func (c *IAM) AttachRolePolicy(input *AttachRolePolicyInput) (*AttachRolePolicyOutput, error)

AttachRolePolicy API operation for AWS Identity and Access Management.

Attaches the specified managed policy to the specified IAM role. When you attach a managed policy to a role, the managed policy becomes part of the role's permission (access) policy.

You cannot use a managed policy as the role's trust policy. The role's trust policy is created at the same time as the role, using CreateRole. You can update a role's trust policy using UpdateAssumeRolePolicy.

Use this API to attach a managed policy to a role. To embed an inline policy in a role, use PutRolePolicy. For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation AttachRolePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodePolicyNotAttachableException "PolicyNotAttachable" The request failed because AWS service role policies can only be attached to the service-linked role for that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachRolePolicy

Example (Shared00)

To attach a managed policy to an IAM role

The following command attaches the AWS managed policy named ReadOnlyAccess to the IAM role named ReadOnlyRole.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.AttachRolePolicyInput{
		PolicyArn: aws.String("arn:aws:iam::aws:policy/ReadOnlyAccess"),
		RoleName:  aws.String("ReadOnlyRole"),
	}

	result, err := svc.AttachRolePolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodePolicyNotAttachableException:
				fmt.Println(iam.ErrCodePolicyNotAttachableException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) AttachRolePolicyRequest

func (c *IAM) AttachRolePolicyRequest(input *AttachRolePolicyInput) (req *request.Request, output *AttachRolePolicyOutput)

AttachRolePolicyRequest generates a "aws/request.Request" representing the client's request for the AttachRolePolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AttachRolePolicy for more information on using the AttachRolePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AttachRolePolicyRequest method.
req, resp := client.AttachRolePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachRolePolicy

func (*IAM) AttachRolePolicyWithContext

func (c *IAM) AttachRolePolicyWithContext(ctx aws.Context, input *AttachRolePolicyInput, opts ...request.Option) (*AttachRolePolicyOutput, error)

AttachRolePolicyWithContext is the same as AttachRolePolicy with the addition of the ability to pass a context and additional request options.

See AttachRolePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) AttachUserPolicy

func (c *IAM) AttachUserPolicy(input *AttachUserPolicyInput) (*AttachUserPolicyOutput, error)

AttachUserPolicy API operation for AWS Identity and Access Management.

Attaches the specified managed policy to the specified user.

You use this API to attach a managed policy to a user. To embed an inline policy in a user, use PutUserPolicy.

For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation AttachUserPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodePolicyNotAttachableException "PolicyNotAttachable" The request failed because AWS service role policies can only be attached to the service-linked role for that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachUserPolicy

Example (Shared00)

To attach a managed policy to an IAM user

The following command attaches the AWS managed policy named AdministratorAccess to the IAM user named Alice.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.AttachUserPolicyInput{
		PolicyArn: aws.String("arn:aws:iam::aws:policy/AdministratorAccess"),
		UserName:  aws.String("Alice"),
	}

	result, err := svc.AttachUserPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodePolicyNotAttachableException:
				fmt.Println(iam.ErrCodePolicyNotAttachableException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) AttachUserPolicyRequest

func (c *IAM) AttachUserPolicyRequest(input *AttachUserPolicyInput) (req *request.Request, output *AttachUserPolicyOutput)

AttachUserPolicyRequest generates a "aws/request.Request" representing the client's request for the AttachUserPolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See AttachUserPolicy for more information on using the AttachUserPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the AttachUserPolicyRequest method.
req, resp := client.AttachUserPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/AttachUserPolicy

func (*IAM) AttachUserPolicyWithContext

func (c *IAM) AttachUserPolicyWithContext(ctx aws.Context, input *AttachUserPolicyInput, opts ...request.Option) (*AttachUserPolicyOutput, error)

AttachUserPolicyWithContext is the same as AttachUserPolicy with the addition of the ability to pass a context and additional request options.

See AttachUserPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ChangePassword

func (c *IAM) ChangePassword(input *ChangePasswordInput) (*ChangePasswordOutput, error)

ChangePassword API operation for AWS Identity and Access Management.

Changes the password of the IAM user who is calling this operation. The AWS account root user password is not affected by this operation.

To change the password for a different user, see UpdateLoginProfile. For more information about modifying passwords, see Managing Passwords (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ChangePassword for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidUserTypeException "InvalidUserType" The request was rejected because the type of user for the transaction was incorrect.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable" The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

  • ErrCodePasswordPolicyViolationException "PasswordPolicyViolation" The request was rejected because the provided password did not meet the requirements imposed by the account password policy.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ChangePassword

Example (Shared00)

To change the password for your IAM user

The following command changes the password for the current IAM user.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ChangePasswordInput{
		NewPassword: aws.String("]35d/{pB9Fo9wJ"),
		OldPassword: aws.String("3s0K_;xh4~8XXI"),
	}

	result, err := svc.ChangePassword(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeInvalidUserTypeException:
				fmt.Println(iam.ErrCodeInvalidUserTypeException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityTemporarilyUnmodifiableException:
				fmt.Println(iam.ErrCodeEntityTemporarilyUnmodifiableException, aerr.Error())
			case iam.ErrCodePasswordPolicyViolationException:
				fmt.Println(iam.ErrCodePasswordPolicyViolationException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ChangePasswordRequest

func (c *IAM) ChangePasswordRequest(input *ChangePasswordInput) (req *request.Request, output *ChangePasswordOutput)

ChangePasswordRequest generates a "aws/request.Request" representing the client's request for the ChangePassword operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ChangePassword for more information on using the ChangePassword API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ChangePasswordRequest method.
req, resp := client.ChangePasswordRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ChangePassword

func (*IAM) ChangePasswordWithContext

func (c *IAM) ChangePasswordWithContext(ctx aws.Context, input *ChangePasswordInput, opts ...request.Option) (*ChangePasswordOutput, error)

ChangePasswordWithContext is the same as ChangePassword with the addition of the ability to pass a context and additional request options.

See ChangePassword for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateAccessKey

func (c *IAM) CreateAccessKey(input *CreateAccessKeyInput) (*CreateAccessKeyOutput, error)

CreateAccessKey API operation for AWS Identity and Access Management.

Creates a new AWS secret access key and corresponding AWS access key ID for the specified user. The default status for new keys is Active.

If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing the request. Because this operation works for access keys under the AWS account, you can use this operation to manage AWS account root user credentials. This is true even if the AWS account has no associated users.

For information about limits on the number of keys you can create, see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

To ensure the security of your AWS account, the secret access key is accessible only during key and user creation. You must save the key (for example, in a text file) if you want to be able to access it again. If a secret key is lost, you can delete the access keys for the associated user and then create new keys.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateAccessKey for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccessKey

Example (Shared00)

To create an access key for an IAM user

The following command creates an access key (access key ID and secret access key) for the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateAccessKeyInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.CreateAccessKey(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateAccessKeyRequest

func (c *IAM) CreateAccessKeyRequest(input *CreateAccessKeyInput) (req *request.Request, output *CreateAccessKeyOutput)

CreateAccessKeyRequest generates a "aws/request.Request" representing the client's request for the CreateAccessKey operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateAccessKey for more information on using the CreateAccessKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateAccessKeyRequest method.
req, resp := client.CreateAccessKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccessKey

func (*IAM) CreateAccessKeyWithContext

func (c *IAM) CreateAccessKeyWithContext(ctx aws.Context, input *CreateAccessKeyInput, opts ...request.Option) (*CreateAccessKeyOutput, error)

CreateAccessKeyWithContext is the same as CreateAccessKey with the addition of the ability to pass a context and additional request options.

See CreateAccessKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateAccountAlias

func (c *IAM) CreateAccountAlias(input *CreateAccountAliasInput) (*CreateAccountAliasOutput, error)

CreateAccountAlias API operation for AWS Identity and Access Management.

Creates an alias for your AWS account. For information about using an AWS account alias, see Using an Alias for Your AWS Account ID (http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateAccountAlias for usage and error information.

Returned Error Codes:

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccountAlias

Example (Shared00)

To create an account alias

The following command associates the alias examplecorp to your AWS account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateAccountAliasInput{
		AccountAlias: aws.String("examplecorp"),
	}

	result, err := svc.CreateAccountAlias(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateAccountAliasRequest

func (c *IAM) CreateAccountAliasRequest(input *CreateAccountAliasInput) (req *request.Request, output *CreateAccountAliasOutput)

CreateAccountAliasRequest generates a "aws/request.Request" representing the client's request for the CreateAccountAlias operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateAccountAlias for more information on using the CreateAccountAlias API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateAccountAliasRequest method.
req, resp := client.CreateAccountAliasRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateAccountAlias

func (*IAM) CreateAccountAliasWithContext

func (c *IAM) CreateAccountAliasWithContext(ctx aws.Context, input *CreateAccountAliasInput, opts ...request.Option) (*CreateAccountAliasOutput, error)

CreateAccountAliasWithContext is the same as CreateAccountAlias with the addition of the ability to pass a context and additional request options.

See CreateAccountAlias for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateGroup

func (c *IAM) CreateGroup(input *CreateGroupInput) (*CreateGroupOutput, error)

CreateGroup API operation for AWS Identity and Access Management.

Creates a new group.

For information about the number of groups you can create, see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateGroup for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateGroup

Example (Shared00)

To create an IAM group

The following command creates an IAM group named Admins.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateGroupInput{
		GroupName: aws.String("Admins"),
	}

	result, err := svc.CreateGroup(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateGroupRequest

func (c *IAM) CreateGroupRequest(input *CreateGroupInput) (req *request.Request, output *CreateGroupOutput)

CreateGroupRequest generates a "aws/request.Request" representing the client's request for the CreateGroup operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateGroup for more information on using the CreateGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateGroupRequest method.
req, resp := client.CreateGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateGroup

func (*IAM) CreateGroupWithContext

func (c *IAM) CreateGroupWithContext(ctx aws.Context, input *CreateGroupInput, opts ...request.Option) (*CreateGroupOutput, error)

CreateGroupWithContext is the same as CreateGroup with the addition of the ability to pass a context and additional request options.

See CreateGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateInstanceProfile

func (c *IAM) CreateInstanceProfile(input *CreateInstanceProfileInput) (*CreateInstanceProfileOutput, error)

CreateInstanceProfile API operation for AWS Identity and Access Management.

Creates a new instance profile. For information about instance profiles, go to About Instance Profiles (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).

For information about the number of instance profiles you can create, see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateInstanceProfile for usage and error information.

Returned Error Codes:

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateInstanceProfile

Example (Shared00)

To create an instance profile

The following command creates an instance profile named Webserver that is ready to have a role attached and then be associated with an EC2 instance.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateInstanceProfileInput{
		InstanceProfileName: aws.String("Webserver"),
	}

	result, err := svc.CreateInstanceProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateInstanceProfileRequest

func (c *IAM) CreateInstanceProfileRequest(input *CreateInstanceProfileInput) (req *request.Request, output *CreateInstanceProfileOutput)

CreateInstanceProfileRequest generates a "aws/request.Request" representing the client's request for the CreateInstanceProfile operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateInstanceProfile for more information on using the CreateInstanceProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateInstanceProfileRequest method.
req, resp := client.CreateInstanceProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateInstanceProfile

func (*IAM) CreateInstanceProfileWithContext

func (c *IAM) CreateInstanceProfileWithContext(ctx aws.Context, input *CreateInstanceProfileInput, opts ...request.Option) (*CreateInstanceProfileOutput, error)

CreateInstanceProfileWithContext is the same as CreateInstanceProfile with the addition of the ability to pass a context and additional request options.

See CreateInstanceProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateLoginProfile

func (c *IAM) CreateLoginProfile(input *CreateLoginProfileInput) (*CreateLoginProfileOutput, error)

CreateLoginProfile API operation for AWS Identity and Access Management.

Creates a password for the specified user, giving the user the ability to access AWS services through the AWS Management Console. For more information about managing passwords, see Managing Passwords (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateLoginProfile for usage and error information.

Returned Error Codes:

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodePasswordPolicyViolationException "PasswordPolicyViolation" The request was rejected because the provided password did not meet the requirements imposed by the account password policy.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateLoginProfile

Example (Shared00)

To create an instance profile

The following command changes IAM user Bob's password and sets the flag that required Bob to change the password the next time he signs in.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateLoginProfileInput{
		Password:              aws.String("h]6EszR}vJ*m"),
		PasswordResetRequired: aws.Bool(true),
		UserName:              aws.String("Bob"),
	}

	result, err := svc.CreateLoginProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodePasswordPolicyViolationException:
				fmt.Println(iam.ErrCodePasswordPolicyViolationException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateLoginProfileRequest

func (c *IAM) CreateLoginProfileRequest(input *CreateLoginProfileInput) (req *request.Request, output *CreateLoginProfileOutput)

CreateLoginProfileRequest generates a "aws/request.Request" representing the client's request for the CreateLoginProfile operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateLoginProfile for more information on using the CreateLoginProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateLoginProfileRequest method.
req, resp := client.CreateLoginProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateLoginProfile

func (*IAM) CreateLoginProfileWithContext

func (c *IAM) CreateLoginProfileWithContext(ctx aws.Context, input *CreateLoginProfileInput, opts ...request.Option) (*CreateLoginProfileOutput, error)

CreateLoginProfileWithContext is the same as CreateLoginProfile with the addition of the ability to pass a context and additional request options.

See CreateLoginProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateOpenIDConnectProvider

func (c *IAM) CreateOpenIDConnectProvider(input *CreateOpenIDConnectProviderInput) (*CreateOpenIDConnectProviderOutput, error)

CreateOpenIDConnectProvider API operation for AWS Identity and Access Management.

Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC) (http://openid.net/connect/).

The OIDC provider that you create with this operation can be used as a principal in a role's trust policy. Such a policy establishes a trust relationship between AWS and the OIDC provider.

When you create the IAM OIDC provider, you specify the following:

  • The URL of the OIDC identity provider (IdP) to trust

  • A list of client IDs (also known as audiences) that identify the application or applications that are allowed to authenticate using the OIDC provider

  • A list of thumbprints of the server certificate(s) that the IdP uses.

You get all of this information from the OIDC IdP that you want to use to access AWS.

Because trust for the OIDC provider is derived from the IAM provider that this operation creates, it is best to limit access to the CreateOpenIDConnectProvider operation to highly privileged users.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateOpenIDConnectProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateOpenIDConnectProvider

Example (Shared00)

To create an instance profile

The following example defines a new OIDC provider in IAM with a client ID of my-application-id and pointing at the server with a URL of https://server.example.com.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateOpenIDConnectProviderInput{
		ClientIDList: []*string{
			aws.String("my-application-id"),
		},
		ThumbprintList: []*string{
			aws.String("3768084dfb3d2b68b7897bf5f565da8efEXAMPLE"),
		},
		Url: aws.String("https://server.example.com"),
	}

	result, err := svc.CreateOpenIDConnectProvider(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateOpenIDConnectProviderRequest

func (c *IAM) CreateOpenIDConnectProviderRequest(input *CreateOpenIDConnectProviderInput) (req *request.Request, output *CreateOpenIDConnectProviderOutput)

CreateOpenIDConnectProviderRequest generates a "aws/request.Request" representing the client's request for the CreateOpenIDConnectProvider operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateOpenIDConnectProvider for more information on using the CreateOpenIDConnectProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateOpenIDConnectProviderRequest method.
req, resp := client.CreateOpenIDConnectProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateOpenIDConnectProvider

func (*IAM) CreateOpenIDConnectProviderWithContext

func (c *IAM) CreateOpenIDConnectProviderWithContext(ctx aws.Context, input *CreateOpenIDConnectProviderInput, opts ...request.Option) (*CreateOpenIDConnectProviderOutput, error)

CreateOpenIDConnectProviderWithContext is the same as CreateOpenIDConnectProvider with the addition of the ability to pass a context and additional request options.

See CreateOpenIDConnectProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreatePolicy

func (c *IAM) CreatePolicy(input *CreatePolicyInput) (*CreatePolicyOutput, error)

CreatePolicy API operation for AWS Identity and Access Management.

Creates a new managed policy for your AWS account.

This operation creates a policy version with a version identifier of v1 and sets v1 as the policy's default version. For more information about policy versions, see Versioning for Managed Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) in the IAM User Guide.

For more information about managed policies in general, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreatePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicy

func (*IAM) CreatePolicyRequest

func (c *IAM) CreatePolicyRequest(input *CreatePolicyInput) (req *request.Request, output *CreatePolicyOutput)

CreatePolicyRequest generates a "aws/request.Request" representing the client's request for the CreatePolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreatePolicy for more information on using the CreatePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreatePolicyRequest method.
req, resp := client.CreatePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicy

func (*IAM) CreatePolicyVersion

func (c *IAM) CreatePolicyVersion(input *CreatePolicyVersionInput) (*CreatePolicyVersionOutput, error)

CreatePolicyVersion API operation for AWS Identity and Access Management.

Creates a new version of the specified managed policy. To update a managed policy, you create a new policy version. A managed policy can have up to five versions. If the policy has five versions, you must delete an existing version using DeletePolicyVersion before you create a new version.

Optionally, you can set the new version as the policy's default version. The default version is the version that is in effect for the IAM users, groups, and roles to which the policy is attached.

For more information about managed policy versions, see Versioning for Managed Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreatePolicyVersion for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicyVersion

func (*IAM) CreatePolicyVersionRequest

func (c *IAM) CreatePolicyVersionRequest(input *CreatePolicyVersionInput) (req *request.Request, output *CreatePolicyVersionOutput)

CreatePolicyVersionRequest generates a "aws/request.Request" representing the client's request for the CreatePolicyVersion operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreatePolicyVersion for more information on using the CreatePolicyVersion API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreatePolicyVersionRequest method.
req, resp := client.CreatePolicyVersionRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreatePolicyVersion

func (*IAM) CreatePolicyVersionWithContext

func (c *IAM) CreatePolicyVersionWithContext(ctx aws.Context, input *CreatePolicyVersionInput, opts ...request.Option) (*CreatePolicyVersionOutput, error)

CreatePolicyVersionWithContext is the same as CreatePolicyVersion with the addition of the ability to pass a context and additional request options.

See CreatePolicyVersion for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreatePolicyWithContext

func (c *IAM) CreatePolicyWithContext(ctx aws.Context, input *CreatePolicyInput, opts ...request.Option) (*CreatePolicyOutput, error)

CreatePolicyWithContext is the same as CreatePolicy with the addition of the ability to pass a context and additional request options.

See CreatePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateRole

func (c *IAM) CreateRole(input *CreateRoleInput) (*CreateRoleOutput, error)

CreateRole API operation for AWS Identity and Access Management.

Creates a new role for your AWS account. For more information about roles, go to IAM Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). For information about limitations on role names and the number of roles you can create, go to Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateRole for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateRole

Example (Shared00)

To create an IAM role

The following command creates a role named Test-Role and attaches a trust policy to it that is provided as a URL-encoded JSON string.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateRoleInput{
		AssumeRolePolicyDocument: aws.String("<URL-encoded-JSON>"),
		Path:                     aws.String("/"),
		RoleName:                 aws.String("Test-Role"),
	}

	result, err := svc.CreateRole(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeInvalidInputException:
				fmt.Println(iam.ErrCodeInvalidInputException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateRoleRequest

func (c *IAM) CreateRoleRequest(input *CreateRoleInput) (req *request.Request, output *CreateRoleOutput)

CreateRoleRequest generates a "aws/request.Request" representing the client's request for the CreateRole operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateRole for more information on using the CreateRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateRoleRequest method.
req, resp := client.CreateRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateRole

func (*IAM) CreateRoleWithContext

func (c *IAM) CreateRoleWithContext(ctx aws.Context, input *CreateRoleInput, opts ...request.Option) (*CreateRoleOutput, error)

CreateRoleWithContext is the same as CreateRole with the addition of the ability to pass a context and additional request options.

See CreateRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateSAMLProvider

func (c *IAM) CreateSAMLProvider(input *CreateSAMLProviderInput) (*CreateSAMLProviderOutput, error)

CreateSAMLProvider API operation for AWS Identity and Access Management.

Creates an IAM resource that describes an identity provider (IdP) that supports SAML 2.0.

The SAML provider resource that you create with this operation can be used as a principal in an IAM role's trust policy. Such a policy can enable federated users who sign-in using the SAML IdP to assume the role. You can create an IAM role that supports Web-based single sign-on (SSO) to the AWS Management Console or one that supports API access to AWS.

When you create the SAML provider resource, you upload a SAML metadata document that you get from your IdP. That document includes the issuer's name, expiration information, and keys that can be used to validate the SAML authentication response (assertions) that the IdP sends. You must generate the metadata document using the identity management software that is used as your organization's IdP.

This operation requires Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

For more information, see Enabling SAML 2.0 Federated Users to Access the AWS Management Console (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-saml.html) and About SAML 2.0-based Federation (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateSAMLProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateSAMLProvider

func (*IAM) CreateSAMLProviderRequest

func (c *IAM) CreateSAMLProviderRequest(input *CreateSAMLProviderInput) (req *request.Request, output *CreateSAMLProviderOutput)

CreateSAMLProviderRequest generates a "aws/request.Request" representing the client's request for the CreateSAMLProvider operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateSAMLProvider for more information on using the CreateSAMLProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateSAMLProviderRequest method.
req, resp := client.CreateSAMLProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateSAMLProvider

func (*IAM) CreateSAMLProviderWithContext

func (c *IAM) CreateSAMLProviderWithContext(ctx aws.Context, input *CreateSAMLProviderInput, opts ...request.Option) (*CreateSAMLProviderOutput, error)

CreateSAMLProviderWithContext is the same as CreateSAMLProvider with the addition of the ability to pass a context and additional request options.

See CreateSAMLProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateServiceLinkedRole

func (c *IAM) CreateServiceLinkedRole(input *CreateServiceLinkedRoleInput) (*CreateServiceLinkedRoleOutput, error)

CreateServiceLinkedRole API operation for AWS Identity and Access Management.

Creates an IAM role that is linked to a specific AWS service. The service controls the attached policies and when the role can be deleted. This helps ensure that the service is not broken by an unexpectedly changed or deleted role, which could put your AWS resources into an unknown state. Allowing the service to control the role helps improve service stability and proper cleanup when a service and its role are no longer needed.

The name of the role is generated by combining the string that you specify for the AWSServiceName parameter with the string that you specify for the CustomSuffix parameter. The resulting name must be unique in your account or the request fails.

To attach a policy to this service-linked role, you must make the request using the AWS service that depends on this role.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateServiceLinkedRole for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceLinkedRole

func (*IAM) CreateServiceLinkedRoleRequest

func (c *IAM) CreateServiceLinkedRoleRequest(input *CreateServiceLinkedRoleInput) (req *request.Request, output *CreateServiceLinkedRoleOutput)

CreateServiceLinkedRoleRequest generates a "aws/request.Request" representing the client's request for the CreateServiceLinkedRole operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateServiceLinkedRole for more information on using the CreateServiceLinkedRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateServiceLinkedRoleRequest method.
req, resp := client.CreateServiceLinkedRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceLinkedRole

func (*IAM) CreateServiceLinkedRoleWithContext

func (c *IAM) CreateServiceLinkedRoleWithContext(ctx aws.Context, input *CreateServiceLinkedRoleInput, opts ...request.Option) (*CreateServiceLinkedRoleOutput, error)

CreateServiceLinkedRoleWithContext is the same as CreateServiceLinkedRole with the addition of the ability to pass a context and additional request options.

See CreateServiceLinkedRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateServiceSpecificCredential

func (c *IAM) CreateServiceSpecificCredential(input *CreateServiceSpecificCredentialInput) (*CreateServiceSpecificCredentialOutput, error)

CreateServiceSpecificCredential API operation for AWS Identity and Access Management.

Generates a set of credentials consisting of a user name and password that can be used to access the service specified in the request. These credentials are generated by IAM, and can be used only for the specified service.

You can have a maximum of two sets of service-specific credentials for each supported service per user.

The only supported service at this time is AWS CodeCommit.

You can reset the password to a new service-generated value by calling ResetServiceSpecificCredential.

For more information about service-specific credentials, see Using IAM with AWS CodeCommit: Git Credentials, SSH Keys, and AWS Access Keys (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_ssh-keys.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateServiceSpecificCredential for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceNotSupportedException "NotSupportedService" The specified service does not support service-specific credentials.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceSpecificCredential

func (*IAM) CreateServiceSpecificCredentialRequest

func (c *IAM) CreateServiceSpecificCredentialRequest(input *CreateServiceSpecificCredentialInput) (req *request.Request, output *CreateServiceSpecificCredentialOutput)

CreateServiceSpecificCredentialRequest generates a "aws/request.Request" representing the client's request for the CreateServiceSpecificCredential operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateServiceSpecificCredential for more information on using the CreateServiceSpecificCredential API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateServiceSpecificCredentialRequest method.
req, resp := client.CreateServiceSpecificCredentialRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateServiceSpecificCredential

func (*IAM) CreateServiceSpecificCredentialWithContext

func (c *IAM) CreateServiceSpecificCredentialWithContext(ctx aws.Context, input *CreateServiceSpecificCredentialInput, opts ...request.Option) (*CreateServiceSpecificCredentialOutput, error)

CreateServiceSpecificCredentialWithContext is the same as CreateServiceSpecificCredential with the addition of the ability to pass a context and additional request options.

See CreateServiceSpecificCredential for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateUser

func (c *IAM) CreateUser(input *CreateUserInput) (*CreateUserOutput, error)

CreateUser API operation for AWS Identity and Access Management.

Creates a new IAM user for your AWS account.

For information about limitations on the number of IAM users you can create, see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateUser for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateUser

Example (Shared00)

To create an IAM user

The following create-user command creates an IAM user named Bob in the current account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.CreateUserInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.CreateUser(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) CreateUserRequest

func (c *IAM) CreateUserRequest(input *CreateUserInput) (req *request.Request, output *CreateUserOutput)

CreateUserRequest generates a "aws/request.Request" representing the client's request for the CreateUser operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateUser for more information on using the CreateUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateUserRequest method.
req, resp := client.CreateUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateUser

func (*IAM) CreateUserWithContext

func (c *IAM) CreateUserWithContext(ctx aws.Context, input *CreateUserInput, opts ...request.Option) (*CreateUserOutput, error)

CreateUserWithContext is the same as CreateUser with the addition of the ability to pass a context and additional request options.

See CreateUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) CreateVirtualMFADevice

func (c *IAM) CreateVirtualMFADevice(input *CreateVirtualMFADeviceInput) (*CreateVirtualMFADeviceOutput, error)

CreateVirtualMFADevice API operation for AWS Identity and Access Management.

Creates a new virtual MFA device for the AWS account. After creating the virtual MFA, use EnableMFADevice to attach the MFA device to an IAM user. For more information about creating and working with virtual MFA devices, go to Using a Virtual MFA Device (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) in the IAM User Guide.

For information about limits on the number of MFA devices you can create, see Limitations on Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

The seed information contained in the QR code and the Base32 string should be treated like any other secret access information, such as your AWS access keys or your passwords. After you provision your virtual device, you should ensure that the information is destroyed following secure procedures.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation CreateVirtualMFADevice for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateVirtualMFADevice

func (*IAM) CreateVirtualMFADeviceRequest

func (c *IAM) CreateVirtualMFADeviceRequest(input *CreateVirtualMFADeviceInput) (req *request.Request, output *CreateVirtualMFADeviceOutput)

CreateVirtualMFADeviceRequest generates a "aws/request.Request" representing the client's request for the CreateVirtualMFADevice operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See CreateVirtualMFADevice for more information on using the CreateVirtualMFADevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the CreateVirtualMFADeviceRequest method.
req, resp := client.CreateVirtualMFADeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/CreateVirtualMFADevice

func (*IAM) CreateVirtualMFADeviceWithContext

func (c *IAM) CreateVirtualMFADeviceWithContext(ctx aws.Context, input *CreateVirtualMFADeviceInput, opts ...request.Option) (*CreateVirtualMFADeviceOutput, error)

CreateVirtualMFADeviceWithContext is the same as CreateVirtualMFADevice with the addition of the ability to pass a context and additional request options.

See CreateVirtualMFADevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeactivateMFADevice

func (c *IAM) DeactivateMFADevice(input *DeactivateMFADeviceInput) (*DeactivateMFADeviceOutput, error)

DeactivateMFADevice API operation for AWS Identity and Access Management.

Deactivates the specified MFA device and removes it from association with the user name for which it was originally enabled.

For more information about creating and working with virtual MFA devices, go to Using a Virtual MFA Device (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeactivateMFADevice for usage and error information.

Returned Error Codes:

  • ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable" The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeactivateMFADevice

func (*IAM) DeactivateMFADeviceRequest

func (c *IAM) DeactivateMFADeviceRequest(input *DeactivateMFADeviceInput) (req *request.Request, output *DeactivateMFADeviceOutput)

DeactivateMFADeviceRequest generates a "aws/request.Request" representing the client's request for the DeactivateMFADevice operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeactivateMFADevice for more information on using the DeactivateMFADevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeactivateMFADeviceRequest method.
req, resp := client.DeactivateMFADeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeactivateMFADevice

func (*IAM) DeactivateMFADeviceWithContext

func (c *IAM) DeactivateMFADeviceWithContext(ctx aws.Context, input *DeactivateMFADeviceInput, opts ...request.Option) (*DeactivateMFADeviceOutput, error)

DeactivateMFADeviceWithContext is the same as DeactivateMFADevice with the addition of the ability to pass a context and additional request options.

See DeactivateMFADevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteAccessKey

func (c *IAM) DeleteAccessKey(input *DeleteAccessKeyInput) (*DeleteAccessKeyOutput, error)

DeleteAccessKey API operation for AWS Identity and Access Management.

Deletes the access key pair associated with the specified IAM user.

If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing the request. Because this operation works for access keys under the AWS account, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated users.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteAccessKey for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccessKey

Example (Shared00)

To delete an access key for an IAM user

The following command deletes one access key (access key ID and secret access key) assigned to the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteAccessKeyInput{
		AccessKeyId: aws.String("AKIDPMS9RO4H3FEXAMPLE"),
		UserName:    aws.String("Bob"),
	}

	result, err := svc.DeleteAccessKey(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteAccessKeyRequest

func (c *IAM) DeleteAccessKeyRequest(input *DeleteAccessKeyInput) (req *request.Request, output *DeleteAccessKeyOutput)

DeleteAccessKeyRequest generates a "aws/request.Request" representing the client's request for the DeleteAccessKey operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteAccessKey for more information on using the DeleteAccessKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteAccessKeyRequest method.
req, resp := client.DeleteAccessKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccessKey

func (*IAM) DeleteAccessKeyWithContext

func (c *IAM) DeleteAccessKeyWithContext(ctx aws.Context, input *DeleteAccessKeyInput, opts ...request.Option) (*DeleteAccessKeyOutput, error)

DeleteAccessKeyWithContext is the same as DeleteAccessKey with the addition of the ability to pass a context and additional request options.

See DeleteAccessKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteAccountAlias

func (c *IAM) DeleteAccountAlias(input *DeleteAccountAliasInput) (*DeleteAccountAliasOutput, error)

DeleteAccountAlias API operation for AWS Identity and Access Management.

Deletes the specified AWS account alias. For information about using an AWS account alias, see Using an Alias for Your AWS Account ID (http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteAccountAlias for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountAlias

Example (Shared00)

To delete an account alias

The following command removes the alias mycompany from the current AWS account:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteAccountAliasInput{
		AccountAlias: aws.String("mycompany"),
	}

	result, err := svc.DeleteAccountAlias(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteAccountAliasRequest

func (c *IAM) DeleteAccountAliasRequest(input *DeleteAccountAliasInput) (req *request.Request, output *DeleteAccountAliasOutput)

DeleteAccountAliasRequest generates a "aws/request.Request" representing the client's request for the DeleteAccountAlias operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteAccountAlias for more information on using the DeleteAccountAlias API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteAccountAliasRequest method.
req, resp := client.DeleteAccountAliasRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountAlias

func (*IAM) DeleteAccountAliasWithContext

func (c *IAM) DeleteAccountAliasWithContext(ctx aws.Context, input *DeleteAccountAliasInput, opts ...request.Option) (*DeleteAccountAliasOutput, error)

DeleteAccountAliasWithContext is the same as DeleteAccountAlias with the addition of the ability to pass a context and additional request options.

See DeleteAccountAlias for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteAccountPasswordPolicy

func (c *IAM) DeleteAccountPasswordPolicy(input *DeleteAccountPasswordPolicyInput) (*DeleteAccountPasswordPolicyOutput, error)

DeleteAccountPasswordPolicy API operation for AWS Identity and Access Management.

Deletes the password policy for the AWS account. There are no parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteAccountPasswordPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountPasswordPolicy

Example (Shared00)

To delete the current account password policy

The following command removes the password policy from the current AWS account:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteAccountPasswordPolicyInput{}

	result, err := svc.DeleteAccountPasswordPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteAccountPasswordPolicyRequest

func (c *IAM) DeleteAccountPasswordPolicyRequest(input *DeleteAccountPasswordPolicyInput) (req *request.Request, output *DeleteAccountPasswordPolicyOutput)

DeleteAccountPasswordPolicyRequest generates a "aws/request.Request" representing the client's request for the DeleteAccountPasswordPolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteAccountPasswordPolicy for more information on using the DeleteAccountPasswordPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteAccountPasswordPolicyRequest method.
req, resp := client.DeleteAccountPasswordPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteAccountPasswordPolicy

func (*IAM) DeleteAccountPasswordPolicyWithContext

func (c *IAM) DeleteAccountPasswordPolicyWithContext(ctx aws.Context, input *DeleteAccountPasswordPolicyInput, opts ...request.Option) (*DeleteAccountPasswordPolicyOutput, error)

DeleteAccountPasswordPolicyWithContext is the same as DeleteAccountPasswordPolicy with the addition of the ability to pass a context and additional request options.

See DeleteAccountPasswordPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteGroup

func (c *IAM) DeleteGroup(input *DeleteGroupInput) (*DeleteGroupOutput, error)

DeleteGroup API operation for AWS Identity and Access Management.

Deletes the specified IAM group. The group must not contain any users or have any attached policies.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteGroup for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroup

func (*IAM) DeleteGroupPolicy

func (c *IAM) DeleteGroupPolicy(input *DeleteGroupPolicyInput) (*DeleteGroupPolicyOutput, error)

DeleteGroupPolicy API operation for AWS Identity and Access Management.

Deletes the specified inline policy that is embedded in the specified IAM group.

A group can also have managed policies attached to it. To detach a managed policy from a group, use DetachGroupPolicy. For more information about policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteGroupPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroupPolicy

Example (Shared00)

To delete a policy from an IAM group

The following command deletes the policy named ExamplePolicy from the group named Admins:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteGroupPolicyInput{
		GroupName:  aws.String("Admins"),
		PolicyName: aws.String("ExamplePolicy"),
	}

	result, err := svc.DeleteGroupPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteGroupPolicyRequest

func (c *IAM) DeleteGroupPolicyRequest(input *DeleteGroupPolicyInput) (req *request.Request, output *DeleteGroupPolicyOutput)

DeleteGroupPolicyRequest generates a "aws/request.Request" representing the client's request for the DeleteGroupPolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteGroupPolicy for more information on using the DeleteGroupPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteGroupPolicyRequest method.
req, resp := client.DeleteGroupPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroupPolicy

func (*IAM) DeleteGroupPolicyWithContext

func (c *IAM) DeleteGroupPolicyWithContext(ctx aws.Context, input *DeleteGroupPolicyInput, opts ...request.Option) (*DeleteGroupPolicyOutput, error)

DeleteGroupPolicyWithContext is the same as DeleteGroupPolicy with the addition of the ability to pass a context and additional request options.

See DeleteGroupPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteGroupRequest

func (c *IAM) DeleteGroupRequest(input *DeleteGroupInput) (req *request.Request, output *DeleteGroupOutput)

DeleteGroupRequest generates a "aws/request.Request" representing the client's request for the DeleteGroup operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteGroup for more information on using the DeleteGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteGroupRequest method.
req, resp := client.DeleteGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteGroup

func (*IAM) DeleteGroupWithContext

func (c *IAM) DeleteGroupWithContext(ctx aws.Context, input *DeleteGroupInput, opts ...request.Option) (*DeleteGroupOutput, error)

DeleteGroupWithContext is the same as DeleteGroup with the addition of the ability to pass a context and additional request options.

See DeleteGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteInstanceProfile

func (c *IAM) DeleteInstanceProfile(input *DeleteInstanceProfileInput) (*DeleteInstanceProfileOutput, error)

DeleteInstanceProfile API operation for AWS Identity and Access Management.

Deletes the specified instance profile. The instance profile must not have an associated role.

Make sure that you do not have any Amazon EC2 instances running with the instance profile you are about to delete. Deleting a role or instance profile that is associated with a running instance will break any applications running on the instance.

For more information about instance profiles, go to About Instance Profiles (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteInstanceProfile for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteInstanceProfile

Example (Shared00)

To delete an instance profile

The following command deletes the instance profile named ExampleInstanceProfile

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteInstanceProfileInput{
		InstanceProfileName: aws.String("ExampleInstanceProfile"),
	}

	result, err := svc.DeleteInstanceProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeDeleteConflictException:
				fmt.Println(iam.ErrCodeDeleteConflictException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteInstanceProfileRequest

func (c *IAM) DeleteInstanceProfileRequest(input *DeleteInstanceProfileInput) (req *request.Request, output *DeleteInstanceProfileOutput)

DeleteInstanceProfileRequest generates a "aws/request.Request" representing the client's request for the DeleteInstanceProfile operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteInstanceProfile for more information on using the DeleteInstanceProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteInstanceProfileRequest method.
req, resp := client.DeleteInstanceProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteInstanceProfile

func (*IAM) DeleteInstanceProfileWithContext

func (c *IAM) DeleteInstanceProfileWithContext(ctx aws.Context, input *DeleteInstanceProfileInput, opts ...request.Option) (*DeleteInstanceProfileOutput, error)

DeleteInstanceProfileWithContext is the same as DeleteInstanceProfile with the addition of the ability to pass a context and additional request options.

See DeleteInstanceProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteLoginProfile

func (c *IAM) DeleteLoginProfile(input *DeleteLoginProfileInput) (*DeleteLoginProfileOutput, error)

DeleteLoginProfile API operation for AWS Identity and Access Management.

Deletes the password for the specified IAM user, which terminates the user's ability to access AWS services through the AWS Management Console.

Deleting a user's password does not prevent a user from accessing AWS through the command line interface or the API. To prevent all user access you must also either make any access keys inactive or delete them. For more information about making keys inactive or deleting them, see UpdateAccessKey and DeleteAccessKey.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteLoginProfile for usage and error information.

Returned Error Codes:

  • ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable" The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteLoginProfile

Example (Shared00)

To delete a password for an IAM user

The following command deletes the password for the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteLoginProfileInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.DeleteLoginProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeEntityTemporarilyUnmodifiableException:
				fmt.Println(iam.ErrCodeEntityTemporarilyUnmodifiableException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteLoginProfileRequest

func (c *IAM) DeleteLoginProfileRequest(input *DeleteLoginProfileInput) (req *request.Request, output *DeleteLoginProfileOutput)

DeleteLoginProfileRequest generates a "aws/request.Request" representing the client's request for the DeleteLoginProfile operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteLoginProfile for more information on using the DeleteLoginProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteLoginProfileRequest method.
req, resp := client.DeleteLoginProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteLoginProfile

func (*IAM) DeleteLoginProfileWithContext

func (c *IAM) DeleteLoginProfileWithContext(ctx aws.Context, input *DeleteLoginProfileInput, opts ...request.Option) (*DeleteLoginProfileOutput, error)

DeleteLoginProfileWithContext is the same as DeleteLoginProfile with the addition of the ability to pass a context and additional request options.

See DeleteLoginProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteOpenIDConnectProvider

func (c *IAM) DeleteOpenIDConnectProvider(input *DeleteOpenIDConnectProviderInput) (*DeleteOpenIDConnectProviderOutput, error)

DeleteOpenIDConnectProvider API operation for AWS Identity and Access Management.

Deletes an OpenID Connect identity provider (IdP) resource object in IAM.

Deleting an IAM OIDC provider resource does not update any roles that reference the provider as a principal in their trust policies. Any attempt to assume a role that references a deleted provider fails.

This operation is idempotent; it does not fail or return an error if you call the operation for a provider that does not exist.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteOpenIDConnectProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteOpenIDConnectProvider

func (*IAM) DeleteOpenIDConnectProviderRequest

func (c *IAM) DeleteOpenIDConnectProviderRequest(input *DeleteOpenIDConnectProviderInput) (req *request.Request, output *DeleteOpenIDConnectProviderOutput)

DeleteOpenIDConnectProviderRequest generates a "aws/request.Request" representing the client's request for the DeleteOpenIDConnectProvider operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteOpenIDConnectProvider for more information on using the DeleteOpenIDConnectProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteOpenIDConnectProviderRequest method.
req, resp := client.DeleteOpenIDConnectProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteOpenIDConnectProvider

func (*IAM) DeleteOpenIDConnectProviderWithContext

func (c *IAM) DeleteOpenIDConnectProviderWithContext(ctx aws.Context, input *DeleteOpenIDConnectProviderInput, opts ...request.Option) (*DeleteOpenIDConnectProviderOutput, error)

DeleteOpenIDConnectProviderWithContext is the same as DeleteOpenIDConnectProvider with the addition of the ability to pass a context and additional request options.

See DeleteOpenIDConnectProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeletePolicy

func (c *IAM) DeletePolicy(input *DeletePolicyInput) (*DeletePolicyOutput, error)

DeletePolicy API operation for AWS Identity and Access Management.

Deletes the specified managed policy.

Before you can delete a managed policy, you must first detach the policy from all users, groups, and roles that it is attached to. In addition you must delete all the policy's versions. The following steps describe the process for deleting a managed policy:

  • Detach the policy from all users, groups, and roles that the policy is attached to, using the DetachUserPolicy, DetachGroupPolicy, or DetachRolePolicy API operations. To list all the users, groups, and roles that a policy is attached to, use ListEntitiesForPolicy.

  • Delete all versions of the policy using DeletePolicyVersion. To list the policy's versions, use ListPolicyVersions. You cannot use DeletePolicyVersion to delete the version that is marked as the default version. You delete the policy's default version in the next step of the process.

  • Delete the policy (this automatically deletes the policy's default version) using this API.

For information about managed policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeletePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicy

func (*IAM) DeletePolicyRequest

func (c *IAM) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Request, output *DeletePolicyOutput)

DeletePolicyRequest generates a "aws/request.Request" representing the client's request for the DeletePolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeletePolicy for more information on using the DeletePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeletePolicyRequest method.
req, resp := client.DeletePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicy

func (*IAM) DeletePolicyVersion

func (c *IAM) DeletePolicyVersion(input *DeletePolicyVersionInput) (*DeletePolicyVersionOutput, error)

DeletePolicyVersion API operation for AWS Identity and Access Management.

Deletes the specified version from the specified managed policy.

You cannot delete the default version from a policy using this API. To delete the default version from a policy, use DeletePolicy. To find out which version of a policy is marked as the default version, use ListPolicyVersions.

For information about versions for managed policies, see Versioning for Managed Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeletePolicyVersion for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicyVersion

func (*IAM) DeletePolicyVersionRequest

func (c *IAM) DeletePolicyVersionRequest(input *DeletePolicyVersionInput) (req *request.Request, output *DeletePolicyVersionOutput)

DeletePolicyVersionRequest generates a "aws/request.Request" representing the client's request for the DeletePolicyVersion operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeletePolicyVersion for more information on using the DeletePolicyVersion API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeletePolicyVersionRequest method.
req, resp := client.DeletePolicyVersionRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeletePolicyVersion

func (*IAM) DeletePolicyVersionWithContext

func (c *IAM) DeletePolicyVersionWithContext(ctx aws.Context, input *DeletePolicyVersionInput, opts ...request.Option) (*DeletePolicyVersionOutput, error)

DeletePolicyVersionWithContext is the same as DeletePolicyVersion with the addition of the ability to pass a context and additional request options.

See DeletePolicyVersion for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeletePolicyWithContext

func (c *IAM) DeletePolicyWithContext(ctx aws.Context, input *DeletePolicyInput, opts ...request.Option) (*DeletePolicyOutput, error)

DeletePolicyWithContext is the same as DeletePolicy with the addition of the ability to pass a context and additional request options.

See DeletePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteRole

func (c *IAM) DeleteRole(input *DeleteRoleInput) (*DeleteRoleOutput, error)

DeleteRole API operation for AWS Identity and Access Management.

Deletes the specified role. The role must not have any policies attached. For more information about roles, go to Working with Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).

Make sure that you do not have any Amazon EC2 instances running with the role you are about to delete. Deleting a role or instance profile that is associated with a running instance will break any applications running on the instance.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteRole for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRole

Example (Shared00)

To delete an IAM role

The following command removes the role named Test-Role.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteRoleInput{
		RoleName: aws.String("Test-Role"),
	}

	result, err := svc.DeleteRole(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeDeleteConflictException:
				fmt.Println(iam.ErrCodeDeleteConflictException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteRolePolicy

func (c *IAM) DeleteRolePolicy(input *DeleteRolePolicyInput) (*DeleteRolePolicyOutput, error)

DeleteRolePolicy API operation for AWS Identity and Access Management.

Deletes the specified inline policy that is embedded in the specified IAM role.

A role can also have managed policies attached to it. To detach a managed policy from a role, use DetachRolePolicy. For more information about policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteRolePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePolicy

Example (Shared00)

To remove a policy from an IAM role

The following command removes the policy named ExamplePolicy from the role named Test-Role.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteRolePolicyInput{
		PolicyName: aws.String("ExamplePolicy"),
		RoleName:   aws.String("Test-Role"),
	}

	result, err := svc.DeleteRolePolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteRolePolicyRequest

func (c *IAM) DeleteRolePolicyRequest(input *DeleteRolePolicyInput) (req *request.Request, output *DeleteRolePolicyOutput)

DeleteRolePolicyRequest generates a "aws/request.Request" representing the client's request for the DeleteRolePolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteRolePolicy for more information on using the DeleteRolePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteRolePolicyRequest method.
req, resp := client.DeleteRolePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRolePolicy

func (*IAM) DeleteRolePolicyWithContext

func (c *IAM) DeleteRolePolicyWithContext(ctx aws.Context, input *DeleteRolePolicyInput, opts ...request.Option) (*DeleteRolePolicyOutput, error)

DeleteRolePolicyWithContext is the same as DeleteRolePolicy with the addition of the ability to pass a context and additional request options.

See DeleteRolePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteRoleRequest

func (c *IAM) DeleteRoleRequest(input *DeleteRoleInput) (req *request.Request, output *DeleteRoleOutput)

DeleteRoleRequest generates a "aws/request.Request" representing the client's request for the DeleteRole operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteRole for more information on using the DeleteRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteRoleRequest method.
req, resp := client.DeleteRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteRole

func (*IAM) DeleteRoleWithContext

func (c *IAM) DeleteRoleWithContext(ctx aws.Context, input *DeleteRoleInput, opts ...request.Option) (*DeleteRoleOutput, error)

DeleteRoleWithContext is the same as DeleteRole with the addition of the ability to pass a context and additional request options.

See DeleteRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteSAMLProvider

func (c *IAM) DeleteSAMLProvider(input *DeleteSAMLProviderInput) (*DeleteSAMLProviderOutput, error)

DeleteSAMLProvider API operation for AWS Identity and Access Management.

Deletes a SAML provider resource in IAM.

Deleting the provider resource from IAM does not update any roles that reference the SAML provider resource's ARN as a principal in their trust policies. Any attempt to assume a role that references a non-existent provider resource ARN fails.

This operation requires Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteSAMLProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSAMLProvider

func (*IAM) DeleteSAMLProviderRequest

func (c *IAM) DeleteSAMLProviderRequest(input *DeleteSAMLProviderInput) (req *request.Request, output *DeleteSAMLProviderOutput)

DeleteSAMLProviderRequest generates a "aws/request.Request" representing the client's request for the DeleteSAMLProvider operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteSAMLProvider for more information on using the DeleteSAMLProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteSAMLProviderRequest method.
req, resp := client.DeleteSAMLProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSAMLProvider

func (*IAM) DeleteSAMLProviderWithContext

func (c *IAM) DeleteSAMLProviderWithContext(ctx aws.Context, input *DeleteSAMLProviderInput, opts ...request.Option) (*DeleteSAMLProviderOutput, error)

DeleteSAMLProviderWithContext is the same as DeleteSAMLProvider with the addition of the ability to pass a context and additional request options.

See DeleteSAMLProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteSSHPublicKey

func (c *IAM) DeleteSSHPublicKey(input *DeleteSSHPublicKeyInput) (*DeleteSSHPublicKeyOutput, error)

DeleteSSHPublicKey API operation for AWS Identity and Access Management.

Deletes the specified SSH public key.

The SSH public key deleted by this operation is used only for authenticating the associated IAM user to an AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS CodeCommit for SSH Connections (http://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the AWS CodeCommit User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteSSHPublicKey for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSSHPublicKey

func (*IAM) DeleteSSHPublicKeyRequest

func (c *IAM) DeleteSSHPublicKeyRequest(input *DeleteSSHPublicKeyInput) (req *request.Request, output *DeleteSSHPublicKeyOutput)

DeleteSSHPublicKeyRequest generates a "aws/request.Request" representing the client's request for the DeleteSSHPublicKey operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteSSHPublicKey for more information on using the DeleteSSHPublicKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteSSHPublicKeyRequest method.
req, resp := client.DeleteSSHPublicKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSSHPublicKey

func (*IAM) DeleteSSHPublicKeyWithContext

func (c *IAM) DeleteSSHPublicKeyWithContext(ctx aws.Context, input *DeleteSSHPublicKeyInput, opts ...request.Option) (*DeleteSSHPublicKeyOutput, error)

DeleteSSHPublicKeyWithContext is the same as DeleteSSHPublicKey with the addition of the ability to pass a context and additional request options.

See DeleteSSHPublicKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteServerCertificate

func (c *IAM) DeleteServerCertificate(input *DeleteServerCertificateInput) (*DeleteServerCertificateOutput, error)

DeleteServerCertificate API operation for AWS Identity and Access Management.

Deletes the specified server certificate.

For more information about working with server certificates, see Working with Server Certificates (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic also includes a list of AWS services that can use the server certificates that you manage with IAM.

If you are using a server certificate with Elastic Load Balancing, deleting the certificate could have implications for your application. If Elastic Load Balancing doesn't detect the deletion of bound certificates, it may continue to use the certificates. This could cause Elastic Load Balancing to stop accepting traffic. We recommend that you remove the reference to the certificate from Elastic Load Balancing before using this command to delete the certificate. For more information, go to DeleteLoadBalancerListeners (http://docs.aws.amazon.com/ElasticLoadBalancing/latest/APIReference/API_DeleteLoadBalancerListeners.html) in the Elastic Load Balancing API Reference.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteServerCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServerCertificate

func (*IAM) DeleteServerCertificateRequest

func (c *IAM) DeleteServerCertificateRequest(input *DeleteServerCertificateInput) (req *request.Request, output *DeleteServerCertificateOutput)

DeleteServerCertificateRequest generates a "aws/request.Request" representing the client's request for the DeleteServerCertificate operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteServerCertificate for more information on using the DeleteServerCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteServerCertificateRequest method.
req, resp := client.DeleteServerCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServerCertificate

func (*IAM) DeleteServerCertificateWithContext

func (c *IAM) DeleteServerCertificateWithContext(ctx aws.Context, input *DeleteServerCertificateInput, opts ...request.Option) (*DeleteServerCertificateOutput, error)

DeleteServerCertificateWithContext is the same as DeleteServerCertificate with the addition of the ability to pass a context and additional request options.

See DeleteServerCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteServiceLinkedRole

func (c *IAM) DeleteServiceLinkedRole(input *DeleteServiceLinkedRoleInput) (*DeleteServiceLinkedRoleOutput, error)

DeleteServiceLinkedRole API operation for AWS Identity and Access Management.

Submits a service-linked role deletion request and returns a DeletionTaskId, which you can use to check the status of the deletion. Before you call this operation, confirm that the role has no active sessions and that any resources used by the role in the linked service are deleted. If you call this operation more than once for the same service-linked role and an earlier deletion task is not complete, then the DeletionTaskId of the earlier request is returned.

If you submit a deletion request for a service-linked role whose linked service is still accessing a resource, then the deletion task fails. If it fails, the GetServiceLinkedRoleDeletionStatus API operation returns the reason for the failure, usually including the resources that must be deleted. To delete the service-linked role, you must first remove those resources from the linked service and then submit the deletion request again. Resources are specific to the service that is linked to the role. For more information about removing resources from a service, see the AWS documentation (http://docs.aws.amazon.com/) for your service.

For more information about service-linked roles, see Roles Terms and Concepts: AWS Service-Linked Role (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#iam-term-service-linked-role) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteServiceLinkedRole for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceLinkedRole

func (*IAM) DeleteServiceLinkedRoleRequest

func (c *IAM) DeleteServiceLinkedRoleRequest(input *DeleteServiceLinkedRoleInput) (req *request.Request, output *DeleteServiceLinkedRoleOutput)

DeleteServiceLinkedRoleRequest generates a "aws/request.Request" representing the client's request for the DeleteServiceLinkedRole operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteServiceLinkedRole for more information on using the DeleteServiceLinkedRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteServiceLinkedRoleRequest method.
req, resp := client.DeleteServiceLinkedRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceLinkedRole

func (*IAM) DeleteServiceLinkedRoleWithContext

func (c *IAM) DeleteServiceLinkedRoleWithContext(ctx aws.Context, input *DeleteServiceLinkedRoleInput, opts ...request.Option) (*DeleteServiceLinkedRoleOutput, error)

DeleteServiceLinkedRoleWithContext is the same as DeleteServiceLinkedRole with the addition of the ability to pass a context and additional request options.

See DeleteServiceLinkedRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteServiceSpecificCredential

func (c *IAM) DeleteServiceSpecificCredential(input *DeleteServiceSpecificCredentialInput) (*DeleteServiceSpecificCredentialOutput, error)

DeleteServiceSpecificCredential API operation for AWS Identity and Access Management.

Deletes the specified service-specific credential.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteServiceSpecificCredential for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceSpecificCredential

func (*IAM) DeleteServiceSpecificCredentialRequest

func (c *IAM) DeleteServiceSpecificCredentialRequest(input *DeleteServiceSpecificCredentialInput) (req *request.Request, output *DeleteServiceSpecificCredentialOutput)

DeleteServiceSpecificCredentialRequest generates a "aws/request.Request" representing the client's request for the DeleteServiceSpecificCredential operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteServiceSpecificCredential for more information on using the DeleteServiceSpecificCredential API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteServiceSpecificCredentialRequest method.
req, resp := client.DeleteServiceSpecificCredentialRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteServiceSpecificCredential

func (*IAM) DeleteServiceSpecificCredentialWithContext

func (c *IAM) DeleteServiceSpecificCredentialWithContext(ctx aws.Context, input *DeleteServiceSpecificCredentialInput, opts ...request.Option) (*DeleteServiceSpecificCredentialOutput, error)

DeleteServiceSpecificCredentialWithContext is the same as DeleteServiceSpecificCredential with the addition of the ability to pass a context and additional request options.

See DeleteServiceSpecificCredential for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteSigningCertificate

func (c *IAM) DeleteSigningCertificate(input *DeleteSigningCertificateInput) (*DeleteSigningCertificateOutput, error)

DeleteSigningCertificate API operation for AWS Identity and Access Management.

Deletes a signing certificate associated with the specified IAM user.

If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing the request. Because this operation works for access keys under the AWS account, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated IAM users.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteSigningCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSigningCertificate

Example (Shared00)

To delete a signing certificate for an IAM user

The following command deletes the specified signing certificate for the IAM user named Anika.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteSigningCertificateInput{
		CertificateId: aws.String("TA7SMP42TDN5Z26OBPJE7EXAMPLE"),
		UserName:      aws.String("Anika"),
	}

	result, err := svc.DeleteSigningCertificate(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteSigningCertificateRequest

func (c *IAM) DeleteSigningCertificateRequest(input *DeleteSigningCertificateInput) (req *request.Request, output *DeleteSigningCertificateOutput)

DeleteSigningCertificateRequest generates a "aws/request.Request" representing the client's request for the DeleteSigningCertificate operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteSigningCertificate for more information on using the DeleteSigningCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteSigningCertificateRequest method.
req, resp := client.DeleteSigningCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteSigningCertificate

func (*IAM) DeleteSigningCertificateWithContext

func (c *IAM) DeleteSigningCertificateWithContext(ctx aws.Context, input *DeleteSigningCertificateInput, opts ...request.Option) (*DeleteSigningCertificateOutput, error)

DeleteSigningCertificateWithContext is the same as DeleteSigningCertificate with the addition of the ability to pass a context and additional request options.

See DeleteSigningCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteUser

func (c *IAM) DeleteUser(input *DeleteUserInput) (*DeleteUserOutput, error)

DeleteUser API operation for AWS Identity and Access Management.

Deletes the specified IAM user. The user must not belong to any groups or have any access keys, signing certificates, or attached policies.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteUser for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUser

Example (Shared00)

To delete an IAM user

The following command removes the IAM user named Bob from the current account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteUserInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.DeleteUser(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeDeleteConflictException:
				fmt.Println(iam.ErrCodeDeleteConflictException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteUserPolicy

func (c *IAM) DeleteUserPolicy(input *DeleteUserPolicyInput) (*DeleteUserPolicyOutput, error)

DeleteUserPolicy API operation for AWS Identity and Access Management.

Deletes the specified inline policy that is embedded in the specified IAM user.

A user can also have managed policies attached to it. To detach a managed policy from a user, use DetachUserPolicy. For more information about policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteUserPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPolicy

Example (Shared00)

To remove a policy from an IAM user

The following delete-user-policy command removes the specified policy from the IAM user named Juan:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteUserPolicyInput{
		PolicyName: aws.String("ExamplePolicy"),
		UserName:   aws.String("Juan"),
	}

	result, err := svc.DeleteUserPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteUserPolicyRequest

func (c *IAM) DeleteUserPolicyRequest(input *DeleteUserPolicyInput) (req *request.Request, output *DeleteUserPolicyOutput)

DeleteUserPolicyRequest generates a "aws/request.Request" representing the client's request for the DeleteUserPolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteUserPolicy for more information on using the DeleteUserPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteUserPolicyRequest method.
req, resp := client.DeleteUserPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUserPolicy

func (*IAM) DeleteUserPolicyWithContext

func (c *IAM) DeleteUserPolicyWithContext(ctx aws.Context, input *DeleteUserPolicyInput, opts ...request.Option) (*DeleteUserPolicyOutput, error)

DeleteUserPolicyWithContext is the same as DeleteUserPolicy with the addition of the ability to pass a context and additional request options.

See DeleteUserPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteUserRequest

func (c *IAM) DeleteUserRequest(input *DeleteUserInput) (req *request.Request, output *DeleteUserOutput)

DeleteUserRequest generates a "aws/request.Request" representing the client's request for the DeleteUser operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteUser for more information on using the DeleteUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteUserRequest method.
req, resp := client.DeleteUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteUser

func (*IAM) DeleteUserWithContext

func (c *IAM) DeleteUserWithContext(ctx aws.Context, input *DeleteUserInput, opts ...request.Option) (*DeleteUserOutput, error)

DeleteUserWithContext is the same as DeleteUser with the addition of the ability to pass a context and additional request options.

See DeleteUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DeleteVirtualMFADevice

func (c *IAM) DeleteVirtualMFADevice(input *DeleteVirtualMFADeviceInput) (*DeleteVirtualMFADeviceOutput, error)

DeleteVirtualMFADevice API operation for AWS Identity and Access Management.

Deletes a virtual MFA device.

You must deactivate a user's virtual MFA device before you can delete it. For information about deactivating MFA devices, see DeactivateMFADevice.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DeleteVirtualMFADevice for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeDeleteConflictException "DeleteConflict" The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteVirtualMFADevice

Example (Shared00)

To remove a virtual MFA device

The following delete-virtual-mfa-device command removes the specified MFA device from the current AWS account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.DeleteVirtualMFADeviceInput{
		SerialNumber: aws.String("arn:aws:iam::123456789012:mfa/ExampleName"),
	}

	result, err := svc.DeleteVirtualMFADevice(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeDeleteConflictException:
				fmt.Println(iam.ErrCodeDeleteConflictException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) DeleteVirtualMFADeviceRequest

func (c *IAM) DeleteVirtualMFADeviceRequest(input *DeleteVirtualMFADeviceInput) (req *request.Request, output *DeleteVirtualMFADeviceOutput)

DeleteVirtualMFADeviceRequest generates a "aws/request.Request" representing the client's request for the DeleteVirtualMFADevice operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DeleteVirtualMFADevice for more information on using the DeleteVirtualMFADevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DeleteVirtualMFADeviceRequest method.
req, resp := client.DeleteVirtualMFADeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DeleteVirtualMFADevice

func (*IAM) DeleteVirtualMFADeviceWithContext

func (c *IAM) DeleteVirtualMFADeviceWithContext(ctx aws.Context, input *DeleteVirtualMFADeviceInput, opts ...request.Option) (*DeleteVirtualMFADeviceOutput, error)

DeleteVirtualMFADeviceWithContext is the same as DeleteVirtualMFADevice with the addition of the ability to pass a context and additional request options.

See DeleteVirtualMFADevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DetachGroupPolicy

func (c *IAM) DetachGroupPolicy(input *DetachGroupPolicyInput) (*DetachGroupPolicyOutput, error)

DetachGroupPolicy API operation for AWS Identity and Access Management.

Removes the specified managed policy from the specified IAM group.

A group can also have inline policies embedded with it. To delete an inline policy, use the DeleteGroupPolicy API. For information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DetachGroupPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachGroupPolicy

func (*IAM) DetachGroupPolicyRequest

func (c *IAM) DetachGroupPolicyRequest(input *DetachGroupPolicyInput) (req *request.Request, output *DetachGroupPolicyOutput)

DetachGroupPolicyRequest generates a "aws/request.Request" representing the client's request for the DetachGroupPolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DetachGroupPolicy for more information on using the DetachGroupPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DetachGroupPolicyRequest method.
req, resp := client.DetachGroupPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachGroupPolicy

func (*IAM) DetachGroupPolicyWithContext

func (c *IAM) DetachGroupPolicyWithContext(ctx aws.Context, input *DetachGroupPolicyInput, opts ...request.Option) (*DetachGroupPolicyOutput, error)

DetachGroupPolicyWithContext is the same as DetachGroupPolicy with the addition of the ability to pass a context and additional request options.

See DetachGroupPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DetachRolePolicy

func (c *IAM) DetachRolePolicy(input *DetachRolePolicyInput) (*DetachRolePolicyOutput, error)

DetachRolePolicy API operation for AWS Identity and Access Management.

Removes the specified managed policy from the specified role.

A role can also have inline policies embedded with it. To delete an inline policy, use the DeleteRolePolicy API. For information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DetachRolePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachRolePolicy

func (*IAM) DetachRolePolicyRequest

func (c *IAM) DetachRolePolicyRequest(input *DetachRolePolicyInput) (req *request.Request, output *DetachRolePolicyOutput)

DetachRolePolicyRequest generates a "aws/request.Request" representing the client's request for the DetachRolePolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DetachRolePolicy for more information on using the DetachRolePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DetachRolePolicyRequest method.
req, resp := client.DetachRolePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachRolePolicy

func (*IAM) DetachRolePolicyWithContext

func (c *IAM) DetachRolePolicyWithContext(ctx aws.Context, input *DetachRolePolicyInput, opts ...request.Option) (*DetachRolePolicyOutput, error)

DetachRolePolicyWithContext is the same as DetachRolePolicy with the addition of the ability to pass a context and additional request options.

See DetachRolePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) DetachUserPolicy

func (c *IAM) DetachUserPolicy(input *DetachUserPolicyInput) (*DetachUserPolicyOutput, error)

DetachUserPolicy API operation for AWS Identity and Access Management.

Removes the specified managed policy from the specified user.

A user can also have inline policies embedded with it. To delete an inline policy, use the DeleteUserPolicy API. For information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation DetachUserPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachUserPolicy

func (*IAM) DetachUserPolicyRequest

func (c *IAM) DetachUserPolicyRequest(input *DetachUserPolicyInput) (req *request.Request, output *DetachUserPolicyOutput)

DetachUserPolicyRequest generates a "aws/request.Request" representing the client's request for the DetachUserPolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See DetachUserPolicy for more information on using the DetachUserPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the DetachUserPolicyRequest method.
req, resp := client.DetachUserPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/DetachUserPolicy

func (*IAM) DetachUserPolicyWithContext

func (c *IAM) DetachUserPolicyWithContext(ctx aws.Context, input *DetachUserPolicyInput, opts ...request.Option) (*DetachUserPolicyOutput, error)

DetachUserPolicyWithContext is the same as DetachUserPolicy with the addition of the ability to pass a context and additional request options.

See DetachUserPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) EnableMFADevice

func (c *IAM) EnableMFADevice(input *EnableMFADeviceInput) (*EnableMFADeviceOutput, error)

EnableMFADevice API operation for AWS Identity and Access Management.

Enables the specified MFA device and associates it with the specified IAM user. When enabled, the MFA device is required for every subsequent login by the IAM user associated with the device.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation EnableMFADevice for usage and error information.

Returned Error Codes:

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable" The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

  • ErrCodeInvalidAuthenticationCodeException "InvalidAuthenticationCode" The request was rejected because the authentication code was not recognized. The error message describes the specific error.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/EnableMFADevice

func (*IAM) EnableMFADeviceRequest

func (c *IAM) EnableMFADeviceRequest(input *EnableMFADeviceInput) (req *request.Request, output *EnableMFADeviceOutput)

EnableMFADeviceRequest generates a "aws/request.Request" representing the client's request for the EnableMFADevice operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See EnableMFADevice for more information on using the EnableMFADevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the EnableMFADeviceRequest method.
req, resp := client.EnableMFADeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/EnableMFADevice

func (*IAM) EnableMFADeviceWithContext

func (c *IAM) EnableMFADeviceWithContext(ctx aws.Context, input *EnableMFADeviceInput, opts ...request.Option) (*EnableMFADeviceOutput, error)

EnableMFADeviceWithContext is the same as EnableMFADevice with the addition of the ability to pass a context and additional request options.

See EnableMFADevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GenerateCredentialReport

func (c *IAM) GenerateCredentialReport(input *GenerateCredentialReportInput) (*GenerateCredentialReportOutput, error)

GenerateCredentialReport API operation for AWS Identity and Access Management.

Generates a credential report for the AWS account. For more information about the credential report, see Getting Credential Reports (http://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GenerateCredentialReport for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateCredentialReport

func (*IAM) GenerateCredentialReportRequest

func (c *IAM) GenerateCredentialReportRequest(input *GenerateCredentialReportInput) (req *request.Request, output *GenerateCredentialReportOutput)

GenerateCredentialReportRequest generates a "aws/request.Request" representing the client's request for the GenerateCredentialReport operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GenerateCredentialReport for more information on using the GenerateCredentialReport API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GenerateCredentialReportRequest method.
req, resp := client.GenerateCredentialReportRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GenerateCredentialReport

func (*IAM) GenerateCredentialReportWithContext

func (c *IAM) GenerateCredentialReportWithContext(ctx aws.Context, input *GenerateCredentialReportInput, opts ...request.Option) (*GenerateCredentialReportOutput, error)

GenerateCredentialReportWithContext is the same as GenerateCredentialReport with the addition of the ability to pass a context and additional request options.

See GenerateCredentialReport for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetAccessKeyLastUsed

func (c *IAM) GetAccessKeyLastUsed(input *GetAccessKeyLastUsedInput) (*GetAccessKeyLastUsedOutput, error)

GetAccessKeyLastUsed API operation for AWS Identity and Access Management.

Retrieves information about when the specified access key was last used. The information includes the date and time of last use, along with the AWS service and region that were specified in the last request made with that key.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetAccessKeyLastUsed for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccessKeyLastUsed

func (*IAM) GetAccessKeyLastUsedRequest

func (c *IAM) GetAccessKeyLastUsedRequest(input *GetAccessKeyLastUsedInput) (req *request.Request, output *GetAccessKeyLastUsedOutput)

GetAccessKeyLastUsedRequest generates a "aws/request.Request" representing the client's request for the GetAccessKeyLastUsed operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetAccessKeyLastUsed for more information on using the GetAccessKeyLastUsed API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetAccessKeyLastUsedRequest method.
req, resp := client.GetAccessKeyLastUsedRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccessKeyLastUsed

func (*IAM) GetAccessKeyLastUsedWithContext

func (c *IAM) GetAccessKeyLastUsedWithContext(ctx aws.Context, input *GetAccessKeyLastUsedInput, opts ...request.Option) (*GetAccessKeyLastUsedOutput, error)

GetAccessKeyLastUsedWithContext is the same as GetAccessKeyLastUsed with the addition of the ability to pass a context and additional request options.

See GetAccessKeyLastUsed for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetAccountAuthorizationDetails

func (c *IAM) GetAccountAuthorizationDetails(input *GetAccountAuthorizationDetailsInput) (*GetAccountAuthorizationDetailsOutput, error)

GetAccountAuthorizationDetails API operation for AWS Identity and Access Management.

Retrieves information about all IAM users, groups, roles, and policies in your AWS account, including their relationships to one another. Use this API to obtain a snapshot of the configuration of IAM permissions (users, groups, roles, and policies) in your account.

Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

You can optionally filter the results using the Filter parameter. You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetAccountAuthorizationDetails for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountAuthorizationDetails

func (*IAM) GetAccountAuthorizationDetailsPages

func (c *IAM) GetAccountAuthorizationDetailsPages(input *GetAccountAuthorizationDetailsInput, fn func(*GetAccountAuthorizationDetailsOutput, bool) bool) error

GetAccountAuthorizationDetailsPages iterates over the pages of a GetAccountAuthorizationDetails operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See GetAccountAuthorizationDetails method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a GetAccountAuthorizationDetails operation.
pageNum := 0
err := client.GetAccountAuthorizationDetailsPages(params,
    func(page *GetAccountAuthorizationDetailsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) GetAccountAuthorizationDetailsPagesWithContext

func (c *IAM) GetAccountAuthorizationDetailsPagesWithContext(ctx aws.Context, input *GetAccountAuthorizationDetailsInput, fn func(*GetAccountAuthorizationDetailsOutput, bool) bool, opts ...request.Option) error

GetAccountAuthorizationDetailsPagesWithContext same as GetAccountAuthorizationDetailsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetAccountAuthorizationDetailsRequest

func (c *IAM) GetAccountAuthorizationDetailsRequest(input *GetAccountAuthorizationDetailsInput) (req *request.Request, output *GetAccountAuthorizationDetailsOutput)

GetAccountAuthorizationDetailsRequest generates a "aws/request.Request" representing the client's request for the GetAccountAuthorizationDetails operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetAccountAuthorizationDetails for more information on using the GetAccountAuthorizationDetails API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetAccountAuthorizationDetailsRequest method.
req, resp := client.GetAccountAuthorizationDetailsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountAuthorizationDetails

func (*IAM) GetAccountAuthorizationDetailsWithContext

func (c *IAM) GetAccountAuthorizationDetailsWithContext(ctx aws.Context, input *GetAccountAuthorizationDetailsInput, opts ...request.Option) (*GetAccountAuthorizationDetailsOutput, error)

GetAccountAuthorizationDetailsWithContext is the same as GetAccountAuthorizationDetails with the addition of the ability to pass a context and additional request options.

See GetAccountAuthorizationDetails for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetAccountPasswordPolicy

func (c *IAM) GetAccountPasswordPolicy(input *GetAccountPasswordPolicyInput) (*GetAccountPasswordPolicyOutput, error)

GetAccountPasswordPolicy API operation for AWS Identity and Access Management.

Retrieves the password policy for the AWS account. For more information about using a password policy, go to Managing an IAM Password Policy (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetAccountPasswordPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountPasswordPolicy

Example (Shared00)

To see the current account password policy

The following command displays details about the password policy for the current AWS account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetAccountPasswordPolicyInput{}

	result, err := svc.GetAccountPasswordPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetAccountPasswordPolicyRequest

func (c *IAM) GetAccountPasswordPolicyRequest(input *GetAccountPasswordPolicyInput) (req *request.Request, output *GetAccountPasswordPolicyOutput)

GetAccountPasswordPolicyRequest generates a "aws/request.Request" representing the client's request for the GetAccountPasswordPolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetAccountPasswordPolicy for more information on using the GetAccountPasswordPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetAccountPasswordPolicyRequest method.
req, resp := client.GetAccountPasswordPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountPasswordPolicy

func (*IAM) GetAccountPasswordPolicyWithContext

func (c *IAM) GetAccountPasswordPolicyWithContext(ctx aws.Context, input *GetAccountPasswordPolicyInput, opts ...request.Option) (*GetAccountPasswordPolicyOutput, error)

GetAccountPasswordPolicyWithContext is the same as GetAccountPasswordPolicy with the addition of the ability to pass a context and additional request options.

See GetAccountPasswordPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetAccountSummary

func (c *IAM) GetAccountSummary(input *GetAccountSummaryInput) (*GetAccountSummaryOutput, error)

GetAccountSummary API operation for AWS Identity and Access Management.

Retrieves information about IAM entity usage and IAM quotas in the AWS account.

For information about limitations on IAM entities, see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetAccountSummary for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountSummary

Example (Shared00)

To get information about IAM entity quotas and usage in the current account

The following command returns information about the IAM entity quotas and usage in the current AWS account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetAccountSummaryInput{}

	result, err := svc.GetAccountSummary(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetAccountSummaryRequest

func (c *IAM) GetAccountSummaryRequest(input *GetAccountSummaryInput) (req *request.Request, output *GetAccountSummaryOutput)

GetAccountSummaryRequest generates a "aws/request.Request" representing the client's request for the GetAccountSummary operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetAccountSummary for more information on using the GetAccountSummary API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetAccountSummaryRequest method.
req, resp := client.GetAccountSummaryRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetAccountSummary

func (*IAM) GetAccountSummaryWithContext

func (c *IAM) GetAccountSummaryWithContext(ctx aws.Context, input *GetAccountSummaryInput, opts ...request.Option) (*GetAccountSummaryOutput, error)

GetAccountSummaryWithContext is the same as GetAccountSummary with the addition of the ability to pass a context and additional request options.

See GetAccountSummary for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetContextKeysForCustomPolicy

func (c *IAM) GetContextKeysForCustomPolicy(input *GetContextKeysForCustomPolicyInput) (*GetContextKeysForPolicyResponse, error)

GetContextKeysForCustomPolicy API operation for AWS Identity and Access Management.

Gets a list of all of the context keys referenced in the input policies. The policies are supplied as a list of one or more strings. To get the context keys from policies associated with an IAM user, group, or role, use GetContextKeysForPrincipalPolicy.

Context keys are variables maintained by AWS and its services that provide details about the context of an API query request. Context keys can be evaluated by testing against a value specified in an IAM policy. Use GetContextKeysForCustomPolicy to understand what key names and values you must supply when you call SimulateCustomPolicy. Note that all parameters are shown in unencoded form here for clarity but must be URL encoded to be included as a part of a real HTML request.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetContextKeysForCustomPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForCustomPolicy

func (*IAM) GetContextKeysForCustomPolicyRequest

func (c *IAM) GetContextKeysForCustomPolicyRequest(input *GetContextKeysForCustomPolicyInput) (req *request.Request, output *GetContextKeysForPolicyResponse)

GetContextKeysForCustomPolicyRequest generates a "aws/request.Request" representing the client's request for the GetContextKeysForCustomPolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetContextKeysForCustomPolicy for more information on using the GetContextKeysForCustomPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetContextKeysForCustomPolicyRequest method.
req, resp := client.GetContextKeysForCustomPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForCustomPolicy

func (*IAM) GetContextKeysForCustomPolicyWithContext

func (c *IAM) GetContextKeysForCustomPolicyWithContext(ctx aws.Context, input *GetContextKeysForCustomPolicyInput, opts ...request.Option) (*GetContextKeysForPolicyResponse, error)

GetContextKeysForCustomPolicyWithContext is the same as GetContextKeysForCustomPolicy with the addition of the ability to pass a context and additional request options.

See GetContextKeysForCustomPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetContextKeysForPrincipalPolicy

func (c *IAM) GetContextKeysForPrincipalPolicy(input *GetContextKeysForPrincipalPolicyInput) (*GetContextKeysForPolicyResponse, error)

GetContextKeysForPrincipalPolicy API operation for AWS Identity and Access Management.

Gets a list of all of the context keys referenced in all the IAM policies that are attached to the specified IAM entity. The entity can be an IAM user, group, or role. If you specify a user, then the request also includes all of the policies attached to groups that the user is a member of.

You can optionally include a list of one or more additional policies, specified as strings. If you want to include only a list of policies by string, use GetContextKeysForCustomPolicy instead.

Note: This API discloses information about the permissions granted to other users. If you do not want users to see other user's permissions, then consider allowing them to use GetContextKeysForCustomPolicy instead.

Context keys are variables maintained by AWS and its services that provide details about the context of an API query request. Context keys can be evaluated by testing against a value in an IAM policy. Use GetContextKeysForPrincipalPolicy to understand what key names and values you must supply when you call SimulatePrincipalPolicy.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetContextKeysForPrincipalPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForPrincipalPolicy

func (*IAM) GetContextKeysForPrincipalPolicyRequest

func (c *IAM) GetContextKeysForPrincipalPolicyRequest(input *GetContextKeysForPrincipalPolicyInput) (req *request.Request, output *GetContextKeysForPolicyResponse)

GetContextKeysForPrincipalPolicyRequest generates a "aws/request.Request" representing the client's request for the GetContextKeysForPrincipalPolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetContextKeysForPrincipalPolicy for more information on using the GetContextKeysForPrincipalPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetContextKeysForPrincipalPolicyRequest method.
req, resp := client.GetContextKeysForPrincipalPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetContextKeysForPrincipalPolicy

func (*IAM) GetContextKeysForPrincipalPolicyWithContext

func (c *IAM) GetContextKeysForPrincipalPolicyWithContext(ctx aws.Context, input *GetContextKeysForPrincipalPolicyInput, opts ...request.Option) (*GetContextKeysForPolicyResponse, error)

GetContextKeysForPrincipalPolicyWithContext is the same as GetContextKeysForPrincipalPolicy with the addition of the ability to pass a context and additional request options.

See GetContextKeysForPrincipalPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetCredentialReport

func (c *IAM) GetCredentialReport(input *GetCredentialReportInput) (*GetCredentialReportOutput, error)

GetCredentialReport API operation for AWS Identity and Access Management.

Retrieves a credential report for the AWS account. For more information about the credential report, see Getting Credential Reports (http://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetCredentialReport for usage and error information.

Returned Error Codes:

  • ErrCodeCredentialReportNotPresentException "ReportNotPresent" The request was rejected because the credential report does not exist. To generate a credential report, use GenerateCredentialReport.

  • ErrCodeCredentialReportExpiredException "ReportExpired" The request was rejected because the most recent credential report has expired. To generate a new credential report, use GenerateCredentialReport. For more information about credential report expiration, see Getting Credential Reports (http://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) in the IAM User Guide.

  • ErrCodeCredentialReportNotReadyException "ReportInProgress" The request was rejected because the credential report is still being generated.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetCredentialReport

func (*IAM) GetCredentialReportRequest

func (c *IAM) GetCredentialReportRequest(input *GetCredentialReportInput) (req *request.Request, output *GetCredentialReportOutput)

GetCredentialReportRequest generates a "aws/request.Request" representing the client's request for the GetCredentialReport operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetCredentialReport for more information on using the GetCredentialReport API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetCredentialReportRequest method.
req, resp := client.GetCredentialReportRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetCredentialReport

func (*IAM) GetCredentialReportWithContext

func (c *IAM) GetCredentialReportWithContext(ctx aws.Context, input *GetCredentialReportInput, opts ...request.Option) (*GetCredentialReportOutput, error)

GetCredentialReportWithContext is the same as GetCredentialReport with the addition of the ability to pass a context and additional request options.

See GetCredentialReport for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetGroup

func (c *IAM) GetGroup(input *GetGroupInput) (*GetGroupOutput, error)

GetGroup API operation for AWS Identity and Access Management.

Returns a list of IAM users that are in the specified IAM group. You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetGroup for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroup

func (*IAM) GetGroupPages

func (c *IAM) GetGroupPages(input *GetGroupInput, fn func(*GetGroupOutput, bool) bool) error

GetGroupPages iterates over the pages of a GetGroup operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See GetGroup method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a GetGroup operation.
pageNum := 0
err := client.GetGroupPages(params,
    func(page *GetGroupOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) GetGroupPagesWithContext

func (c *IAM) GetGroupPagesWithContext(ctx aws.Context, input *GetGroupInput, fn func(*GetGroupOutput, bool) bool, opts ...request.Option) error

GetGroupPagesWithContext same as GetGroupPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetGroupPolicy

func (c *IAM) GetGroupPolicy(input *GetGroupPolicyInput) (*GetGroupPolicyOutput, error)

GetGroupPolicy API operation for AWS Identity and Access Management.

Retrieves the specified inline policy document that is embedded in the specified IAM group.

Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

An IAM group can also have managed policies attached to it. To retrieve a managed policy document that is attached to a group, use GetPolicy to determine the policy's default version, then use GetPolicyVersion to retrieve the policy document.

For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetGroupPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroupPolicy

func (*IAM) GetGroupPolicyRequest

func (c *IAM) GetGroupPolicyRequest(input *GetGroupPolicyInput) (req *request.Request, output *GetGroupPolicyOutput)

GetGroupPolicyRequest generates a "aws/request.Request" representing the client's request for the GetGroupPolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetGroupPolicy for more information on using the GetGroupPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetGroupPolicyRequest method.
req, resp := client.GetGroupPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroupPolicy

func (*IAM) GetGroupPolicyWithContext

func (c *IAM) GetGroupPolicyWithContext(ctx aws.Context, input *GetGroupPolicyInput, opts ...request.Option) (*GetGroupPolicyOutput, error)

GetGroupPolicyWithContext is the same as GetGroupPolicy with the addition of the ability to pass a context and additional request options.

See GetGroupPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetGroupRequest

func (c *IAM) GetGroupRequest(input *GetGroupInput) (req *request.Request, output *GetGroupOutput)

GetGroupRequest generates a "aws/request.Request" representing the client's request for the GetGroup operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetGroup for more information on using the GetGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetGroupRequest method.
req, resp := client.GetGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetGroup

func (*IAM) GetGroupWithContext

func (c *IAM) GetGroupWithContext(ctx aws.Context, input *GetGroupInput, opts ...request.Option) (*GetGroupOutput, error)

GetGroupWithContext is the same as GetGroup with the addition of the ability to pass a context and additional request options.

See GetGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetInstanceProfile

func (c *IAM) GetInstanceProfile(input *GetInstanceProfileInput) (*GetInstanceProfileOutput, error)

GetInstanceProfile API operation for AWS Identity and Access Management.

Retrieves information about the specified instance profile, including the instance profile's path, GUID, ARN, and role. For more information about instance profiles, see About Instance Profiles (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetInstanceProfile for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetInstanceProfile

Example (Shared00)

To get information about an instance profile

The following command gets information about the instance profile named ExampleInstanceProfile.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetInstanceProfileInput{
		InstanceProfileName: aws.String("ExampleInstanceProfile"),
	}

	result, err := svc.GetInstanceProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetInstanceProfileRequest

func (c *IAM) GetInstanceProfileRequest(input *GetInstanceProfileInput) (req *request.Request, output *GetInstanceProfileOutput)

GetInstanceProfileRequest generates a "aws/request.Request" representing the client's request for the GetInstanceProfile operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetInstanceProfile for more information on using the GetInstanceProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetInstanceProfileRequest method.
req, resp := client.GetInstanceProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetInstanceProfile

func (*IAM) GetInstanceProfileWithContext

func (c *IAM) GetInstanceProfileWithContext(ctx aws.Context, input *GetInstanceProfileInput, opts ...request.Option) (*GetInstanceProfileOutput, error)

GetInstanceProfileWithContext is the same as GetInstanceProfile with the addition of the ability to pass a context and additional request options.

See GetInstanceProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetLoginProfile

func (c *IAM) GetLoginProfile(input *GetLoginProfileInput) (*GetLoginProfileOutput, error)

GetLoginProfile API operation for AWS Identity and Access Management.

Retrieves the user name and password-creation date for the specified IAM user. If the user has not been assigned a password, the operation returns a 404 (NoSuchEntity) error.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetLoginProfile for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetLoginProfile

Example (Shared00)

To get password information for an IAM user

The following command gets information about the password for the IAM user named Anika.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetLoginProfileInput{
		UserName: aws.String("Anika"),
	}

	result, err := svc.GetLoginProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetLoginProfileRequest

func (c *IAM) GetLoginProfileRequest(input *GetLoginProfileInput) (req *request.Request, output *GetLoginProfileOutput)

GetLoginProfileRequest generates a "aws/request.Request" representing the client's request for the GetLoginProfile operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetLoginProfile for more information on using the GetLoginProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetLoginProfileRequest method.
req, resp := client.GetLoginProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetLoginProfile

func (*IAM) GetLoginProfileWithContext

func (c *IAM) GetLoginProfileWithContext(ctx aws.Context, input *GetLoginProfileInput, opts ...request.Option) (*GetLoginProfileOutput, error)

GetLoginProfileWithContext is the same as GetLoginProfile with the addition of the ability to pass a context and additional request options.

See GetLoginProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetOpenIDConnectProvider

func (c *IAM) GetOpenIDConnectProvider(input *GetOpenIDConnectProviderInput) (*GetOpenIDConnectProviderOutput, error)

GetOpenIDConnectProvider API operation for AWS Identity and Access Management.

Returns information about the specified OpenID Connect (OIDC) provider resource object in IAM.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetOpenIDConnectProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOpenIDConnectProvider

func (*IAM) GetOpenIDConnectProviderRequest

func (c *IAM) GetOpenIDConnectProviderRequest(input *GetOpenIDConnectProviderInput) (req *request.Request, output *GetOpenIDConnectProviderOutput)

GetOpenIDConnectProviderRequest generates a "aws/request.Request" representing the client's request for the GetOpenIDConnectProvider operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetOpenIDConnectProvider for more information on using the GetOpenIDConnectProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetOpenIDConnectProviderRequest method.
req, resp := client.GetOpenIDConnectProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetOpenIDConnectProvider

func (*IAM) GetOpenIDConnectProviderWithContext

func (c *IAM) GetOpenIDConnectProviderWithContext(ctx aws.Context, input *GetOpenIDConnectProviderInput, opts ...request.Option) (*GetOpenIDConnectProviderOutput, error)

GetOpenIDConnectProviderWithContext is the same as GetOpenIDConnectProvider with the addition of the ability to pass a context and additional request options.

See GetOpenIDConnectProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetPolicy

func (c *IAM) GetPolicy(input *GetPolicyInput) (*GetPolicyOutput, error)

GetPolicy API operation for AWS Identity and Access Management.

Retrieves information about the specified managed policy, including the policy's default version and the total number of IAM users, groups, and roles to which the policy is attached. To retrieve the list of the specific users, groups, and roles that the policy is attached to, use the ListEntitiesForPolicy API. This API returns metadata about the policy. To retrieve the actual policy document for a specific version of the policy, use GetPolicyVersion.

This API retrieves information about managed policies. To retrieve information about an inline policy that is embedded with an IAM user, group, or role, use the GetUserPolicy, GetGroupPolicy, or GetRolePolicy API.

For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicy

func (*IAM) GetPolicyRequest

func (c *IAM) GetPolicyRequest(input *GetPolicyInput) (req *request.Request, output *GetPolicyOutput)

GetPolicyRequest generates a "aws/request.Request" representing the client's request for the GetPolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetPolicy for more information on using the GetPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetPolicyRequest method.
req, resp := client.GetPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicy

func (*IAM) GetPolicyVersion

func (c *IAM) GetPolicyVersion(input *GetPolicyVersionInput) (*GetPolicyVersionOutput, error)

GetPolicyVersion API operation for AWS Identity and Access Management.

Retrieves information about the specified version of the specified managed policy, including the policy document.

Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

To list the available versions for a policy, use ListPolicyVersions.

This API retrieves information about managed policies. To retrieve information about an inline policy that is embedded in a user, group, or role, use the GetUserPolicy, GetGroupPolicy, or GetRolePolicy API.

For more information about the types of policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For more information about managed policy versions, see Versioning for Managed Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetPolicyVersion for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicyVersion

func (*IAM) GetPolicyVersionRequest

func (c *IAM) GetPolicyVersionRequest(input *GetPolicyVersionInput) (req *request.Request, output *GetPolicyVersionOutput)

GetPolicyVersionRequest generates a "aws/request.Request" representing the client's request for the GetPolicyVersion operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetPolicyVersion for more information on using the GetPolicyVersion API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetPolicyVersionRequest method.
req, resp := client.GetPolicyVersionRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetPolicyVersion

func (*IAM) GetPolicyVersionWithContext

func (c *IAM) GetPolicyVersionWithContext(ctx aws.Context, input *GetPolicyVersionInput, opts ...request.Option) (*GetPolicyVersionOutput, error)

GetPolicyVersionWithContext is the same as GetPolicyVersion with the addition of the ability to pass a context and additional request options.

See GetPolicyVersion for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetPolicyWithContext

func (c *IAM) GetPolicyWithContext(ctx aws.Context, input *GetPolicyInput, opts ...request.Option) (*GetPolicyOutput, error)

GetPolicyWithContext is the same as GetPolicy with the addition of the ability to pass a context and additional request options.

See GetPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetRole

func (c *IAM) GetRole(input *GetRoleInput) (*GetRoleOutput, error)

GetRole API operation for AWS Identity and Access Management.

Retrieves information about the specified role, including the role's path, GUID, ARN, and the role's trust policy that grants permission to assume the role. For more information about roles, see Working with Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).

Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetRole for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRole

Example (Shared00)

To get information about an IAM role

The following command gets information about the role named Test-Role.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetRoleInput{
		RoleName: aws.String("Test-Role"),
	}

	result, err := svc.GetRole(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetRolePolicy

func (c *IAM) GetRolePolicy(input *GetRolePolicyInput) (*GetRolePolicyOutput, error)

GetRolePolicy API operation for AWS Identity and Access Management.

Retrieves the specified inline policy document that is embedded with the specified IAM role.

Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

An IAM role can also have managed policies attached to it. To retrieve a managed policy document that is attached to a role, use GetPolicy to determine the policy's default version, then use GetPolicyVersion to retrieve the policy document.

For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For more information about roles, see Using Roles to Delegate Permissions and Federate Identities (http://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetRolePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRolePolicy

func (*IAM) GetRolePolicyRequest

func (c *IAM) GetRolePolicyRequest(input *GetRolePolicyInput) (req *request.Request, output *GetRolePolicyOutput)

GetRolePolicyRequest generates a "aws/request.Request" representing the client's request for the GetRolePolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetRolePolicy for more information on using the GetRolePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetRolePolicyRequest method.
req, resp := client.GetRolePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRolePolicy

func (*IAM) GetRolePolicyWithContext

func (c *IAM) GetRolePolicyWithContext(ctx aws.Context, input *GetRolePolicyInput, opts ...request.Option) (*GetRolePolicyOutput, error)

GetRolePolicyWithContext is the same as GetRolePolicy with the addition of the ability to pass a context and additional request options.

See GetRolePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetRoleRequest

func (c *IAM) GetRoleRequest(input *GetRoleInput) (req *request.Request, output *GetRoleOutput)

GetRoleRequest generates a "aws/request.Request" representing the client's request for the GetRole operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetRole for more information on using the GetRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetRoleRequest method.
req, resp := client.GetRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetRole

func (*IAM) GetRoleWithContext

func (c *IAM) GetRoleWithContext(ctx aws.Context, input *GetRoleInput, opts ...request.Option) (*GetRoleOutput, error)

GetRoleWithContext is the same as GetRole with the addition of the ability to pass a context and additional request options.

See GetRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetSAMLProvider

func (c *IAM) GetSAMLProvider(input *GetSAMLProviderInput) (*GetSAMLProviderOutput, error)

GetSAMLProvider API operation for AWS Identity and Access Management.

Returns the SAML provider metadocument that was uploaded when the IAM SAML provider resource object was created or updated.

This operation requires Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetSAMLProvider for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSAMLProvider

func (*IAM) GetSAMLProviderRequest

func (c *IAM) GetSAMLProviderRequest(input *GetSAMLProviderInput) (req *request.Request, output *GetSAMLProviderOutput)

GetSAMLProviderRequest generates a "aws/request.Request" representing the client's request for the GetSAMLProvider operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetSAMLProvider for more information on using the GetSAMLProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetSAMLProviderRequest method.
req, resp := client.GetSAMLProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSAMLProvider

func (*IAM) GetSAMLProviderWithContext

func (c *IAM) GetSAMLProviderWithContext(ctx aws.Context, input *GetSAMLProviderInput, opts ...request.Option) (*GetSAMLProviderOutput, error)

GetSAMLProviderWithContext is the same as GetSAMLProvider with the addition of the ability to pass a context and additional request options.

See GetSAMLProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetSSHPublicKey

func (c *IAM) GetSSHPublicKey(input *GetSSHPublicKeyInput) (*GetSSHPublicKeyOutput, error)

GetSSHPublicKey API operation for AWS Identity and Access Management.

Retrieves the specified SSH public key, including metadata about the key.

The SSH public key retrieved by this operation is used only for authenticating the associated IAM user to an AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS CodeCommit for SSH Connections (http://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the AWS CodeCommit User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetSSHPublicKey for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeUnrecognizedPublicKeyEncodingException "UnrecognizedPublicKeyEncoding" The request was rejected because the public key encoding format is unsupported or unrecognized.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSSHPublicKey

func (*IAM) GetSSHPublicKeyRequest

func (c *IAM) GetSSHPublicKeyRequest(input *GetSSHPublicKeyInput) (req *request.Request, output *GetSSHPublicKeyOutput)

GetSSHPublicKeyRequest generates a "aws/request.Request" representing the client's request for the GetSSHPublicKey operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetSSHPublicKey for more information on using the GetSSHPublicKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetSSHPublicKeyRequest method.
req, resp := client.GetSSHPublicKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetSSHPublicKey

func (*IAM) GetSSHPublicKeyWithContext

func (c *IAM) GetSSHPublicKeyWithContext(ctx aws.Context, input *GetSSHPublicKeyInput, opts ...request.Option) (*GetSSHPublicKeyOutput, error)

GetSSHPublicKeyWithContext is the same as GetSSHPublicKey with the addition of the ability to pass a context and additional request options.

See GetSSHPublicKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetServerCertificate

func (c *IAM) GetServerCertificate(input *GetServerCertificateInput) (*GetServerCertificateOutput, error)

GetServerCertificate API operation for AWS Identity and Access Management.

Retrieves information about the specified server certificate stored in IAM.

For more information about working with server certificates, see Working with Server Certificates (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic includes a list of AWS services that can use the server certificates that you manage with IAM.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetServerCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServerCertificate

func (*IAM) GetServerCertificateRequest

func (c *IAM) GetServerCertificateRequest(input *GetServerCertificateInput) (req *request.Request, output *GetServerCertificateOutput)

GetServerCertificateRequest generates a "aws/request.Request" representing the client's request for the GetServerCertificate operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetServerCertificate for more information on using the GetServerCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetServerCertificateRequest method.
req, resp := client.GetServerCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServerCertificate

func (*IAM) GetServerCertificateWithContext

func (c *IAM) GetServerCertificateWithContext(ctx aws.Context, input *GetServerCertificateInput, opts ...request.Option) (*GetServerCertificateOutput, error)

GetServerCertificateWithContext is the same as GetServerCertificate with the addition of the ability to pass a context and additional request options.

See GetServerCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetServiceLinkedRoleDeletionStatus

func (c *IAM) GetServiceLinkedRoleDeletionStatus(input *GetServiceLinkedRoleDeletionStatusInput) (*GetServiceLinkedRoleDeletionStatusOutput, error)

GetServiceLinkedRoleDeletionStatus API operation for AWS Identity and Access Management.

Retrieves the status of your service-linked role deletion. After you use the DeleteServiceLinkedRole API operation to submit a service-linked role for deletion, you can use the DeletionTaskId parameter in GetServiceLinkedRoleDeletionStatus to check the status of the deletion. If the deletion fails, this operation returns the reason that it failed, if that information is returned by the service.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetServiceLinkedRoleDeletionStatus for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLinkedRoleDeletionStatus

func (*IAM) GetServiceLinkedRoleDeletionStatusRequest

func (c *IAM) GetServiceLinkedRoleDeletionStatusRequest(input *GetServiceLinkedRoleDeletionStatusInput) (req *request.Request, output *GetServiceLinkedRoleDeletionStatusOutput)

GetServiceLinkedRoleDeletionStatusRequest generates a "aws/request.Request" representing the client's request for the GetServiceLinkedRoleDeletionStatus operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetServiceLinkedRoleDeletionStatus for more information on using the GetServiceLinkedRoleDeletionStatus API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetServiceLinkedRoleDeletionStatusRequest method.
req, resp := client.GetServiceLinkedRoleDeletionStatusRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetServiceLinkedRoleDeletionStatus

func (*IAM) GetServiceLinkedRoleDeletionStatusWithContext

func (c *IAM) GetServiceLinkedRoleDeletionStatusWithContext(ctx aws.Context, input *GetServiceLinkedRoleDeletionStatusInput, opts ...request.Option) (*GetServiceLinkedRoleDeletionStatusOutput, error)

GetServiceLinkedRoleDeletionStatusWithContext is the same as GetServiceLinkedRoleDeletionStatus with the addition of the ability to pass a context and additional request options.

See GetServiceLinkedRoleDeletionStatus for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetUser

func (c *IAM) GetUser(input *GetUserInput) (*GetUserOutput, error)

GetUser API operation for AWS Identity and Access Management.

Retrieves information about the specified IAM user, including the user's creation date, path, unique ID, and ARN.

If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID used to sign the request to this API.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetUser for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUser

Example (Shared00)

To get information about an IAM user

The following command gets information about the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.GetUserInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.GetUser(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) GetUserPolicy

func (c *IAM) GetUserPolicy(input *GetUserPolicyInput) (*GetUserPolicyOutput, error)

GetUserPolicy API operation for AWS Identity and Access Management.

Retrieves the specified inline policy document that is embedded in the specified IAM user.

Policies returned by this API are URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you use Java, you can use the decode method of the java.net.URLDecoder utility class in the Java SDK. Other languages and SDKs provide similar functionality.

An IAM user can also have managed policies attached to it. To retrieve a managed policy document that is attached to a user, use GetPolicy to determine the policy's default version, then use GetPolicyVersion to retrieve the policy document.

For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation GetUserPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUserPolicy

func (*IAM) GetUserPolicyRequest

func (c *IAM) GetUserPolicyRequest(input *GetUserPolicyInput) (req *request.Request, output *GetUserPolicyOutput)

GetUserPolicyRequest generates a "aws/request.Request" representing the client's request for the GetUserPolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetUserPolicy for more information on using the GetUserPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetUserPolicyRequest method.
req, resp := client.GetUserPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUserPolicy

func (*IAM) GetUserPolicyWithContext

func (c *IAM) GetUserPolicyWithContext(ctx aws.Context, input *GetUserPolicyInput, opts ...request.Option) (*GetUserPolicyOutput, error)

GetUserPolicyWithContext is the same as GetUserPolicy with the addition of the ability to pass a context and additional request options.

See GetUserPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) GetUserRequest

func (c *IAM) GetUserRequest(input *GetUserInput) (req *request.Request, output *GetUserOutput)

GetUserRequest generates a "aws/request.Request" representing the client's request for the GetUser operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See GetUser for more information on using the GetUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the GetUserRequest method.
req, resp := client.GetUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/GetUser

func (*IAM) GetUserWithContext

func (c *IAM) GetUserWithContext(ctx aws.Context, input *GetUserInput, opts ...request.Option) (*GetUserOutput, error)

GetUserWithContext is the same as GetUser with the addition of the ability to pass a context and additional request options.

See GetUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAccessKeys

func (c *IAM) ListAccessKeys(input *ListAccessKeysInput) (*ListAccessKeysOutput, error)

ListAccessKeys API operation for AWS Identity and Access Management.

Returns information about the access key IDs associated with the specified IAM user. If there are none, the operation returns an empty list.

Although each user is limited to a small number of keys, you can still paginate the results using the MaxItems and Marker parameters.

If the UserName field is not specified, the user name is determined implicitly based on the AWS access key ID used to sign the request. Because this operation works for access keys under the AWS account, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated users.

To ensure the security of your AWS account, the secret access key is accessible only during key and user creation.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListAccessKeys for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccessKeys

Example (Shared00)

To list the access key IDs for an IAM user

The following command lists the access keys IDs for the IAM user named Alice.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListAccessKeysInput{
		UserName: aws.String("Alice"),
	}

	result, err := svc.ListAccessKeys(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListAccessKeysPages

func (c *IAM) ListAccessKeysPages(input *ListAccessKeysInput, fn func(*ListAccessKeysOutput, bool) bool) error

ListAccessKeysPages iterates over the pages of a ListAccessKeys operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListAccessKeys method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListAccessKeys operation.
pageNum := 0
err := client.ListAccessKeysPages(params,
    func(page *ListAccessKeysOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListAccessKeysPagesWithContext

func (c *IAM) ListAccessKeysPagesWithContext(ctx aws.Context, input *ListAccessKeysInput, fn func(*ListAccessKeysOutput, bool) bool, opts ...request.Option) error

ListAccessKeysPagesWithContext same as ListAccessKeysPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAccessKeysRequest

func (c *IAM) ListAccessKeysRequest(input *ListAccessKeysInput) (req *request.Request, output *ListAccessKeysOutput)

ListAccessKeysRequest generates a "aws/request.Request" representing the client's request for the ListAccessKeys operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListAccessKeys for more information on using the ListAccessKeys API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListAccessKeysRequest method.
req, resp := client.ListAccessKeysRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccessKeys

func (*IAM) ListAccessKeysWithContext

func (c *IAM) ListAccessKeysWithContext(ctx aws.Context, input *ListAccessKeysInput, opts ...request.Option) (*ListAccessKeysOutput, error)

ListAccessKeysWithContext is the same as ListAccessKeys with the addition of the ability to pass a context and additional request options.

See ListAccessKeys for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAccountAliases

func (c *IAM) ListAccountAliases(input *ListAccountAliasesInput) (*ListAccountAliasesOutput, error)

ListAccountAliases API operation for AWS Identity and Access Management.

Lists the account alias associated with the AWS account (Note: you can have only one). For information about using an AWS account alias, see Using an Alias for Your AWS Account ID (http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListAccountAliases for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccountAliases

Example (Shared00)

To list account aliases

The following command lists the aliases for the current account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListAccountAliasesInput{}

	result, err := svc.ListAccountAliases(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListAccountAliasesPages

func (c *IAM) ListAccountAliasesPages(input *ListAccountAliasesInput, fn func(*ListAccountAliasesOutput, bool) bool) error

ListAccountAliasesPages iterates over the pages of a ListAccountAliases operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListAccountAliases method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListAccountAliases operation.
pageNum := 0
err := client.ListAccountAliasesPages(params,
    func(page *ListAccountAliasesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListAccountAliasesPagesWithContext

func (c *IAM) ListAccountAliasesPagesWithContext(ctx aws.Context, input *ListAccountAliasesInput, fn func(*ListAccountAliasesOutput, bool) bool, opts ...request.Option) error

ListAccountAliasesPagesWithContext same as ListAccountAliasesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAccountAliasesRequest

func (c *IAM) ListAccountAliasesRequest(input *ListAccountAliasesInput) (req *request.Request, output *ListAccountAliasesOutput)

ListAccountAliasesRequest generates a "aws/request.Request" representing the client's request for the ListAccountAliases operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListAccountAliases for more information on using the ListAccountAliases API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListAccountAliasesRequest method.
req, resp := client.ListAccountAliasesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAccountAliases

func (*IAM) ListAccountAliasesWithContext

func (c *IAM) ListAccountAliasesWithContext(ctx aws.Context, input *ListAccountAliasesInput, opts ...request.Option) (*ListAccountAliasesOutput, error)

ListAccountAliasesWithContext is the same as ListAccountAliases with the addition of the ability to pass a context and additional request options.

See ListAccountAliases for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAttachedGroupPolicies

func (c *IAM) ListAttachedGroupPolicies(input *ListAttachedGroupPoliciesInput) (*ListAttachedGroupPoliciesOutput, error)

ListAttachedGroupPolicies API operation for AWS Identity and Access Management.

Lists all managed policies that are attached to the specified IAM group.

An IAM group can also have inline policies embedded with it. To list the inline policies for a group, use the ListGroupPolicies API. For information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. You can use the PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. If there are no policies attached to the specified group (or none that match the specified path prefix), the operation returns an empty list.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListAttachedGroupPolicies for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedGroupPolicies

func (*IAM) ListAttachedGroupPoliciesPages

func (c *IAM) ListAttachedGroupPoliciesPages(input *ListAttachedGroupPoliciesInput, fn func(*ListAttachedGroupPoliciesOutput, bool) bool) error

ListAttachedGroupPoliciesPages iterates over the pages of a ListAttachedGroupPolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListAttachedGroupPolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListAttachedGroupPolicies operation.
pageNum := 0
err := client.ListAttachedGroupPoliciesPages(params,
    func(page *ListAttachedGroupPoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListAttachedGroupPoliciesPagesWithContext

func (c *IAM) ListAttachedGroupPoliciesPagesWithContext(ctx aws.Context, input *ListAttachedGroupPoliciesInput, fn func(*ListAttachedGroupPoliciesOutput, bool) bool, opts ...request.Option) error

ListAttachedGroupPoliciesPagesWithContext same as ListAttachedGroupPoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAttachedGroupPoliciesRequest

func (c *IAM) ListAttachedGroupPoliciesRequest(input *ListAttachedGroupPoliciesInput) (req *request.Request, output *ListAttachedGroupPoliciesOutput)

ListAttachedGroupPoliciesRequest generates a "aws/request.Request" representing the client's request for the ListAttachedGroupPolicies operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListAttachedGroupPolicies for more information on using the ListAttachedGroupPolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListAttachedGroupPoliciesRequest method.
req, resp := client.ListAttachedGroupPoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedGroupPolicies

func (*IAM) ListAttachedGroupPoliciesWithContext

func (c *IAM) ListAttachedGroupPoliciesWithContext(ctx aws.Context, input *ListAttachedGroupPoliciesInput, opts ...request.Option) (*ListAttachedGroupPoliciesOutput, error)

ListAttachedGroupPoliciesWithContext is the same as ListAttachedGroupPolicies with the addition of the ability to pass a context and additional request options.

See ListAttachedGroupPolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAttachedRolePolicies

func (c *IAM) ListAttachedRolePolicies(input *ListAttachedRolePoliciesInput) (*ListAttachedRolePoliciesOutput, error)

ListAttachedRolePolicies API operation for AWS Identity and Access Management.

Lists all managed policies that are attached to the specified IAM role.

An IAM role can also have inline policies embedded with it. To list the inline policies for a role, use the ListRolePolicies API. For information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. You can use the PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. If there are no policies attached to the specified role (or none that match the specified path prefix), the operation returns an empty list.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListAttachedRolePolicies for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedRolePolicies

func (*IAM) ListAttachedRolePoliciesPages

func (c *IAM) ListAttachedRolePoliciesPages(input *ListAttachedRolePoliciesInput, fn func(*ListAttachedRolePoliciesOutput, bool) bool) error

ListAttachedRolePoliciesPages iterates over the pages of a ListAttachedRolePolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListAttachedRolePolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListAttachedRolePolicies operation.
pageNum := 0
err := client.ListAttachedRolePoliciesPages(params,
    func(page *ListAttachedRolePoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListAttachedRolePoliciesPagesWithContext

func (c *IAM) ListAttachedRolePoliciesPagesWithContext(ctx aws.Context, input *ListAttachedRolePoliciesInput, fn func(*ListAttachedRolePoliciesOutput, bool) bool, opts ...request.Option) error

ListAttachedRolePoliciesPagesWithContext same as ListAttachedRolePoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAttachedRolePoliciesRequest

func (c *IAM) ListAttachedRolePoliciesRequest(input *ListAttachedRolePoliciesInput) (req *request.Request, output *ListAttachedRolePoliciesOutput)

ListAttachedRolePoliciesRequest generates a "aws/request.Request" representing the client's request for the ListAttachedRolePolicies operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListAttachedRolePolicies for more information on using the ListAttachedRolePolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListAttachedRolePoliciesRequest method.
req, resp := client.ListAttachedRolePoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedRolePolicies

func (*IAM) ListAttachedRolePoliciesWithContext

func (c *IAM) ListAttachedRolePoliciesWithContext(ctx aws.Context, input *ListAttachedRolePoliciesInput, opts ...request.Option) (*ListAttachedRolePoliciesOutput, error)

ListAttachedRolePoliciesWithContext is the same as ListAttachedRolePolicies with the addition of the ability to pass a context and additional request options.

See ListAttachedRolePolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAttachedUserPolicies

func (c *IAM) ListAttachedUserPolicies(input *ListAttachedUserPoliciesInput) (*ListAttachedUserPoliciesOutput, error)

ListAttachedUserPolicies API operation for AWS Identity and Access Management.

Lists all managed policies that are attached to the specified IAM user.

An IAM user can also have inline policies embedded with it. To list the inline policies for a user, use the ListUserPolicies API. For information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. You can use the PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. If there are no policies attached to the specified group (or none that match the specified path prefix), the operation returns an empty list.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListAttachedUserPolicies for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedUserPolicies

func (*IAM) ListAttachedUserPoliciesPages

func (c *IAM) ListAttachedUserPoliciesPages(input *ListAttachedUserPoliciesInput, fn func(*ListAttachedUserPoliciesOutput, bool) bool) error

ListAttachedUserPoliciesPages iterates over the pages of a ListAttachedUserPolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListAttachedUserPolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListAttachedUserPolicies operation.
pageNum := 0
err := client.ListAttachedUserPoliciesPages(params,
    func(page *ListAttachedUserPoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListAttachedUserPoliciesPagesWithContext

func (c *IAM) ListAttachedUserPoliciesPagesWithContext(ctx aws.Context, input *ListAttachedUserPoliciesInput, fn func(*ListAttachedUserPoliciesOutput, bool) bool, opts ...request.Option) error

ListAttachedUserPoliciesPagesWithContext same as ListAttachedUserPoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListAttachedUserPoliciesRequest

func (c *IAM) ListAttachedUserPoliciesRequest(input *ListAttachedUserPoliciesInput) (req *request.Request, output *ListAttachedUserPoliciesOutput)

ListAttachedUserPoliciesRequest generates a "aws/request.Request" representing the client's request for the ListAttachedUserPolicies operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListAttachedUserPolicies for more information on using the ListAttachedUserPolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListAttachedUserPoliciesRequest method.
req, resp := client.ListAttachedUserPoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListAttachedUserPolicies

func (*IAM) ListAttachedUserPoliciesWithContext

func (c *IAM) ListAttachedUserPoliciesWithContext(ctx aws.Context, input *ListAttachedUserPoliciesInput, opts ...request.Option) (*ListAttachedUserPoliciesOutput, error)

ListAttachedUserPoliciesWithContext is the same as ListAttachedUserPolicies with the addition of the ability to pass a context and additional request options.

See ListAttachedUserPolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListEntitiesForPolicy

func (c *IAM) ListEntitiesForPolicy(input *ListEntitiesForPolicyInput) (*ListEntitiesForPolicyOutput, error)

ListEntitiesForPolicy API operation for AWS Identity and Access Management.

Lists all IAM users, groups, and roles that the specified managed policy is attached to.

You can use the optional EntityFilter parameter to limit the results to a particular type of entity (users, groups, or roles). For example, to list only the roles that are attached to the specified policy, set EntityFilter to Role.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListEntitiesForPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListEntitiesForPolicy

func (*IAM) ListEntitiesForPolicyPages

func (c *IAM) ListEntitiesForPolicyPages(input *ListEntitiesForPolicyInput, fn func(*ListEntitiesForPolicyOutput, bool) bool) error

ListEntitiesForPolicyPages iterates over the pages of a ListEntitiesForPolicy operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListEntitiesForPolicy method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListEntitiesForPolicy operation.
pageNum := 0
err := client.ListEntitiesForPolicyPages(params,
    func(page *ListEntitiesForPolicyOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListEntitiesForPolicyPagesWithContext

func (c *IAM) ListEntitiesForPolicyPagesWithContext(ctx aws.Context, input *ListEntitiesForPolicyInput, fn func(*ListEntitiesForPolicyOutput, bool) bool, opts ...request.Option) error

ListEntitiesForPolicyPagesWithContext same as ListEntitiesForPolicyPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListEntitiesForPolicyRequest

func (c *IAM) ListEntitiesForPolicyRequest(input *ListEntitiesForPolicyInput) (req *request.Request, output *ListEntitiesForPolicyOutput)

ListEntitiesForPolicyRequest generates a "aws/request.Request" representing the client's request for the ListEntitiesForPolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListEntitiesForPolicy for more information on using the ListEntitiesForPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListEntitiesForPolicyRequest method.
req, resp := client.ListEntitiesForPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListEntitiesForPolicy

func (*IAM) ListEntitiesForPolicyWithContext

func (c *IAM) ListEntitiesForPolicyWithContext(ctx aws.Context, input *ListEntitiesForPolicyInput, opts ...request.Option) (*ListEntitiesForPolicyOutput, error)

ListEntitiesForPolicyWithContext is the same as ListEntitiesForPolicy with the addition of the ability to pass a context and additional request options.

See ListEntitiesForPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListGroupPolicies

func (c *IAM) ListGroupPolicies(input *ListGroupPoliciesInput) (*ListGroupPoliciesOutput, error)

ListGroupPolicies API operation for AWS Identity and Access Management.

Lists the names of the inline policies that are embedded in the specified IAM group.

An IAM group can also have managed policies attached to it. To list the managed policies that are attached to a group, use ListAttachedGroupPolicies. For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. If there are no inline policies embedded with the specified group, the operation returns an empty list.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListGroupPolicies for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupPolicies

Example (Shared00)

To list the in-line policies for an IAM group

The following command lists the names of in-line policies that are embedded in the IAM group named Admins.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListGroupPoliciesInput{
		GroupName: aws.String("Admins"),
	}

	result, err := svc.ListGroupPolicies(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListGroupPoliciesPages

func (c *IAM) ListGroupPoliciesPages(input *ListGroupPoliciesInput, fn func(*ListGroupPoliciesOutput, bool) bool) error

ListGroupPoliciesPages iterates over the pages of a ListGroupPolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListGroupPolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListGroupPolicies operation.
pageNum := 0
err := client.ListGroupPoliciesPages(params,
    func(page *ListGroupPoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListGroupPoliciesPagesWithContext

func (c *IAM) ListGroupPoliciesPagesWithContext(ctx aws.Context, input *ListGroupPoliciesInput, fn func(*ListGroupPoliciesOutput, bool) bool, opts ...request.Option) error

ListGroupPoliciesPagesWithContext same as ListGroupPoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListGroupPoliciesRequest

func (c *IAM) ListGroupPoliciesRequest(input *ListGroupPoliciesInput) (req *request.Request, output *ListGroupPoliciesOutput)

ListGroupPoliciesRequest generates a "aws/request.Request" representing the client's request for the ListGroupPolicies operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListGroupPolicies for more information on using the ListGroupPolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListGroupPoliciesRequest method.
req, resp := client.ListGroupPoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupPolicies

func (*IAM) ListGroupPoliciesWithContext

func (c *IAM) ListGroupPoliciesWithContext(ctx aws.Context, input *ListGroupPoliciesInput, opts ...request.Option) (*ListGroupPoliciesOutput, error)

ListGroupPoliciesWithContext is the same as ListGroupPolicies with the addition of the ability to pass a context and additional request options.

See ListGroupPolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListGroups

func (c *IAM) ListGroups(input *ListGroupsInput) (*ListGroupsOutput, error)

ListGroups API operation for AWS Identity and Access Management.

Lists the IAM groups that have the specified path prefix.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListGroups for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroups

Example (Shared00)

To list the IAM groups for the current account

The following command lists the IAM groups in the current account:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListGroupsInput{}

	result, err := svc.ListGroups(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListGroupsForUser

func (c *IAM) ListGroupsForUser(input *ListGroupsForUserInput) (*ListGroupsForUserOutput, error)

ListGroupsForUser API operation for AWS Identity and Access Management.

Lists the IAM groups that the specified IAM user belongs to.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListGroupsForUser for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupsForUser

Example (Shared00)

To list the groups that an IAM user belongs to

The following command displays the groups that the IAM user named Bob belongs to.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListGroupsForUserInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.ListGroupsForUser(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListGroupsForUserPages

func (c *IAM) ListGroupsForUserPages(input *ListGroupsForUserInput, fn func(*ListGroupsForUserOutput, bool) bool) error

ListGroupsForUserPages iterates over the pages of a ListGroupsForUser operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListGroupsForUser method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListGroupsForUser operation.
pageNum := 0
err := client.ListGroupsForUserPages(params,
    func(page *ListGroupsForUserOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListGroupsForUserPagesWithContext

func (c *IAM) ListGroupsForUserPagesWithContext(ctx aws.Context, input *ListGroupsForUserInput, fn func(*ListGroupsForUserOutput, bool) bool, opts ...request.Option) error

ListGroupsForUserPagesWithContext same as ListGroupsForUserPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListGroupsForUserRequest

func (c *IAM) ListGroupsForUserRequest(input *ListGroupsForUserInput) (req *request.Request, output *ListGroupsForUserOutput)

ListGroupsForUserRequest generates a "aws/request.Request" representing the client's request for the ListGroupsForUser operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListGroupsForUser for more information on using the ListGroupsForUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListGroupsForUserRequest method.
req, resp := client.ListGroupsForUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroupsForUser

func (*IAM) ListGroupsForUserWithContext

func (c *IAM) ListGroupsForUserWithContext(ctx aws.Context, input *ListGroupsForUserInput, opts ...request.Option) (*ListGroupsForUserOutput, error)

ListGroupsForUserWithContext is the same as ListGroupsForUser with the addition of the ability to pass a context and additional request options.

See ListGroupsForUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListGroupsPages

func (c *IAM) ListGroupsPages(input *ListGroupsInput, fn func(*ListGroupsOutput, bool) bool) error

ListGroupsPages iterates over the pages of a ListGroups operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListGroups method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListGroups operation.
pageNum := 0
err := client.ListGroupsPages(params,
    func(page *ListGroupsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListGroupsPagesWithContext

func (c *IAM) ListGroupsPagesWithContext(ctx aws.Context, input *ListGroupsInput, fn func(*ListGroupsOutput, bool) bool, opts ...request.Option) error

ListGroupsPagesWithContext same as ListGroupsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListGroupsRequest

func (c *IAM) ListGroupsRequest(input *ListGroupsInput) (req *request.Request, output *ListGroupsOutput)

ListGroupsRequest generates a "aws/request.Request" representing the client's request for the ListGroups operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListGroups for more information on using the ListGroups API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListGroupsRequest method.
req, resp := client.ListGroupsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListGroups

func (*IAM) ListGroupsWithContext

func (c *IAM) ListGroupsWithContext(ctx aws.Context, input *ListGroupsInput, opts ...request.Option) (*ListGroupsOutput, error)

ListGroupsWithContext is the same as ListGroups with the addition of the ability to pass a context and additional request options.

See ListGroups for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListInstanceProfiles

func (c *IAM) ListInstanceProfiles(input *ListInstanceProfilesInput) (*ListInstanceProfilesOutput, error)

ListInstanceProfiles API operation for AWS Identity and Access Management.

Lists the instance profiles that have the specified path prefix. If there are none, the operation returns an empty list. For more information about instance profiles, go to About Instance Profiles (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListInstanceProfiles for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfiles

func (*IAM) ListInstanceProfilesForRole

func (c *IAM) ListInstanceProfilesForRole(input *ListInstanceProfilesForRoleInput) (*ListInstanceProfilesForRoleOutput, error)

ListInstanceProfilesForRole API operation for AWS Identity and Access Management.

Lists the instance profiles that have the specified associated IAM role. If there are none, the operation returns an empty list. For more information about instance profiles, go to About Instance Profiles (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListInstanceProfilesForRole for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfilesForRole

func (*IAM) ListInstanceProfilesForRolePages

func (c *IAM) ListInstanceProfilesForRolePages(input *ListInstanceProfilesForRoleInput, fn func(*ListInstanceProfilesForRoleOutput, bool) bool) error

ListInstanceProfilesForRolePages iterates over the pages of a ListInstanceProfilesForRole operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListInstanceProfilesForRole method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListInstanceProfilesForRole operation.
pageNum := 0
err := client.ListInstanceProfilesForRolePages(params,
    func(page *ListInstanceProfilesForRoleOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListInstanceProfilesForRolePagesWithContext

func (c *IAM) ListInstanceProfilesForRolePagesWithContext(ctx aws.Context, input *ListInstanceProfilesForRoleInput, fn func(*ListInstanceProfilesForRoleOutput, bool) bool, opts ...request.Option) error

ListInstanceProfilesForRolePagesWithContext same as ListInstanceProfilesForRolePages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListInstanceProfilesForRoleRequest

func (c *IAM) ListInstanceProfilesForRoleRequest(input *ListInstanceProfilesForRoleInput) (req *request.Request, output *ListInstanceProfilesForRoleOutput)

ListInstanceProfilesForRoleRequest generates a "aws/request.Request" representing the client's request for the ListInstanceProfilesForRole operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListInstanceProfilesForRole for more information on using the ListInstanceProfilesForRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListInstanceProfilesForRoleRequest method.
req, resp := client.ListInstanceProfilesForRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfilesForRole

func (*IAM) ListInstanceProfilesForRoleWithContext

func (c *IAM) ListInstanceProfilesForRoleWithContext(ctx aws.Context, input *ListInstanceProfilesForRoleInput, opts ...request.Option) (*ListInstanceProfilesForRoleOutput, error)

ListInstanceProfilesForRoleWithContext is the same as ListInstanceProfilesForRole with the addition of the ability to pass a context and additional request options.

See ListInstanceProfilesForRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListInstanceProfilesPages

func (c *IAM) ListInstanceProfilesPages(input *ListInstanceProfilesInput, fn func(*ListInstanceProfilesOutput, bool) bool) error

ListInstanceProfilesPages iterates over the pages of a ListInstanceProfiles operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListInstanceProfiles method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListInstanceProfiles operation.
pageNum := 0
err := client.ListInstanceProfilesPages(params,
    func(page *ListInstanceProfilesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListInstanceProfilesPagesWithContext

func (c *IAM) ListInstanceProfilesPagesWithContext(ctx aws.Context, input *ListInstanceProfilesInput, fn func(*ListInstanceProfilesOutput, bool) bool, opts ...request.Option) error

ListInstanceProfilesPagesWithContext same as ListInstanceProfilesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListInstanceProfilesRequest

func (c *IAM) ListInstanceProfilesRequest(input *ListInstanceProfilesInput) (req *request.Request, output *ListInstanceProfilesOutput)

ListInstanceProfilesRequest generates a "aws/request.Request" representing the client's request for the ListInstanceProfiles operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListInstanceProfiles for more information on using the ListInstanceProfiles API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListInstanceProfilesRequest method.
req, resp := client.ListInstanceProfilesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListInstanceProfiles

func (*IAM) ListInstanceProfilesWithContext

func (c *IAM) ListInstanceProfilesWithContext(ctx aws.Context, input *ListInstanceProfilesInput, opts ...request.Option) (*ListInstanceProfilesOutput, error)

ListInstanceProfilesWithContext is the same as ListInstanceProfiles with the addition of the ability to pass a context and additional request options.

See ListInstanceProfiles for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListMFADevices

func (c *IAM) ListMFADevices(input *ListMFADevicesInput) (*ListMFADevicesOutput, error)

ListMFADevices API operation for AWS Identity and Access Management.

Lists the MFA devices for an IAM user. If the request includes a IAM user name, then this operation lists all the MFA devices associated with the specified user. If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing the request for this API.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListMFADevices for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADevices

func (*IAM) ListMFADevicesPages

func (c *IAM) ListMFADevicesPages(input *ListMFADevicesInput, fn func(*ListMFADevicesOutput, bool) bool) error

ListMFADevicesPages iterates over the pages of a ListMFADevices operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListMFADevices method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListMFADevices operation.
pageNum := 0
err := client.ListMFADevicesPages(params,
    func(page *ListMFADevicesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListMFADevicesPagesWithContext

func (c *IAM) ListMFADevicesPagesWithContext(ctx aws.Context, input *ListMFADevicesInput, fn func(*ListMFADevicesOutput, bool) bool, opts ...request.Option) error

ListMFADevicesPagesWithContext same as ListMFADevicesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListMFADevicesRequest

func (c *IAM) ListMFADevicesRequest(input *ListMFADevicesInput) (req *request.Request, output *ListMFADevicesOutput)

ListMFADevicesRequest generates a "aws/request.Request" representing the client's request for the ListMFADevices operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListMFADevices for more information on using the ListMFADevices API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListMFADevicesRequest method.
req, resp := client.ListMFADevicesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListMFADevices

func (*IAM) ListMFADevicesWithContext

func (c *IAM) ListMFADevicesWithContext(ctx aws.Context, input *ListMFADevicesInput, opts ...request.Option) (*ListMFADevicesOutput, error)

ListMFADevicesWithContext is the same as ListMFADevices with the addition of the ability to pass a context and additional request options.

See ListMFADevices for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListOpenIDConnectProviders

func (c *IAM) ListOpenIDConnectProviders(input *ListOpenIDConnectProvidersInput) (*ListOpenIDConnectProvidersOutput, error)

ListOpenIDConnectProviders API operation for AWS Identity and Access Management.

Lists information about the IAM OpenID Connect (OIDC) provider resource objects defined in the AWS account.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListOpenIDConnectProviders for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviders

func (*IAM) ListOpenIDConnectProvidersRequest

func (c *IAM) ListOpenIDConnectProvidersRequest(input *ListOpenIDConnectProvidersInput) (req *request.Request, output *ListOpenIDConnectProvidersOutput)

ListOpenIDConnectProvidersRequest generates a "aws/request.Request" representing the client's request for the ListOpenIDConnectProviders operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListOpenIDConnectProviders for more information on using the ListOpenIDConnectProviders API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListOpenIDConnectProvidersRequest method.
req, resp := client.ListOpenIDConnectProvidersRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListOpenIDConnectProviders

func (*IAM) ListOpenIDConnectProvidersWithContext

func (c *IAM) ListOpenIDConnectProvidersWithContext(ctx aws.Context, input *ListOpenIDConnectProvidersInput, opts ...request.Option) (*ListOpenIDConnectProvidersOutput, error)

ListOpenIDConnectProvidersWithContext is the same as ListOpenIDConnectProviders with the addition of the ability to pass a context and additional request options.

See ListOpenIDConnectProviders for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListPolicies

func (c *IAM) ListPolicies(input *ListPoliciesInput) (*ListPoliciesOutput, error)

ListPolicies API operation for AWS Identity and Access Management.

Lists all the managed policies that are available in your AWS account, including your own customer-defined managed policies and all AWS managed policies.

You can filter the list of policies that is returned using the optional OnlyAttached, Scope, and PathPrefix parameters. For example, to list only the customer managed policies in your AWS account, set Scope to Local. To list only AWS managed policies, set Scope to AWS.

You can paginate the results using the MaxItems and Marker parameters.

For more information about managed policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListPolicies for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicies

func (*IAM) ListPoliciesPages

func (c *IAM) ListPoliciesPages(input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool) error

ListPoliciesPages iterates over the pages of a ListPolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListPolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListPolicies operation.
pageNum := 0
err := client.ListPoliciesPages(params,
    func(page *ListPoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListPoliciesPagesWithContext

func (c *IAM) ListPoliciesPagesWithContext(ctx aws.Context, input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool, opts ...request.Option) error

ListPoliciesPagesWithContext same as ListPoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListPoliciesRequest

func (c *IAM) ListPoliciesRequest(input *ListPoliciesInput) (req *request.Request, output *ListPoliciesOutput)

ListPoliciesRequest generates a "aws/request.Request" representing the client's request for the ListPolicies operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListPolicies for more information on using the ListPolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListPoliciesRequest method.
req, resp := client.ListPoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicies

func (*IAM) ListPoliciesWithContext

func (c *IAM) ListPoliciesWithContext(ctx aws.Context, input *ListPoliciesInput, opts ...request.Option) (*ListPoliciesOutput, error)

ListPoliciesWithContext is the same as ListPolicies with the addition of the ability to pass a context and additional request options.

See ListPolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListPolicyVersions

func (c *IAM) ListPolicyVersions(input *ListPolicyVersionsInput) (*ListPolicyVersionsOutput, error)

ListPolicyVersions API operation for AWS Identity and Access Management.

Lists information about the versions of the specified managed policy, including the version that is currently set as the policy's default version.

For more information about managed policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListPolicyVersions for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyVersions

func (*IAM) ListPolicyVersionsPages

func (c *IAM) ListPolicyVersionsPages(input *ListPolicyVersionsInput, fn func(*ListPolicyVersionsOutput, bool) bool) error

ListPolicyVersionsPages iterates over the pages of a ListPolicyVersions operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListPolicyVersions method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListPolicyVersions operation.
pageNum := 0
err := client.ListPolicyVersionsPages(params,
    func(page *ListPolicyVersionsOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListPolicyVersionsPagesWithContext

func (c *IAM) ListPolicyVersionsPagesWithContext(ctx aws.Context, input *ListPolicyVersionsInput, fn func(*ListPolicyVersionsOutput, bool) bool, opts ...request.Option) error

ListPolicyVersionsPagesWithContext same as ListPolicyVersionsPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListPolicyVersionsRequest

func (c *IAM) ListPolicyVersionsRequest(input *ListPolicyVersionsInput) (req *request.Request, output *ListPolicyVersionsOutput)

ListPolicyVersionsRequest generates a "aws/request.Request" representing the client's request for the ListPolicyVersions operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListPolicyVersions for more information on using the ListPolicyVersions API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListPolicyVersionsRequest method.
req, resp := client.ListPolicyVersionsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListPolicyVersions

func (*IAM) ListPolicyVersionsWithContext

func (c *IAM) ListPolicyVersionsWithContext(ctx aws.Context, input *ListPolicyVersionsInput, opts ...request.Option) (*ListPolicyVersionsOutput, error)

ListPolicyVersionsWithContext is the same as ListPolicyVersions with the addition of the ability to pass a context and additional request options.

See ListPolicyVersions for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListRolePolicies

func (c *IAM) ListRolePolicies(input *ListRolePoliciesInput) (*ListRolePoliciesOutput, error)

ListRolePolicies API operation for AWS Identity and Access Management.

Lists the names of the inline policies that are embedded in the specified IAM role.

An IAM role can also have managed policies attached to it. To list the managed policies that are attached to a role, use ListAttachedRolePolicies. For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. If there are no inline policies embedded with the specified role, the operation returns an empty list.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListRolePolicies for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRolePolicies

func (*IAM) ListRolePoliciesPages

func (c *IAM) ListRolePoliciesPages(input *ListRolePoliciesInput, fn func(*ListRolePoliciesOutput, bool) bool) error

ListRolePoliciesPages iterates over the pages of a ListRolePolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListRolePolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListRolePolicies operation.
pageNum := 0
err := client.ListRolePoliciesPages(params,
    func(page *ListRolePoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListRolePoliciesPagesWithContext

func (c *IAM) ListRolePoliciesPagesWithContext(ctx aws.Context, input *ListRolePoliciesInput, fn func(*ListRolePoliciesOutput, bool) bool, opts ...request.Option) error

ListRolePoliciesPagesWithContext same as ListRolePoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListRolePoliciesRequest

func (c *IAM) ListRolePoliciesRequest(input *ListRolePoliciesInput) (req *request.Request, output *ListRolePoliciesOutput)

ListRolePoliciesRequest generates a "aws/request.Request" representing the client's request for the ListRolePolicies operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListRolePolicies for more information on using the ListRolePolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListRolePoliciesRequest method.
req, resp := client.ListRolePoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRolePolicies

func (*IAM) ListRolePoliciesWithContext

func (c *IAM) ListRolePoliciesWithContext(ctx aws.Context, input *ListRolePoliciesInput, opts ...request.Option) (*ListRolePoliciesOutput, error)

ListRolePoliciesWithContext is the same as ListRolePolicies with the addition of the ability to pass a context and additional request options.

See ListRolePolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListRoles

func (c *IAM) ListRoles(input *ListRolesInput) (*ListRolesOutput, error)

ListRoles API operation for AWS Identity and Access Management.

Lists the IAM roles that have the specified path prefix. If there are none, the operation returns an empty list. For more information about roles, go to Working with Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html).

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListRoles for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoles

func (*IAM) ListRolesPages

func (c *IAM) ListRolesPages(input *ListRolesInput, fn func(*ListRolesOutput, bool) bool) error

ListRolesPages iterates over the pages of a ListRoles operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListRoles method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListRoles operation.
pageNum := 0
err := client.ListRolesPages(params,
    func(page *ListRolesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListRolesPagesWithContext

func (c *IAM) ListRolesPagesWithContext(ctx aws.Context, input *ListRolesInput, fn func(*ListRolesOutput, bool) bool, opts ...request.Option) error

ListRolesPagesWithContext same as ListRolesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListRolesRequest

func (c *IAM) ListRolesRequest(input *ListRolesInput) (req *request.Request, output *ListRolesOutput)

ListRolesRequest generates a "aws/request.Request" representing the client's request for the ListRoles operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListRoles for more information on using the ListRoles API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListRolesRequest method.
req, resp := client.ListRolesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListRoles

func (*IAM) ListRolesWithContext

func (c *IAM) ListRolesWithContext(ctx aws.Context, input *ListRolesInput, opts ...request.Option) (*ListRolesOutput, error)

ListRolesWithContext is the same as ListRoles with the addition of the ability to pass a context and additional request options.

See ListRoles for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListSAMLProviders

func (c *IAM) ListSAMLProviders(input *ListSAMLProvidersInput) (*ListSAMLProvidersOutput, error)

ListSAMLProviders API operation for AWS Identity and Access Management.

Lists the SAML provider resource objects defined in IAM in the account.

This operation requires Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListSAMLProviders for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviders

func (*IAM) ListSAMLProvidersRequest

func (c *IAM) ListSAMLProvidersRequest(input *ListSAMLProvidersInput) (req *request.Request, output *ListSAMLProvidersOutput)

ListSAMLProvidersRequest generates a "aws/request.Request" representing the client's request for the ListSAMLProviders operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListSAMLProviders for more information on using the ListSAMLProviders API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListSAMLProvidersRequest method.
req, resp := client.ListSAMLProvidersRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSAMLProviders

func (*IAM) ListSAMLProvidersWithContext

func (c *IAM) ListSAMLProvidersWithContext(ctx aws.Context, input *ListSAMLProvidersInput, opts ...request.Option) (*ListSAMLProvidersOutput, error)

ListSAMLProvidersWithContext is the same as ListSAMLProviders with the addition of the ability to pass a context and additional request options.

See ListSAMLProviders for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListSSHPublicKeys

func (c *IAM) ListSSHPublicKeys(input *ListSSHPublicKeysInput) (*ListSSHPublicKeysOutput, error)

ListSSHPublicKeys API operation for AWS Identity and Access Management.

Returns information about the SSH public keys associated with the specified IAM user. If there are none, the operation returns an empty list.

The SSH public keys returned by this operation are used only for authenticating the IAM user to an AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS CodeCommit for SSH Connections (http://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the AWS CodeCommit User Guide.

Although each user is limited to a small number of keys, you can still paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListSSHPublicKeys for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSSHPublicKeys

func (*IAM) ListSSHPublicKeysPages

func (c *IAM) ListSSHPublicKeysPages(input *ListSSHPublicKeysInput, fn func(*ListSSHPublicKeysOutput, bool) bool) error

ListSSHPublicKeysPages iterates over the pages of a ListSSHPublicKeys operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListSSHPublicKeys method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListSSHPublicKeys operation.
pageNum := 0
err := client.ListSSHPublicKeysPages(params,
    func(page *ListSSHPublicKeysOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListSSHPublicKeysPagesWithContext

func (c *IAM) ListSSHPublicKeysPagesWithContext(ctx aws.Context, input *ListSSHPublicKeysInput, fn func(*ListSSHPublicKeysOutput, bool) bool, opts ...request.Option) error

ListSSHPublicKeysPagesWithContext same as ListSSHPublicKeysPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListSSHPublicKeysRequest

func (c *IAM) ListSSHPublicKeysRequest(input *ListSSHPublicKeysInput) (req *request.Request, output *ListSSHPublicKeysOutput)

ListSSHPublicKeysRequest generates a "aws/request.Request" representing the client's request for the ListSSHPublicKeys operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListSSHPublicKeys for more information on using the ListSSHPublicKeys API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListSSHPublicKeysRequest method.
req, resp := client.ListSSHPublicKeysRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSSHPublicKeys

func (*IAM) ListSSHPublicKeysWithContext

func (c *IAM) ListSSHPublicKeysWithContext(ctx aws.Context, input *ListSSHPublicKeysInput, opts ...request.Option) (*ListSSHPublicKeysOutput, error)

ListSSHPublicKeysWithContext is the same as ListSSHPublicKeys with the addition of the ability to pass a context and additional request options.

See ListSSHPublicKeys for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListServerCertificates

func (c *IAM) ListServerCertificates(input *ListServerCertificatesInput) (*ListServerCertificatesOutput, error)

ListServerCertificates API operation for AWS Identity and Access Management.

Lists the server certificates stored in IAM that have the specified path prefix. If none exist, the operation returns an empty list.

You can paginate the results using the MaxItems and Marker parameters.

For more information about working with server certificates, see Working with Server Certificates (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic also includes a list of AWS services that can use the server certificates that you manage with IAM.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListServerCertificates for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificates

func (*IAM) ListServerCertificatesPages

func (c *IAM) ListServerCertificatesPages(input *ListServerCertificatesInput, fn func(*ListServerCertificatesOutput, bool) bool) error

ListServerCertificatesPages iterates over the pages of a ListServerCertificates operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListServerCertificates method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListServerCertificates operation.
pageNum := 0
err := client.ListServerCertificatesPages(params,
    func(page *ListServerCertificatesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListServerCertificatesPagesWithContext

func (c *IAM) ListServerCertificatesPagesWithContext(ctx aws.Context, input *ListServerCertificatesInput, fn func(*ListServerCertificatesOutput, bool) bool, opts ...request.Option) error

ListServerCertificatesPagesWithContext same as ListServerCertificatesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListServerCertificatesRequest

func (c *IAM) ListServerCertificatesRequest(input *ListServerCertificatesInput) (req *request.Request, output *ListServerCertificatesOutput)

ListServerCertificatesRequest generates a "aws/request.Request" representing the client's request for the ListServerCertificates operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListServerCertificates for more information on using the ListServerCertificates API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListServerCertificatesRequest method.
req, resp := client.ListServerCertificatesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServerCertificates

func (*IAM) ListServerCertificatesWithContext

func (c *IAM) ListServerCertificatesWithContext(ctx aws.Context, input *ListServerCertificatesInput, opts ...request.Option) (*ListServerCertificatesOutput, error)

ListServerCertificatesWithContext is the same as ListServerCertificates with the addition of the ability to pass a context and additional request options.

See ListServerCertificates for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListServiceSpecificCredentials

func (c *IAM) ListServiceSpecificCredentials(input *ListServiceSpecificCredentialsInput) (*ListServiceSpecificCredentialsOutput, error)

ListServiceSpecificCredentials API operation for AWS Identity and Access Management.

Returns information about the service-specific credentials associated with the specified IAM user. If there are none, the operation returns an empty list. The service-specific credentials returned by this operation are used only for authenticating the IAM user to a specific service. For more information about using service-specific credentials to authenticate to an AWS service, see Set Up service-specific credentials (http://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html) in the AWS CodeCommit User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListServiceSpecificCredentials for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceNotSupportedException "NotSupportedService" The specified service does not support service-specific credentials.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServiceSpecificCredentials

func (*IAM) ListServiceSpecificCredentialsRequest

func (c *IAM) ListServiceSpecificCredentialsRequest(input *ListServiceSpecificCredentialsInput) (req *request.Request, output *ListServiceSpecificCredentialsOutput)

ListServiceSpecificCredentialsRequest generates a "aws/request.Request" representing the client's request for the ListServiceSpecificCredentials operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListServiceSpecificCredentials for more information on using the ListServiceSpecificCredentials API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListServiceSpecificCredentialsRequest method.
req, resp := client.ListServiceSpecificCredentialsRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListServiceSpecificCredentials

func (*IAM) ListServiceSpecificCredentialsWithContext

func (c *IAM) ListServiceSpecificCredentialsWithContext(ctx aws.Context, input *ListServiceSpecificCredentialsInput, opts ...request.Option) (*ListServiceSpecificCredentialsOutput, error)

ListServiceSpecificCredentialsWithContext is the same as ListServiceSpecificCredentials with the addition of the ability to pass a context and additional request options.

See ListServiceSpecificCredentials for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListSigningCertificates

func (c *IAM) ListSigningCertificates(input *ListSigningCertificatesInput) (*ListSigningCertificatesOutput, error)

ListSigningCertificates API operation for AWS Identity and Access Management.

Returns information about the signing certificates associated with the specified IAM user. If there are none, the operation returns an empty list.

Although each user is limited to a small number of signing certificates, you can still paginate the results using the MaxItems and Marker parameters.

If the UserName field is not specified, the user name is determined implicitly based on the AWS access key ID used to sign the request for this API. Because this operation works for access keys under the AWS account, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated users.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListSigningCertificates for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSigningCertificates

Example (Shared00)

To list the signing certificates for an IAM user

The following command lists the signing certificates for the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListSigningCertificatesInput{
		UserName: aws.String("Bob"),
	}

	result, err := svc.ListSigningCertificates(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListSigningCertificatesPages

func (c *IAM) ListSigningCertificatesPages(input *ListSigningCertificatesInput, fn func(*ListSigningCertificatesOutput, bool) bool) error

ListSigningCertificatesPages iterates over the pages of a ListSigningCertificates operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListSigningCertificates method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListSigningCertificates operation.
pageNum := 0
err := client.ListSigningCertificatesPages(params,
    func(page *ListSigningCertificatesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListSigningCertificatesPagesWithContext

func (c *IAM) ListSigningCertificatesPagesWithContext(ctx aws.Context, input *ListSigningCertificatesInput, fn func(*ListSigningCertificatesOutput, bool) bool, opts ...request.Option) error

ListSigningCertificatesPagesWithContext same as ListSigningCertificatesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListSigningCertificatesRequest

func (c *IAM) ListSigningCertificatesRequest(input *ListSigningCertificatesInput) (req *request.Request, output *ListSigningCertificatesOutput)

ListSigningCertificatesRequest generates a "aws/request.Request" representing the client's request for the ListSigningCertificates operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListSigningCertificates for more information on using the ListSigningCertificates API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListSigningCertificatesRequest method.
req, resp := client.ListSigningCertificatesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListSigningCertificates

func (*IAM) ListSigningCertificatesWithContext

func (c *IAM) ListSigningCertificatesWithContext(ctx aws.Context, input *ListSigningCertificatesInput, opts ...request.Option) (*ListSigningCertificatesOutput, error)

ListSigningCertificatesWithContext is the same as ListSigningCertificates with the addition of the ability to pass a context and additional request options.

See ListSigningCertificates for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListUserPolicies

func (c *IAM) ListUserPolicies(input *ListUserPoliciesInput) (*ListUserPoliciesOutput, error)

ListUserPolicies API operation for AWS Identity and Access Management.

Lists the names of the inline policies embedded in the specified IAM user.

An IAM user can also have managed policies attached to it. To list the managed policies that are attached to a user, use ListAttachedUserPolicies. For more information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

You can paginate the results using the MaxItems and Marker parameters. If there are no inline policies embedded with the specified user, the operation returns an empty list.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListUserPolicies for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserPolicies

func (*IAM) ListUserPoliciesPages

func (c *IAM) ListUserPoliciesPages(input *ListUserPoliciesInput, fn func(*ListUserPoliciesOutput, bool) bool) error

ListUserPoliciesPages iterates over the pages of a ListUserPolicies operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListUserPolicies method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListUserPolicies operation.
pageNum := 0
err := client.ListUserPoliciesPages(params,
    func(page *ListUserPoliciesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListUserPoliciesPagesWithContext

func (c *IAM) ListUserPoliciesPagesWithContext(ctx aws.Context, input *ListUserPoliciesInput, fn func(*ListUserPoliciesOutput, bool) bool, opts ...request.Option) error

ListUserPoliciesPagesWithContext same as ListUserPoliciesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListUserPoliciesRequest

func (c *IAM) ListUserPoliciesRequest(input *ListUserPoliciesInput) (req *request.Request, output *ListUserPoliciesOutput)

ListUserPoliciesRequest generates a "aws/request.Request" representing the client's request for the ListUserPolicies operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListUserPolicies for more information on using the ListUserPolicies API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListUserPoliciesRequest method.
req, resp := client.ListUserPoliciesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUserPolicies

func (*IAM) ListUserPoliciesWithContext

func (c *IAM) ListUserPoliciesWithContext(ctx aws.Context, input *ListUserPoliciesInput, opts ...request.Option) (*ListUserPoliciesOutput, error)

ListUserPoliciesWithContext is the same as ListUserPolicies with the addition of the ability to pass a context and additional request options.

See ListUserPolicies for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListUsers

func (c *IAM) ListUsers(input *ListUsersInput) (*ListUsersOutput, error)

ListUsers API operation for AWS Identity and Access Management.

Lists the IAM users that have the specified path prefix. If no path prefix is specified, the operation returns all users in the AWS account. If there are none, the operation returns an empty list.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListUsers for usage and error information.

Returned Error Codes:

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUsers

Example (Shared00)

To list IAM users

The following command lists the IAM users in the current account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListUsersInput{}

	result, err := svc.ListUsers(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListUsersPages

func (c *IAM) ListUsersPages(input *ListUsersInput, fn func(*ListUsersOutput, bool) bool) error

ListUsersPages iterates over the pages of a ListUsers operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListUsers method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListUsers operation.
pageNum := 0
err := client.ListUsersPages(params,
    func(page *ListUsersOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListUsersPagesWithContext

func (c *IAM) ListUsersPagesWithContext(ctx aws.Context, input *ListUsersInput, fn func(*ListUsersOutput, bool) bool, opts ...request.Option) error

ListUsersPagesWithContext same as ListUsersPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListUsersRequest

func (c *IAM) ListUsersRequest(input *ListUsersInput) (req *request.Request, output *ListUsersOutput)

ListUsersRequest generates a "aws/request.Request" representing the client's request for the ListUsers operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListUsers for more information on using the ListUsers API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListUsersRequest method.
req, resp := client.ListUsersRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListUsers

func (*IAM) ListUsersWithContext

func (c *IAM) ListUsersWithContext(ctx aws.Context, input *ListUsersInput, opts ...request.Option) (*ListUsersOutput, error)

ListUsersWithContext is the same as ListUsers with the addition of the ability to pass a context and additional request options.

See ListUsers for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListVirtualMFADevices

func (c *IAM) ListVirtualMFADevices(input *ListVirtualMFADevicesInput) (*ListVirtualMFADevicesOutput, error)

ListVirtualMFADevices API operation for AWS Identity and Access Management.

Lists the virtual MFA devices defined in the AWS account by assignment status. If you do not specify an assignment status, the operation returns a list of all virtual MFA devices. Assignment status can be Assigned, Unassigned, or Any.

You can paginate the results using the MaxItems and Marker parameters.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ListVirtualMFADevices for usage and error information. See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListVirtualMFADevices

Example (Shared00)

To list virtual MFA devices

The following command lists the virtual MFA devices that have been configured for the current account.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.ListVirtualMFADevicesInput{}

	result, err := svc.ListVirtualMFADevices(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) ListVirtualMFADevicesPages

func (c *IAM) ListVirtualMFADevicesPages(input *ListVirtualMFADevicesInput, fn func(*ListVirtualMFADevicesOutput, bool) bool) error

ListVirtualMFADevicesPages iterates over the pages of a ListVirtualMFADevices operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See ListVirtualMFADevices method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a ListVirtualMFADevices operation.
pageNum := 0
err := client.ListVirtualMFADevicesPages(params,
    func(page *ListVirtualMFADevicesOutput, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) ListVirtualMFADevicesPagesWithContext

func (c *IAM) ListVirtualMFADevicesPagesWithContext(ctx aws.Context, input *ListVirtualMFADevicesInput, fn func(*ListVirtualMFADevicesOutput, bool) bool, opts ...request.Option) error

ListVirtualMFADevicesPagesWithContext same as ListVirtualMFADevicesPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ListVirtualMFADevicesRequest

func (c *IAM) ListVirtualMFADevicesRequest(input *ListVirtualMFADevicesInput) (req *request.Request, output *ListVirtualMFADevicesOutput)

ListVirtualMFADevicesRequest generates a "aws/request.Request" representing the client's request for the ListVirtualMFADevices operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ListVirtualMFADevices for more information on using the ListVirtualMFADevices API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ListVirtualMFADevicesRequest method.
req, resp := client.ListVirtualMFADevicesRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ListVirtualMFADevices

func (*IAM) ListVirtualMFADevicesWithContext

func (c *IAM) ListVirtualMFADevicesWithContext(ctx aws.Context, input *ListVirtualMFADevicesInput, opts ...request.Option) (*ListVirtualMFADevicesOutput, error)

ListVirtualMFADevicesWithContext is the same as ListVirtualMFADevices with the addition of the ability to pass a context and additional request options.

See ListVirtualMFADevices for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) PutGroupPolicy

func (c *IAM) PutGroupPolicy(input *PutGroupPolicyInput) (*PutGroupPolicyOutput, error)

PutGroupPolicy API operation for AWS Identity and Access Management.

Adds or updates an inline policy document that is embedded in the specified IAM group.

A user can also have managed policies attached to it. To attach a managed policy to a group, use AttachGroupPolicy. To create a new managed policy, use CreatePolicy. For information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For information about limits on the number of inline policies that you can embed in a group, see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutGroupPolicy. For general information about using the Query API with IAM, go to Making Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation PutGroupPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutGroupPolicy

Example (Shared00)

To add a policy to a group

The following command adds a policy named AllPerms to the IAM group named Admins.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.PutGroupPolicyInput{
		GroupName:      aws.String("Admins"),
		PolicyDocument: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"),
		PolicyName:     aws.String("AllPerms"),
	}

	result, err := svc.PutGroupPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) PutGroupPolicyRequest

func (c *IAM) PutGroupPolicyRequest(input *PutGroupPolicyInput) (req *request.Request, output *PutGroupPolicyOutput)

PutGroupPolicyRequest generates a "aws/request.Request" representing the client's request for the PutGroupPolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See PutGroupPolicy for more information on using the PutGroupPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the PutGroupPolicyRequest method.
req, resp := client.PutGroupPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutGroupPolicy

func (*IAM) PutGroupPolicyWithContext

func (c *IAM) PutGroupPolicyWithContext(ctx aws.Context, input *PutGroupPolicyInput, opts ...request.Option) (*PutGroupPolicyOutput, error)

PutGroupPolicyWithContext is the same as PutGroupPolicy with the addition of the ability to pass a context and additional request options.

See PutGroupPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) PutRolePolicy

func (c *IAM) PutRolePolicy(input *PutRolePolicyInput) (*PutRolePolicyOutput, error)

PutRolePolicy API operation for AWS Identity and Access Management.

Adds or updates an inline policy document that is embedded in the specified IAM role.

When you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role, using CreateRole. You can update a role's trust policy using UpdateAssumeRolePolicy. For more information about IAM roles, go to Using Roles to Delegate Permissions and Federate Identities (http://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html).

A role can also have a managed policy attached to it. To attach a managed policy to a role, use AttachRolePolicy. To create a new managed policy, use CreatePolicy. For information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For information about limits on the number of inline policies that you can embed with a role, see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutRolePolicy. For general information about using the Query API with IAM, go to Making Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation PutRolePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePolicy

Example (Shared00)

To attach a permissions policy to an IAM role

The following command adds a permissions policy to the role named Test-Role.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.PutRolePolicyInput{
		PolicyDocument: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"s3:*\",\"Resource\":\"*\"}}"),
		PolicyName:     aws.String("S3AccessPolicy"),
		RoleName:       aws.String("S3Access"),
	}

	result, err := svc.PutRolePolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) PutRolePolicyRequest

func (c *IAM) PutRolePolicyRequest(input *PutRolePolicyInput) (req *request.Request, output *PutRolePolicyOutput)

PutRolePolicyRequest generates a "aws/request.Request" representing the client's request for the PutRolePolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See PutRolePolicy for more information on using the PutRolePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the PutRolePolicyRequest method.
req, resp := client.PutRolePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutRolePolicy

func (*IAM) PutRolePolicyWithContext

func (c *IAM) PutRolePolicyWithContext(ctx aws.Context, input *PutRolePolicyInput, opts ...request.Option) (*PutRolePolicyOutput, error)

PutRolePolicyWithContext is the same as PutRolePolicy with the addition of the ability to pass a context and additional request options.

See PutRolePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) PutUserPolicy

func (c *IAM) PutUserPolicy(input *PutUserPolicyInput) (*PutUserPolicyOutput, error)

PutUserPolicy API operation for AWS Identity and Access Management.

Adds or updates an inline policy document that is embedded in the specified IAM user.

An IAM user can also have a managed policy attached to it. To attach a managed policy to a user, use AttachUserPolicy. To create a new managed policy, use CreatePolicy. For information about policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

For information about limits on the number of inline policies that you can embed in a user, see Limitations on IAM Entities (http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html) in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutUserPolicy. For general information about using the Query API with IAM, go to Making Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation PutUserPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPolicy

Example (Shared00)

To attach a policy to an IAM user

The following command attaches a policy to the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.PutUserPolicyInput{
		PolicyDocument: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"),
		PolicyName:     aws.String("AllAccessPolicy"),
		UserName:       aws.String("Bob"),
	}

	result, err := svc.PutUserPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) PutUserPolicyRequest

func (c *IAM) PutUserPolicyRequest(input *PutUserPolicyInput) (req *request.Request, output *PutUserPolicyOutput)

PutUserPolicyRequest generates a "aws/request.Request" representing the client's request for the PutUserPolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See PutUserPolicy for more information on using the PutUserPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the PutUserPolicyRequest method.
req, resp := client.PutUserPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/PutUserPolicy

func (*IAM) PutUserPolicyWithContext

func (c *IAM) PutUserPolicyWithContext(ctx aws.Context, input *PutUserPolicyInput, opts ...request.Option) (*PutUserPolicyOutput, error)

PutUserPolicyWithContext is the same as PutUserPolicy with the addition of the ability to pass a context and additional request options.

See PutUserPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) RemoveClientIDFromOpenIDConnectProvider

func (c *IAM) RemoveClientIDFromOpenIDConnectProvider(input *RemoveClientIDFromOpenIDConnectProviderInput) (*RemoveClientIDFromOpenIDConnectProviderOutput, error)

RemoveClientIDFromOpenIDConnectProvider API operation for AWS Identity and Access Management.

Removes the specified client ID (also known as audience) from the list of client IDs registered for the specified IAM OpenID Connect (OIDC) provider resource object.

This operation is idempotent; it does not fail or return an error if you try to remove a client ID that does not exist.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation RemoveClientIDFromOpenIDConnectProvider for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveClientIDFromOpenIDConnectProvider

func (*IAM) RemoveClientIDFromOpenIDConnectProviderRequest

func (c *IAM) RemoveClientIDFromOpenIDConnectProviderRequest(input *RemoveClientIDFromOpenIDConnectProviderInput) (req *request.Request, output *RemoveClientIDFromOpenIDConnectProviderOutput)

RemoveClientIDFromOpenIDConnectProviderRequest generates a "aws/request.Request" representing the client's request for the RemoveClientIDFromOpenIDConnectProvider operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See RemoveClientIDFromOpenIDConnectProvider for more information on using the RemoveClientIDFromOpenIDConnectProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the RemoveClientIDFromOpenIDConnectProviderRequest method.
req, resp := client.RemoveClientIDFromOpenIDConnectProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveClientIDFromOpenIDConnectProvider

func (*IAM) RemoveClientIDFromOpenIDConnectProviderWithContext

func (c *IAM) RemoveClientIDFromOpenIDConnectProviderWithContext(ctx aws.Context, input *RemoveClientIDFromOpenIDConnectProviderInput, opts ...request.Option) (*RemoveClientIDFromOpenIDConnectProviderOutput, error)

RemoveClientIDFromOpenIDConnectProviderWithContext is the same as RemoveClientIDFromOpenIDConnectProvider with the addition of the ability to pass a context and additional request options.

See RemoveClientIDFromOpenIDConnectProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) RemoveRoleFromInstanceProfile

func (c *IAM) RemoveRoleFromInstanceProfile(input *RemoveRoleFromInstanceProfileInput) (*RemoveRoleFromInstanceProfileOutput, error)

RemoveRoleFromInstanceProfile API operation for AWS Identity and Access Management.

Removes the specified IAM role from the specified EC2 instance profile.

Make sure that you do not have any Amazon EC2 instances running with the role you are about to remove from the instance profile. Removing a role from an instance profile that is associated with a running instance might break any applications running on the instance.

For more information about IAM roles, go to Working with Roles (http://docs.aws.amazon.com/IAM/latest/UserGuide/WorkingWithRoles.html). For more information about instance profiles, go to About Instance Profiles (http://docs.aws.amazon.com/IAM/latest/UserGuide/AboutInstanceProfiles.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation RemoveRoleFromInstanceProfile for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveRoleFromInstanceProfile

Example (Shared00)

To remove a role from an instance profile

The following command removes the role named Test-Role from the instance profile named ExampleInstanceProfile.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.RemoveRoleFromInstanceProfileInput{
		InstanceProfileName: aws.String("ExampleInstanceProfile"),
		RoleName:            aws.String("Test-Role"),
	}

	result, err := svc.RemoveRoleFromInstanceProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) RemoveRoleFromInstanceProfileRequest

func (c *IAM) RemoveRoleFromInstanceProfileRequest(input *RemoveRoleFromInstanceProfileInput) (req *request.Request, output *RemoveRoleFromInstanceProfileOutput)

RemoveRoleFromInstanceProfileRequest generates a "aws/request.Request" representing the client's request for the RemoveRoleFromInstanceProfile operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See RemoveRoleFromInstanceProfile for more information on using the RemoveRoleFromInstanceProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the RemoveRoleFromInstanceProfileRequest method.
req, resp := client.RemoveRoleFromInstanceProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveRoleFromInstanceProfile

func (*IAM) RemoveRoleFromInstanceProfileWithContext

func (c *IAM) RemoveRoleFromInstanceProfileWithContext(ctx aws.Context, input *RemoveRoleFromInstanceProfileInput, opts ...request.Option) (*RemoveRoleFromInstanceProfileOutput, error)

RemoveRoleFromInstanceProfileWithContext is the same as RemoveRoleFromInstanceProfile with the addition of the ability to pass a context and additional request options.

See RemoveRoleFromInstanceProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) RemoveUserFromGroup

func (c *IAM) RemoveUserFromGroup(input *RemoveUserFromGroupInput) (*RemoveUserFromGroupOutput, error)

RemoveUserFromGroup API operation for AWS Identity and Access Management.

Removes the specified user from the specified group.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation RemoveUserFromGroup for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveUserFromGroup

Example (Shared00)

To remove a user from an IAM group

The following command removes the user named Bob from the IAM group named Admins.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.RemoveUserFromGroupInput{
		GroupName: aws.String("Admins"),
		UserName:  aws.String("Bob"),
	}

	result, err := svc.RemoveUserFromGroup(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) RemoveUserFromGroupRequest

func (c *IAM) RemoveUserFromGroupRequest(input *RemoveUserFromGroupInput) (req *request.Request, output *RemoveUserFromGroupOutput)

RemoveUserFromGroupRequest generates a "aws/request.Request" representing the client's request for the RemoveUserFromGroup operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See RemoveUserFromGroup for more information on using the RemoveUserFromGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the RemoveUserFromGroupRequest method.
req, resp := client.RemoveUserFromGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/RemoveUserFromGroup

func (*IAM) RemoveUserFromGroupWithContext

func (c *IAM) RemoveUserFromGroupWithContext(ctx aws.Context, input *RemoveUserFromGroupInput, opts ...request.Option) (*RemoveUserFromGroupOutput, error)

RemoveUserFromGroupWithContext is the same as RemoveUserFromGroup with the addition of the ability to pass a context and additional request options.

See RemoveUserFromGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ResetServiceSpecificCredential

func (c *IAM) ResetServiceSpecificCredential(input *ResetServiceSpecificCredentialInput) (*ResetServiceSpecificCredentialOutput, error)

ResetServiceSpecificCredential API operation for AWS Identity and Access Management.

Resets the password for a service-specific credential. The new password is AWS generated and cryptographically strong. It cannot be configured by the user. Resetting the password immediately invalidates the previous password associated with this user.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ResetServiceSpecificCredential for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResetServiceSpecificCredential

func (*IAM) ResetServiceSpecificCredentialRequest

func (c *IAM) ResetServiceSpecificCredentialRequest(input *ResetServiceSpecificCredentialInput) (req *request.Request, output *ResetServiceSpecificCredentialOutput)

ResetServiceSpecificCredentialRequest generates a "aws/request.Request" representing the client's request for the ResetServiceSpecificCredential operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ResetServiceSpecificCredential for more information on using the ResetServiceSpecificCredential API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ResetServiceSpecificCredentialRequest method.
req, resp := client.ResetServiceSpecificCredentialRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResetServiceSpecificCredential

func (*IAM) ResetServiceSpecificCredentialWithContext

func (c *IAM) ResetServiceSpecificCredentialWithContext(ctx aws.Context, input *ResetServiceSpecificCredentialInput, opts ...request.Option) (*ResetServiceSpecificCredentialOutput, error)

ResetServiceSpecificCredentialWithContext is the same as ResetServiceSpecificCredential with the addition of the ability to pass a context and additional request options.

See ResetServiceSpecificCredential for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) ResyncMFADevice

func (c *IAM) ResyncMFADevice(input *ResyncMFADeviceInput) (*ResyncMFADeviceOutput, error)

ResyncMFADevice API operation for AWS Identity and Access Management.

Synchronizes the specified MFA device with its IAM resource object on the AWS servers.

For more information about creating and working with virtual MFA devices, go to Using a Virtual MFA Device (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation ResyncMFADevice for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidAuthenticationCodeException "InvalidAuthenticationCode" The request was rejected because the authentication code was not recognized. The error message describes the specific error.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResyncMFADevice

func (*IAM) ResyncMFADeviceRequest

func (c *IAM) ResyncMFADeviceRequest(input *ResyncMFADeviceInput) (req *request.Request, output *ResyncMFADeviceOutput)

ResyncMFADeviceRequest generates a "aws/request.Request" representing the client's request for the ResyncMFADevice operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See ResyncMFADevice for more information on using the ResyncMFADevice API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the ResyncMFADeviceRequest method.
req, resp := client.ResyncMFADeviceRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/ResyncMFADevice

func (*IAM) ResyncMFADeviceWithContext

func (c *IAM) ResyncMFADeviceWithContext(ctx aws.Context, input *ResyncMFADeviceInput, opts ...request.Option) (*ResyncMFADeviceOutput, error)

ResyncMFADeviceWithContext is the same as ResyncMFADevice with the addition of the ability to pass a context and additional request options.

See ResyncMFADevice for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) SetDefaultPolicyVersion

func (c *IAM) SetDefaultPolicyVersion(input *SetDefaultPolicyVersionInput) (*SetDefaultPolicyVersionOutput, error)

SetDefaultPolicyVersion API operation for AWS Identity and Access Management.

Sets the specified version of the specified policy as the policy's default (operative) version.

This operation affects all users, groups, and roles that the policy is attached to. To list the users, groups, and roles that the policy is attached to, use the ListEntitiesForPolicy API.

For information about managed policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation SetDefaultPolicyVersion for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetDefaultPolicyVersion

func (*IAM) SetDefaultPolicyVersionRequest

func (c *IAM) SetDefaultPolicyVersionRequest(input *SetDefaultPolicyVersionInput) (req *request.Request, output *SetDefaultPolicyVersionOutput)

SetDefaultPolicyVersionRequest generates a "aws/request.Request" representing the client's request for the SetDefaultPolicyVersion operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See SetDefaultPolicyVersion for more information on using the SetDefaultPolicyVersion API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the SetDefaultPolicyVersionRequest method.
req, resp := client.SetDefaultPolicyVersionRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SetDefaultPolicyVersion

func (*IAM) SetDefaultPolicyVersionWithContext

func (c *IAM) SetDefaultPolicyVersionWithContext(ctx aws.Context, input *SetDefaultPolicyVersionInput, opts ...request.Option) (*SetDefaultPolicyVersionOutput, error)

SetDefaultPolicyVersionWithContext is the same as SetDefaultPolicyVersion with the addition of the ability to pass a context and additional request options.

See SetDefaultPolicyVersion for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) SimulateCustomPolicy

func (c *IAM) SimulateCustomPolicy(input *SimulateCustomPolicyInput) (*SimulatePolicyResponse, error)

SimulateCustomPolicy API operation for AWS Identity and Access Management.

Simulate how a set of IAM policies and optionally a resource-based policy works with a list of API operations and AWS resources to determine the policies' effective permissions. The policies are provided as strings.

The simulation does not perform the API operations; it only checks the authorization to determine if the simulated policies allow or deny the operations.

If you want to simulate existing policies attached to an IAM user, group, or role, use SimulatePrincipalPolicy instead.

Context keys are variables maintained by AWS and its services that provide details about the context of an API query request. You can use the Condition element of an IAM policy to evaluate context keys. To get the list of context keys that the policies require for correct simulation, use GetContextKeysForCustomPolicy.

If the output is long, you can use MaxItems and Marker parameters to paginate the results.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation SimulateCustomPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodePolicyEvaluationException "PolicyEvaluation" The request failed because a provided policy could not be successfully evaluated. An additional detailed message indicates the source of the failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulateCustomPolicy

func (*IAM) SimulateCustomPolicyPages

func (c *IAM) SimulateCustomPolicyPages(input *SimulateCustomPolicyInput, fn func(*SimulatePolicyResponse, bool) bool) error

SimulateCustomPolicyPages iterates over the pages of a SimulateCustomPolicy operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See SimulateCustomPolicy method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a SimulateCustomPolicy operation.
pageNum := 0
err := client.SimulateCustomPolicyPages(params,
    func(page *SimulatePolicyResponse, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) SimulateCustomPolicyPagesWithContext

func (c *IAM) SimulateCustomPolicyPagesWithContext(ctx aws.Context, input *SimulateCustomPolicyInput, fn func(*SimulatePolicyResponse, bool) bool, opts ...request.Option) error

SimulateCustomPolicyPagesWithContext same as SimulateCustomPolicyPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) SimulateCustomPolicyRequest

func (c *IAM) SimulateCustomPolicyRequest(input *SimulateCustomPolicyInput) (req *request.Request, output *SimulatePolicyResponse)

SimulateCustomPolicyRequest generates a "aws/request.Request" representing the client's request for the SimulateCustomPolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See SimulateCustomPolicy for more information on using the SimulateCustomPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the SimulateCustomPolicyRequest method.
req, resp := client.SimulateCustomPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulateCustomPolicy

func (*IAM) SimulateCustomPolicyWithContext

func (c *IAM) SimulateCustomPolicyWithContext(ctx aws.Context, input *SimulateCustomPolicyInput, opts ...request.Option) (*SimulatePolicyResponse, error)

SimulateCustomPolicyWithContext is the same as SimulateCustomPolicy with the addition of the ability to pass a context and additional request options.

See SimulateCustomPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) SimulatePrincipalPolicy

func (c *IAM) SimulatePrincipalPolicy(input *SimulatePrincipalPolicyInput) (*SimulatePolicyResponse, error)

SimulatePrincipalPolicy API operation for AWS Identity and Access Management.

Simulate how a set of IAM policies attached to an IAM entity works with a list of API operations and AWS resources to determine the policies' effective permissions. The entity can be an IAM user, group, or role. If you specify a user, then the simulation also includes all of the policies that are attached to groups that the user belongs to.

You can optionally include a list of one or more additional policies specified as strings to include in the simulation. If you want to simulate only policies specified as strings, use SimulateCustomPolicy instead.

You can also optionally include one resource-based policy to be evaluated with each of the resources included in the simulation.

The simulation does not perform the API operations, it only checks the authorization to determine if the simulated policies allow or deny the operations.

Note: This API discloses information about the permissions granted to other users. If you do not want users to see other user's permissions, then consider allowing them to use SimulateCustomPolicy instead.

Context keys are variables maintained by AWS and its services that provide details about the context of an API query request. You can use the Condition element of an IAM policy to evaluate context keys. To get the list of context keys that the policies require for correct simulation, use GetContextKeysForPrincipalPolicy.

If the output is long, you can use the MaxItems and Marker parameters to paginate the results.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation SimulatePrincipalPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodePolicyEvaluationException "PolicyEvaluation" The request failed because a provided policy could not be successfully evaluated. An additional detailed message indicates the source of the failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulatePrincipalPolicy

func (*IAM) SimulatePrincipalPolicyPages

func (c *IAM) SimulatePrincipalPolicyPages(input *SimulatePrincipalPolicyInput, fn func(*SimulatePolicyResponse, bool) bool) error

SimulatePrincipalPolicyPages iterates over the pages of a SimulatePrincipalPolicy operation, calling the "fn" function with the response data for each page. To stop iterating, return false from the fn function.

See SimulatePrincipalPolicy method for more information on how to use this operation.

Note: This operation can generate multiple requests to a service.

// Example iterating over at most 3 pages of a SimulatePrincipalPolicy operation.
pageNum := 0
err := client.SimulatePrincipalPolicyPages(params,
    func(page *SimulatePolicyResponse, lastPage bool) bool {
        pageNum++
        fmt.Println(page)
        return pageNum <= 3
    })

func (*IAM) SimulatePrincipalPolicyPagesWithContext

func (c *IAM) SimulatePrincipalPolicyPagesWithContext(ctx aws.Context, input *SimulatePrincipalPolicyInput, fn func(*SimulatePolicyResponse, bool) bool, opts ...request.Option) error

SimulatePrincipalPolicyPagesWithContext same as SimulatePrincipalPolicyPages except it takes a Context and allows setting request options on the pages.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) SimulatePrincipalPolicyRequest

func (c *IAM) SimulatePrincipalPolicyRequest(input *SimulatePrincipalPolicyInput) (req *request.Request, output *SimulatePolicyResponse)

SimulatePrincipalPolicyRequest generates a "aws/request.Request" representing the client's request for the SimulatePrincipalPolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See SimulatePrincipalPolicy for more information on using the SimulatePrincipalPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the SimulatePrincipalPolicyRequest method.
req, resp := client.SimulatePrincipalPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/SimulatePrincipalPolicy

func (*IAM) SimulatePrincipalPolicyWithContext

func (c *IAM) SimulatePrincipalPolicyWithContext(ctx aws.Context, input *SimulatePrincipalPolicyInput, opts ...request.Option) (*SimulatePolicyResponse, error)

SimulatePrincipalPolicyWithContext is the same as SimulatePrincipalPolicy with the addition of the ability to pass a context and additional request options.

See SimulatePrincipalPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateAccessKey

func (c *IAM) UpdateAccessKey(input *UpdateAccessKeyInput) (*UpdateAccessKeyOutput, error)

UpdateAccessKey API operation for AWS Identity and Access Management.

Changes the status of the specified access key from Active to Inactive, or vice versa. This operation can be used to disable a user's key as part of a key rotation workflow.

If the UserName field is not specified, the user name is determined implicitly based on the AWS access key ID used to sign the request. Because this operation works for access keys under the AWS account, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated users.

For information about rotating keys, see Managing Keys and Certificates (http://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingCredentials.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateAccessKey for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccessKey

Example (Shared00)

To activate or deactivate an access key for an IAM user

The following command deactivates the specified access key (access key ID and secret access key) for the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateAccessKeyInput{
		AccessKeyId: aws.String("AKIAIOSFODNN7EXAMPLE"),
		Status:      aws.String("Inactive"),
		UserName:    aws.String("Bob"),
	}

	result, err := svc.UpdateAccessKey(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateAccessKeyRequest

func (c *IAM) UpdateAccessKeyRequest(input *UpdateAccessKeyInput) (req *request.Request, output *UpdateAccessKeyOutput)

UpdateAccessKeyRequest generates a "aws/request.Request" representing the client's request for the UpdateAccessKey operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateAccessKey for more information on using the UpdateAccessKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateAccessKeyRequest method.
req, resp := client.UpdateAccessKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccessKey

func (*IAM) UpdateAccessKeyWithContext

func (c *IAM) UpdateAccessKeyWithContext(ctx aws.Context, input *UpdateAccessKeyInput, opts ...request.Option) (*UpdateAccessKeyOutput, error)

UpdateAccessKeyWithContext is the same as UpdateAccessKey with the addition of the ability to pass a context and additional request options.

See UpdateAccessKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateAccountPasswordPolicy

func (c *IAM) UpdateAccountPasswordPolicy(input *UpdateAccountPasswordPolicyInput) (*UpdateAccountPasswordPolicyOutput, error)

UpdateAccountPasswordPolicy API operation for AWS Identity and Access Management.

Updates the password policy settings for the AWS account.

This operation does not support partial updates. No parameters are required, but if you do not specify a parameter, that parameter's value reverts to its default value. See the Request Parameters section for each parameter's default value. Also note that some parameters do not allow the default parameter to be explicitly set. Instead, to invoke the default value, do not include that parameter when you invoke the operation.

For more information about using a password policy, see Managing an IAM Password Policy (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateAccountPasswordPolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccountPasswordPolicy

Example (Shared00)

To set or change the current account password policy

The following command sets the password policy to require a minimum length of eight characters and to require one or more numbers in the password:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateAccountPasswordPolicyInput{
		MinimumPasswordLength: aws.Int64(8),
		RequireNumbers:        aws.Bool(true),
	}

	result, err := svc.UpdateAccountPasswordPolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateAccountPasswordPolicyRequest

func (c *IAM) UpdateAccountPasswordPolicyRequest(input *UpdateAccountPasswordPolicyInput) (req *request.Request, output *UpdateAccountPasswordPolicyOutput)

UpdateAccountPasswordPolicyRequest generates a "aws/request.Request" representing the client's request for the UpdateAccountPasswordPolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateAccountPasswordPolicy for more information on using the UpdateAccountPasswordPolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateAccountPasswordPolicyRequest method.
req, resp := client.UpdateAccountPasswordPolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAccountPasswordPolicy

func (*IAM) UpdateAccountPasswordPolicyWithContext

func (c *IAM) UpdateAccountPasswordPolicyWithContext(ctx aws.Context, input *UpdateAccountPasswordPolicyInput, opts ...request.Option) (*UpdateAccountPasswordPolicyOutput, error)

UpdateAccountPasswordPolicyWithContext is the same as UpdateAccountPasswordPolicy with the addition of the ability to pass a context and additional request options.

See UpdateAccountPasswordPolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateAssumeRolePolicy

func (c *IAM) UpdateAssumeRolePolicy(input *UpdateAssumeRolePolicyInput) (*UpdateAssumeRolePolicyOutput, error)

UpdateAssumeRolePolicy API operation for AWS Identity and Access Management.

Updates the policy that grants an IAM entity permission to assume a role. This is typically referred to as the "role trust policy". For more information about roles, go to Using Roles to Delegate Permissions and Federate Identities (http://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateAssumeRolePolicy for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" The request was rejected because the policy document was malformed. The error message describes the specific error.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAssumeRolePolicy

Example (Shared00)

To update the trust policy for an IAM role

The following command updates the role trust policy for the role named Test-Role:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateAssumeRolePolicyInput{
		PolicyDocument: aws.String("{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}"),
		RoleName:       aws.String("S3AccessForEC2Instances"),
	}

	result, err := svc.UpdateAssumeRolePolicy(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeMalformedPolicyDocumentException:
				fmt.Println(iam.ErrCodeMalformedPolicyDocumentException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeUnmodifiableEntityException:
				fmt.Println(iam.ErrCodeUnmodifiableEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateAssumeRolePolicyRequest

func (c *IAM) UpdateAssumeRolePolicyRequest(input *UpdateAssumeRolePolicyInput) (req *request.Request, output *UpdateAssumeRolePolicyOutput)

UpdateAssumeRolePolicyRequest generates a "aws/request.Request" representing the client's request for the UpdateAssumeRolePolicy operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateAssumeRolePolicy for more information on using the UpdateAssumeRolePolicy API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateAssumeRolePolicyRequest method.
req, resp := client.UpdateAssumeRolePolicyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateAssumeRolePolicy

func (*IAM) UpdateAssumeRolePolicyWithContext

func (c *IAM) UpdateAssumeRolePolicyWithContext(ctx aws.Context, input *UpdateAssumeRolePolicyInput, opts ...request.Option) (*UpdateAssumeRolePolicyOutput, error)

UpdateAssumeRolePolicyWithContext is the same as UpdateAssumeRolePolicy with the addition of the ability to pass a context and additional request options.

See UpdateAssumeRolePolicy for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateGroup

func (c *IAM) UpdateGroup(input *UpdateGroupInput) (*UpdateGroupOutput, error)

UpdateGroup API operation for AWS Identity and Access Management.

Updates the name and/or the path of the specified IAM group.

You should understand the implications of changing a group's path or name. For more information, see Renaming Users and Groups (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_WorkingWithGroupsAndUsers.html) in the IAM User Guide.

The person making the request (the principal), must have permission to change the role group with the old name and the new name. For example, to change the group named Managers to MGRs, the principal must have a policy that allows them to update both groups. If the principal has permission to update the Managers group, but not the MGRs group, then the update fails. For more information about permissions, see Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateGroup for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateGroup

Example (Shared00)

To rename an IAM group

The following command changes the name of the IAM group Test to Test-1.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateGroupInput{
		GroupName:    aws.String("Test"),
		NewGroupName: aws.String("Test-1"),
	}

	result, err := svc.UpdateGroup(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateGroupRequest

func (c *IAM) UpdateGroupRequest(input *UpdateGroupInput) (req *request.Request, output *UpdateGroupOutput)

UpdateGroupRequest generates a "aws/request.Request" representing the client's request for the UpdateGroup operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateGroup for more information on using the UpdateGroup API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateGroupRequest method.
req, resp := client.UpdateGroupRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateGroup

func (*IAM) UpdateGroupWithContext

func (c *IAM) UpdateGroupWithContext(ctx aws.Context, input *UpdateGroupInput, opts ...request.Option) (*UpdateGroupOutput, error)

UpdateGroupWithContext is the same as UpdateGroup with the addition of the ability to pass a context and additional request options.

See UpdateGroup for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateLoginProfile

func (c *IAM) UpdateLoginProfile(input *UpdateLoginProfileInput) (*UpdateLoginProfileOutput, error)

UpdateLoginProfile API operation for AWS Identity and Access Management.

Changes the password for the specified IAM user.

IAM users can change their own passwords by calling ChangePassword. For more information about modifying passwords, see Managing Passwords (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateLoginProfile for usage and error information.

Returned Error Codes:

  • ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable" The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodePasswordPolicyViolationException "PasswordPolicyViolation" The request was rejected because the provided password did not meet the requirements imposed by the account password policy.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateLoginProfile

Example (Shared00)

To change the password for an IAM user

The following command creates or changes the password for the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateLoginProfileInput{
		Password: aws.String("SomeKindOfPassword123!@#"),
		UserName: aws.String("Bob"),
	}

	result, err := svc.UpdateLoginProfile(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeEntityTemporarilyUnmodifiableException:
				fmt.Println(iam.ErrCodeEntityTemporarilyUnmodifiableException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodePasswordPolicyViolationException:
				fmt.Println(iam.ErrCodePasswordPolicyViolationException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateLoginProfileRequest

func (c *IAM) UpdateLoginProfileRequest(input *UpdateLoginProfileInput) (req *request.Request, output *UpdateLoginProfileOutput)

UpdateLoginProfileRequest generates a "aws/request.Request" representing the client's request for the UpdateLoginProfile operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateLoginProfile for more information on using the UpdateLoginProfile API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateLoginProfileRequest method.
req, resp := client.UpdateLoginProfileRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateLoginProfile

func (*IAM) UpdateLoginProfileWithContext

func (c *IAM) UpdateLoginProfileWithContext(ctx aws.Context, input *UpdateLoginProfileInput, opts ...request.Option) (*UpdateLoginProfileOutput, error)

UpdateLoginProfileWithContext is the same as UpdateLoginProfile with the addition of the ability to pass a context and additional request options.

See UpdateLoginProfile for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateOpenIDConnectProviderThumbprint

func (c *IAM) UpdateOpenIDConnectProviderThumbprint(input *UpdateOpenIDConnectProviderThumbprintInput) (*UpdateOpenIDConnectProviderThumbprintOutput, error)

UpdateOpenIDConnectProviderThumbprint API operation for AWS Identity and Access Management.

Replaces the existing list of server certificate thumbprints associated with an OpenID Connect (OIDC) provider resource object with a new list of thumbprints.

The list that you pass with this operation completely replaces the existing list of thumbprints. (The lists are not merged.)

Typically, you need to update a thumbprint only when the identity provider's certificate changes, which occurs rarely. However, if the provider's certificate does change, any attempt to assume an IAM role that specifies the OIDC provider as a principal fails until the certificate thumbprint is updated.

Because trust for the OIDC provider is derived from the provider's certificate and is validated by the thumbprint, it is best to limit access to the UpdateOpenIDConnectProviderThumbprint operation to highly privileged users.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateOpenIDConnectProviderThumbprint for usage and error information.

Returned Error Codes:

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateOpenIDConnectProviderThumbprint

func (*IAM) UpdateOpenIDConnectProviderThumbprintRequest

func (c *IAM) UpdateOpenIDConnectProviderThumbprintRequest(input *UpdateOpenIDConnectProviderThumbprintInput) (req *request.Request, output *UpdateOpenIDConnectProviderThumbprintOutput)

UpdateOpenIDConnectProviderThumbprintRequest generates a "aws/request.Request" representing the client's request for the UpdateOpenIDConnectProviderThumbprint operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateOpenIDConnectProviderThumbprint for more information on using the UpdateOpenIDConnectProviderThumbprint API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateOpenIDConnectProviderThumbprintRequest method.
req, resp := client.UpdateOpenIDConnectProviderThumbprintRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateOpenIDConnectProviderThumbprint

func (*IAM) UpdateOpenIDConnectProviderThumbprintWithContext

func (c *IAM) UpdateOpenIDConnectProviderThumbprintWithContext(ctx aws.Context, input *UpdateOpenIDConnectProviderThumbprintInput, opts ...request.Option) (*UpdateOpenIDConnectProviderThumbprintOutput, error)

UpdateOpenIDConnectProviderThumbprintWithContext is the same as UpdateOpenIDConnectProviderThumbprint with the addition of the ability to pass a context and additional request options.

See UpdateOpenIDConnectProviderThumbprint for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateRole

func (c *IAM) UpdateRole(input *UpdateRoleInput) (*UpdateRoleOutput, error)

UpdateRole API operation for AWS Identity and Access Management.

Updates the description or maximum session duration setting of a role.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateRole for usage and error information.

Returned Error Codes:

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRole

func (*IAM) UpdateRoleDescription

func (c *IAM) UpdateRoleDescription(input *UpdateRoleDescriptionInput) (*UpdateRoleDescriptionOutput, error)

UpdateRoleDescription API operation for AWS Identity and Access Management.

Use instead.

Modifies only the description of a role. This operation performs the same function as the Description parameter in the UpdateRole operation.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateRoleDescription for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeUnmodifiableEntityException "UnmodifiableEntity" The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRoleDescription

func (*IAM) UpdateRoleDescriptionRequest

func (c *IAM) UpdateRoleDescriptionRequest(input *UpdateRoleDescriptionInput) (req *request.Request, output *UpdateRoleDescriptionOutput)

UpdateRoleDescriptionRequest generates a "aws/request.Request" representing the client's request for the UpdateRoleDescription operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateRoleDescription for more information on using the UpdateRoleDescription API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateRoleDescriptionRequest method.
req, resp := client.UpdateRoleDescriptionRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRoleDescription

func (*IAM) UpdateRoleDescriptionWithContext

func (c *IAM) UpdateRoleDescriptionWithContext(ctx aws.Context, input *UpdateRoleDescriptionInput, opts ...request.Option) (*UpdateRoleDescriptionOutput, error)

UpdateRoleDescriptionWithContext is the same as UpdateRoleDescription with the addition of the ability to pass a context and additional request options.

See UpdateRoleDescription for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateRoleRequest

func (c *IAM) UpdateRoleRequest(input *UpdateRoleInput) (req *request.Request, output *UpdateRoleOutput)

UpdateRoleRequest generates a "aws/request.Request" representing the client's request for the UpdateRole operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateRole for more information on using the UpdateRole API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateRoleRequest method.
req, resp := client.UpdateRoleRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateRole

func (*IAM) UpdateRoleWithContext

func (c *IAM) UpdateRoleWithContext(ctx aws.Context, input *UpdateRoleInput, opts ...request.Option) (*UpdateRoleOutput, error)

UpdateRoleWithContext is the same as UpdateRole with the addition of the ability to pass a context and additional request options.

See UpdateRole for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateSAMLProvider

func (c *IAM) UpdateSAMLProvider(input *UpdateSAMLProviderInput) (*UpdateSAMLProviderOutput, error)

UpdateSAMLProvider API operation for AWS Identity and Access Management.

Updates the metadata document for an existing SAML provider resource object.

This operation requires Signature Version 4 (http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateSAMLProvider for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidInputException "InvalidInput" The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSAMLProvider

func (*IAM) UpdateSAMLProviderRequest

func (c *IAM) UpdateSAMLProviderRequest(input *UpdateSAMLProviderInput) (req *request.Request, output *UpdateSAMLProviderOutput)

UpdateSAMLProviderRequest generates a "aws/request.Request" representing the client's request for the UpdateSAMLProvider operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateSAMLProvider for more information on using the UpdateSAMLProvider API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateSAMLProviderRequest method.
req, resp := client.UpdateSAMLProviderRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSAMLProvider

func (*IAM) UpdateSAMLProviderWithContext

func (c *IAM) UpdateSAMLProviderWithContext(ctx aws.Context, input *UpdateSAMLProviderInput, opts ...request.Option) (*UpdateSAMLProviderOutput, error)

UpdateSAMLProviderWithContext is the same as UpdateSAMLProvider with the addition of the ability to pass a context and additional request options.

See UpdateSAMLProvider for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateSSHPublicKey

func (c *IAM) UpdateSSHPublicKey(input *UpdateSSHPublicKeyInput) (*UpdateSSHPublicKeyOutput, error)

UpdateSSHPublicKey API operation for AWS Identity and Access Management.

Sets the status of an IAM user's SSH public key to active or inactive. SSH public keys that are inactive cannot be used for authentication. This operation can be used to disable a user's SSH public key as part of a key rotation work flow.

The SSH public key affected by this operation is used only for authenticating the associated IAM user to an AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS CodeCommit for SSH Connections (http://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the AWS CodeCommit User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateSSHPublicKey for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSSHPublicKey

func (*IAM) UpdateSSHPublicKeyRequest

func (c *IAM) UpdateSSHPublicKeyRequest(input *UpdateSSHPublicKeyInput) (req *request.Request, output *UpdateSSHPublicKeyOutput)

UpdateSSHPublicKeyRequest generates a "aws/request.Request" representing the client's request for the UpdateSSHPublicKey operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateSSHPublicKey for more information on using the UpdateSSHPublicKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateSSHPublicKeyRequest method.
req, resp := client.UpdateSSHPublicKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSSHPublicKey

func (*IAM) UpdateSSHPublicKeyWithContext

func (c *IAM) UpdateSSHPublicKeyWithContext(ctx aws.Context, input *UpdateSSHPublicKeyInput, opts ...request.Option) (*UpdateSSHPublicKeyOutput, error)

UpdateSSHPublicKeyWithContext is the same as UpdateSSHPublicKey with the addition of the ability to pass a context and additional request options.

See UpdateSSHPublicKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateServerCertificate

func (c *IAM) UpdateServerCertificate(input *UpdateServerCertificateInput) (*UpdateServerCertificateOutput, error)

UpdateServerCertificate API operation for AWS Identity and Access Management.

Updates the name and/or the path of the specified server certificate stored in IAM.

For more information about working with server certificates, see Working with Server Certificates (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic also includes a list of AWS services that can use the server certificates that you manage with IAM.

You should understand the implications of changing a server certificate's path or name. For more information, see Renaming a Server Certificate (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs_manage.html#RenamingServerCerts) in the IAM User Guide.

The person making the request (the principal), must have permission to change the server certificate with the old name and the new name. For example, to change the certificate named ProductionCert to ProdCert, the principal must have a policy that allows them to update both certificates. If the principal has permission to update the ProductionCert group, but not the ProdCert certificate, then the update fails. For more information about permissions, see Access Management (http://docs.aws.amazon.com/IAM/latest/UserGuide/access.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateServerCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServerCertificate

func (*IAM) UpdateServerCertificateRequest

func (c *IAM) UpdateServerCertificateRequest(input *UpdateServerCertificateInput) (req *request.Request, output *UpdateServerCertificateOutput)

UpdateServerCertificateRequest generates a "aws/request.Request" representing the client's request for the UpdateServerCertificate operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateServerCertificate for more information on using the UpdateServerCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateServerCertificateRequest method.
req, resp := client.UpdateServerCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServerCertificate

func (*IAM) UpdateServerCertificateWithContext

func (c *IAM) UpdateServerCertificateWithContext(ctx aws.Context, input *UpdateServerCertificateInput, opts ...request.Option) (*UpdateServerCertificateOutput, error)

UpdateServerCertificateWithContext is the same as UpdateServerCertificate with the addition of the ability to pass a context and additional request options.

See UpdateServerCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateServiceSpecificCredential

func (c *IAM) UpdateServiceSpecificCredential(input *UpdateServiceSpecificCredentialInput) (*UpdateServiceSpecificCredentialOutput, error)

UpdateServiceSpecificCredential API operation for AWS Identity and Access Management.

Sets the status of a service-specific credential to Active or Inactive. Service-specific credentials that are inactive cannot be used for authentication to the service. This operation can be used to disable a user’s service-specific credential as part of a credential rotation work flow.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateServiceSpecificCredential for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServiceSpecificCredential

func (*IAM) UpdateServiceSpecificCredentialRequest

func (c *IAM) UpdateServiceSpecificCredentialRequest(input *UpdateServiceSpecificCredentialInput) (req *request.Request, output *UpdateServiceSpecificCredentialOutput)

UpdateServiceSpecificCredentialRequest generates a "aws/request.Request" representing the client's request for the UpdateServiceSpecificCredential operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateServiceSpecificCredential for more information on using the UpdateServiceSpecificCredential API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateServiceSpecificCredentialRequest method.
req, resp := client.UpdateServiceSpecificCredentialRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateServiceSpecificCredential

func (*IAM) UpdateServiceSpecificCredentialWithContext

func (c *IAM) UpdateServiceSpecificCredentialWithContext(ctx aws.Context, input *UpdateServiceSpecificCredentialInput, opts ...request.Option) (*UpdateServiceSpecificCredentialOutput, error)

UpdateServiceSpecificCredentialWithContext is the same as UpdateServiceSpecificCredential with the addition of the ability to pass a context and additional request options.

See UpdateServiceSpecificCredential for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateSigningCertificate

func (c *IAM) UpdateSigningCertificate(input *UpdateSigningCertificateInput) (*UpdateSigningCertificateOutput, error)

UpdateSigningCertificate API operation for AWS Identity and Access Management.

Changes the status of the specified user signing certificate from active to disabled, or vice versa. This operation can be used to disable an IAM user's signing certificate as part of a certificate rotation work flow.

If the UserName field is not specified, the user name is determined implicitly based on the AWS access key ID used to sign the request. Because this operation works for access keys under the AWS account, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated users.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateSigningCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSigningCertificate

Example (Shared00)

To change the active status of a signing certificate for an IAM user

The following command changes the status of a signing certificate for a user named Bob to Inactive.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateSigningCertificateInput{
		CertificateId: aws.String("TA7SMP42TDN5Z26OBPJE7EXAMPLE"),
		Status:        aws.String("Inactive"),
		UserName:      aws.String("Bob"),
	}

	result, err := svc.UpdateSigningCertificate(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateSigningCertificateRequest

func (c *IAM) UpdateSigningCertificateRequest(input *UpdateSigningCertificateInput) (req *request.Request, output *UpdateSigningCertificateOutput)

UpdateSigningCertificateRequest generates a "aws/request.Request" representing the client's request for the UpdateSigningCertificate operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateSigningCertificate for more information on using the UpdateSigningCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateSigningCertificateRequest method.
req, resp := client.UpdateSigningCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateSigningCertificate

func (*IAM) UpdateSigningCertificateWithContext

func (c *IAM) UpdateSigningCertificateWithContext(ctx aws.Context, input *UpdateSigningCertificateInput, opts ...request.Option) (*UpdateSigningCertificateOutput, error)

UpdateSigningCertificateWithContext is the same as UpdateSigningCertificate with the addition of the ability to pass a context and additional request options.

See UpdateSigningCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UpdateUser

func (c *IAM) UpdateUser(input *UpdateUserInput) (*UpdateUserOutput, error)

UpdateUser API operation for AWS Identity and Access Management.

Updates the name and/or the path of the specified IAM user.

You should understand the implications of changing an IAM user's path or name. For more information, see Renaming an IAM User (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_manage.html#id_users_renaming) and Renaming an IAM Group (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_groups_manage_rename.html) in the IAM User Guide.

To change a user name, the requester must have appropriate permissions on both the source object and the target object. For example, to change Bob to Robert, the entity making the request must have permission on Bob and Robert, or must have permission on all (*). For more information about permissions, see Permissions and Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/PermissionsAndPolicies.html).

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UpdateUser for usage and error information.

Returned Error Codes:

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeEntityTemporarilyUnmodifiableException "EntityTemporarilyUnmodifiable" The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateUser

Example (Shared00)

To change an IAM user's name

The following command changes the name of the IAM user Bob to Robert. It does not change the user's path.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UpdateUserInput{
		NewUserName: aws.String("Robert"),
		UserName:    aws.String("Bob"),
	}

	result, err := svc.UpdateUser(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeEntityTemporarilyUnmodifiableException:
				fmt.Println(iam.ErrCodeEntityTemporarilyUnmodifiableException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UpdateUserRequest

func (c *IAM) UpdateUserRequest(input *UpdateUserInput) (req *request.Request, output *UpdateUserOutput)

UpdateUserRequest generates a "aws/request.Request" representing the client's request for the UpdateUser operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UpdateUser for more information on using the UpdateUser API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UpdateUserRequest method.
req, resp := client.UpdateUserRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UpdateUser

func (*IAM) UpdateUserWithContext

func (c *IAM) UpdateUserWithContext(ctx aws.Context, input *UpdateUserInput, opts ...request.Option) (*UpdateUserOutput, error)

UpdateUserWithContext is the same as UpdateUser with the addition of the ability to pass a context and additional request options.

See UpdateUser for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UploadSSHPublicKey

func (c *IAM) UploadSSHPublicKey(input *UploadSSHPublicKeyInput) (*UploadSSHPublicKeyOutput, error)

UploadSSHPublicKey API operation for AWS Identity and Access Management.

Uploads an SSH public key and associates it with the specified IAM user.

The SSH public key uploaded by this operation can be used only for authenticating the associated IAM user to an AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS CodeCommit for SSH Connections (http://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-credentials-ssh.html) in the AWS CodeCommit User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UploadSSHPublicKey for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeInvalidPublicKeyException "InvalidPublicKey" The request was rejected because the public key is malformed or otherwise invalid.

  • ErrCodeDuplicateSSHPublicKeyException "DuplicateSSHPublicKey" The request was rejected because the SSH public key is already associated with the specified IAM user.

  • ErrCodeUnrecognizedPublicKeyEncodingException "UnrecognizedPublicKeyEncoding" The request was rejected because the public key encoding format is unsupported or unrecognized.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSSHPublicKey

func (*IAM) UploadSSHPublicKeyRequest

func (c *IAM) UploadSSHPublicKeyRequest(input *UploadSSHPublicKeyInput) (req *request.Request, output *UploadSSHPublicKeyOutput)

UploadSSHPublicKeyRequest generates a "aws/request.Request" representing the client's request for the UploadSSHPublicKey operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UploadSSHPublicKey for more information on using the UploadSSHPublicKey API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UploadSSHPublicKeyRequest method.
req, resp := client.UploadSSHPublicKeyRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSSHPublicKey

func (*IAM) UploadSSHPublicKeyWithContext

func (c *IAM) UploadSSHPublicKeyWithContext(ctx aws.Context, input *UploadSSHPublicKeyInput, opts ...request.Option) (*UploadSSHPublicKeyOutput, error)

UploadSSHPublicKeyWithContext is the same as UploadSSHPublicKey with the addition of the ability to pass a context and additional request options.

See UploadSSHPublicKey for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UploadServerCertificate

func (c *IAM) UploadServerCertificate(input *UploadServerCertificateInput) (*UploadServerCertificateOutput, error)

UploadServerCertificate API operation for AWS Identity and Access Management.

Uploads a server certificate entity for the AWS account. The server certificate entity includes a public key certificate, a private key, and an optional certificate chain, which should all be PEM-encoded.

We recommend that you use AWS Certificate Manager (https://aws.amazon.com/certificate-manager/) to provision, manage, and deploy your server certificates. With ACM you can request a certificate, deploy it to AWS resources, and let ACM handle certificate renewals for you. Certificates provided by ACM are free. For more information about using ACM, see the AWS Certificate Manager User Guide (http://docs.aws.amazon.com/acm/latest/userguide/).

For more information about working with server certificates, see Working with Server Certificates (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html) in the IAM User Guide. This topic includes a list of AWS services that can use the server certificates that you manage with IAM.

For information about the number of server certificates you can upload, see Limitations on IAM Entities and Objects (http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html) in the IAM User Guide.

Because the body of the public key certificate, private key, and the certificate chain can be large, you should use POST rather than GET when calling UploadServerCertificate. For information about setting up signatures and authorization through the API, go to Signing AWS API Requests (http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html) in the AWS General Reference. For general information about using the Query API with IAM, go to Calling the API by Making HTTP Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/programming.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UploadServerCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeMalformedCertificateException "MalformedCertificate" The request was rejected because the certificate was malformed or expired. The error message describes the specific error.

  • ErrCodeKeyPairMismatchException "KeyPairMismatch" The request was rejected because the public key certificate and the private key do not match.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadServerCertificate

Example (Shared00)

To upload a server certificate to your AWS account

The following upload-server-certificate command uploads a server certificate to your AWS account:

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UploadServerCertificateInput{
		CertificateBody:       aws.String("-----BEGIN CERTIFICATE-----<a very long certificate text string>-----END CERTIFICATE-----"),
		Path:                  aws.String("/company/servercerts/"),
		PrivateKey:            aws.String("-----BEGIN DSA PRIVATE KEY-----<a very long private key string>-----END DSA PRIVATE KEY-----"),
		ServerCertificateName: aws.String("ProdServerCert"),
	}

	result, err := svc.UploadServerCertificate(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeMalformedCertificateException:
				fmt.Println(iam.ErrCodeMalformedCertificateException, aerr.Error())
			case iam.ErrCodeKeyPairMismatchException:
				fmt.Println(iam.ErrCodeKeyPairMismatchException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UploadServerCertificateRequest

func (c *IAM) UploadServerCertificateRequest(input *UploadServerCertificateInput) (req *request.Request, output *UploadServerCertificateOutput)

UploadServerCertificateRequest generates a "aws/request.Request" representing the client's request for the UploadServerCertificate operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UploadServerCertificate for more information on using the UploadServerCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UploadServerCertificateRequest method.
req, resp := client.UploadServerCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadServerCertificate

func (*IAM) UploadServerCertificateWithContext

func (c *IAM) UploadServerCertificateWithContext(ctx aws.Context, input *UploadServerCertificateInput, opts ...request.Option) (*UploadServerCertificateOutput, error)

UploadServerCertificateWithContext is the same as UploadServerCertificate with the addition of the ability to pass a context and additional request options.

See UploadServerCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) UploadSigningCertificate

func (c *IAM) UploadSigningCertificate(input *UploadSigningCertificateInput) (*UploadSigningCertificateOutput, error)

UploadSigningCertificate API operation for AWS Identity and Access Management.

Uploads an X.509 signing certificate and associates it with the specified IAM user. Some AWS services use X.509 signing certificates to validate requests that are signed with a corresponding private key. When you upload the certificate, its default status is Active.

If the UserName field is not specified, the IAM user name is determined implicitly based on the AWS access key ID used to sign the request. Because this operation works for access keys under the AWS account, you can use this operation to manage AWS account root user credentials even if the AWS account has no associated users.

Because the body of an X.509 certificate can be large, you should use POST rather than GET when calling UploadSigningCertificate. For information about setting up signatures and authorization through the API, go to Signing AWS API Requests (http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html) in the AWS General Reference. For general information about using the Query API with IAM, go to Making Query Requests (http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html) in the IAM User Guide.

Returns awserr.Error for service API and SDK errors. Use runtime type assertions with awserr.Error's Code and Message methods to get detailed information about the error.

See the AWS API reference guide for AWS Identity and Access Management's API operation UploadSigningCertificate for usage and error information.

Returned Error Codes:

  • ErrCodeLimitExceededException "LimitExceeded" The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded.

  • ErrCodeEntityAlreadyExistsException "EntityAlreadyExists" The request was rejected because it attempted to create a resource that already exists.

  • ErrCodeMalformedCertificateException "MalformedCertificate" The request was rejected because the certificate was malformed or expired. The error message describes the specific error.

  • ErrCodeInvalidCertificateException "InvalidCertificate" The request was rejected because the certificate is invalid.

  • ErrCodeDuplicateCertificateException "DuplicateCertificate" The request was rejected because the same certificate is associated with an IAM user in the account.

  • ErrCodeNoSuchEntityException "NoSuchEntity" The request was rejected because it referenced an entity that does not exist. The error message describes the entity.

  • ErrCodeServiceFailureException "ServiceFailure" The request processing has failed because of an unknown error, exception or failure.

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSigningCertificate

Example (Shared00)

To upload a signing certificate for an IAM user

The following command uploads a signing certificate for the IAM user named Bob.

package main

import (
	"fmt"

	"github.com/aws/aws-sdk-go/aws"
	"github.com/aws/aws-sdk-go/aws/awserr"
	"github.com/aws/aws-sdk-go/aws/session"
	"github.com/aws/aws-sdk-go/service/iam"
)

func main() {
	svc := iam.New(session.New())
	input := &iam.UploadSigningCertificateInput{
		CertificateBody: aws.String("-----BEGIN CERTIFICATE-----<certificate-body>-----END CERTIFICATE-----"),
		UserName:        aws.String("Bob"),
	}

	result, err := svc.UploadSigningCertificate(input)
	if err != nil {
		if aerr, ok := err.(awserr.Error); ok {
			switch aerr.Code() {
			case iam.ErrCodeLimitExceededException:
				fmt.Println(iam.ErrCodeLimitExceededException, aerr.Error())
			case iam.ErrCodeEntityAlreadyExistsException:
				fmt.Println(iam.ErrCodeEntityAlreadyExistsException, aerr.Error())
			case iam.ErrCodeMalformedCertificateException:
				fmt.Println(iam.ErrCodeMalformedCertificateException, aerr.Error())
			case iam.ErrCodeInvalidCertificateException:
				fmt.Println(iam.ErrCodeInvalidCertificateException, aerr.Error())
			case iam.ErrCodeDuplicateCertificateException:
				fmt.Println(iam.ErrCodeDuplicateCertificateException, aerr.Error())
			case iam.ErrCodeNoSuchEntityException:
				fmt.Println(iam.ErrCodeNoSuchEntityException, aerr.Error())
			case iam.ErrCodeServiceFailureException:
				fmt.Println(iam.ErrCodeServiceFailureException, aerr.Error())
			default:
				fmt.Println(aerr.Error())
			}
		} else {
			// Print the error, cast err to awserr.Error to get the Code and
			// Message from an error.
			fmt.Println(err.Error())
		}
		return
	}

	fmt.Println(result)
}
Output:

func (*IAM) UploadSigningCertificateRequest

func (c *IAM) UploadSigningCertificateRequest(input *UploadSigningCertificateInput) (req *request.Request, output *UploadSigningCertificateOutput)

UploadSigningCertificateRequest generates a "aws/request.Request" representing the client's request for the UploadSigningCertificate operation. The "output" return value will be populated with the request's response once the request completes successfuly.

Use "Send" method on the returned Request to send the API call to the service. the "output" return value is not valid until after Send returns without error.

See UploadSigningCertificate for more information on using the UploadSigningCertificate API call, and error handling.

This method is useful when you want to inject custom logic or configuration into the SDK's request lifecycle. Such as custom headers, or retry logic.

// Example sending a request using the UploadSigningCertificateRequest method.
req, resp := client.UploadSigningCertificateRequest(params)

err := req.Send()
if err == nil { // resp is now filled
    fmt.Println(resp)
}

See also, https://docs.aws.amazon.com/goto/WebAPI/iam-2010-05-08/UploadSigningCertificate

func (*IAM) UploadSigningCertificateWithContext

func (c *IAM) UploadSigningCertificateWithContext(ctx aws.Context, input *UploadSigningCertificateInput, opts ...request.Option) (*UploadSigningCertificateOutput, error)

UploadSigningCertificateWithContext is the same as UploadSigningCertificate with the addition of the ability to pass a context and additional request options.

See UploadSigningCertificate for details on how to use this API operation.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) WaitUntilInstanceProfileExists

func (c *IAM) WaitUntilInstanceProfileExists(input *GetInstanceProfileInput) error

WaitUntilInstanceProfileExists uses the IAM API operation GetInstanceProfile to wait for a condition to be met before returning. If the condition is not met within the max attempt window, an error will be returned.

func (*IAM) WaitUntilInstanceProfileExistsWithContext

func (c *IAM) WaitUntilInstanceProfileExistsWithContext(ctx aws.Context, input *GetInstanceProfileInput, opts ...request.WaiterOption) error

WaitUntilInstanceProfileExistsWithContext is an extended version of WaitUntilInstanceProfileExists. With the support for passing in a context and options to configure the Waiter and the underlying request options.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

func (*IAM) WaitUntilUserExists

func (c *IAM) WaitUntilUserExists(input *GetUserInput) error

WaitUntilUserExists uses the IAM API operation GetUser to wait for a condition to be met before returning. If the condition is not met within the max attempt window, an error will be returned.

func (*IAM) WaitUntilUserExistsWithContext

func (c *IAM) WaitUntilUserExistsWithContext(ctx aws.Context, input *GetUserInput, opts ...request.WaiterOption) error

WaitUntilUserExistsWithContext is an extended version of WaitUntilUserExists. With the support for passing in a context and options to configure the Waiter and the underlying request options.

The context must be non-nil and will be used for request cancellation. If the context is nil a panic will occur. In the future the SDK may create sub-contexts for http.Requests. See https://golang.org/pkg/context/ for more information on using Contexts.

type InstanceProfile

type InstanceProfile struct {

	// The Amazon Resource Name (ARN) specifying the instance profile. For more
	// information about ARNs and how to use them in policies, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The date when the instance profile was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The stable and unique string identifying the instance profile. For more information
	// about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// InstanceProfileId is a required field
	InstanceProfileId *string `min:"16" type:"string" required:"true"`

	// The name identifying the instance profile.
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`

	// The path to the instance profile. For more information about paths, see IAM
	// Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`

	// The role associated with the instance profile.
	//
	// Roles is a required field
	Roles []*Role `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an instance profile.

This data type is used as a response element in the following operations:

  • CreateInstanceProfile

  • GetInstanceProfile

  • ListInstanceProfiles

  • ListInstanceProfilesForRole

func (InstanceProfile) GoString

func (s InstanceProfile) GoString() string

GoString returns the string representation

func (*InstanceProfile) SetArn

func (s *InstanceProfile) SetArn(v string) *InstanceProfile

SetArn sets the Arn field's value.

func (*InstanceProfile) SetCreateDate

func (s *InstanceProfile) SetCreateDate(v time.Time) *InstanceProfile

SetCreateDate sets the CreateDate field's value.

func (*InstanceProfile) SetInstanceProfileId

func (s *InstanceProfile) SetInstanceProfileId(v string) *InstanceProfile

SetInstanceProfileId sets the InstanceProfileId field's value.

func (*InstanceProfile) SetInstanceProfileName

func (s *InstanceProfile) SetInstanceProfileName(v string) *InstanceProfile

SetInstanceProfileName sets the InstanceProfileName field's value.

func (*InstanceProfile) SetPath

func (s *InstanceProfile) SetPath(v string) *InstanceProfile

SetPath sets the Path field's value.

func (*InstanceProfile) SetRoles

func (s *InstanceProfile) SetRoles(v []*Role) *InstanceProfile

SetRoles sets the Roles field's value.

func (InstanceProfile) String

func (s InstanceProfile) String() string

String returns the string representation

type ListAccessKeysInput

type ListAccessKeysInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the user.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListAccessKeysInput) GoString

func (s ListAccessKeysInput) GoString() string

GoString returns the string representation

func (*ListAccessKeysInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListAccessKeysInput) SetMaxItems

func (s *ListAccessKeysInput) SetMaxItems(v int64) *ListAccessKeysInput

SetMaxItems sets the MaxItems field's value.

func (*ListAccessKeysInput) SetUserName

func (s *ListAccessKeysInput) SetUserName(v string) *ListAccessKeysInput

SetUserName sets the UserName field's value.

func (ListAccessKeysInput) String

func (s ListAccessKeysInput) String() string

String returns the string representation

func (*ListAccessKeysInput) Validate

func (s *ListAccessKeysInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAccessKeysOutput

type ListAccessKeysOutput struct {

	// A list of objects containing metadata about the access keys.
	//
	// AccessKeyMetadata is a required field
	AccessKeyMetadata []*AccessKeyMetadata `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAccessKeys request.

func (ListAccessKeysOutput) GoString

func (s ListAccessKeysOutput) GoString() string

GoString returns the string representation

func (*ListAccessKeysOutput) SetAccessKeyMetadata

func (s *ListAccessKeysOutput) SetAccessKeyMetadata(v []*AccessKeyMetadata) *ListAccessKeysOutput

SetAccessKeyMetadata sets the AccessKeyMetadata field's value.

func (*ListAccessKeysOutput) SetIsTruncated

func (s *ListAccessKeysOutput) SetIsTruncated(v bool) *ListAccessKeysOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListAccessKeysOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListAccessKeysOutput) String

func (s ListAccessKeysOutput) String() string

String returns the string representation

type ListAccountAliasesInput

type ListAccountAliasesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (ListAccountAliasesInput) GoString

func (s ListAccountAliasesInput) GoString() string

GoString returns the string representation

func (*ListAccountAliasesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListAccountAliasesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (ListAccountAliasesInput) String

func (s ListAccountAliasesInput) String() string

String returns the string representation

func (*ListAccountAliasesInput) Validate

func (s *ListAccountAliasesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAccountAliasesOutput

type ListAccountAliasesOutput struct {

	// A list of aliases associated with the account. AWS supports only one alias
	// per account.
	//
	// AccountAliases is a required field
	AccountAliases []*string `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAccountAliases request.

func (ListAccountAliasesOutput) GoString

func (s ListAccountAliasesOutput) GoString() string

GoString returns the string representation

func (*ListAccountAliasesOutput) SetAccountAliases

func (s *ListAccountAliasesOutput) SetAccountAliases(v []*string) *ListAccountAliasesOutput

SetAccountAliases sets the AccountAliases field's value.

func (*ListAccountAliasesOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListAccountAliasesOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListAccountAliasesOutput) String

func (s ListAccountAliasesOutput) String() string

String returns the string representation

type ListAttachedGroupPoliciesInput

type ListAttachedGroupPoliciesInput struct {

	// The name (friendly name, not ARN) of the group to list attached policies
	// for.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all policies.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `type:"string"`
	// contains filtered or unexported fields
}

func (ListAttachedGroupPoliciesInput) GoString

GoString returns the string representation

func (*ListAttachedGroupPoliciesInput) SetGroupName

SetGroupName sets the GroupName field's value.

func (*ListAttachedGroupPoliciesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListAttachedGroupPoliciesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListAttachedGroupPoliciesInput) SetPathPrefix

SetPathPrefix sets the PathPrefix field's value.

func (ListAttachedGroupPoliciesInput) String

String returns the string representation

func (*ListAttachedGroupPoliciesInput) Validate

func (s *ListAttachedGroupPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAttachedGroupPoliciesOutput

type ListAttachedGroupPoliciesOutput struct {

	// A list of the attached policies.
	AttachedPolicies []*AttachedPolicy `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAttachedGroupPolicies request.

func (ListAttachedGroupPoliciesOutput) GoString

GoString returns the string representation

func (*ListAttachedGroupPoliciesOutput) SetAttachedPolicies

SetAttachedPolicies sets the AttachedPolicies field's value.

func (*ListAttachedGroupPoliciesOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListAttachedGroupPoliciesOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListAttachedGroupPoliciesOutput) String

String returns the string representation

type ListAttachedRolePoliciesInput

type ListAttachedRolePoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all policies.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `type:"string"`

	// The name (friendly name, not ARN) of the role to list attached policies for.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListAttachedRolePoliciesInput) GoString

GoString returns the string representation

func (*ListAttachedRolePoliciesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListAttachedRolePoliciesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListAttachedRolePoliciesInput) SetPathPrefix

SetPathPrefix sets the PathPrefix field's value.

func (*ListAttachedRolePoliciesInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (ListAttachedRolePoliciesInput) String

String returns the string representation

func (*ListAttachedRolePoliciesInput) Validate

func (s *ListAttachedRolePoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAttachedRolePoliciesOutput

type ListAttachedRolePoliciesOutput struct {

	// A list of the attached policies.
	AttachedPolicies []*AttachedPolicy `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAttachedRolePolicies request.

func (ListAttachedRolePoliciesOutput) GoString

GoString returns the string representation

func (*ListAttachedRolePoliciesOutput) SetAttachedPolicies

SetAttachedPolicies sets the AttachedPolicies field's value.

func (*ListAttachedRolePoliciesOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListAttachedRolePoliciesOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListAttachedRolePoliciesOutput) String

String returns the string representation

type ListAttachedUserPoliciesInput

type ListAttachedUserPoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all policies.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `type:"string"`

	// The name (friendly name, not ARN) of the user to list attached policies for.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListAttachedUserPoliciesInput) GoString

GoString returns the string representation

func (*ListAttachedUserPoliciesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListAttachedUserPoliciesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListAttachedUserPoliciesInput) SetPathPrefix

SetPathPrefix sets the PathPrefix field's value.

func (*ListAttachedUserPoliciesInput) SetUserName

SetUserName sets the UserName field's value.

func (ListAttachedUserPoliciesInput) String

String returns the string representation

func (*ListAttachedUserPoliciesInput) Validate

func (s *ListAttachedUserPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListAttachedUserPoliciesOutput

type ListAttachedUserPoliciesOutput struct {

	// A list of the attached policies.
	AttachedPolicies []*AttachedPolicy `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListAttachedUserPolicies request.

func (ListAttachedUserPoliciesOutput) GoString

GoString returns the string representation

func (*ListAttachedUserPoliciesOutput) SetAttachedPolicies

SetAttachedPolicies sets the AttachedPolicies field's value.

func (*ListAttachedUserPoliciesOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListAttachedUserPoliciesOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListAttachedUserPoliciesOutput) String

String returns the string representation

type ListEntitiesForPolicyInput

type ListEntitiesForPolicyInput struct {

	// The entity type to use for filtering the results.
	//
	// For example, when EntityFilter is Role, only the roles that are attached
	// to the specified policy are returned. This parameter is optional. If it is
	// not included, all attached entities (users, groups, and roles) are returned.
	// The argument for this parameter must be one of the valid values listed below.
	EntityFilter *string `type:"string" enum:"EntityType"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all entities.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `min:"1" type:"string"`

	// The Amazon Resource Name (ARN) of the IAM policy for which you want the versions.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListEntitiesForPolicyInput) GoString

func (s ListEntitiesForPolicyInput) GoString() string

GoString returns the string representation

func (*ListEntitiesForPolicyInput) SetEntityFilter

SetEntityFilter sets the EntityFilter field's value.

func (*ListEntitiesForPolicyInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListEntitiesForPolicyInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListEntitiesForPolicyInput) SetPathPrefix

SetPathPrefix sets the PathPrefix field's value.

func (*ListEntitiesForPolicyInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (ListEntitiesForPolicyInput) String

String returns the string representation

func (*ListEntitiesForPolicyInput) Validate

func (s *ListEntitiesForPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListEntitiesForPolicyOutput

type ListEntitiesForPolicyOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of IAM groups that the policy is attached to.
	PolicyGroups []*PolicyGroup `type:"list"`

	// A list of IAM roles that the policy is attached to.
	PolicyRoles []*PolicyRole `type:"list"`

	// A list of IAM users that the policy is attached to.
	PolicyUsers []*PolicyUser `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListEntitiesForPolicy request.

func (ListEntitiesForPolicyOutput) GoString

func (s ListEntitiesForPolicyOutput) GoString() string

GoString returns the string representation

func (*ListEntitiesForPolicyOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListEntitiesForPolicyOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListEntitiesForPolicyOutput) SetPolicyGroups

SetPolicyGroups sets the PolicyGroups field's value.

func (*ListEntitiesForPolicyOutput) SetPolicyRoles

SetPolicyRoles sets the PolicyRoles field's value.

func (*ListEntitiesForPolicyOutput) SetPolicyUsers

SetPolicyUsers sets the PolicyUsers field's value.

func (ListEntitiesForPolicyOutput) String

String returns the string representation

type ListGroupPoliciesInput

type ListGroupPoliciesInput struct {

	// The name of the group to list policies for.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (ListGroupPoliciesInput) GoString

func (s ListGroupPoliciesInput) GoString() string

GoString returns the string representation

func (*ListGroupPoliciesInput) SetGroupName

SetGroupName sets the GroupName field's value.

func (*ListGroupPoliciesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListGroupPoliciesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (ListGroupPoliciesInput) String

func (s ListGroupPoliciesInput) String() string

String returns the string representation

func (*ListGroupPoliciesInput) Validate

func (s *ListGroupPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListGroupPoliciesOutput

type ListGroupPoliciesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of policy names.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyNames is a required field
	PolicyNames []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListGroupPolicies request.

func (ListGroupPoliciesOutput) GoString

func (s ListGroupPoliciesOutput) GoString() string

GoString returns the string representation

func (*ListGroupPoliciesOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListGroupPoliciesOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListGroupPoliciesOutput) SetPolicyNames

func (s *ListGroupPoliciesOutput) SetPolicyNames(v []*string) *ListGroupPoliciesOutput

SetPolicyNames sets the PolicyNames field's value.

func (ListGroupPoliciesOutput) String

func (s ListGroupPoliciesOutput) String() string

String returns the string representation

type ListGroupsForUserInput

type ListGroupsForUserInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the user to list groups for.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListGroupsForUserInput) GoString

func (s ListGroupsForUserInput) GoString() string

GoString returns the string representation

func (*ListGroupsForUserInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListGroupsForUserInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListGroupsForUserInput) SetUserName

SetUserName sets the UserName field's value.

func (ListGroupsForUserInput) String

func (s ListGroupsForUserInput) String() string

String returns the string representation

func (*ListGroupsForUserInput) Validate

func (s *ListGroupsForUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListGroupsForUserOutput

type ListGroupsForUserOutput struct {

	// A list of groups.
	//
	// Groups is a required field
	Groups []*Group `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListGroupsForUser request.

func (ListGroupsForUserOutput) GoString

func (s ListGroupsForUserOutput) GoString() string

GoString returns the string representation

func (*ListGroupsForUserOutput) SetGroups

SetGroups sets the Groups field's value.

func (*ListGroupsForUserOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListGroupsForUserOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListGroupsForUserOutput) String

func (s ListGroupsForUserOutput) String() string

String returns the string representation

type ListGroupsInput

type ListGroupsInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example, the prefix /division_abc/subdivision_xyz/
	// gets all groups whose path starts with /division_abc/subdivision_xyz/.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all groups. This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListGroupsInput) GoString

func (s ListGroupsInput) GoString() string

GoString returns the string representation

func (*ListGroupsInput) SetMarker

func (s *ListGroupsInput) SetMarker(v string) *ListGroupsInput

SetMarker sets the Marker field's value.

func (*ListGroupsInput) SetMaxItems

func (s *ListGroupsInput) SetMaxItems(v int64) *ListGroupsInput

SetMaxItems sets the MaxItems field's value.

func (*ListGroupsInput) SetPathPrefix

func (s *ListGroupsInput) SetPathPrefix(v string) *ListGroupsInput

SetPathPrefix sets the PathPrefix field's value.

func (ListGroupsInput) String

func (s ListGroupsInput) String() string

String returns the string representation

func (*ListGroupsInput) Validate

func (s *ListGroupsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListGroupsOutput

type ListGroupsOutput struct {

	// A list of groups.
	//
	// Groups is a required field
	Groups []*Group `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListGroups request.

func (ListGroupsOutput) GoString

func (s ListGroupsOutput) GoString() string

GoString returns the string representation

func (*ListGroupsOutput) SetGroups

func (s *ListGroupsOutput) SetGroups(v []*Group) *ListGroupsOutput

SetGroups sets the Groups field's value.

func (*ListGroupsOutput) SetIsTruncated

func (s *ListGroupsOutput) SetIsTruncated(v bool) *ListGroupsOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListGroupsOutput) SetMarker

func (s *ListGroupsOutput) SetMarker(v string) *ListGroupsOutput

SetMarker sets the Marker field's value.

func (ListGroupsOutput) String

func (s ListGroupsOutput) String() string

String returns the string representation

type ListInstanceProfilesForRoleInput

type ListInstanceProfilesForRoleInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the role to list instance profiles for.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListInstanceProfilesForRoleInput) GoString

GoString returns the string representation

func (*ListInstanceProfilesForRoleInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListInstanceProfilesForRoleInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListInstanceProfilesForRoleInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (ListInstanceProfilesForRoleInput) String

String returns the string representation

func (*ListInstanceProfilesForRoleInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type ListInstanceProfilesForRoleOutput

type ListInstanceProfilesForRoleOutput struct {

	// A list of instance profiles.
	//
	// InstanceProfiles is a required field
	InstanceProfiles []*InstanceProfile `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListInstanceProfilesForRole request.

func (ListInstanceProfilesForRoleOutput) GoString

GoString returns the string representation

func (*ListInstanceProfilesForRoleOutput) SetInstanceProfiles

SetInstanceProfiles sets the InstanceProfiles field's value.

func (*ListInstanceProfilesForRoleOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListInstanceProfilesForRoleOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListInstanceProfilesForRoleOutput) String

String returns the string representation

type ListInstanceProfilesInput

type ListInstanceProfilesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example, the prefix /application_abc/component_xyz/
	// gets all instance profiles whose path starts with /application_abc/component_xyz/.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all instance profiles. This parameter allows (per its regex
	// pattern (http://wikipedia.org/wiki/regex)) a string of characters consisting
	// of either a forward slash (/) by itself or a string that must begin and end
	// with forward slashes. In addition, it can contain any ASCII character from
	// the ! (\u0021) through the DEL character (\u007F), including most punctuation
	// characters, digits, and upper and lowercased letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListInstanceProfilesInput) GoString

func (s ListInstanceProfilesInput) GoString() string

GoString returns the string representation

func (*ListInstanceProfilesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListInstanceProfilesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListInstanceProfilesInput) SetPathPrefix

SetPathPrefix sets the PathPrefix field's value.

func (ListInstanceProfilesInput) String

func (s ListInstanceProfilesInput) String() string

String returns the string representation

func (*ListInstanceProfilesInput) Validate

func (s *ListInstanceProfilesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListInstanceProfilesOutput

type ListInstanceProfilesOutput struct {

	// A list of instance profiles.
	//
	// InstanceProfiles is a required field
	InstanceProfiles []*InstanceProfile `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListInstanceProfiles request.

func (ListInstanceProfilesOutput) GoString

func (s ListInstanceProfilesOutput) GoString() string

GoString returns the string representation

func (*ListInstanceProfilesOutput) SetInstanceProfiles

SetInstanceProfiles sets the InstanceProfiles field's value.

func (*ListInstanceProfilesOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListInstanceProfilesOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListInstanceProfilesOutput) String

String returns the string representation

type ListMFADevicesInput

type ListMFADevicesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the user whose MFA devices you want to list.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListMFADevicesInput) GoString

func (s ListMFADevicesInput) GoString() string

GoString returns the string representation

func (*ListMFADevicesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListMFADevicesInput) SetMaxItems

func (s *ListMFADevicesInput) SetMaxItems(v int64) *ListMFADevicesInput

SetMaxItems sets the MaxItems field's value.

func (*ListMFADevicesInput) SetUserName

func (s *ListMFADevicesInput) SetUserName(v string) *ListMFADevicesInput

SetUserName sets the UserName field's value.

func (ListMFADevicesInput) String

func (s ListMFADevicesInput) String() string

String returns the string representation

func (*ListMFADevicesInput) Validate

func (s *ListMFADevicesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListMFADevicesOutput

type ListMFADevicesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// A list of MFA devices.
	//
	// MFADevices is a required field
	MFADevices []*MFADevice `type:"list" required:"true"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListMFADevices request.

func (ListMFADevicesOutput) GoString

func (s ListMFADevicesOutput) GoString() string

GoString returns the string representation

func (*ListMFADevicesOutput) SetIsTruncated

func (s *ListMFADevicesOutput) SetIsTruncated(v bool) *ListMFADevicesOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListMFADevicesOutput) SetMFADevices

func (s *ListMFADevicesOutput) SetMFADevices(v []*MFADevice) *ListMFADevicesOutput

SetMFADevices sets the MFADevices field's value.

func (*ListMFADevicesOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListMFADevicesOutput) String

func (s ListMFADevicesOutput) String() string

String returns the string representation

type ListOpenIDConnectProvidersInput

type ListOpenIDConnectProvidersInput struct {
	// contains filtered or unexported fields
}

func (ListOpenIDConnectProvidersInput) GoString

GoString returns the string representation

func (ListOpenIDConnectProvidersInput) String

String returns the string representation

type ListOpenIDConnectProvidersOutput

type ListOpenIDConnectProvidersOutput struct {

	// The list of IAM OIDC provider resource objects defined in the AWS account.
	OpenIDConnectProviderList []*OpenIDConnectProviderListEntry `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListOpenIDConnectProviders request.

func (ListOpenIDConnectProvidersOutput) GoString

GoString returns the string representation

func (*ListOpenIDConnectProvidersOutput) SetOpenIDConnectProviderList

SetOpenIDConnectProviderList sets the OpenIDConnectProviderList field's value.

func (ListOpenIDConnectProvidersOutput) String

String returns the string representation

type ListPoliciesInput

type ListPoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// A flag to filter the results to only the attached policies.
	//
	// When OnlyAttached is true, the returned list contains only the policies that
	// are attached to an IAM user, group, or role. When OnlyAttached is false,
	// or when the parameter is not included, all policies are returned.
	OnlyAttached *bool `type:"boolean"`

	// The path prefix for filtering the results. This parameter is optional. If
	// it is not included, it defaults to a slash (/), listing all policies. This
	// parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `type:"string"`

	// The scope to use for filtering the results.
	//
	// To list only AWS managed policies, set Scope to AWS. To list only the customer
	// managed policies in your AWS account, set Scope to Local.
	//
	// This parameter is optional. If it is not included, or if it is set to All,
	// all policies are returned.
	Scope *string `type:"string" enum:"policyScopeType"`
	// contains filtered or unexported fields
}

func (ListPoliciesInput) GoString

func (s ListPoliciesInput) GoString() string

GoString returns the string representation

func (*ListPoliciesInput) SetMarker

func (s *ListPoliciesInput) SetMarker(v string) *ListPoliciesInput

SetMarker sets the Marker field's value.

func (*ListPoliciesInput) SetMaxItems

func (s *ListPoliciesInput) SetMaxItems(v int64) *ListPoliciesInput

SetMaxItems sets the MaxItems field's value.

func (*ListPoliciesInput) SetOnlyAttached

func (s *ListPoliciesInput) SetOnlyAttached(v bool) *ListPoliciesInput

SetOnlyAttached sets the OnlyAttached field's value.

func (*ListPoliciesInput) SetPathPrefix

func (s *ListPoliciesInput) SetPathPrefix(v string) *ListPoliciesInput

SetPathPrefix sets the PathPrefix field's value.

func (*ListPoliciesInput) SetScope

func (s *ListPoliciesInput) SetScope(v string) *ListPoliciesInput

SetScope sets the Scope field's value.

func (ListPoliciesInput) String

func (s ListPoliciesInput) String() string

String returns the string representation

func (*ListPoliciesInput) Validate

func (s *ListPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListPoliciesOutput

type ListPoliciesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of policies.
	Policies []*Policy `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListPolicies request.

func (ListPoliciesOutput) GoString

func (s ListPoliciesOutput) GoString() string

GoString returns the string representation

func (*ListPoliciesOutput) SetIsTruncated

func (s *ListPoliciesOutput) SetIsTruncated(v bool) *ListPoliciesOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListPoliciesOutput) SetMarker

func (s *ListPoliciesOutput) SetMarker(v string) *ListPoliciesOutput

SetMarker sets the Marker field's value.

func (*ListPoliciesOutput) SetPolicies

func (s *ListPoliciesOutput) SetPolicies(v []*Policy) *ListPoliciesOutput

SetPolicies sets the Policies field's value.

func (ListPoliciesOutput) String

func (s ListPoliciesOutput) String() string

String returns the string representation

type ListPolicyVersionsInput

type ListPolicyVersionsInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The Amazon Resource Name (ARN) of the IAM policy for which you want the versions.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListPolicyVersionsInput) GoString

func (s ListPolicyVersionsInput) GoString() string

GoString returns the string representation

func (*ListPolicyVersionsInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListPolicyVersionsInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListPolicyVersionsInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (ListPolicyVersionsInput) String

func (s ListPolicyVersionsInput) String() string

String returns the string representation

func (*ListPolicyVersionsInput) Validate

func (s *ListPolicyVersionsInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListPolicyVersionsOutput

type ListPolicyVersionsOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of policy versions.
	//
	// For more information about managed policy versions, see Versioning for Managed
	// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the IAM User Guide.
	Versions []*PolicyVersion `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListPolicyVersions request.

func (ListPolicyVersionsOutput) GoString

func (s ListPolicyVersionsOutput) GoString() string

GoString returns the string representation

func (*ListPolicyVersionsOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListPolicyVersionsOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListPolicyVersionsOutput) SetVersions

SetVersions sets the Versions field's value.

func (ListPolicyVersionsOutput) String

func (s ListPolicyVersionsOutput) String() string

String returns the string representation

type ListRolePoliciesInput

type ListRolePoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the role to list policies for.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListRolePoliciesInput) GoString

func (s ListRolePoliciesInput) GoString() string

GoString returns the string representation

func (*ListRolePoliciesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListRolePoliciesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListRolePoliciesInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (ListRolePoliciesInput) String

func (s ListRolePoliciesInput) String() string

String returns the string representation

func (*ListRolePoliciesInput) Validate

func (s *ListRolePoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListRolePoliciesOutput

type ListRolePoliciesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of policy names.
	//
	// PolicyNames is a required field
	PolicyNames []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListRolePolicies request.

func (ListRolePoliciesOutput) GoString

func (s ListRolePoliciesOutput) GoString() string

GoString returns the string representation

func (*ListRolePoliciesOutput) SetIsTruncated

func (s *ListRolePoliciesOutput) SetIsTruncated(v bool) *ListRolePoliciesOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListRolePoliciesOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListRolePoliciesOutput) SetPolicyNames

func (s *ListRolePoliciesOutput) SetPolicyNames(v []*string) *ListRolePoliciesOutput

SetPolicyNames sets the PolicyNames field's value.

func (ListRolePoliciesOutput) String

func (s ListRolePoliciesOutput) String() string

String returns the string representation

type ListRolesInput

type ListRolesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example, the prefix /application_abc/component_xyz/
	// gets all roles whose path starts with /application_abc/component_xyz/.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all roles. This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListRolesInput) GoString

func (s ListRolesInput) GoString() string

GoString returns the string representation

func (*ListRolesInput) SetMarker

func (s *ListRolesInput) SetMarker(v string) *ListRolesInput

SetMarker sets the Marker field's value.

func (*ListRolesInput) SetMaxItems

func (s *ListRolesInput) SetMaxItems(v int64) *ListRolesInput

SetMaxItems sets the MaxItems field's value.

func (*ListRolesInput) SetPathPrefix

func (s *ListRolesInput) SetPathPrefix(v string) *ListRolesInput

SetPathPrefix sets the PathPrefix field's value.

func (ListRolesInput) String

func (s ListRolesInput) String() string

String returns the string representation

func (*ListRolesInput) Validate

func (s *ListRolesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListRolesOutput

type ListRolesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of roles.
	//
	// Roles is a required field
	Roles []*Role `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListRoles request.

func (ListRolesOutput) GoString

func (s ListRolesOutput) GoString() string

GoString returns the string representation

func (*ListRolesOutput) SetIsTruncated

func (s *ListRolesOutput) SetIsTruncated(v bool) *ListRolesOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListRolesOutput) SetMarker

func (s *ListRolesOutput) SetMarker(v string) *ListRolesOutput

SetMarker sets the Marker field's value.

func (*ListRolesOutput) SetRoles

func (s *ListRolesOutput) SetRoles(v []*Role) *ListRolesOutput

SetRoles sets the Roles field's value.

func (ListRolesOutput) String

func (s ListRolesOutput) String() string

String returns the string representation

type ListSAMLProvidersInput

type ListSAMLProvidersInput struct {
	// contains filtered or unexported fields
}

func (ListSAMLProvidersInput) GoString

func (s ListSAMLProvidersInput) GoString() string

GoString returns the string representation

func (ListSAMLProvidersInput) String

func (s ListSAMLProvidersInput) String() string

String returns the string representation

type ListSAMLProvidersOutput

type ListSAMLProvidersOutput struct {

	// The list of SAML provider resource objects defined in IAM for this AWS account.
	SAMLProviderList []*SAMLProviderListEntry `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListSAMLProviders request.

func (ListSAMLProvidersOutput) GoString

func (s ListSAMLProvidersOutput) GoString() string

GoString returns the string representation

func (*ListSAMLProvidersOutput) SetSAMLProviderList

SetSAMLProviderList sets the SAMLProviderList field's value.

func (ListSAMLProvidersOutput) String

func (s ListSAMLProvidersOutput) String() string

String returns the string representation

type ListSSHPublicKeysInput

type ListSSHPublicKeysInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the IAM user to list SSH public keys for. If none is specified,
	// the UserName field is determined implicitly based on the AWS access key used
	// to sign the request.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListSSHPublicKeysInput) GoString

func (s ListSSHPublicKeysInput) GoString() string

GoString returns the string representation

func (*ListSSHPublicKeysInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListSSHPublicKeysInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListSSHPublicKeysInput) SetUserName

SetUserName sets the UserName field's value.

func (ListSSHPublicKeysInput) String

func (s ListSSHPublicKeysInput) String() string

String returns the string representation

func (*ListSSHPublicKeysInput) Validate

func (s *ListSSHPublicKeysInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListSSHPublicKeysOutput

type ListSSHPublicKeysOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of the SSH public keys assigned to IAM user.
	SSHPublicKeys []*SSHPublicKeyMetadata `type:"list"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListSSHPublicKeys request.

func (ListSSHPublicKeysOutput) GoString

func (s ListSSHPublicKeysOutput) GoString() string

GoString returns the string representation

func (*ListSSHPublicKeysOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListSSHPublicKeysOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListSSHPublicKeysOutput) SetSSHPublicKeys

SetSSHPublicKeys sets the SSHPublicKeys field's value.

func (ListSSHPublicKeysOutput) String

func (s ListSSHPublicKeysOutput) String() string

String returns the string representation

type ListServerCertificatesInput

type ListServerCertificatesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example: /company/servercerts
	// would get all server certificates for which the path starts with /company/servercerts.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all server certificates. This parameter allows (per its regex
	// pattern (http://wikipedia.org/wiki/regex)) a string of characters consisting
	// of either a forward slash (/) by itself or a string that must begin and end
	// with forward slashes. In addition, it can contain any ASCII character from
	// the ! (\u0021) through the DEL character (\u007F), including most punctuation
	// characters, digits, and upper and lowercased letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListServerCertificatesInput) GoString

func (s ListServerCertificatesInput) GoString() string

GoString returns the string representation

func (*ListServerCertificatesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListServerCertificatesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListServerCertificatesInput) SetPathPrefix

SetPathPrefix sets the PathPrefix field's value.

func (ListServerCertificatesInput) String

String returns the string representation

func (*ListServerCertificatesInput) Validate

func (s *ListServerCertificatesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListServerCertificatesOutput

type ListServerCertificatesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of server certificates.
	//
	// ServerCertificateMetadataList is a required field
	ServerCertificateMetadataList []*ServerCertificateMetadata `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListServerCertificates request.

func (ListServerCertificatesOutput) GoString

func (s ListServerCertificatesOutput) GoString() string

GoString returns the string representation

func (*ListServerCertificatesOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListServerCertificatesOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListServerCertificatesOutput) SetServerCertificateMetadataList

func (s *ListServerCertificatesOutput) SetServerCertificateMetadataList(v []*ServerCertificateMetadata) *ListServerCertificatesOutput

SetServerCertificateMetadataList sets the ServerCertificateMetadataList field's value.

func (ListServerCertificatesOutput) String

String returns the string representation

type ListServiceSpecificCredentialsInput

type ListServiceSpecificCredentialsInput struct {

	// Filters the returned results to only those for the specified AWS service.
	// If not specified, then AWS returns service-specific credentials for all services.
	ServiceName *string `type:"string"`

	// The name of the user whose service-specific credentials you want information
	// about. If this value is not specified, then the operation assumes the user
	// whose credentials are used to call the operation.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListServiceSpecificCredentialsInput) GoString

GoString returns the string representation

func (*ListServiceSpecificCredentialsInput) SetServiceName

SetServiceName sets the ServiceName field's value.

func (*ListServiceSpecificCredentialsInput) SetUserName

SetUserName sets the UserName field's value.

func (ListServiceSpecificCredentialsInput) String

String returns the string representation

func (*ListServiceSpecificCredentialsInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type ListServiceSpecificCredentialsOutput

type ListServiceSpecificCredentialsOutput struct {

	// A list of structures that each contain details about a service-specific credential.
	ServiceSpecificCredentials []*ServiceSpecificCredentialMetadata `type:"list"`
	// contains filtered or unexported fields
}

func (ListServiceSpecificCredentialsOutput) GoString

GoString returns the string representation

func (*ListServiceSpecificCredentialsOutput) SetServiceSpecificCredentials

SetServiceSpecificCredentials sets the ServiceSpecificCredentials field's value.

func (ListServiceSpecificCredentialsOutput) String

String returns the string representation

type ListSigningCertificatesInput

type ListSigningCertificatesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the IAM user whose signing certificates you want to examine.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListSigningCertificatesInput) GoString

func (s ListSigningCertificatesInput) GoString() string

GoString returns the string representation

func (*ListSigningCertificatesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListSigningCertificatesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListSigningCertificatesInput) SetUserName

SetUserName sets the UserName field's value.

func (ListSigningCertificatesInput) String

String returns the string representation

func (*ListSigningCertificatesInput) Validate

func (s *ListSigningCertificatesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListSigningCertificatesOutput

type ListSigningCertificatesOutput struct {

	// A list of the user's signing certificate information.
	//
	// Certificates is a required field
	Certificates []*SigningCertificate `type:"list" required:"true"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListSigningCertificates request.

func (ListSigningCertificatesOutput) GoString

GoString returns the string representation

func (*ListSigningCertificatesOutput) SetCertificates

SetCertificates sets the Certificates field's value.

func (*ListSigningCertificatesOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListSigningCertificatesOutput) SetMarker

SetMarker sets the Marker field's value.

func (ListSigningCertificatesOutput) String

String returns the string representation

type ListUserPoliciesInput

type ListUserPoliciesInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The name of the user to list policies for.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ListUserPoliciesInput) GoString

func (s ListUserPoliciesInput) GoString() string

GoString returns the string representation

func (*ListUserPoliciesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListUserPoliciesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*ListUserPoliciesInput) SetUserName

SetUserName sets the UserName field's value.

func (ListUserPoliciesInput) String

func (s ListUserPoliciesInput) String() string

String returns the string representation

func (*ListUserPoliciesInput) Validate

func (s *ListUserPoliciesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListUserPoliciesOutput

type ListUserPoliciesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of policy names.
	//
	// PolicyNames is a required field
	PolicyNames []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListUserPolicies request.

func (ListUserPoliciesOutput) GoString

func (s ListUserPoliciesOutput) GoString() string

GoString returns the string representation

func (*ListUserPoliciesOutput) SetIsTruncated

func (s *ListUserPoliciesOutput) SetIsTruncated(v bool) *ListUserPoliciesOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListUserPoliciesOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListUserPoliciesOutput) SetPolicyNames

func (s *ListUserPoliciesOutput) SetPolicyNames(v []*string) *ListUserPoliciesOutput

SetPolicyNames sets the PolicyNames field's value.

func (ListUserPoliciesOutput) String

func (s ListUserPoliciesOutput) String() string

String returns the string representation

type ListUsersInput

type ListUsersInput struct {

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// The path prefix for filtering the results. For example: /division_abc/subdivision_xyz/,
	// which would get all user names whose path starts with /division_abc/subdivision_xyz/.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/), listing all user names. This parameter allows (per its regex pattern
	// (http://wikipedia.org/wiki/regex)) a string of characters consisting of either
	// a forward slash (/) by itself or a string that must begin and end with forward
	// slashes. In addition, it can contain any ASCII character from the ! (\u0021)
	// through the DEL character (\u007F), including most punctuation characters,
	// digits, and upper and lowercased letters.
	PathPrefix *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ListUsersInput) GoString

func (s ListUsersInput) GoString() string

GoString returns the string representation

func (*ListUsersInput) SetMarker

func (s *ListUsersInput) SetMarker(v string) *ListUsersInput

SetMarker sets the Marker field's value.

func (*ListUsersInput) SetMaxItems

func (s *ListUsersInput) SetMaxItems(v int64) *ListUsersInput

SetMaxItems sets the MaxItems field's value.

func (*ListUsersInput) SetPathPrefix

func (s *ListUsersInput) SetPathPrefix(v string) *ListUsersInput

SetPathPrefix sets the PathPrefix field's value.

func (ListUsersInput) String

func (s ListUsersInput) String() string

String returns the string representation

func (*ListUsersInput) Validate

func (s *ListUsersInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListUsersOutput

type ListUsersOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// A list of users.
	//
	// Users is a required field
	Users []*User `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListUsers request.

func (ListUsersOutput) GoString

func (s ListUsersOutput) GoString() string

GoString returns the string representation

func (*ListUsersOutput) SetIsTruncated

func (s *ListUsersOutput) SetIsTruncated(v bool) *ListUsersOutput

SetIsTruncated sets the IsTruncated field's value.

func (*ListUsersOutput) SetMarker

func (s *ListUsersOutput) SetMarker(v string) *ListUsersOutput

SetMarker sets the Marker field's value.

func (*ListUsersOutput) SetUsers

func (s *ListUsersOutput) SetUsers(v []*User) *ListUsersOutput

SetUsers sets the Users field's value.

func (ListUsersOutput) String

func (s ListUsersOutput) String() string

String returns the string representation

type ListVirtualMFADevicesInput

type ListVirtualMFADevicesInput struct {

	// The status (Unassigned or Assigned) of the devices to list. If you do not
	// specify an AssignmentStatus, the operation defaults to Any which lists both
	// assigned and unassigned virtual MFA devices.
	AssignmentStatus *string `type:"string" enum:"assignmentStatusType"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`
	// contains filtered or unexported fields
}

func (ListVirtualMFADevicesInput) GoString

func (s ListVirtualMFADevicesInput) GoString() string

GoString returns the string representation

func (*ListVirtualMFADevicesInput) SetAssignmentStatus

SetAssignmentStatus sets the AssignmentStatus field's value.

func (*ListVirtualMFADevicesInput) SetMarker

SetMarker sets the Marker field's value.

func (*ListVirtualMFADevicesInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (ListVirtualMFADevicesInput) String

String returns the string representation

func (*ListVirtualMFADevicesInput) Validate

func (s *ListVirtualMFADevicesInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ListVirtualMFADevicesOutput

type ListVirtualMFADevicesOutput struct {

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`

	// The list of virtual MFA devices in the current account that match the AssignmentStatus
	// value that was passed in the request.
	//
	// VirtualMFADevices is a required field
	VirtualMFADevices []*VirtualMFADevice `type:"list" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful ListVirtualMFADevices request.

func (ListVirtualMFADevicesOutput) GoString

func (s ListVirtualMFADevicesOutput) GoString() string

GoString returns the string representation

func (*ListVirtualMFADevicesOutput) SetIsTruncated

SetIsTruncated sets the IsTruncated field's value.

func (*ListVirtualMFADevicesOutput) SetMarker

SetMarker sets the Marker field's value.

func (*ListVirtualMFADevicesOutput) SetVirtualMFADevices

SetVirtualMFADevices sets the VirtualMFADevices field's value.

func (ListVirtualMFADevicesOutput) String

String returns the string representation

type LoginProfile

type LoginProfile struct {

	// The date when the password for the user was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// Specifies whether the user is required to set a new password on next sign-in.
	PasswordResetRequired *bool `type:"boolean"`

	// The name of the user, which can be used for signing in to the AWS Management
	// Console.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the user name and password create date for a user.

This data type is used as a response element in the CreateLoginProfile and GetLoginProfile operations.

func (LoginProfile) GoString

func (s LoginProfile) GoString() string

GoString returns the string representation

func (*LoginProfile) SetCreateDate

func (s *LoginProfile) SetCreateDate(v time.Time) *LoginProfile

SetCreateDate sets the CreateDate field's value.

func (*LoginProfile) SetPasswordResetRequired

func (s *LoginProfile) SetPasswordResetRequired(v bool) *LoginProfile

SetPasswordResetRequired sets the PasswordResetRequired field's value.

func (*LoginProfile) SetUserName

func (s *LoginProfile) SetUserName(v string) *LoginProfile

SetUserName sets the UserName field's value.

func (LoginProfile) String

func (s LoginProfile) String() string

String returns the string representation

type MFADevice

type MFADevice struct {

	// The date when the MFA device was enabled for the user.
	//
	// EnableDate is a required field
	EnableDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The serial number that uniquely identifies the MFA device. For virtual MFA
	// devices, the serial number is the device ARN.
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The user with whom the MFA device is associated.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an MFA device.

This data type is used as a response element in the ListMFADevices operation.

func (MFADevice) GoString

func (s MFADevice) GoString() string

GoString returns the string representation

func (*MFADevice) SetEnableDate

func (s *MFADevice) SetEnableDate(v time.Time) *MFADevice

SetEnableDate sets the EnableDate field's value.

func (*MFADevice) SetSerialNumber

func (s *MFADevice) SetSerialNumber(v string) *MFADevice

SetSerialNumber sets the SerialNumber field's value.

func (*MFADevice) SetUserName

func (s *MFADevice) SetUserName(v string) *MFADevice

SetUserName sets the UserName field's value.

func (MFADevice) String

func (s MFADevice) String() string

String returns the string representation

type ManagedPolicyDetail

type ManagedPolicyDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	Arn *string `min:"20" type:"string"`

	// The number of principal entities (users, groups, and roles) that the policy
	// is attached to.
	AttachmentCount *int64 `type:"integer"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The identifier for the version of the policy that is set as the default (operative)
	// version.
	//
	// For more information about policy versions, see Versioning for Managed Policies
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the Using IAM guide.
	DefaultVersionId *string `type:"string"`

	// A friendly description of the policy.
	Description *string `type:"string"`

	// Specifies whether the policy can be attached to an IAM user, group, or role.
	IsAttachable *bool `type:"boolean"`

	// The path to the policy.
	//
	// For more information about paths, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	Path *string `type:"string"`

	// The stable and unique string identifying the policy.
	//
	// For more information about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	PolicyId *string `min:"16" type:"string"`

	// The friendly name (not ARN) identifying the policy.
	PolicyName *string `min:"1" type:"string"`

	// A list containing information about the versions of the policy.
	PolicyVersionList []*PolicyVersion `type:"list"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy was last updated.
	//
	// When a policy has only one version, this field contains the date and time
	// when the policy was created. When a policy has more than one version, this
	// field contains the date and time when the most recent policy version was
	// created.
	UpdateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`
	// contains filtered or unexported fields
}

Contains information about a managed policy, including the policy's ARN, versions, and the number of principal entities (users, groups, and roles) that the policy is attached to.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

For more information about managed policies, see Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (ManagedPolicyDetail) GoString

func (s ManagedPolicyDetail) GoString() string

GoString returns the string representation

func (*ManagedPolicyDetail) SetArn

SetArn sets the Arn field's value.

func (*ManagedPolicyDetail) SetAttachmentCount

func (s *ManagedPolicyDetail) SetAttachmentCount(v int64) *ManagedPolicyDetail

SetAttachmentCount sets the AttachmentCount field's value.

func (*ManagedPolicyDetail) SetCreateDate

func (s *ManagedPolicyDetail) SetCreateDate(v time.Time) *ManagedPolicyDetail

SetCreateDate sets the CreateDate field's value.

func (*ManagedPolicyDetail) SetDefaultVersionId

func (s *ManagedPolicyDetail) SetDefaultVersionId(v string) *ManagedPolicyDetail

SetDefaultVersionId sets the DefaultVersionId field's value.

func (*ManagedPolicyDetail) SetDescription

func (s *ManagedPolicyDetail) SetDescription(v string) *ManagedPolicyDetail

SetDescription sets the Description field's value.

func (*ManagedPolicyDetail) SetIsAttachable

func (s *ManagedPolicyDetail) SetIsAttachable(v bool) *ManagedPolicyDetail

SetIsAttachable sets the IsAttachable field's value.

func (*ManagedPolicyDetail) SetPath

SetPath sets the Path field's value.

func (*ManagedPolicyDetail) SetPolicyId

func (s *ManagedPolicyDetail) SetPolicyId(v string) *ManagedPolicyDetail

SetPolicyId sets the PolicyId field's value.

func (*ManagedPolicyDetail) SetPolicyName

func (s *ManagedPolicyDetail) SetPolicyName(v string) *ManagedPolicyDetail

SetPolicyName sets the PolicyName field's value.

func (*ManagedPolicyDetail) SetPolicyVersionList

func (s *ManagedPolicyDetail) SetPolicyVersionList(v []*PolicyVersion) *ManagedPolicyDetail

SetPolicyVersionList sets the PolicyVersionList field's value.

func (*ManagedPolicyDetail) SetUpdateDate

func (s *ManagedPolicyDetail) SetUpdateDate(v time.Time) *ManagedPolicyDetail

SetUpdateDate sets the UpdateDate field's value.

func (ManagedPolicyDetail) String

func (s ManagedPolicyDetail) String() string

String returns the string representation

type OpenIDConnectProviderListEntry

type OpenIDConnectProviderListEntry struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	Arn *string `min:"20" type:"string"`
	// contains filtered or unexported fields
}

Contains the Amazon Resource Name (ARN) for an IAM OpenID Connect provider.

func (OpenIDConnectProviderListEntry) GoString

GoString returns the string representation

func (*OpenIDConnectProviderListEntry) SetArn

SetArn sets the Arn field's value.

func (OpenIDConnectProviderListEntry) String

String returns the string representation

type OrganizationsDecisionDetail

type OrganizationsDecisionDetail struct {

	// Specifies whether the simulated operation is allowed by the AWS Organizations
	// service control policies that impact the simulated user's account.
	AllowedByOrganizations *bool `type:"boolean"`
	// contains filtered or unexported fields
}

Contains information about AWS Organizations's effect on a policy simulation.

func (OrganizationsDecisionDetail) GoString

func (s OrganizationsDecisionDetail) GoString() string

GoString returns the string representation

func (*OrganizationsDecisionDetail) SetAllowedByOrganizations

func (s *OrganizationsDecisionDetail) SetAllowedByOrganizations(v bool) *OrganizationsDecisionDetail

SetAllowedByOrganizations sets the AllowedByOrganizations field's value.

func (OrganizationsDecisionDetail) String

String returns the string representation

type PasswordPolicy

type PasswordPolicy struct {

	// Specifies whether IAM users are allowed to change their own password.
	AllowUsersToChangePassword *bool `type:"boolean"`

	// Indicates whether passwords in the account expire. Returns true if MaxPasswordAge
	// contains a value greater than 0. Returns false if MaxPasswordAge is 0 or
	// not present.
	ExpirePasswords *bool `type:"boolean"`

	// Specifies whether IAM users are prevented from setting a new password after
	// their password has expired.
	HardExpiry *bool `type:"boolean"`

	// The number of days that an IAM user password is valid.
	MaxPasswordAge *int64 `min:"1" type:"integer"`

	// Minimum length to require for IAM user passwords.
	MinimumPasswordLength *int64 `min:"6" type:"integer"`

	// Specifies the number of previous passwords that IAM users are prevented from
	// reusing.
	PasswordReusePrevention *int64 `min:"1" type:"integer"`

	// Specifies whether to require lowercase characters for IAM user passwords.
	RequireLowercaseCharacters *bool `type:"boolean"`

	// Specifies whether to require numbers for IAM user passwords.
	RequireNumbers *bool `type:"boolean"`

	// Specifies whether to require symbols for IAM user passwords.
	RequireSymbols *bool `type:"boolean"`

	// Specifies whether to require uppercase characters for IAM user passwords.
	RequireUppercaseCharacters *bool `type:"boolean"`
	// contains filtered or unexported fields
}

Contains information about the account password policy.

This data type is used as a response element in the GetAccountPasswordPolicy operation.

func (PasswordPolicy) GoString

func (s PasswordPolicy) GoString() string

GoString returns the string representation

func (*PasswordPolicy) SetAllowUsersToChangePassword

func (s *PasswordPolicy) SetAllowUsersToChangePassword(v bool) *PasswordPolicy

SetAllowUsersToChangePassword sets the AllowUsersToChangePassword field's value.

func (*PasswordPolicy) SetExpirePasswords

func (s *PasswordPolicy) SetExpirePasswords(v bool) *PasswordPolicy

SetExpirePasswords sets the ExpirePasswords field's value.

func (*PasswordPolicy) SetHardExpiry

func (s *PasswordPolicy) SetHardExpiry(v bool) *PasswordPolicy

SetHardExpiry sets the HardExpiry field's value.

func (*PasswordPolicy) SetMaxPasswordAge

func (s *PasswordPolicy) SetMaxPasswordAge(v int64) *PasswordPolicy

SetMaxPasswordAge sets the MaxPasswordAge field's value.

func (*PasswordPolicy) SetMinimumPasswordLength

func (s *PasswordPolicy) SetMinimumPasswordLength(v int64) *PasswordPolicy

SetMinimumPasswordLength sets the MinimumPasswordLength field's value.

func (*PasswordPolicy) SetPasswordReusePrevention

func (s *PasswordPolicy) SetPasswordReusePrevention(v int64) *PasswordPolicy

SetPasswordReusePrevention sets the PasswordReusePrevention field's value.

func (*PasswordPolicy) SetRequireLowercaseCharacters

func (s *PasswordPolicy) SetRequireLowercaseCharacters(v bool) *PasswordPolicy

SetRequireLowercaseCharacters sets the RequireLowercaseCharacters field's value.

func (*PasswordPolicy) SetRequireNumbers

func (s *PasswordPolicy) SetRequireNumbers(v bool) *PasswordPolicy

SetRequireNumbers sets the RequireNumbers field's value.

func (*PasswordPolicy) SetRequireSymbols

func (s *PasswordPolicy) SetRequireSymbols(v bool) *PasswordPolicy

SetRequireSymbols sets the RequireSymbols field's value.

func (*PasswordPolicy) SetRequireUppercaseCharacters

func (s *PasswordPolicy) SetRequireUppercaseCharacters(v bool) *PasswordPolicy

SetRequireUppercaseCharacters sets the RequireUppercaseCharacters field's value.

func (PasswordPolicy) String

func (s PasswordPolicy) String() string

String returns the string representation

type Policy

type Policy struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	Arn *string `min:"20" type:"string"`

	// The number of entities (users, groups, and roles) that the policy is attached
	// to.
	AttachmentCount *int64 `type:"integer"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The identifier for the version of the policy that is set as the default version.
	DefaultVersionId *string `type:"string"`

	// A friendly description of the policy.
	//
	// This element is included in the response to the GetPolicy operation. It is
	// not included in the response to the ListPolicies operation.
	Description *string `type:"string"`

	// Specifies whether the policy can be attached to an IAM user, group, or role.
	IsAttachable *bool `type:"boolean"`

	// The path to the policy.
	//
	// For more information about paths, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	Path *string `type:"string"`

	// The stable and unique string identifying the policy.
	//
	// For more information about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	PolicyId *string `min:"16" type:"string"`

	// The friendly name (not ARN) identifying the policy.
	PolicyName *string `min:"1" type:"string"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy was last updated.
	//
	// When a policy has only one version, this field contains the date and time
	// when the policy was created. When a policy has more than one version, this
	// field contains the date and time when the most recent policy version was
	// created.
	UpdateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`
	// contains filtered or unexported fields
}

Contains information about a managed policy.

This data type is used as a response element in the CreatePolicy, GetPolicy, and ListPolicies operations.

For more information about managed policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (Policy) GoString

func (s Policy) GoString() string

GoString returns the string representation

func (*Policy) SetArn

func (s *Policy) SetArn(v string) *Policy

SetArn sets the Arn field's value.

func (*Policy) SetAttachmentCount

func (s *Policy) SetAttachmentCount(v int64) *Policy

SetAttachmentCount sets the AttachmentCount field's value.

func (*Policy) SetCreateDate

func (s *Policy) SetCreateDate(v time.Time) *Policy

SetCreateDate sets the CreateDate field's value.

func (*Policy) SetDefaultVersionId

func (s *Policy) SetDefaultVersionId(v string) *Policy

SetDefaultVersionId sets the DefaultVersionId field's value.

func (*Policy) SetDescription

func (s *Policy) SetDescription(v string) *Policy

SetDescription sets the Description field's value.

func (*Policy) SetIsAttachable

func (s *Policy) SetIsAttachable(v bool) *Policy

SetIsAttachable sets the IsAttachable field's value.

func (*Policy) SetPath

func (s *Policy) SetPath(v string) *Policy

SetPath sets the Path field's value.

func (*Policy) SetPolicyId

func (s *Policy) SetPolicyId(v string) *Policy

SetPolicyId sets the PolicyId field's value.

func (*Policy) SetPolicyName

func (s *Policy) SetPolicyName(v string) *Policy

SetPolicyName sets the PolicyName field's value.

func (*Policy) SetUpdateDate

func (s *Policy) SetUpdateDate(v time.Time) *Policy

SetUpdateDate sets the UpdateDate field's value.

func (Policy) String

func (s Policy) String() string

String returns the string representation

type PolicyDetail

type PolicyDetail struct {

	// The policy document.
	PolicyDocument *string `min:"1" type:"string"`

	// The name of the policy.
	PolicyName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about an IAM policy, including the policy document.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

func (PolicyDetail) GoString

func (s PolicyDetail) GoString() string

GoString returns the string representation

func (*PolicyDetail) SetPolicyDocument

func (s *PolicyDetail) SetPolicyDocument(v string) *PolicyDetail

SetPolicyDocument sets the PolicyDocument field's value.

func (*PolicyDetail) SetPolicyName

func (s *PolicyDetail) SetPolicyName(v string) *PolicyDetail

SetPolicyName sets the PolicyName field's value.

func (PolicyDetail) String

func (s PolicyDetail) String() string

String returns the string representation

type PolicyGroup

type PolicyGroup struct {

	// The stable and unique string identifying the group. For more information
	// about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
	// in the IAM User Guide.
	GroupId *string `min:"16" type:"string"`

	// The name (friendly name, not ARN) identifying the group.
	GroupName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about a group that a managed policy is attached to.

This data type is used as a response element in the ListEntitiesForPolicy operation.

For more information about managed policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (PolicyGroup) GoString

func (s PolicyGroup) GoString() string

GoString returns the string representation

func (*PolicyGroup) SetGroupId

func (s *PolicyGroup) SetGroupId(v string) *PolicyGroup

SetGroupId sets the GroupId field's value.

func (*PolicyGroup) SetGroupName

func (s *PolicyGroup) SetGroupName(v string) *PolicyGroup

SetGroupName sets the GroupName field's value.

func (PolicyGroup) String

func (s PolicyGroup) String() string

String returns the string representation

type PolicyRole

type PolicyRole struct {

	// The stable and unique string identifying the role. For more information about
	// IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
	// in the IAM User Guide.
	RoleId *string `min:"16" type:"string"`

	// The name (friendly name, not ARN) identifying the role.
	RoleName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about a role that a managed policy is attached to.

This data type is used as a response element in the ListEntitiesForPolicy operation.

For more information about managed policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (PolicyRole) GoString

func (s PolicyRole) GoString() string

GoString returns the string representation

func (*PolicyRole) SetRoleId

func (s *PolicyRole) SetRoleId(v string) *PolicyRole

SetRoleId sets the RoleId field's value.

func (*PolicyRole) SetRoleName

func (s *PolicyRole) SetRoleName(v string) *PolicyRole

SetRoleName sets the RoleName field's value.

func (PolicyRole) String

func (s PolicyRole) String() string

String returns the string representation

type PolicyUser

type PolicyUser struct {

	// The stable and unique string identifying the user. For more information about
	// IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html)
	// in the IAM User Guide.
	UserId *string `min:"16" type:"string"`

	// The name (friendly name, not ARN) identifying the user.
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains information about a user that a managed policy is attached to.

This data type is used as a response element in the ListEntitiesForPolicy operation.

For more information about managed policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (PolicyUser) GoString

func (s PolicyUser) GoString() string

GoString returns the string representation

func (*PolicyUser) SetUserId

func (s *PolicyUser) SetUserId(v string) *PolicyUser

SetUserId sets the UserId field's value.

func (*PolicyUser) SetUserName

func (s *PolicyUser) SetUserName(v string) *PolicyUser

SetUserName sets the UserName field's value.

func (PolicyUser) String

func (s PolicyUser) String() string

String returns the string representation

type PolicyVersion

type PolicyVersion struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the policy version was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The policy document.
	//
	// The policy document is returned in the response to the GetPolicyVersion and
	// GetAccountAuthorizationDetails operations. It is not returned in the response
	// to the CreatePolicyVersion or ListPolicyVersions operations.
	//
	// The policy document returned in this structure is URL-encoded compliant with
	// RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL decoding
	// method to convert the policy back to plain JSON text. For example, if you
	// use Java, you can use the decode method of the java.net.URLDecoder utility
	// class in the Java SDK. Other languages and SDKs provide similar functionality.
	Document *string `min:"1" type:"string"`

	// Specifies whether the policy version is set as the policy's default version.
	IsDefaultVersion *bool `type:"boolean"`

	// The identifier for the policy version.
	//
	// Policy version identifiers always begin with v (always lowercase). When a
	// policy is created, the first policy version is v1.
	VersionId *string `type:"string"`
	// contains filtered or unexported fields
}

Contains information about a version of a managed policy.

This data type is used as a response element in the CreatePolicyVersion, GetPolicyVersion, ListPolicyVersions, and GetAccountAuthorizationDetails operations.

For more information about managed policies, refer to Managed Policies and Inline Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the Using IAM guide.

func (PolicyVersion) GoString

func (s PolicyVersion) GoString() string

GoString returns the string representation

func (*PolicyVersion) SetCreateDate

func (s *PolicyVersion) SetCreateDate(v time.Time) *PolicyVersion

SetCreateDate sets the CreateDate field's value.

func (*PolicyVersion) SetDocument

func (s *PolicyVersion) SetDocument(v string) *PolicyVersion

SetDocument sets the Document field's value.

func (*PolicyVersion) SetIsDefaultVersion

func (s *PolicyVersion) SetIsDefaultVersion(v bool) *PolicyVersion

SetIsDefaultVersion sets the IsDefaultVersion field's value.

func (*PolicyVersion) SetVersionId

func (s *PolicyVersion) SetVersionId(v string) *PolicyVersion

SetVersionId sets the VersionId field's value.

func (PolicyVersion) String

func (s PolicyVersion) String() string

String returns the string representation

type Position

type Position struct {

	// The column in the line containing the specified position in the document.
	Column *int64 `type:"integer"`

	// The line containing the specified position in the document.
	Line *int64 `type:"integer"`
	// contains filtered or unexported fields
}

Contains the row and column of a location of a Statement element in a policy document.

This data type is used as a member of the Statement type.

func (Position) GoString

func (s Position) GoString() string

GoString returns the string representation

func (*Position) SetColumn

func (s *Position) SetColumn(v int64) *Position

SetColumn sets the Column field's value.

func (*Position) SetLine

func (s *Position) SetLine(v int64) *Position

SetLine sets the Line field's value.

func (Position) String

func (s Position) String() string

String returns the string representation

type PutGroupPolicyInput

type PutGroupPolicyInput struct {

	// The name of the group to associate the policy with.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The policy document.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy document.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutGroupPolicyInput) GoString

func (s PutGroupPolicyInput) GoString() string

GoString returns the string representation

func (*PutGroupPolicyInput) SetGroupName

func (s *PutGroupPolicyInput) SetGroupName(v string) *PutGroupPolicyInput

SetGroupName sets the GroupName field's value.

func (*PutGroupPolicyInput) SetPolicyDocument

func (s *PutGroupPolicyInput) SetPolicyDocument(v string) *PutGroupPolicyInput

SetPolicyDocument sets the PolicyDocument field's value.

func (*PutGroupPolicyInput) SetPolicyName

func (s *PutGroupPolicyInput) SetPolicyName(v string) *PutGroupPolicyInput

SetPolicyName sets the PolicyName field's value.

func (PutGroupPolicyInput) String

func (s PutGroupPolicyInput) String() string

String returns the string representation

func (*PutGroupPolicyInput) Validate

func (s *PutGroupPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PutGroupPolicyOutput

type PutGroupPolicyOutput struct {
	// contains filtered or unexported fields
}

func (PutGroupPolicyOutput) GoString

func (s PutGroupPolicyOutput) GoString() string

GoString returns the string representation

func (PutGroupPolicyOutput) String

func (s PutGroupPolicyOutput) String() string

String returns the string representation

type PutRolePolicyInput

type PutRolePolicyInput struct {

	// The policy document.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy document.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name of the role to associate the policy with.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutRolePolicyInput) GoString

func (s PutRolePolicyInput) GoString() string

GoString returns the string representation

func (*PutRolePolicyInput) SetPolicyDocument

func (s *PutRolePolicyInput) SetPolicyDocument(v string) *PutRolePolicyInput

SetPolicyDocument sets the PolicyDocument field's value.

func (*PutRolePolicyInput) SetPolicyName

func (s *PutRolePolicyInput) SetPolicyName(v string) *PutRolePolicyInput

SetPolicyName sets the PolicyName field's value.

func (*PutRolePolicyInput) SetRoleName

func (s *PutRolePolicyInput) SetRoleName(v string) *PutRolePolicyInput

SetRoleName sets the RoleName field's value.

func (PutRolePolicyInput) String

func (s PutRolePolicyInput) String() string

String returns the string representation

func (*PutRolePolicyInput) Validate

func (s *PutRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PutRolePolicyOutput

type PutRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (PutRolePolicyOutput) GoString

func (s PutRolePolicyOutput) GoString() string

GoString returns the string representation

func (PutRolePolicyOutput) String

func (s PutRolePolicyOutput) String() string

String returns the string representation

type PutUserPolicyInput

type PutUserPolicyInput struct {

	// The policy document.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the policy document.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// PolicyName is a required field
	PolicyName *string `min:"1" type:"string" required:"true"`

	// The name of the user to associate the policy with.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (PutUserPolicyInput) GoString

func (s PutUserPolicyInput) GoString() string

GoString returns the string representation

func (*PutUserPolicyInput) SetPolicyDocument

func (s *PutUserPolicyInput) SetPolicyDocument(v string) *PutUserPolicyInput

SetPolicyDocument sets the PolicyDocument field's value.

func (*PutUserPolicyInput) SetPolicyName

func (s *PutUserPolicyInput) SetPolicyName(v string) *PutUserPolicyInput

SetPolicyName sets the PolicyName field's value.

func (*PutUserPolicyInput) SetUserName

func (s *PutUserPolicyInput) SetUserName(v string) *PutUserPolicyInput

SetUserName sets the UserName field's value.

func (PutUserPolicyInput) String

func (s PutUserPolicyInput) String() string

String returns the string representation

func (*PutUserPolicyInput) Validate

func (s *PutUserPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type PutUserPolicyOutput

type PutUserPolicyOutput struct {
	// contains filtered or unexported fields
}

func (PutUserPolicyOutput) GoString

func (s PutUserPolicyOutput) GoString() string

GoString returns the string representation

func (PutUserPolicyOutput) String

func (s PutUserPolicyOutput) String() string

String returns the string representation

type RemoveClientIDFromOpenIDConnectProviderInput

type RemoveClientIDFromOpenIDConnectProviderInput struct {

	// The client ID (also known as audience) to remove from the IAM OIDC provider
	// resource. For more information about client IDs, see CreateOpenIDConnectProvider.
	//
	// ClientID is a required field
	ClientID *string `min:"1" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the IAM OIDC provider resource to remove
	// the client ID from. You can get a list of OIDC provider ARNs by using the
	// ListOpenIDConnectProviders operation.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (RemoveClientIDFromOpenIDConnectProviderInput) GoString

GoString returns the string representation

func (*RemoveClientIDFromOpenIDConnectProviderInput) SetClientID

SetClientID sets the ClientID field's value.

func (*RemoveClientIDFromOpenIDConnectProviderInput) SetOpenIDConnectProviderArn

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (RemoveClientIDFromOpenIDConnectProviderInput) String

String returns the string representation

func (*RemoveClientIDFromOpenIDConnectProviderInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type RemoveClientIDFromOpenIDConnectProviderOutput

type RemoveClientIDFromOpenIDConnectProviderOutput struct {
	// contains filtered or unexported fields
}

func (RemoveClientIDFromOpenIDConnectProviderOutput) GoString

GoString returns the string representation

func (RemoveClientIDFromOpenIDConnectProviderOutput) String

String returns the string representation

type RemoveRoleFromInstanceProfileInput

type RemoveRoleFromInstanceProfileInput struct {

	// The name of the instance profile to update.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// InstanceProfileName is a required field
	InstanceProfileName *string `min:"1" type:"string" required:"true"`

	// The name of the role to remove.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (RemoveRoleFromInstanceProfileInput) GoString

GoString returns the string representation

func (*RemoveRoleFromInstanceProfileInput) SetInstanceProfileName

SetInstanceProfileName sets the InstanceProfileName field's value.

func (*RemoveRoleFromInstanceProfileInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (RemoveRoleFromInstanceProfileInput) String

String returns the string representation

func (*RemoveRoleFromInstanceProfileInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type RemoveRoleFromInstanceProfileOutput

type RemoveRoleFromInstanceProfileOutput struct {
	// contains filtered or unexported fields
}

func (RemoveRoleFromInstanceProfileOutput) GoString

GoString returns the string representation

func (RemoveRoleFromInstanceProfileOutput) String

String returns the string representation

type RemoveUserFromGroupInput

type RemoveUserFromGroupInput struct {

	// The name of the group to update.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// The name of the user to remove.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (RemoveUserFromGroupInput) GoString

func (s RemoveUserFromGroupInput) GoString() string

GoString returns the string representation

func (*RemoveUserFromGroupInput) SetGroupName

SetGroupName sets the GroupName field's value.

func (*RemoveUserFromGroupInput) SetUserName

SetUserName sets the UserName field's value.

func (RemoveUserFromGroupInput) String

func (s RemoveUserFromGroupInput) String() string

String returns the string representation

func (*RemoveUserFromGroupInput) Validate

func (s *RemoveUserFromGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type RemoveUserFromGroupOutput

type RemoveUserFromGroupOutput struct {
	// contains filtered or unexported fields
}

func (RemoveUserFromGroupOutput) GoString

func (s RemoveUserFromGroupOutput) GoString() string

GoString returns the string representation

func (RemoveUserFromGroupOutput) String

func (s RemoveUserFromGroupOutput) String() string

String returns the string representation

type ResetServiceSpecificCredentialInput

type ResetServiceSpecificCredentialInput struct {

	// The unique identifier of the service-specific credential.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The name of the IAM user associated with the service-specific credential.
	// If this value is not specified, then the operation assumes the user whose
	// credentials are used to call the operation.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (ResetServiceSpecificCredentialInput) GoString

GoString returns the string representation

func (*ResetServiceSpecificCredentialInput) SetServiceSpecificCredentialId

SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.

func (*ResetServiceSpecificCredentialInput) SetUserName

SetUserName sets the UserName field's value.

func (ResetServiceSpecificCredentialInput) String

String returns the string representation

func (*ResetServiceSpecificCredentialInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type ResetServiceSpecificCredentialOutput

type ResetServiceSpecificCredentialOutput struct {

	// A structure with details about the updated service-specific credential, including
	// the new password.
	//
	// This is the only time that you can access the password. You cannot recover
	// the password later, but you can reset it again.
	ServiceSpecificCredential *ServiceSpecificCredential `type:"structure"`
	// contains filtered or unexported fields
}

func (ResetServiceSpecificCredentialOutput) GoString

GoString returns the string representation

func (*ResetServiceSpecificCredentialOutput) SetServiceSpecificCredential

SetServiceSpecificCredential sets the ServiceSpecificCredential field's value.

func (ResetServiceSpecificCredentialOutput) String

String returns the string representation

type ResourceSpecificResult

type ResourceSpecificResult struct {

	// Additional details about the results of the evaluation decision. When there
	// are both IAM policies and resource policies, this parameter explains how
	// each set of policies contributes to the final evaluation decision. When simulating
	// cross-account access to a resource, both the resource-based policy and the
	// caller's IAM policy must grant access.
	EvalDecisionDetails map[string]*string `type:"map"`

	// The result of the simulation of the simulated API operation on the resource
	// specified in EvalResourceName.
	//
	// EvalResourceDecision is a required field
	EvalResourceDecision *string `type:"string" required:"true" enum:"PolicyEvaluationDecisionType"`

	// The name of the simulated resource, in Amazon Resource Name (ARN) format.
	//
	// EvalResourceName is a required field
	EvalResourceName *string `min:"1" type:"string" required:"true"`

	// A list of the statements in the input policies that determine the result
	// for this part of the simulation. Remember that even if multiple statements
	// allow the operation on the resource, if any statement denies that operation,
	// then the explicit deny overrides any allow, and the deny statement is the
	// only entry included in the result.
	MatchedStatements []*Statement `type:"list"`

	// A list of context keys that are required by the included input policies but
	// that were not provided by one of the input parameters. This list is used
	// when a list of ARNs is included in the ResourceArns parameter instead of
	// "*". If you do not specify individual resources, by setting ResourceArns
	// to "*" or by not including the ResourceArns parameter, then any missing context
	// values are instead included under the EvaluationResults section. To discover
	// the context keys used by a set of policies, you can call GetContextKeysForCustomPolicy
	// or GetContextKeysForPrincipalPolicy.
	MissingContextValues []*string `type:"list"`
	// contains filtered or unexported fields
}

Contains the result of the simulation of a single API operation call on a single resource.

This data type is used by a member of the EvaluationResult data type.

func (ResourceSpecificResult) GoString

func (s ResourceSpecificResult) GoString() string

GoString returns the string representation

func (*ResourceSpecificResult) SetEvalDecisionDetails

func (s *ResourceSpecificResult) SetEvalDecisionDetails(v map[string]*string) *ResourceSpecificResult

SetEvalDecisionDetails sets the EvalDecisionDetails field's value.

func (*ResourceSpecificResult) SetEvalResourceDecision

func (s *ResourceSpecificResult) SetEvalResourceDecision(v string) *ResourceSpecificResult

SetEvalResourceDecision sets the EvalResourceDecision field's value.

func (*ResourceSpecificResult) SetEvalResourceName

func (s *ResourceSpecificResult) SetEvalResourceName(v string) *ResourceSpecificResult

SetEvalResourceName sets the EvalResourceName field's value.

func (*ResourceSpecificResult) SetMatchedStatements

func (s *ResourceSpecificResult) SetMatchedStatements(v []*Statement) *ResourceSpecificResult

SetMatchedStatements sets the MatchedStatements field's value.

func (*ResourceSpecificResult) SetMissingContextValues

func (s *ResourceSpecificResult) SetMissingContextValues(v []*string) *ResourceSpecificResult

SetMissingContextValues sets the MissingContextValues field's value.

func (ResourceSpecificResult) String

func (s ResourceSpecificResult) String() string

String returns the string representation

type ResyncMFADeviceInput

type ResyncMFADeviceInput struct {

	// An authentication code emitted by the device.
	//
	// The format for this parameter is a sequence of six digits.
	//
	// AuthenticationCode1 is a required field
	AuthenticationCode1 *string `min:"6" type:"string" required:"true"`

	// A subsequent authentication code emitted by the device.
	//
	// The format for this parameter is a sequence of six digits.
	//
	// AuthenticationCode2 is a required field
	AuthenticationCode2 *string `min:"6" type:"string" required:"true"`

	// Serial number that uniquely identifies the MFA device.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The name of the user whose MFA device you want to resynchronize.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (ResyncMFADeviceInput) GoString

func (s ResyncMFADeviceInput) GoString() string

GoString returns the string representation

func (*ResyncMFADeviceInput) SetAuthenticationCode1

func (s *ResyncMFADeviceInput) SetAuthenticationCode1(v string) *ResyncMFADeviceInput

SetAuthenticationCode1 sets the AuthenticationCode1 field's value.

func (*ResyncMFADeviceInput) SetAuthenticationCode2

func (s *ResyncMFADeviceInput) SetAuthenticationCode2(v string) *ResyncMFADeviceInput

SetAuthenticationCode2 sets the AuthenticationCode2 field's value.

func (*ResyncMFADeviceInput) SetSerialNumber

func (s *ResyncMFADeviceInput) SetSerialNumber(v string) *ResyncMFADeviceInput

SetSerialNumber sets the SerialNumber field's value.

func (*ResyncMFADeviceInput) SetUserName

SetUserName sets the UserName field's value.

func (ResyncMFADeviceInput) String

func (s ResyncMFADeviceInput) String() string

String returns the string representation

func (*ResyncMFADeviceInput) Validate

func (s *ResyncMFADeviceInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type ResyncMFADeviceOutput

type ResyncMFADeviceOutput struct {
	// contains filtered or unexported fields
}

func (ResyncMFADeviceOutput) GoString

func (s ResyncMFADeviceOutput) GoString() string

GoString returns the string representation

func (ResyncMFADeviceOutput) String

func (s ResyncMFADeviceOutput) String() string

String returns the string representation

type Role

type Role struct {

	// The Amazon Resource Name (ARN) specifying the role. For more information
	// about ARNs and how to use them in policies, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The policy that grants an entity permission to assume the role.
	AssumeRolePolicyDocument *string `min:"1" type:"string"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the role was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// A description of the role that you provide.
	Description *string `type:"string"`

	// The maximum session duration (in seconds) for the specified role. Anyone
	// who uses the AWS CLI or API to assume the role can specify the duration using
	// the optional DurationSeconds API parameter or duration-seconds CLI parameter.
	MaxSessionDuration *int64 `min:"3600" type:"integer"`

	// The path to the role. For more information about paths, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`

	// The stable and unique string identifying the role. For more information about
	// IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// RoleId is a required field
	RoleId *string `min:"16" type:"string" required:"true"`

	// The friendly name that identifies the role.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an IAM role. This structure is returned as a response element in several API operations that interact with roles.

func (Role) GoString

func (s Role) GoString() string

GoString returns the string representation

func (*Role) SetArn

func (s *Role) SetArn(v string) *Role

SetArn sets the Arn field's value.

func (*Role) SetAssumeRolePolicyDocument

func (s *Role) SetAssumeRolePolicyDocument(v string) *Role

SetAssumeRolePolicyDocument sets the AssumeRolePolicyDocument field's value.

func (*Role) SetCreateDate

func (s *Role) SetCreateDate(v time.Time) *Role

SetCreateDate sets the CreateDate field's value.

func (*Role) SetDescription

func (s *Role) SetDescription(v string) *Role

SetDescription sets the Description field's value.

func (*Role) SetMaxSessionDuration

func (s *Role) SetMaxSessionDuration(v int64) *Role

SetMaxSessionDuration sets the MaxSessionDuration field's value.

func (*Role) SetPath

func (s *Role) SetPath(v string) *Role

SetPath sets the Path field's value.

func (*Role) SetRoleId

func (s *Role) SetRoleId(v string) *Role

SetRoleId sets the RoleId field's value.

func (*Role) SetRoleName

func (s *Role) SetRoleName(v string) *Role

SetRoleName sets the RoleName field's value.

func (Role) String

func (s Role) String() string

String returns the string representation

type RoleDetail

type RoleDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	Arn *string `min:"20" type:"string"`

	// The trust policy that grants permission to assume the role.
	AssumeRolePolicyDocument *string `min:"1" type:"string"`

	// A list of managed policies attached to the role. These policies are the role's
	// access (permissions) policies.
	AttachedManagedPolicies []*AttachedPolicy `type:"list"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the role was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// A list of instance profiles that contain this role.
	InstanceProfileList []*InstanceProfile `type:"list"`

	// The path to the role. For more information about paths, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	Path *string `min:"1" type:"string"`

	// The stable and unique string identifying the role. For more information about
	// IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	RoleId *string `min:"16" type:"string"`

	// The friendly name that identifies the role.
	RoleName *string `min:"1" type:"string"`

	// A list of inline policies embedded in the role. These policies are the role's
	// access (permissions) policies.
	RolePolicyList []*PolicyDetail `type:"list"`
	// contains filtered or unexported fields
}

Contains information about an IAM role, including all of the role's policies.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

func (RoleDetail) GoString

func (s RoleDetail) GoString() string

GoString returns the string representation

func (*RoleDetail) SetArn

func (s *RoleDetail) SetArn(v string) *RoleDetail

SetArn sets the Arn field's value.

func (*RoleDetail) SetAssumeRolePolicyDocument

func (s *RoleDetail) SetAssumeRolePolicyDocument(v string) *RoleDetail

SetAssumeRolePolicyDocument sets the AssumeRolePolicyDocument field's value.

func (*RoleDetail) SetAttachedManagedPolicies

func (s *RoleDetail) SetAttachedManagedPolicies(v []*AttachedPolicy) *RoleDetail

SetAttachedManagedPolicies sets the AttachedManagedPolicies field's value.

func (*RoleDetail) SetCreateDate

func (s *RoleDetail) SetCreateDate(v time.Time) *RoleDetail

SetCreateDate sets the CreateDate field's value.

func (*RoleDetail) SetInstanceProfileList

func (s *RoleDetail) SetInstanceProfileList(v []*InstanceProfile) *RoleDetail

SetInstanceProfileList sets the InstanceProfileList field's value.

func (*RoleDetail) SetPath

func (s *RoleDetail) SetPath(v string) *RoleDetail

SetPath sets the Path field's value.

func (*RoleDetail) SetRoleId

func (s *RoleDetail) SetRoleId(v string) *RoleDetail

SetRoleId sets the RoleId field's value.

func (*RoleDetail) SetRoleName

func (s *RoleDetail) SetRoleName(v string) *RoleDetail

SetRoleName sets the RoleName field's value.

func (*RoleDetail) SetRolePolicyList

func (s *RoleDetail) SetRolePolicyList(v []*PolicyDetail) *RoleDetail

SetRolePolicyList sets the RolePolicyList field's value.

func (RoleDetail) String

func (s RoleDetail) String() string

String returns the string representation

type RoleUsageType

type RoleUsageType struct {

	// The name of the region where the service-linked role is being used.
	Region *string `min:"1" type:"string"`

	// The name of the resource that is using the service-linked role.
	Resources []*string `type:"list"`
	// contains filtered or unexported fields
}

An object that contains details about how a service-linked role is used, if that information is returned by the service.

This data type is used as a response element in the GetServiceLinkedRoleDeletionStatus operation.

func (RoleUsageType) GoString

func (s RoleUsageType) GoString() string

GoString returns the string representation

func (*RoleUsageType) SetRegion

func (s *RoleUsageType) SetRegion(v string) *RoleUsageType

SetRegion sets the Region field's value.

func (*RoleUsageType) SetResources

func (s *RoleUsageType) SetResources(v []*string) *RoleUsageType

SetResources sets the Resources field's value.

func (RoleUsageType) String

func (s RoleUsageType) String() string

String returns the string representation

type SAMLProviderListEntry

type SAMLProviderListEntry struct {

	// The Amazon Resource Name (ARN) of the SAML provider.
	Arn *string `min:"20" type:"string"`

	// The date and time when the SAML provider was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The expiration date and time for the SAML provider.
	ValidUntil *time.Time `type:"timestamp" timestampFormat:"iso8601"`
	// contains filtered or unexported fields
}

Contains the list of SAML providers for this account.

func (SAMLProviderListEntry) GoString

func (s SAMLProviderListEntry) GoString() string

GoString returns the string representation

func (*SAMLProviderListEntry) SetArn

SetArn sets the Arn field's value.

func (*SAMLProviderListEntry) SetCreateDate

SetCreateDate sets the CreateDate field's value.

func (*SAMLProviderListEntry) SetValidUntil

SetValidUntil sets the ValidUntil field's value.

func (SAMLProviderListEntry) String

func (s SAMLProviderListEntry) String() string

String returns the string representation

type SSHPublicKey

type SSHPublicKey struct {

	// The MD5 message digest of the SSH public key.
	//
	// Fingerprint is a required field
	Fingerprint *string `min:"48" type:"string" required:"true"`

	// The SSH public key.
	//
	// SSHPublicKeyBody is a required field
	SSHPublicKeyBody *string `min:"1" type:"string" required:"true"`

	// The unique identifier for the SSH public key.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The status of the SSH public key. Active means that the key can be used for
	// authentication with an AWS CodeCommit repository. Inactive means that the
	// key cannot be used.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the SSH public key was uploaded.
	UploadDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The name of the IAM user associated with the SSH public key.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an SSH public key.

This data type is used as a response element in the GetSSHPublicKey and UploadSSHPublicKey operations.

func (SSHPublicKey) GoString

func (s SSHPublicKey) GoString() string

GoString returns the string representation

func (*SSHPublicKey) SetFingerprint

func (s *SSHPublicKey) SetFingerprint(v string) *SSHPublicKey

SetFingerprint sets the Fingerprint field's value.

func (*SSHPublicKey) SetSSHPublicKeyBody

func (s *SSHPublicKey) SetSSHPublicKeyBody(v string) *SSHPublicKey

SetSSHPublicKeyBody sets the SSHPublicKeyBody field's value.

func (*SSHPublicKey) SetSSHPublicKeyId

func (s *SSHPublicKey) SetSSHPublicKeyId(v string) *SSHPublicKey

SetSSHPublicKeyId sets the SSHPublicKeyId field's value.

func (*SSHPublicKey) SetStatus

func (s *SSHPublicKey) SetStatus(v string) *SSHPublicKey

SetStatus sets the Status field's value.

func (*SSHPublicKey) SetUploadDate

func (s *SSHPublicKey) SetUploadDate(v time.Time) *SSHPublicKey

SetUploadDate sets the UploadDate field's value.

func (*SSHPublicKey) SetUserName

func (s *SSHPublicKey) SetUserName(v string) *SSHPublicKey

SetUserName sets the UserName field's value.

func (SSHPublicKey) String

func (s SSHPublicKey) String() string

String returns the string representation

type SSHPublicKeyMetadata

type SSHPublicKeyMetadata struct {

	// The unique identifier for the SSH public key.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The status of the SSH public key. Active means that the key can be used for
	// authentication with an AWS CodeCommit repository. Inactive means that the
	// key cannot be used.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the SSH public key was uploaded.
	//
	// UploadDate is a required field
	UploadDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The name of the IAM user associated with the SSH public key.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an SSH public key, without the key's body or fingerprint.

This data type is used as a response element in the ListSSHPublicKeys operation.

func (SSHPublicKeyMetadata) GoString

func (s SSHPublicKeyMetadata) GoString() string

GoString returns the string representation

func (*SSHPublicKeyMetadata) SetSSHPublicKeyId

func (s *SSHPublicKeyMetadata) SetSSHPublicKeyId(v string) *SSHPublicKeyMetadata

SetSSHPublicKeyId sets the SSHPublicKeyId field's value.

func (*SSHPublicKeyMetadata) SetStatus

SetStatus sets the Status field's value.

func (*SSHPublicKeyMetadata) SetUploadDate

func (s *SSHPublicKeyMetadata) SetUploadDate(v time.Time) *SSHPublicKeyMetadata

SetUploadDate sets the UploadDate field's value.

func (*SSHPublicKeyMetadata) SetUserName

SetUserName sets the UserName field's value.

func (SSHPublicKeyMetadata) String

func (s SSHPublicKeyMetadata) String() string

String returns the string representation

type ServerCertificate

type ServerCertificate struct {

	// The contents of the public key certificate.
	//
	// CertificateBody is a required field
	CertificateBody *string `min:"1" type:"string" required:"true"`

	// The contents of the public key certificate chain.
	CertificateChain *string `min:"1" type:"string"`

	// The meta information of the server certificate, such as its name, path, ID,
	// and ARN.
	//
	// ServerCertificateMetadata is a required field
	ServerCertificateMetadata *ServerCertificateMetadata `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains information about a server certificate.

This data type is used as a response element in the GetServerCertificate operation.

func (ServerCertificate) GoString

func (s ServerCertificate) GoString() string

GoString returns the string representation

func (*ServerCertificate) SetCertificateBody

func (s *ServerCertificate) SetCertificateBody(v string) *ServerCertificate

SetCertificateBody sets the CertificateBody field's value.

func (*ServerCertificate) SetCertificateChain

func (s *ServerCertificate) SetCertificateChain(v string) *ServerCertificate

SetCertificateChain sets the CertificateChain field's value.

func (*ServerCertificate) SetServerCertificateMetadata

func (s *ServerCertificate) SetServerCertificateMetadata(v *ServerCertificateMetadata) *ServerCertificate

SetServerCertificateMetadata sets the ServerCertificateMetadata field's value.

func (ServerCertificate) String

func (s ServerCertificate) String() string

String returns the string representation

type ServerCertificateMetadata

type ServerCertificateMetadata struct {

	// The Amazon Resource Name (ARN) specifying the server certificate. For more
	// information about ARNs and how to use them in policies, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The date on which the certificate is set to expire.
	Expiration *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The path to the server certificate. For more information about paths, see
	// IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`

	// The stable and unique string identifying the server certificate. For more
	// information about IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// ServerCertificateId is a required field
	ServerCertificateId *string `min:"16" type:"string" required:"true"`

	// The name that identifies the server certificate.
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`

	// The date when the server certificate was uploaded.
	UploadDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`
	// contains filtered or unexported fields
}

Contains information about a server certificate without its certificate body, certificate chain, and private key.

This data type is used as a response element in the UploadServerCertificate and ListServerCertificates operations.

func (ServerCertificateMetadata) GoString

func (s ServerCertificateMetadata) GoString() string

GoString returns the string representation

func (*ServerCertificateMetadata) SetArn

SetArn sets the Arn field's value.

func (*ServerCertificateMetadata) SetExpiration

SetExpiration sets the Expiration field's value.

func (*ServerCertificateMetadata) SetPath

SetPath sets the Path field's value.

func (*ServerCertificateMetadata) SetServerCertificateId

func (s *ServerCertificateMetadata) SetServerCertificateId(v string) *ServerCertificateMetadata

SetServerCertificateId sets the ServerCertificateId field's value.

func (*ServerCertificateMetadata) SetServerCertificateName

func (s *ServerCertificateMetadata) SetServerCertificateName(v string) *ServerCertificateMetadata

SetServerCertificateName sets the ServerCertificateName field's value.

func (*ServerCertificateMetadata) SetUploadDate

SetUploadDate sets the UploadDate field's value.

func (ServerCertificateMetadata) String

func (s ServerCertificateMetadata) String() string

String returns the string representation

type ServiceSpecificCredential

type ServiceSpecificCredential struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the service-specific credential were created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The name of the service associated with the service-specific credential.
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`

	// The generated password for the service-specific credential.
	//
	// ServicePassword is a required field
	ServicePassword *string `type:"string" required:"true"`

	// The unique identifier for the service-specific credential.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The generated user name for the service-specific credential. This value is
	// generated by combining the IAM user's name combined with the ID number of
	// the AWS account, as in jane-at-123456789012, for example. This value cannot
	// be configured by the user.
	//
	// ServiceUserName is a required field
	ServiceUserName *string `min:"17" type:"string" required:"true"`

	// The status of the service-specific credential. Active means that the key
	// is valid for API calls, while Inactive means it is not.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The name of the IAM user associated with the service-specific credential.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains the details of a service-specific credential.

func (ServiceSpecificCredential) GoString

func (s ServiceSpecificCredential) GoString() string

GoString returns the string representation

func (*ServiceSpecificCredential) SetCreateDate

SetCreateDate sets the CreateDate field's value.

func (*ServiceSpecificCredential) SetServiceName

SetServiceName sets the ServiceName field's value.

func (*ServiceSpecificCredential) SetServicePassword

SetServicePassword sets the ServicePassword field's value.

func (*ServiceSpecificCredential) SetServiceSpecificCredentialId

func (s *ServiceSpecificCredential) SetServiceSpecificCredentialId(v string) *ServiceSpecificCredential

SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.

func (*ServiceSpecificCredential) SetServiceUserName

SetServiceUserName sets the ServiceUserName field's value.

func (*ServiceSpecificCredential) SetStatus

SetStatus sets the Status field's value.

func (*ServiceSpecificCredential) SetUserName

SetUserName sets the UserName field's value.

func (ServiceSpecificCredential) String

func (s ServiceSpecificCredential) String() string

String returns the string representation

type ServiceSpecificCredentialMetadata

type ServiceSpecificCredentialMetadata struct {

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the service-specific credential were created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The name of the service associated with the service-specific credential.
	//
	// ServiceName is a required field
	ServiceName *string `type:"string" required:"true"`

	// The unique identifier for the service-specific credential.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The generated user name for the service-specific credential.
	//
	// ServiceUserName is a required field
	ServiceUserName *string `min:"17" type:"string" required:"true"`

	// The status of the service-specific credential. Active means that the key
	// is valid for API calls, while Inactive means it is not.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The name of the IAM user associated with the service-specific credential.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains additional details about a service-specific credential.

func (ServiceSpecificCredentialMetadata) GoString

GoString returns the string representation

func (*ServiceSpecificCredentialMetadata) SetCreateDate

SetCreateDate sets the CreateDate field's value.

func (*ServiceSpecificCredentialMetadata) SetServiceName

SetServiceName sets the ServiceName field's value.

func (*ServiceSpecificCredentialMetadata) SetServiceSpecificCredentialId

func (s *ServiceSpecificCredentialMetadata) SetServiceSpecificCredentialId(v string) *ServiceSpecificCredentialMetadata

SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.

func (*ServiceSpecificCredentialMetadata) SetServiceUserName

SetServiceUserName sets the ServiceUserName field's value.

func (*ServiceSpecificCredentialMetadata) SetStatus

SetStatus sets the Status field's value.

func (*ServiceSpecificCredentialMetadata) SetUserName

SetUserName sets the UserName field's value.

func (ServiceSpecificCredentialMetadata) String

String returns the string representation

type SetDefaultPolicyVersionInput

type SetDefaultPolicyVersionInput struct {

	// The Amazon Resource Name (ARN) of the IAM policy whose default version you
	// want to set.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicyArn is a required field
	PolicyArn *string `min:"20" type:"string" required:"true"`

	// The version of the policy to set as the default (operative) version.
	//
	// For more information about managed policy versions, see Versioning for Managed
	// Policies (http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the IAM User Guide.
	//
	// VersionId is a required field
	VersionId *string `type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (SetDefaultPolicyVersionInput) GoString

func (s SetDefaultPolicyVersionInput) GoString() string

GoString returns the string representation

func (*SetDefaultPolicyVersionInput) SetPolicyArn

SetPolicyArn sets the PolicyArn field's value.

func (*SetDefaultPolicyVersionInput) SetVersionId

SetVersionId sets the VersionId field's value.

func (SetDefaultPolicyVersionInput) String

String returns the string representation

func (*SetDefaultPolicyVersionInput) Validate

func (s *SetDefaultPolicyVersionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type SetDefaultPolicyVersionOutput

type SetDefaultPolicyVersionOutput struct {
	// contains filtered or unexported fields
}

func (SetDefaultPolicyVersionOutput) GoString

GoString returns the string representation

func (SetDefaultPolicyVersionOutput) String

String returns the string representation

type SigningCertificate

type SigningCertificate struct {

	// The contents of the signing certificate.
	//
	// CertificateBody is a required field
	CertificateBody *string `min:"1" type:"string" required:"true"`

	// The ID for the signing certificate.
	//
	// CertificateId is a required field
	CertificateId *string `min:"24" type:"string" required:"true"`

	// The status of the signing certificate. Active means that the key is valid
	// for API calls, while Inactive means it is not.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The date when the signing certificate was uploaded.
	UploadDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The name of the user the signing certificate is associated with.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an X.509 signing certificate.

This data type is used as a response element in the UploadSigningCertificate and ListSigningCertificates operations.

func (SigningCertificate) GoString

func (s SigningCertificate) GoString() string

GoString returns the string representation

func (*SigningCertificate) SetCertificateBody

func (s *SigningCertificate) SetCertificateBody(v string) *SigningCertificate

SetCertificateBody sets the CertificateBody field's value.

func (*SigningCertificate) SetCertificateId

func (s *SigningCertificate) SetCertificateId(v string) *SigningCertificate

SetCertificateId sets the CertificateId field's value.

func (*SigningCertificate) SetStatus

func (s *SigningCertificate) SetStatus(v string) *SigningCertificate

SetStatus sets the Status field's value.

func (*SigningCertificate) SetUploadDate

func (s *SigningCertificate) SetUploadDate(v time.Time) *SigningCertificate

SetUploadDate sets the UploadDate field's value.

func (*SigningCertificate) SetUserName

func (s *SigningCertificate) SetUserName(v string) *SigningCertificate

SetUserName sets the UserName field's value.

func (SigningCertificate) String

func (s SigningCertificate) String() string

String returns the string representation

type SimulateCustomPolicyInput

type SimulateCustomPolicyInput struct {

	// A list of names of API operations to evaluate in the simulation. Each operation
	// is evaluated against each resource. Each operation must include the service
	// identifier, such as iam:CreateUser.
	//
	// ActionNames is a required field
	ActionNames []*string `type:"list" required:"true"`

	// The ARN of the IAM user that you want to use as the simulated caller of the
	// API operations. CallerArn is required if you include a ResourcePolicy so
	// that the policy's Principal element has a value to use in evaluating the
	// policy.
	//
	// You can specify only the ARN of an IAM user. You cannot specify the ARN of
	// an assumed role, federated user, or a service principal.
	CallerArn *string `min:"1" type:"string"`

	// A list of context keys and corresponding values for the simulation to use.
	// Whenever a context key is evaluated in one of the simulated IAM permission
	// policies, the corresponding value is supplied.
	ContextEntries []*ContextEntry `type:"list"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// A list of policy documents to include in the simulation. Each document is
	// specified as a string containing the complete, valid JSON text of an IAM
	// policy. Do not include any resource-based policies in this parameter. Any
	// resource-based policy must be submitted with the ResourcePolicy parameter.
	// The policies cannot be "scope-down" policies, such as you could include in
	// a call to GetFederationToken (http://docs.aws.amazon.com/IAM/latest/APIReference/API_GetFederationToken.html)
	// or one of the AssumeRole (http://docs.aws.amazon.com/IAM/latest/APIReference/API_AssumeRole.html)
	// API operations. In other words, do not use policies designed to restrict
	// what a user can do while using the temporary credentials.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyInputList is a required field
	PolicyInputList []*string `type:"list" required:"true"`

	// A list of ARNs of AWS resources to include in the simulation. If this parameter
	// is not provided then the value defaults to * (all resources). Each API in
	// the ActionNames parameter is evaluated for each resource in this list. The
	// simulation determines the access result (allowed or denied) of each combination
	// and reports it in the response.
	//
	// The simulation does not automatically retrieve policies for the specified
	// resources. If you want to include a resource policy in the simulation, then
	// you must include the policy as a string in the ResourcePolicy parameter.
	//
	// If you include a ResourcePolicy, then it must be applicable to all of the
	// resources included in the simulation or you receive an invalid input error.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	ResourceArns []*string `type:"list"`

	// Specifies the type of simulation to run. Different API operations that support
	// resource-based policies require different combinations of resources. By specifying
	// the type of simulation to run, you enable the policy simulator to enforce
	// the presence of the required resources to ensure reliable simulation results.
	// If your simulation does not match one of the following scenarios, then you
	// can omit this parameter. The following list shows each of the supported scenario
	// values and the resources that you must define to run the simulation.
	//
	// Each of the EC2 scenarios requires that you specify instance, image, and
	// security-group resources. If your scenario includes an EBS volume, then you
	// must specify that volume as a resource. If the EC2 scenario includes VPC,
	// then you must supply the network-interface resource. If it includes an IP
	// subnet, then you must specify the subnet resource. For more information on
	// the EC2 scenario options, see Supported Platforms (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html)
	// in the Amazon EC2 User Guide.
	//
	//    * EC2-Classic-InstanceStore
	//
	// instance, image, security-group
	//
	//    * EC2-Classic-EBS
	//
	// instance, image, security-group, volume
	//
	//    * EC2-VPC-InstanceStore
	//
	// instance, image, security-group, network-interface
	//
	//    * EC2-VPC-InstanceStore-Subnet
	//
	// instance, image, security-group, network-interface, subnet
	//
	//    * EC2-VPC-EBS
	//
	// instance, image, security-group, network-interface, volume
	//
	//    * EC2-VPC-EBS-Subnet
	//
	// instance, image, security-group, network-interface, subnet, volume
	ResourceHandlingOption *string `min:"1" type:"string"`

	// An AWS account ID that specifies the owner of any simulated resource that
	// does not identify its owner in the resource ARN, such as an S3 bucket or
	// object. If ResourceOwner is specified, it is also used as the account owner
	// of any ResourcePolicy included in the simulation. If the ResourceOwner parameter
	// is not specified, then the owner of the resources and the resource policy
	// defaults to the account of the identity provided in CallerArn. This parameter
	// is required only if you specify a resource-based policy and account that
	// owns the resource is different from the account that owns the simulated calling
	// user CallerArn.
	ResourceOwner *string `min:"1" type:"string"`

	// A resource-based policy to include in the simulation provided as a string.
	// Each resource in the simulation is treated as if it had this policy attached.
	// You can include only one resource-based policy in a simulation.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	ResourcePolicy *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (SimulateCustomPolicyInput) GoString

func (s SimulateCustomPolicyInput) GoString() string

GoString returns the string representation

func (*SimulateCustomPolicyInput) SetActionNames

SetActionNames sets the ActionNames field's value.

func (*SimulateCustomPolicyInput) SetCallerArn

SetCallerArn sets the CallerArn field's value.

func (*SimulateCustomPolicyInput) SetContextEntries

SetContextEntries sets the ContextEntries field's value.

func (*SimulateCustomPolicyInput) SetMarker

SetMarker sets the Marker field's value.

func (*SimulateCustomPolicyInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*SimulateCustomPolicyInput) SetPolicyInputList

func (s *SimulateCustomPolicyInput) SetPolicyInputList(v []*string) *SimulateCustomPolicyInput

SetPolicyInputList sets the PolicyInputList field's value.

func (*SimulateCustomPolicyInput) SetResourceArns

SetResourceArns sets the ResourceArns field's value.

func (*SimulateCustomPolicyInput) SetResourceHandlingOption

func (s *SimulateCustomPolicyInput) SetResourceHandlingOption(v string) *SimulateCustomPolicyInput

SetResourceHandlingOption sets the ResourceHandlingOption field's value.

func (*SimulateCustomPolicyInput) SetResourceOwner

SetResourceOwner sets the ResourceOwner field's value.

func (*SimulateCustomPolicyInput) SetResourcePolicy

SetResourcePolicy sets the ResourcePolicy field's value.

func (SimulateCustomPolicyInput) String

func (s SimulateCustomPolicyInput) String() string

String returns the string representation

func (*SimulateCustomPolicyInput) Validate

func (s *SimulateCustomPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type SimulatePolicyResponse

type SimulatePolicyResponse struct {

	// The results of the simulation.
	EvaluationResults []*EvaluationResult `type:"list"`

	// A flag that indicates whether there are more items to return. If your results
	// were truncated, you can make a subsequent pagination request using the Marker
	// request parameter to retrieve more items. Note that IAM might return fewer
	// than the MaxItems number of results even when there are more results available.
	// We recommend that you check IsTruncated after every call to ensure that you
	// receive all of your results.
	IsTruncated *bool `type:"boolean"`

	// When IsTruncated is true, this element is present and contains the value
	// to use for the Marker parameter in a subsequent pagination request.
	Marker *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful SimulatePrincipalPolicy or SimulateCustomPolicy request.

func (SimulatePolicyResponse) GoString

func (s SimulatePolicyResponse) GoString() string

GoString returns the string representation

func (*SimulatePolicyResponse) SetEvaluationResults

func (s *SimulatePolicyResponse) SetEvaluationResults(v []*EvaluationResult) *SimulatePolicyResponse

SetEvaluationResults sets the EvaluationResults field's value.

func (*SimulatePolicyResponse) SetIsTruncated

func (s *SimulatePolicyResponse) SetIsTruncated(v bool) *SimulatePolicyResponse

SetIsTruncated sets the IsTruncated field's value.

func (*SimulatePolicyResponse) SetMarker

SetMarker sets the Marker field's value.

func (SimulatePolicyResponse) String

func (s SimulatePolicyResponse) String() string

String returns the string representation

type SimulatePrincipalPolicyInput

type SimulatePrincipalPolicyInput struct {

	// A list of names of API operations to evaluate in the simulation. Each operation
	// is evaluated for each resource. Each operation must include the service identifier,
	// such as iam:CreateUser.
	//
	// ActionNames is a required field
	ActionNames []*string `type:"list" required:"true"`

	// The ARN of the IAM user that you want to specify as the simulated caller
	// of the API operations. If you do not specify a CallerArn, it defaults to
	// the ARN of the user that you specify in PolicySourceArn, if you specified
	// a user. If you include both a PolicySourceArn (for example, arn:aws:iam::123456789012:user/David)
	// and a CallerArn (for example, arn:aws:iam::123456789012:user/Bob), the result
	// is that you simulate calling the API operations as Bob, as if Bob had David's
	// policies.
	//
	// You can specify only the ARN of an IAM user. You cannot specify the ARN of
	// an assumed role, federated user, or a service principal.
	//
	// CallerArn is required if you include a ResourcePolicy and the PolicySourceArn
	// is not the ARN for an IAM user. This is required so that the resource-based
	// policy's Principal element has a value to use in evaluating the policy.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	CallerArn *string `min:"1" type:"string"`

	// A list of context keys and corresponding values for the simulation to use.
	// Whenever a context key is evaluated in one of the simulated IAM permission
	// policies, the corresponding value is supplied.
	ContextEntries []*ContextEntry `type:"list"`

	// Use this parameter only when paginating results and only after you receive
	// a response indicating that the results are truncated. Set it to the value
	// of the Marker element in the response that you received to indicate where
	// the next call should start.
	Marker *string `min:"1" type:"string"`

	// (Optional) Use this only when paginating results to indicate the maximum
	// number of items you want in the response. If additional items exist beyond
	// the maximum you specify, the IsTruncated response element is true.
	//
	// If you do not include this parameter, it defaults to 100. Note that IAM might
	// return fewer results, even when there are more results available. In that
	// case, the IsTruncated response element returns true and Marker contains a
	// value to include in the subsequent call that tells the service where to continue
	// from.
	MaxItems *int64 `min:"1" type:"integer"`

	// An optional list of additional policy documents to include in the simulation.
	// Each document is specified as a string containing the complete, valid JSON
	// text of an IAM policy.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	PolicyInputList []*string `type:"list"`

	// The Amazon Resource Name (ARN) of a user, group, or role whose policies you
	// want to include in the simulation. If you specify a user, group, or role,
	// the simulation includes all policies that are associated with that entity.
	// If you specify a user, the simulation also includes all policies that are
	// attached to any groups the user belongs to.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// PolicySourceArn is a required field
	PolicySourceArn *string `min:"20" type:"string" required:"true"`

	// A list of ARNs of AWS resources to include in the simulation. If this parameter
	// is not provided, then the value defaults to * (all resources). Each API in
	// the ActionNames parameter is evaluated for each resource in this list. The
	// simulation determines the access result (allowed or denied) of each combination
	// and reports it in the response.
	//
	// The simulation does not automatically retrieve policies for the specified
	// resources. If you want to include a resource policy in the simulation, then
	// you must include the policy as a string in the ResourcePolicy parameter.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	ResourceArns []*string `type:"list"`

	// Specifies the type of simulation to run. Different API operations that support
	// resource-based policies require different combinations of resources. By specifying
	// the type of simulation to run, you enable the policy simulator to enforce
	// the presence of the required resources to ensure reliable simulation results.
	// If your simulation does not match one of the following scenarios, then you
	// can omit this parameter. The following list shows each of the supported scenario
	// values and the resources that you must define to run the simulation.
	//
	// Each of the EC2 scenarios requires that you specify instance, image, and
	// security-group resources. If your scenario includes an EBS volume, then you
	// must specify that volume as a resource. If the EC2 scenario includes VPC,
	// then you must supply the network-interface resource. If it includes an IP
	// subnet, then you must specify the subnet resource. For more information on
	// the EC2 scenario options, see Supported Platforms (http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-supported-platforms.html)
	// in the Amazon EC2 User Guide.
	//
	//    * EC2-Classic-InstanceStore
	//
	// instance, image, security-group
	//
	//    * EC2-Classic-EBS
	//
	// instance, image, security-group, volume
	//
	//    * EC2-VPC-InstanceStore
	//
	// instance, image, security-group, network-interface
	//
	//    * EC2-VPC-InstanceStore-Subnet
	//
	// instance, image, security-group, network-interface, subnet
	//
	//    * EC2-VPC-EBS
	//
	// instance, image, security-group, network-interface, volume
	//
	//    * EC2-VPC-EBS-Subnet
	//
	// instance, image, security-group, network-interface, subnet, volume
	ResourceHandlingOption *string `min:"1" type:"string"`

	// An AWS account ID that specifies the owner of any simulated resource that
	// does not identify its owner in the resource ARN, such as an S3 bucket or
	// object. If ResourceOwner is specified, it is also used as the account owner
	// of any ResourcePolicy included in the simulation. If the ResourceOwner parameter
	// is not specified, then the owner of the resources and the resource policy
	// defaults to the account of the identity provided in CallerArn. This parameter
	// is required only if you specify a resource-based policy and account that
	// owns the resource is different from the account that owns the simulated calling
	// user CallerArn.
	ResourceOwner *string `min:"1" type:"string"`

	// A resource-based policy to include in the simulation provided as a string.
	// Each resource in the simulation is treated as if it had this policy attached.
	// You can include only one resource-based policy in a simulation.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	ResourcePolicy *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (SimulatePrincipalPolicyInput) GoString

func (s SimulatePrincipalPolicyInput) GoString() string

GoString returns the string representation

func (*SimulatePrincipalPolicyInput) SetActionNames

SetActionNames sets the ActionNames field's value.

func (*SimulatePrincipalPolicyInput) SetCallerArn

SetCallerArn sets the CallerArn field's value.

func (*SimulatePrincipalPolicyInput) SetContextEntries

SetContextEntries sets the ContextEntries field's value.

func (*SimulatePrincipalPolicyInput) SetMarker

SetMarker sets the Marker field's value.

func (*SimulatePrincipalPolicyInput) SetMaxItems

SetMaxItems sets the MaxItems field's value.

func (*SimulatePrincipalPolicyInput) SetPolicyInputList

SetPolicyInputList sets the PolicyInputList field's value.

func (*SimulatePrincipalPolicyInput) SetPolicySourceArn

SetPolicySourceArn sets the PolicySourceArn field's value.

func (*SimulatePrincipalPolicyInput) SetResourceArns

SetResourceArns sets the ResourceArns field's value.

func (*SimulatePrincipalPolicyInput) SetResourceHandlingOption

func (s *SimulatePrincipalPolicyInput) SetResourceHandlingOption(v string) *SimulatePrincipalPolicyInput

SetResourceHandlingOption sets the ResourceHandlingOption field's value.

func (*SimulatePrincipalPolicyInput) SetResourceOwner

SetResourceOwner sets the ResourceOwner field's value.

func (*SimulatePrincipalPolicyInput) SetResourcePolicy

SetResourcePolicy sets the ResourcePolicy field's value.

func (SimulatePrincipalPolicyInput) String

String returns the string representation

func (*SimulatePrincipalPolicyInput) Validate

func (s *SimulatePrincipalPolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type Statement

type Statement struct {

	// The row and column of the end of a Statement in an IAM policy.
	EndPosition *Position `type:"structure"`

	// The identifier of the policy that was provided as an input.
	SourcePolicyId *string `type:"string"`

	// The type of the policy.
	SourcePolicyType *string `type:"string" enum:"PolicySourceType"`

	// The row and column of the beginning of the Statement in an IAM policy.
	StartPosition *Position `type:"structure"`
	// contains filtered or unexported fields
}

Contains a reference to a Statement element in a policy document that determines the result of the simulation.

This data type is used by the MatchedStatements member of the EvaluationResult type.

func (Statement) GoString

func (s Statement) GoString() string

GoString returns the string representation

func (*Statement) SetEndPosition

func (s *Statement) SetEndPosition(v *Position) *Statement

SetEndPosition sets the EndPosition field's value.

func (*Statement) SetSourcePolicyId

func (s *Statement) SetSourcePolicyId(v string) *Statement

SetSourcePolicyId sets the SourcePolicyId field's value.

func (*Statement) SetSourcePolicyType

func (s *Statement) SetSourcePolicyType(v string) *Statement

SetSourcePolicyType sets the SourcePolicyType field's value.

func (*Statement) SetStartPosition

func (s *Statement) SetStartPosition(v *Position) *Statement

SetStartPosition sets the StartPosition field's value.

func (Statement) String

func (s Statement) String() string

String returns the string representation

type UpdateAccessKeyInput

type UpdateAccessKeyInput struct {

	// The access key ID of the secret access key you want to update.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// AccessKeyId is a required field
	AccessKeyId *string `min:"16" type:"string" required:"true"`

	// The status you want to assign to the secret access key. Active means that
	// the key can be used for API calls to AWS, while Inactive means that the key
	// cannot be used.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The name of the user whose key you want to update.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UpdateAccessKeyInput) GoString

func (s UpdateAccessKeyInput) GoString() string

GoString returns the string representation

func (*UpdateAccessKeyInput) SetAccessKeyId

func (s *UpdateAccessKeyInput) SetAccessKeyId(v string) *UpdateAccessKeyInput

SetAccessKeyId sets the AccessKeyId field's value.

func (*UpdateAccessKeyInput) SetStatus

SetStatus sets the Status field's value.

func (*UpdateAccessKeyInput) SetUserName

SetUserName sets the UserName field's value.

func (UpdateAccessKeyInput) String

func (s UpdateAccessKeyInput) String() string

String returns the string representation

func (*UpdateAccessKeyInput) Validate

func (s *UpdateAccessKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateAccessKeyOutput

type UpdateAccessKeyOutput struct {
	// contains filtered or unexported fields
}

func (UpdateAccessKeyOutput) GoString

func (s UpdateAccessKeyOutput) GoString() string

GoString returns the string representation

func (UpdateAccessKeyOutput) String

func (s UpdateAccessKeyOutput) String() string

String returns the string representation

type UpdateAccountPasswordPolicyInput

type UpdateAccountPasswordPolicyInput struct {

	// Allows all IAM users in your account to use the AWS Management Console to
	// change their own passwords. For more information, see Letting IAM Users Change
	// Their Own Passwords (http://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html)
	// in the IAM User Guide.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that IAM users in the account do
	// not automatically have permissions to change their own password.
	AllowUsersToChangePassword *bool `type:"boolean"`

	// Prevents IAM users from setting a new password after their password has expired.
	// The IAM user cannot be accessed until an administrator resets the password.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that IAM users can change their
	// passwords after they expire and continue to sign in as the user.
	HardExpiry *bool `type:"boolean"`

	// The number of days that an IAM user password is valid.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of 0. The result is that IAM user passwords never expire.
	MaxPasswordAge *int64 `min:"1" type:"integer"`

	// The minimum number of characters allowed in an IAM user password.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of 6.
	MinimumPasswordLength *int64 `min:"6" type:"integer"`

	// Specifies the number of previous passwords that IAM users are prevented from
	// reusing.
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of 0. The result is that IAM users are not prevented from
	// reusing previous passwords.
	PasswordReusePrevention *int64 `min:"1" type:"integer"`

	// Specifies whether IAM user passwords must contain at least one lowercase
	// character from the ISO basic Latin alphabet (a to z).
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that passwords do not require at
	// least one lowercase character.
	RequireLowercaseCharacters *bool `type:"boolean"`

	// Specifies whether IAM user passwords must contain at least one numeric character
	// (0 to 9).
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that passwords do not require at
	// least one numeric character.
	RequireNumbers *bool `type:"boolean"`

	// Specifies whether IAM user passwords must contain at least one of the following
	// non-alphanumeric characters:
	//
	// ! @ # $ % ^ & * ( ) _ + - = [ ] { } | '
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that passwords do not require at
	// least one symbol character.
	RequireSymbols *bool `type:"boolean"`

	// Specifies whether IAM user passwords must contain at least one uppercase
	// character from the ISO basic Latin alphabet (A to Z).
	//
	// If you do not specify a value for this parameter, then the operation uses
	// the default value of false. The result is that passwords do not require at
	// least one uppercase character.
	RequireUppercaseCharacters *bool `type:"boolean"`
	// contains filtered or unexported fields
}

func (UpdateAccountPasswordPolicyInput) GoString

GoString returns the string representation

func (*UpdateAccountPasswordPolicyInput) SetAllowUsersToChangePassword

func (s *UpdateAccountPasswordPolicyInput) SetAllowUsersToChangePassword(v bool) *UpdateAccountPasswordPolicyInput

SetAllowUsersToChangePassword sets the AllowUsersToChangePassword field's value.

func (*UpdateAccountPasswordPolicyInput) SetHardExpiry

SetHardExpiry sets the HardExpiry field's value.

func (*UpdateAccountPasswordPolicyInput) SetMaxPasswordAge

SetMaxPasswordAge sets the MaxPasswordAge field's value.

func (*UpdateAccountPasswordPolicyInput) SetMinimumPasswordLength

SetMinimumPasswordLength sets the MinimumPasswordLength field's value.

func (*UpdateAccountPasswordPolicyInput) SetPasswordReusePrevention

SetPasswordReusePrevention sets the PasswordReusePrevention field's value.

func (*UpdateAccountPasswordPolicyInput) SetRequireLowercaseCharacters

func (s *UpdateAccountPasswordPolicyInput) SetRequireLowercaseCharacters(v bool) *UpdateAccountPasswordPolicyInput

SetRequireLowercaseCharacters sets the RequireLowercaseCharacters field's value.

func (*UpdateAccountPasswordPolicyInput) SetRequireNumbers

SetRequireNumbers sets the RequireNumbers field's value.

func (*UpdateAccountPasswordPolicyInput) SetRequireSymbols

SetRequireSymbols sets the RequireSymbols field's value.

func (*UpdateAccountPasswordPolicyInput) SetRequireUppercaseCharacters

func (s *UpdateAccountPasswordPolicyInput) SetRequireUppercaseCharacters(v bool) *UpdateAccountPasswordPolicyInput

SetRequireUppercaseCharacters sets the RequireUppercaseCharacters field's value.

func (UpdateAccountPasswordPolicyInput) String

String returns the string representation

func (*UpdateAccountPasswordPolicyInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type UpdateAccountPasswordPolicyOutput

type UpdateAccountPasswordPolicyOutput struct {
	// contains filtered or unexported fields
}

func (UpdateAccountPasswordPolicyOutput) GoString

GoString returns the string representation

func (UpdateAccountPasswordPolicyOutput) String

String returns the string representation

type UpdateAssumeRolePolicyInput

type UpdateAssumeRolePolicyInput struct {

	// The policy that grants an entity permission to assume the role.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PolicyDocument is a required field
	PolicyDocument *string `min:"1" type:"string" required:"true"`

	// The name of the role to update with the new policy.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateAssumeRolePolicyInput) GoString

func (s UpdateAssumeRolePolicyInput) GoString() string

GoString returns the string representation

func (*UpdateAssumeRolePolicyInput) SetPolicyDocument

SetPolicyDocument sets the PolicyDocument field's value.

func (*UpdateAssumeRolePolicyInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (UpdateAssumeRolePolicyInput) String

String returns the string representation

func (*UpdateAssumeRolePolicyInput) Validate

func (s *UpdateAssumeRolePolicyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateAssumeRolePolicyOutput

type UpdateAssumeRolePolicyOutput struct {
	// contains filtered or unexported fields
}

func (UpdateAssumeRolePolicyOutput) GoString

func (s UpdateAssumeRolePolicyOutput) GoString() string

GoString returns the string representation

func (UpdateAssumeRolePolicyOutput) String

String returns the string representation

type UpdateGroupInput

type UpdateGroupInput struct {

	// Name of the IAM group to update. If you're changing the name of the group,
	// this is the original name.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// GroupName is a required field
	GroupName *string `min:"1" type:"string" required:"true"`

	// New name for the IAM group. Only include this if changing the group's name.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	NewGroupName *string `min:"1" type:"string"`

	// New path for the IAM group. Only include this if changing the group's path.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	NewPath *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UpdateGroupInput) GoString

func (s UpdateGroupInput) GoString() string

GoString returns the string representation

func (*UpdateGroupInput) SetGroupName

func (s *UpdateGroupInput) SetGroupName(v string) *UpdateGroupInput

SetGroupName sets the GroupName field's value.

func (*UpdateGroupInput) SetNewGroupName

func (s *UpdateGroupInput) SetNewGroupName(v string) *UpdateGroupInput

SetNewGroupName sets the NewGroupName field's value.

func (*UpdateGroupInput) SetNewPath

func (s *UpdateGroupInput) SetNewPath(v string) *UpdateGroupInput

SetNewPath sets the NewPath field's value.

func (UpdateGroupInput) String

func (s UpdateGroupInput) String() string

String returns the string representation

func (*UpdateGroupInput) Validate

func (s *UpdateGroupInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateGroupOutput

type UpdateGroupOutput struct {
	// contains filtered or unexported fields
}

func (UpdateGroupOutput) GoString

func (s UpdateGroupOutput) GoString() string

GoString returns the string representation

func (UpdateGroupOutput) String

func (s UpdateGroupOutput) String() string

String returns the string representation

type UpdateLoginProfileInput

type UpdateLoginProfileInput struct {

	// The new password for the specified IAM user.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// However, the format can be further restricted by the account administrator
	// by setting a password policy on the AWS account. For more information, see
	// UpdateAccountPasswordPolicy.
	Password *string `min:"1" type:"string"`

	// Allows this new password to be used only once by requiring the specified
	// IAM user to set a new password on next sign-in.
	PasswordResetRequired *bool `type:"boolean"`

	// The name of the user whose password you want to update.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateLoginProfileInput) GoString

func (s UpdateLoginProfileInput) GoString() string

GoString returns the string representation

func (*UpdateLoginProfileInput) SetPassword

SetPassword sets the Password field's value.

func (*UpdateLoginProfileInput) SetPasswordResetRequired

func (s *UpdateLoginProfileInput) SetPasswordResetRequired(v bool) *UpdateLoginProfileInput

SetPasswordResetRequired sets the PasswordResetRequired field's value.

func (*UpdateLoginProfileInput) SetUserName

SetUserName sets the UserName field's value.

func (UpdateLoginProfileInput) String

func (s UpdateLoginProfileInput) String() string

String returns the string representation

func (*UpdateLoginProfileInput) Validate

func (s *UpdateLoginProfileInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateLoginProfileOutput

type UpdateLoginProfileOutput struct {
	// contains filtered or unexported fields
}

func (UpdateLoginProfileOutput) GoString

func (s UpdateLoginProfileOutput) GoString() string

GoString returns the string representation

func (UpdateLoginProfileOutput) String

func (s UpdateLoginProfileOutput) String() string

String returns the string representation

type UpdateOpenIDConnectProviderThumbprintInput

type UpdateOpenIDConnectProviderThumbprintInput struct {

	// The Amazon Resource Name (ARN) of the IAM OIDC provider resource object for
	// which you want to update the thumbprint. You can get a list of OIDC provider
	// ARNs by using the ListOpenIDConnectProviders operation.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// OpenIDConnectProviderArn is a required field
	OpenIDConnectProviderArn *string `min:"20" type:"string" required:"true"`

	// A list of certificate thumbprints that are associated with the specified
	// IAM OpenID Connect provider. For more information, see CreateOpenIDConnectProvider.
	//
	// ThumbprintList is a required field
	ThumbprintList []*string `type:"list" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateOpenIDConnectProviderThumbprintInput) GoString

GoString returns the string representation

func (*UpdateOpenIDConnectProviderThumbprintInput) SetOpenIDConnectProviderArn

SetOpenIDConnectProviderArn sets the OpenIDConnectProviderArn field's value.

func (*UpdateOpenIDConnectProviderThumbprintInput) SetThumbprintList

SetThumbprintList sets the ThumbprintList field's value.

func (UpdateOpenIDConnectProviderThumbprintInput) String

String returns the string representation

func (*UpdateOpenIDConnectProviderThumbprintInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type UpdateOpenIDConnectProviderThumbprintOutput

type UpdateOpenIDConnectProviderThumbprintOutput struct {
	// contains filtered or unexported fields
}

func (UpdateOpenIDConnectProviderThumbprintOutput) GoString

GoString returns the string representation

func (UpdateOpenIDConnectProviderThumbprintOutput) String

String returns the string representation

type UpdateRoleDescriptionInput

type UpdateRoleDescriptionInput struct {

	// The new description that you want to apply to the specified role.
	//
	// Description is a required field
	Description *string `type:"string" required:"true"`

	// The name of the role that you want to modify.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateRoleDescriptionInput) GoString

func (s UpdateRoleDescriptionInput) GoString() string

GoString returns the string representation

func (*UpdateRoleDescriptionInput) SetDescription

SetDescription sets the Description field's value.

func (*UpdateRoleDescriptionInput) SetRoleName

SetRoleName sets the RoleName field's value.

func (UpdateRoleDescriptionInput) String

String returns the string representation

func (*UpdateRoleDescriptionInput) Validate

func (s *UpdateRoleDescriptionInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateRoleDescriptionOutput

type UpdateRoleDescriptionOutput struct {

	// A structure that contains details about the modified role.
	Role *Role `type:"structure"`
	// contains filtered or unexported fields
}

func (UpdateRoleDescriptionOutput) GoString

func (s UpdateRoleDescriptionOutput) GoString() string

GoString returns the string representation

func (*UpdateRoleDescriptionOutput) SetRole

SetRole sets the Role field's value.

func (UpdateRoleDescriptionOutput) String

String returns the string representation

type UpdateRoleInput

type UpdateRoleInput struct {

	// The new description that you want to apply to the specified role.
	Description *string `type:"string"`

	// The maximum session duration (in seconds) that you want to set for the specified
	// role. If you do not specify a value for this setting, the default maximum
	// of one hour is applied. This setting can have a value from 1 hour to 12 hours.
	//
	// Anyone who assumes the role from the AWS CLI or API can use the DurationSeconds
	// API parameter or the duration-seconds CLI parameter to request a longer session.
	// The MaxSessionDuration setting determines the maximum duration that can be
	// requested using the DurationSeconds parameter. If users don't specify a value
	// for the DurationSeconds parameter, their security credentials are valid for
	// one hour by default. This applies when you use the AssumeRole* API operations
	// or the assume-role* CLI operations but does not apply when you use those
	// operations to create a console URL. For more information, see Using IAM Roles
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the
	// IAM User Guide.
	MaxSessionDuration *int64 `min:"3600" type:"integer"`

	// The name of the role that you want to modify.
	//
	// RoleName is a required field
	RoleName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateRoleInput) GoString

func (s UpdateRoleInput) GoString() string

GoString returns the string representation

func (*UpdateRoleInput) SetDescription

func (s *UpdateRoleInput) SetDescription(v string) *UpdateRoleInput

SetDescription sets the Description field's value.

func (*UpdateRoleInput) SetMaxSessionDuration

func (s *UpdateRoleInput) SetMaxSessionDuration(v int64) *UpdateRoleInput

SetMaxSessionDuration sets the MaxSessionDuration field's value.

func (*UpdateRoleInput) SetRoleName

func (s *UpdateRoleInput) SetRoleName(v string) *UpdateRoleInput

SetRoleName sets the RoleName field's value.

func (UpdateRoleInput) String

func (s UpdateRoleInput) String() string

String returns the string representation

func (*UpdateRoleInput) Validate

func (s *UpdateRoleInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateRoleOutput

type UpdateRoleOutput struct {
	// contains filtered or unexported fields
}

func (UpdateRoleOutput) GoString

func (s UpdateRoleOutput) GoString() string

GoString returns the string representation

func (UpdateRoleOutput) String

func (s UpdateRoleOutput) String() string

String returns the string representation

type UpdateSAMLProviderInput

type UpdateSAMLProviderInput struct {

	// An XML document generated by an identity provider (IdP) that supports SAML
	// 2.0. The document includes the issuer's name, expiration information, and
	// keys that can be used to validate the SAML authentication response (assertions)
	// that are received from the IdP. You must generate the metadata document using
	// the identity management software that is used as your organization's IdP.
	//
	// SAMLMetadataDocument is a required field
	SAMLMetadataDocument *string `min:"1000" type:"string" required:"true"`

	// The Amazon Resource Name (ARN) of the SAML provider to update.
	//
	// For more information about ARNs, see Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	//
	// SAMLProviderArn is a required field
	SAMLProviderArn *string `min:"20" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateSAMLProviderInput) GoString

func (s UpdateSAMLProviderInput) GoString() string

GoString returns the string representation

func (*UpdateSAMLProviderInput) SetSAMLMetadataDocument

func (s *UpdateSAMLProviderInput) SetSAMLMetadataDocument(v string) *UpdateSAMLProviderInput

SetSAMLMetadataDocument sets the SAMLMetadataDocument field's value.

func (*UpdateSAMLProviderInput) SetSAMLProviderArn

func (s *UpdateSAMLProviderInput) SetSAMLProviderArn(v string) *UpdateSAMLProviderInput

SetSAMLProviderArn sets the SAMLProviderArn field's value.

func (UpdateSAMLProviderInput) String

func (s UpdateSAMLProviderInput) String() string

String returns the string representation

func (*UpdateSAMLProviderInput) Validate

func (s *UpdateSAMLProviderInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateSAMLProviderOutput

type UpdateSAMLProviderOutput struct {

	// The Amazon Resource Name (ARN) of the SAML provider that was updated.
	SAMLProviderArn *string `min:"20" type:"string"`
	// contains filtered or unexported fields
}

Contains the response to a successful UpdateSAMLProvider request.

func (UpdateSAMLProviderOutput) GoString

func (s UpdateSAMLProviderOutput) GoString() string

GoString returns the string representation

func (*UpdateSAMLProviderOutput) SetSAMLProviderArn

func (s *UpdateSAMLProviderOutput) SetSAMLProviderArn(v string) *UpdateSAMLProviderOutput

SetSAMLProviderArn sets the SAMLProviderArn field's value.

func (UpdateSAMLProviderOutput) String

func (s UpdateSAMLProviderOutput) String() string

String returns the string representation

type UpdateSSHPublicKeyInput

type UpdateSSHPublicKeyInput struct {

	// The unique identifier for the SSH public key.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// SSHPublicKeyId is a required field
	SSHPublicKeyId *string `min:"20" type:"string" required:"true"`

	// The status to assign to the SSH public key. Active means that the key can
	// be used for authentication with an AWS CodeCommit repository. Inactive means
	// that the key cannot be used.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The name of the IAM user associated with the SSH public key.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateSSHPublicKeyInput) GoString

func (s UpdateSSHPublicKeyInput) GoString() string

GoString returns the string representation

func (*UpdateSSHPublicKeyInput) SetSSHPublicKeyId

func (s *UpdateSSHPublicKeyInput) SetSSHPublicKeyId(v string) *UpdateSSHPublicKeyInput

SetSSHPublicKeyId sets the SSHPublicKeyId field's value.

func (*UpdateSSHPublicKeyInput) SetStatus

SetStatus sets the Status field's value.

func (*UpdateSSHPublicKeyInput) SetUserName

SetUserName sets the UserName field's value.

func (UpdateSSHPublicKeyInput) String

func (s UpdateSSHPublicKeyInput) String() string

String returns the string representation

func (*UpdateSSHPublicKeyInput) Validate

func (s *UpdateSSHPublicKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateSSHPublicKeyOutput

type UpdateSSHPublicKeyOutput struct {
	// contains filtered or unexported fields
}

func (UpdateSSHPublicKeyOutput) GoString

func (s UpdateSSHPublicKeyOutput) GoString() string

GoString returns the string representation

func (UpdateSSHPublicKeyOutput) String

func (s UpdateSSHPublicKeyOutput) String() string

String returns the string representation

type UpdateServerCertificateInput

type UpdateServerCertificateInput struct {

	// The new path for the server certificate. Include this only if you are updating
	// the server certificate's path.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	NewPath *string `min:"1" type:"string"`

	// The new name for the server certificate. Include this only if you are updating
	// the server certificate's name. The name of the certificate cannot contain
	// any spaces.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	NewServerCertificateName *string `min:"1" type:"string"`

	// The name of the server certificate that you want to update.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateServerCertificateInput) GoString

func (s UpdateServerCertificateInput) GoString() string

GoString returns the string representation

func (*UpdateServerCertificateInput) SetNewPath

SetNewPath sets the NewPath field's value.

func (*UpdateServerCertificateInput) SetNewServerCertificateName

func (s *UpdateServerCertificateInput) SetNewServerCertificateName(v string) *UpdateServerCertificateInput

SetNewServerCertificateName sets the NewServerCertificateName field's value.

func (*UpdateServerCertificateInput) SetServerCertificateName

func (s *UpdateServerCertificateInput) SetServerCertificateName(v string) *UpdateServerCertificateInput

SetServerCertificateName sets the ServerCertificateName field's value.

func (UpdateServerCertificateInput) String

String returns the string representation

func (*UpdateServerCertificateInput) Validate

func (s *UpdateServerCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateServerCertificateOutput

type UpdateServerCertificateOutput struct {
	// contains filtered or unexported fields
}

func (UpdateServerCertificateOutput) GoString

GoString returns the string representation

func (UpdateServerCertificateOutput) String

String returns the string representation

type UpdateServiceSpecificCredentialInput

type UpdateServiceSpecificCredentialInput struct {

	// The unique identifier of the service-specific credential.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// ServiceSpecificCredentialId is a required field
	ServiceSpecificCredentialId *string `min:"20" type:"string" required:"true"`

	// The status to be assigned to the service-specific credential.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The name of the IAM user associated with the service-specific credential.
	// If you do not specify this value, then the operation assumes the user whose
	// credentials are used to call the operation.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UpdateServiceSpecificCredentialInput) GoString

GoString returns the string representation

func (*UpdateServiceSpecificCredentialInput) SetServiceSpecificCredentialId

SetServiceSpecificCredentialId sets the ServiceSpecificCredentialId field's value.

func (*UpdateServiceSpecificCredentialInput) SetStatus

SetStatus sets the Status field's value.

func (*UpdateServiceSpecificCredentialInput) SetUserName

SetUserName sets the UserName field's value.

func (UpdateServiceSpecificCredentialInput) String

String returns the string representation

func (*UpdateServiceSpecificCredentialInput) Validate

Validate inspects the fields of the type to determine if they are valid.

type UpdateServiceSpecificCredentialOutput

type UpdateServiceSpecificCredentialOutput struct {
	// contains filtered or unexported fields
}

func (UpdateServiceSpecificCredentialOutput) GoString

GoString returns the string representation

func (UpdateServiceSpecificCredentialOutput) String

String returns the string representation

type UpdateSigningCertificateInput

type UpdateSigningCertificateInput struct {

	// The ID of the signing certificate you want to update.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters that can consist of any upper or lowercased letter
	// or digit.
	//
	// CertificateId is a required field
	CertificateId *string `min:"24" type:"string" required:"true"`

	// The status you want to assign to the certificate. Active means that the certificate
	// can be used for API calls to AWS Inactive means that the certificate cannot
	// be used.
	//
	// Status is a required field
	Status *string `type:"string" required:"true" enum:"statusType"`

	// The name of the IAM user the signing certificate belongs to.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UpdateSigningCertificateInput) GoString

GoString returns the string representation

func (*UpdateSigningCertificateInput) SetCertificateId

SetCertificateId sets the CertificateId field's value.

func (*UpdateSigningCertificateInput) SetStatus

SetStatus sets the Status field's value.

func (*UpdateSigningCertificateInput) SetUserName

SetUserName sets the UserName field's value.

func (UpdateSigningCertificateInput) String

String returns the string representation

func (*UpdateSigningCertificateInput) Validate

func (s *UpdateSigningCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateSigningCertificateOutput

type UpdateSigningCertificateOutput struct {
	// contains filtered or unexported fields
}

func (UpdateSigningCertificateOutput) GoString

GoString returns the string representation

func (UpdateSigningCertificateOutput) String

String returns the string representation

type UpdateUserInput

type UpdateUserInput struct {

	// New path for the IAM user. Include this parameter only if you're changing
	// the user's path.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	NewPath *string `min:"1" type:"string"`

	// New name for the user. Include this parameter only if you're changing the
	// user's name.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	NewUserName *string `min:"1" type:"string"`

	// Name of the user to update. If you're changing the name of the user, this
	// is the original user name.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UpdateUserInput) GoString

func (s UpdateUserInput) GoString() string

GoString returns the string representation

func (*UpdateUserInput) SetNewPath

func (s *UpdateUserInput) SetNewPath(v string) *UpdateUserInput

SetNewPath sets the NewPath field's value.

func (*UpdateUserInput) SetNewUserName

func (s *UpdateUserInput) SetNewUserName(v string) *UpdateUserInput

SetNewUserName sets the NewUserName field's value.

func (*UpdateUserInput) SetUserName

func (s *UpdateUserInput) SetUserName(v string) *UpdateUserInput

SetUserName sets the UserName field's value.

func (UpdateUserInput) String

func (s UpdateUserInput) String() string

String returns the string representation

func (*UpdateUserInput) Validate

func (s *UpdateUserInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UpdateUserOutput

type UpdateUserOutput struct {
	// contains filtered or unexported fields
}

func (UpdateUserOutput) GoString

func (s UpdateUserOutput) GoString() string

GoString returns the string representation

func (UpdateUserOutput) String

func (s UpdateUserOutput) String() string

String returns the string representation

type UploadSSHPublicKeyInput

type UploadSSHPublicKeyInput struct {

	// The SSH public key. The public key must be encoded in ssh-rsa format or PEM
	// format.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// SSHPublicKeyBody is a required field
	SSHPublicKeyBody *string `min:"1" type:"string" required:"true"`

	// The name of the IAM user to associate the SSH public key with.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UploadSSHPublicKeyInput) GoString

func (s UploadSSHPublicKeyInput) GoString() string

GoString returns the string representation

func (*UploadSSHPublicKeyInput) SetSSHPublicKeyBody

func (s *UploadSSHPublicKeyInput) SetSSHPublicKeyBody(v string) *UploadSSHPublicKeyInput

SetSSHPublicKeyBody sets the SSHPublicKeyBody field's value.

func (*UploadSSHPublicKeyInput) SetUserName

SetUserName sets the UserName field's value.

func (UploadSSHPublicKeyInput) String

func (s UploadSSHPublicKeyInput) String() string

String returns the string representation

func (*UploadSSHPublicKeyInput) Validate

func (s *UploadSSHPublicKeyInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UploadSSHPublicKeyOutput

type UploadSSHPublicKeyOutput struct {

	// Contains information about the SSH public key.
	SSHPublicKey *SSHPublicKey `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful UploadSSHPublicKey request.

func (UploadSSHPublicKeyOutput) GoString

func (s UploadSSHPublicKeyOutput) GoString() string

GoString returns the string representation

func (*UploadSSHPublicKeyOutput) SetSSHPublicKey

SetSSHPublicKey sets the SSHPublicKey field's value.

func (UploadSSHPublicKeyOutput) String

func (s UploadSSHPublicKeyOutput) String() string

String returns the string representation

type UploadServerCertificateInput

type UploadServerCertificateInput struct {

	// The contents of the public key certificate in PEM-encoded format.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// CertificateBody is a required field
	CertificateBody *string `min:"1" type:"string" required:"true"`

	// The contents of the certificate chain. This is typically a concatenation
	// of the PEM-encoded public key certificates of the chain.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	CertificateChain *string `min:"1" type:"string"`

	// The path for the server certificate. For more information about paths, see
	// IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the IAM User Guide.
	//
	// This parameter is optional. If it is not included, it defaults to a slash
	// (/). This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of either a forward slash (/) by itself
	// or a string that must begin and end with forward slashes. In addition, it
	// can contain any ASCII character from the ! (\u0021) through the DEL character
	// (\u007F), including most punctuation characters, digits, and upper and lowercased
	// letters.
	//
	// If you are uploading a server certificate specifically for use with Amazon
	// CloudFront distributions, you must specify a path using the path parameter.
	// The path must begin with /cloudfront and must include a trailing slash (for
	// example, /cloudfront/test/).
	Path *string `min:"1" type:"string"`

	// The contents of the private key in PEM-encoded format.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// PrivateKey is a required field
	PrivateKey *string `min:"1" type:"string" required:"true"`

	// The name for the server certificate. Do not include the path in this value.
	// The name of the certificate cannot contain any spaces.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	//
	// ServerCertificateName is a required field
	ServerCertificateName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

func (UploadServerCertificateInput) GoString

func (s UploadServerCertificateInput) GoString() string

GoString returns the string representation

func (*UploadServerCertificateInput) SetCertificateBody

SetCertificateBody sets the CertificateBody field's value.

func (*UploadServerCertificateInput) SetCertificateChain

SetCertificateChain sets the CertificateChain field's value.

func (*UploadServerCertificateInput) SetPath

SetPath sets the Path field's value.

func (*UploadServerCertificateInput) SetPrivateKey

SetPrivateKey sets the PrivateKey field's value.

func (*UploadServerCertificateInput) SetServerCertificateName

func (s *UploadServerCertificateInput) SetServerCertificateName(v string) *UploadServerCertificateInput

SetServerCertificateName sets the ServerCertificateName field's value.

func (UploadServerCertificateInput) String

String returns the string representation

func (*UploadServerCertificateInput) Validate

func (s *UploadServerCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UploadServerCertificateOutput

type UploadServerCertificateOutput struct {

	// The meta information of the uploaded server certificate without its certificate
	// body, certificate chain, and private key.
	ServerCertificateMetadata *ServerCertificateMetadata `type:"structure"`
	// contains filtered or unexported fields
}

Contains the response to a successful UploadServerCertificate request.

func (UploadServerCertificateOutput) GoString

GoString returns the string representation

func (*UploadServerCertificateOutput) SetServerCertificateMetadata

SetServerCertificateMetadata sets the ServerCertificateMetadata field's value.

func (UploadServerCertificateOutput) String

String returns the string representation

type UploadSigningCertificateInput

type UploadSigningCertificateInput struct {

	// The contents of the signing certificate.
	//
	// The regex pattern (http://wikipedia.org/wiki/regex) used to validate this
	// parameter is a string of characters consisting of the following:
	//
	//    * Any printable ASCII character ranging from the space character (\u0020)
	//    through the end of the ASCII character range
	//
	//    * The printable characters in the Basic Latin and Latin-1 Supplement character
	//    set (through \u00FF)
	//
	//    * The special characters tab (\u0009), line feed (\u000A), and carriage
	//    return (\u000D)
	//
	// CertificateBody is a required field
	CertificateBody *string `min:"1" type:"string" required:"true"`

	// The name of the user the signing certificate is for.
	//
	// This parameter allows (per its regex pattern (http://wikipedia.org/wiki/regex))
	// a string of characters consisting of upper and lowercase alphanumeric characters
	// with no spaces. You can also include any of the following characters: _+=,.@-
	UserName *string `min:"1" type:"string"`
	// contains filtered or unexported fields
}

func (UploadSigningCertificateInput) GoString

GoString returns the string representation

func (*UploadSigningCertificateInput) SetCertificateBody

SetCertificateBody sets the CertificateBody field's value.

func (*UploadSigningCertificateInput) SetUserName

SetUserName sets the UserName field's value.

func (UploadSigningCertificateInput) String

String returns the string representation

func (*UploadSigningCertificateInput) Validate

func (s *UploadSigningCertificateInput) Validate() error

Validate inspects the fields of the type to determine if they are valid.

type UploadSigningCertificateOutput

type UploadSigningCertificateOutput struct {

	// Information about the certificate.
	//
	// Certificate is a required field
	Certificate *SigningCertificate `type:"structure" required:"true"`
	// contains filtered or unexported fields
}

Contains the response to a successful UploadSigningCertificate request.

func (UploadSigningCertificateOutput) GoString

GoString returns the string representation

func (*UploadSigningCertificateOutput) SetCertificate

SetCertificate sets the Certificate field's value.

func (UploadSigningCertificateOutput) String

String returns the string representation

type User

type User struct {

	// The Amazon Resource Name (ARN) that identifies the user. For more information
	// about ARNs and how to use ARNs in policies, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Arn is a required field
	Arn *string `min:"20" type:"string" required:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the user was created.
	//
	// CreateDate is a required field
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the user's password was last used to sign in to an AWS website. For
	// a list of AWS websites that capture a user's last sign-in time, see the Credential
	// Reports (http://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
	// topic in the Using IAM guide. If a password is used more than once in a five-minute
	// span, only the first use is returned in this field. If the field is null
	// (no value) then it indicates that they never signed in with a password. This
	// can be because:
	//
	//    * The user never had a password.
	//
	//    * A password exists but has not been used since IAM started tracking this
	//    information on October 20th, 2014.
	//
	// A null does not mean that the user never had a password. Also, if the user
	// does not currently have a password, but had one in the past, then this field
	// contains the date and time the most recent password was used.
	//
	// This value is returned only in the GetUser and ListUsers operations.
	PasswordLastUsed *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// The path to the user. For more information about paths, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// Path is a required field
	Path *string `min:"1" type:"string" required:"true"`

	// The stable and unique string identifying the user. For more information about
	// IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	//
	// UserId is a required field
	UserId *string `min:"16" type:"string" required:"true"`

	// The friendly name identifying the user.
	//
	// UserName is a required field
	UserName *string `min:"1" type:"string" required:"true"`
	// contains filtered or unexported fields
}

Contains information about an IAM user entity.

This data type is used as a response element in the following operations:

  • CreateUser

  • GetUser

  • ListUsers

func (User) GoString

func (s User) GoString() string

GoString returns the string representation

func (*User) SetArn

func (s *User) SetArn(v string) *User

SetArn sets the Arn field's value.

func (*User) SetCreateDate

func (s *User) SetCreateDate(v time.Time) *User

SetCreateDate sets the CreateDate field's value.

func (*User) SetPasswordLastUsed

func (s *User) SetPasswordLastUsed(v time.Time) *User

SetPasswordLastUsed sets the PasswordLastUsed field's value.

func (*User) SetPath

func (s *User) SetPath(v string) *User

SetPath sets the Path field's value.

func (*User) SetUserId

func (s *User) SetUserId(v string) *User

SetUserId sets the UserId field's value.

func (*User) SetUserName

func (s *User) SetUserName(v string) *User

SetUserName sets the UserName field's value.

func (User) String

func (s User) String() string

String returns the string representation

type UserDetail

type UserDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	//
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces (http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html)
	// in the AWS General Reference.
	Arn *string `min:"20" type:"string"`

	// A list of the managed policies attached to the user.
	AttachedManagedPolicies []*AttachedPolicy `type:"list"`

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
	// when the user was created.
	CreateDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// A list of IAM groups that the user is in.
	GroupList []*string `type:"list"`

	// The path to the user. For more information about paths, see IAM Identifiers
	// (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	Path *string `min:"1" type:"string"`

	// The stable and unique string identifying the user. For more information about
	// IDs, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
	// in the Using IAM guide.
	UserId *string `min:"16" type:"string"`

	// The friendly name identifying the user.
	UserName *string `min:"1" type:"string"`

	// A list of the inline policies embedded in the user.
	UserPolicyList []*PolicyDetail `type:"list"`
	// contains filtered or unexported fields
}

Contains information about an IAM user, including all the user's policies and all the IAM groups the user is in.

This data type is used as a response element in the GetAccountAuthorizationDetails operation.

func (UserDetail) GoString

func (s UserDetail) GoString() string

GoString returns the string representation

func (*UserDetail) SetArn

func (s *UserDetail) SetArn(v string) *UserDetail

SetArn sets the Arn field's value.

func (*UserDetail) SetAttachedManagedPolicies

func (s *UserDetail) SetAttachedManagedPolicies(v []*AttachedPolicy) *UserDetail

SetAttachedManagedPolicies sets the AttachedManagedPolicies field's value.

func (*UserDetail) SetCreateDate

func (s *UserDetail) SetCreateDate(v time.Time) *UserDetail

SetCreateDate sets the CreateDate field's value.

func (*UserDetail) SetGroupList

func (s *UserDetail) SetGroupList(v []*string) *UserDetail

SetGroupList sets the GroupList field's value.

func (*UserDetail) SetPath

func (s *UserDetail) SetPath(v string) *UserDetail

SetPath sets the Path field's value.

func (*UserDetail) SetUserId

func (s *UserDetail) SetUserId(v string) *UserDetail

SetUserId sets the UserId field's value.

func (*UserDetail) SetUserName

func (s *UserDetail) SetUserName(v string) *UserDetail

SetUserName sets the UserName field's value.

func (*UserDetail) SetUserPolicyList

func (s *UserDetail) SetUserPolicyList(v []*PolicyDetail) *UserDetail

SetUserPolicyList sets the UserPolicyList field's value.

func (UserDetail) String

func (s UserDetail) String() string

String returns the string representation

type VirtualMFADevice

type VirtualMFADevice struct {

	// The Base32 seed defined as specified in RFC3548 (https://tools.ietf.org/html/rfc3548.txt).
	// The Base32StringSeed is Base64-encoded.
	//
	// Base32StringSeed is automatically base64 encoded/decoded by the SDK.
	Base32StringSeed []byte `type:"blob"`

	// The date and time on which the virtual MFA device was enabled.
	EnableDate *time.Time `type:"timestamp" timestampFormat:"iso8601"`

	// A QR code PNG image that encodes otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String
	// where $virtualMFADeviceName is one of the create call arguments, AccountName
	// is the user name if set (otherwise, the account ID otherwise), and Base32String
	// is the seed in Base32 format. The Base32String value is Base64-encoded.
	//
	// QRCodePNG is automatically base64 encoded/decoded by the SDK.
	QRCodePNG []byte `type:"blob"`

	// The serial number associated with VirtualMFADevice.
	//
	// SerialNumber is a required field
	SerialNumber *string `min:"9" type:"string" required:"true"`

	// The IAM user associated with this virtual MFA device.
	User *User `type:"structure"`
	// contains filtered or unexported fields
}

Contains information about a virtual MFA device.

func (VirtualMFADevice) GoString

func (s VirtualMFADevice) GoString() string

GoString returns the string representation

func (*VirtualMFADevice) SetBase32StringSeed

func (s *VirtualMFADevice) SetBase32StringSeed(v []byte) *VirtualMFADevice

SetBase32StringSeed sets the Base32StringSeed field's value.

func (*VirtualMFADevice) SetEnableDate

func (s *VirtualMFADevice) SetEnableDate(v time.Time) *VirtualMFADevice

SetEnableDate sets the EnableDate field's value.

func (*VirtualMFADevice) SetQRCodePNG

func (s *VirtualMFADevice) SetQRCodePNG(v []byte) *VirtualMFADevice

SetQRCodePNG sets the QRCodePNG field's value.

func (*VirtualMFADevice) SetSerialNumber

func (s *VirtualMFADevice) SetSerialNumber(v string) *VirtualMFADevice

SetSerialNumber sets the SerialNumber field's value.

func (*VirtualMFADevice) SetUser

func (s *VirtualMFADevice) SetUser(v *User) *VirtualMFADevice

SetUser sets the User field's value.

func (VirtualMFADevice) String

func (s VirtualMFADevice) String() string

String returns the string representation

Directories

Path Synopsis
Package iamiface provides an interface to enable mocking the AWS Identity and Access Management service client for testing your code.
Package iamiface provides an interface to enable mocking the AWS Identity and Access Management service client for testing your code.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL