amazonka-iam 0.0.7 → 0.0.8
raw patch · 23 files changed
+694/−20 lines, 23 filesdep ~amazonka-corePVP ok
version bump matches the API change (PVP)
Dependency ranges changed: amazonka-core
API changes (from Hackage documentation)
+ Network.AWS.IAM.GetAccountAuthorizationDetails: data GetAccountAuthorizationDetails
+ Network.AWS.IAM.GetAccountAuthorizationDetails: data GetAccountAuthorizationDetailsResponse
+ Network.AWS.IAM.GetAccountAuthorizationDetails: gaadFilter :: Lens' GetAccountAuthorizationDetails [EntityType]
+ Network.AWS.IAM.GetAccountAuthorizationDetails: gaadMarker :: Lens' GetAccountAuthorizationDetails (Maybe Text)
+ Network.AWS.IAM.GetAccountAuthorizationDetails: gaadMaxItems :: Lens' GetAccountAuthorizationDetails (Maybe Natural)
+ Network.AWS.IAM.GetAccountAuthorizationDetails: gaadrGroupDetailList :: Lens' GetAccountAuthorizationDetailsResponse [GroupDetail]
+ Network.AWS.IAM.GetAccountAuthorizationDetails: gaadrIsTruncated :: Lens' GetAccountAuthorizationDetailsResponse (Maybe Bool)
+ Network.AWS.IAM.GetAccountAuthorizationDetails: gaadrMarker :: Lens' GetAccountAuthorizationDetailsResponse (Maybe Text)
+ Network.AWS.IAM.GetAccountAuthorizationDetails: gaadrRoleDetailList :: Lens' GetAccountAuthorizationDetailsResponse [RoleDetail]
+ Network.AWS.IAM.GetAccountAuthorizationDetails: gaadrUserDetailList :: Lens' GetAccountAuthorizationDetailsResponse [UserDetail]
+ Network.AWS.IAM.GetAccountAuthorizationDetails: getAccountAuthorizationDetails :: GetAccountAuthorizationDetails
+ Network.AWS.IAM.GetAccountAuthorizationDetails: getAccountAuthorizationDetailsResponse :: GetAccountAuthorizationDetailsResponse
+ Network.AWS.IAM.GetAccountAuthorizationDetails: instance AWSRequest GetAccountAuthorizationDetails
+ Network.AWS.IAM.GetAccountAuthorizationDetails: instance Eq GetAccountAuthorizationDetails
+ Network.AWS.IAM.GetAccountAuthorizationDetails: instance Eq GetAccountAuthorizationDetailsResponse
+ Network.AWS.IAM.GetAccountAuthorizationDetails: instance FromXML GetAccountAuthorizationDetailsResponse
+ Network.AWS.IAM.GetAccountAuthorizationDetails: instance Show GetAccountAuthorizationDetails
+ Network.AWS.IAM.GetAccountAuthorizationDetails: instance Show GetAccountAuthorizationDetailsResponse
+ Network.AWS.IAM.GetAccountAuthorizationDetails: instance ToHeaders GetAccountAuthorizationDetails
+ Network.AWS.IAM.GetAccountAuthorizationDetails: instance ToPath GetAccountAuthorizationDetails
+ Network.AWS.IAM.GetAccountAuthorizationDetails: instance ToQuery GetAccountAuthorizationDetails
+ Network.AWS.IAM.Types: ETGroup :: EntityType
+ Network.AWS.IAM.Types: ETRole :: EntityType
+ Network.AWS.IAM.Types: ETUser :: EntityType
+ Network.AWS.IAM.Types: data EntityType
+ Network.AWS.IAM.Types: data GroupDetail
+ Network.AWS.IAM.Types: data PolicyDetail
+ Network.AWS.IAM.Types: data RoleDetail
+ Network.AWS.IAM.Types: data UserDetail
+ Network.AWS.IAM.Types: gdArn :: Lens' GroupDetail (Maybe Text)
+ Network.AWS.IAM.Types: gdCreateDate :: Lens' GroupDetail (Maybe UTCTime)
+ Network.AWS.IAM.Types: gdGroupId :: Lens' GroupDetail (Maybe Text)
+ Network.AWS.IAM.Types: gdGroupName :: Lens' GroupDetail (Maybe Text)
+ Network.AWS.IAM.Types: gdGroupPolicyList :: Lens' GroupDetail [PolicyDetail]
+ Network.AWS.IAM.Types: gdPath :: Lens' GroupDetail (Maybe Text)
+ Network.AWS.IAM.Types: groupDetail :: GroupDetail
+ Network.AWS.IAM.Types: instance Constructor C1_0EntityType
+ Network.AWS.IAM.Types: instance Constructor C1_1EntityType
+ Network.AWS.IAM.Types: instance Constructor C1_2EntityType
+ Network.AWS.IAM.Types: instance Datatype D1EntityType
+ Network.AWS.IAM.Types: instance Enum EntityType
+ Network.AWS.IAM.Types: instance Eq EntityType
+ Network.AWS.IAM.Types: instance Eq GroupDetail
+ Network.AWS.IAM.Types: instance Eq PolicyDetail
+ Network.AWS.IAM.Types: instance Eq RoleDetail
+ Network.AWS.IAM.Types: instance Eq UserDetail
+ Network.AWS.IAM.Types: instance FromText EntityType
+ Network.AWS.IAM.Types: instance FromXML EntityType
+ Network.AWS.IAM.Types: instance FromXML GroupDetail
+ Network.AWS.IAM.Types: instance FromXML PolicyDetail
+ Network.AWS.IAM.Types: instance FromXML RoleDetail
+ Network.AWS.IAM.Types: instance FromXML UserDetail
+ Network.AWS.IAM.Types: instance Generic EntityType
+ Network.AWS.IAM.Types: instance Hashable EntityType
+ Network.AWS.IAM.Types: instance Ord EntityType
+ Network.AWS.IAM.Types: instance Ord PolicyDetail
+ Network.AWS.IAM.Types: instance Show EntityType
+ Network.AWS.IAM.Types: instance Show GroupDetail
+ Network.AWS.IAM.Types: instance Show PolicyDetail
+ Network.AWS.IAM.Types: instance Show RoleDetail
+ Network.AWS.IAM.Types: instance Show UserDetail
+ Network.AWS.IAM.Types: instance ToByteString EntityType
+ Network.AWS.IAM.Types: instance ToHeader EntityType
+ Network.AWS.IAM.Types: instance ToQuery EntityType
+ Network.AWS.IAM.Types: instance ToQuery GroupDetail
+ Network.AWS.IAM.Types: instance ToQuery PolicyDetail
+ Network.AWS.IAM.Types: instance ToQuery RoleDetail
+ Network.AWS.IAM.Types: instance ToQuery UserDetail
+ Network.AWS.IAM.Types: instance ToText EntityType
+ Network.AWS.IAM.Types: pdPolicyDocument :: Lens' PolicyDetail (Maybe Text)
+ Network.AWS.IAM.Types: pdPolicyName :: Lens' PolicyDetail (Maybe Text)
+ Network.AWS.IAM.Types: policyDetail :: PolicyDetail
+ Network.AWS.IAM.Types: rdArn :: Lens' RoleDetail (Maybe Text)
+ Network.AWS.IAM.Types: rdAssumeRolePolicyDocument :: Lens' RoleDetail (Maybe Text)
+ Network.AWS.IAM.Types: rdCreateDate :: Lens' RoleDetail (Maybe UTCTime)
+ Network.AWS.IAM.Types: rdInstanceProfileList :: Lens' RoleDetail [InstanceProfile]
+ Network.AWS.IAM.Types: rdPath :: Lens' RoleDetail (Maybe Text)
+ Network.AWS.IAM.Types: rdRoleId :: Lens' RoleDetail (Maybe Text)
+ Network.AWS.IAM.Types: rdRoleName :: Lens' RoleDetail (Maybe Text)
+ Network.AWS.IAM.Types: rdRolePolicyList :: Lens' RoleDetail [PolicyDetail]
+ Network.AWS.IAM.Types: roleDetail :: RoleDetail
+ Network.AWS.IAM.Types: udArn :: Lens' UserDetail (Maybe Text)
+ Network.AWS.IAM.Types: udCreateDate :: Lens' UserDetail (Maybe UTCTime)
+ Network.AWS.IAM.Types: udGroupList :: Lens' UserDetail [Text]
+ Network.AWS.IAM.Types: udPath :: Lens' UserDetail (Maybe Text)
+ Network.AWS.IAM.Types: udUserId :: Lens' UserDetail (Maybe Text)
+ Network.AWS.IAM.Types: udUserName :: Lens' UserDetail (Maybe Text)
+ Network.AWS.IAM.Types: udUserPolicyList :: Lens' UserDetail [PolicyDetail]
+ Network.AWS.IAM.Types: userDetail :: UserDetail
Files
- amazonka-iam.cabal +3/−2
- gen/Network/AWS/IAM.hs +2/−0
- gen/Network/AWS/IAM/CreateOpenIDConnectProvider.hs +4/−0
- gen/Network/AWS/IAM/CreateSAMLProvider.hs +1/−1
- gen/Network/AWS/IAM/DeleteSAMLProvider.hs +2/−0
- gen/Network/AWS/IAM/DeleteVirtualMFADevice.hs +3/−0
- gen/Network/AWS/IAM/GetAccountAuthorizationDetails.hs +187/−0
- gen/Network/AWS/IAM/GetCredentialReport.hs +1/−1
- gen/Network/AWS/IAM/GetSAMLProvider.hs +2/−0
- gen/Network/AWS/IAM/ListAccessKeys.hs +3/−0
- gen/Network/AWS/IAM/ListSAMLProviders.hs +2/−0
- gen/Network/AWS/IAM/PutGroupPolicy.hs +5/−0
- gen/Network/AWS/IAM/PutRolePolicy.hs +5/−0
- gen/Network/AWS/IAM/PutUserPolicy.hs +5/−0
- gen/Network/AWS/IAM/Types.hs +425/−15
- gen/Network/AWS/IAM/UpdateAccountPasswordPolicy.hs +5/−0
- gen/Network/AWS/IAM/UpdateGroup.hs +5/−0
- gen/Network/AWS/IAM/UpdateOpenIDConnectProviderThumbprint.hs +5/−0
- gen/Network/AWS/IAM/UpdateSAMLProvider.hs +2/−0
- gen/Network/AWS/IAM/UpdateServerCertificate.hs +6/−1
- gen/Network/AWS/IAM/UpdateUser.hs +5/−0
- gen/Network/AWS/IAM/UploadServerCertificate.hs +11/−0
- gen/Network/AWS/IAM/UploadSigningCertificate.hs +5/−0
amazonka-iam.cabal view
@@ -1,5 +1,5 @@ name: amazonka-iam-version: 0.0.7+version: 0.0.8 synopsis: Amazon Identity and Access Management SDK. homepage: https://github.com/brendanhay/amazonka license: OtherLicense@@ -69,6 +69,7 @@ , Network.AWS.IAM.DeleteVirtualMFADevice , Network.AWS.IAM.EnableMFADevice , Network.AWS.IAM.GenerateCredentialReport+ , Network.AWS.IAM.GetAccountAuthorizationDetails , Network.AWS.IAM.GetAccountPasswordPolicy , Network.AWS.IAM.GetAccountSummary , Network.AWS.IAM.GetCredentialReport@@ -124,5 +125,5 @@ other-modules: build-depends:- amazonka-core == 0.0.7.*+ amazonka-core == 0.0.8.* , base >= 4.7 && < 5
gen/Network/AWS/IAM.hs view
@@ -48,6 +48,7 @@ , module Network.AWS.IAM.DeleteVirtualMFADevice , module Network.AWS.IAM.EnableMFADevice , module Network.AWS.IAM.GenerateCredentialReport+ , module Network.AWS.IAM.GetAccountAuthorizationDetails , module Network.AWS.IAM.GetAccountPasswordPolicy , module Network.AWS.IAM.GetAccountSummary , module Network.AWS.IAM.GetCredentialReport@@ -134,6 +135,7 @@ import Network.AWS.IAM.DeleteVirtualMFADevice import Network.AWS.IAM.EnableMFADevice import Network.AWS.IAM.GenerateCredentialReport+import Network.AWS.IAM.GetAccountAuthorizationDetails import Network.AWS.IAM.GetAccountPasswordPolicy import Network.AWS.IAM.GetAccountSummary import Network.AWS.IAM.GetCredentialReport
gen/Network/AWS/IAM/CreateOpenIDConnectProvider.hs view
@@ -35,6 +35,10 @@ -- certificate(s) that the IdP uses. You get all of this information from the -- OIDC IdP that you want to use for access to AWS. --+-- Because trust for the OIDC provider is ultimately derived from the IAM+-- provider that this action creates, it is a best practice to limit access to+-- the 'CreateOpenIDConnectProvider' action to highly-privileged users.+-- -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateOpenIDConnectProvider.html> module Network.AWS.IAM.CreateOpenIDConnectProvider (
gen/Network/AWS/IAM/CreateSAMLProvider.hs view
@@ -38,7 +38,7 @@ -- metadata document using the identity management software that is used as your -- organization's IdP. ----- For more information, see <http://docs.aws.amazon.com/STS/latest/UsingSTS/STSMgmtConsole-SAML.html Giving Console Access Using SAML> and <http://docs.aws.amazon.com/STS/latest/UsingSTS/CreatingSAML.html CreatingTemporary Security Credentials for SAML Federation> in the /Using TemporaryCredentials/ guide.+-- This operation requires <http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html Signature Version 4>. For more information, see <http://docs.aws.amazon.com/STS/latest/UsingSTS/STSMgmtConsole-SAML.html Giving Console Access Using SAML> and <http://docs.aws.amazon.com/STS/latest/UsingSTS/CreatingSAML.html Creating Temporary Security Credentials for SAML Federation> in the /UsingTemporary Credentials/ guide. -- -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateSAMLProvider.html> module Network.AWS.IAM.CreateSAMLProvider
gen/Network/AWS/IAM/DeleteSAMLProvider.hs view
@@ -28,6 +28,8 @@ -- provider as a principal in their trust policies. Any attempt to assume a role -- that references a SAML provider that has been deleted will fail. --+-- This operation requires <http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html Signature Version 4>.+-- -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteSAMLProvider.html> module Network.AWS.IAM.DeleteSAMLProvider (
gen/Network/AWS/IAM/DeleteVirtualMFADevice.hs view
@@ -24,6 +24,9 @@ -- | Deletes a virtual MFA device. --+-- You must deactivate a user's virtual MFA device before you can delete it.+-- For information about deactivating MFA devices, see <http://docs.aws.amazon.com/IAM/latest/APIReference/API_DeactivateMFADevice.html DeactivateMFADevice>.+-- -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteVirtualMFADevice.html> module Network.AWS.IAM.DeleteVirtualMFADevice (
+ gen/Network/AWS/IAM/GetAccountAuthorizationDetails.hs view
@@ -0,0 +1,187 @@+{-# LANGUAGE DataKinds #-}+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE FlexibleInstances #-}+{-# LANGUAGE GeneralizedNewtypeDeriving #-}+{-# LANGUAGE LambdaCase #-}+{-# LANGUAGE NoImplicitPrelude #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE TypeFamilies #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}++-- Module : Network.AWS.IAM.GetAccountAuthorizationDetails+-- Copyright : (c) 2013-2014 Brendan Hay <brendan.g.hay@gmail.com>+-- License : This Source Code Form is subject to the terms of+-- the Mozilla Public License, v. 2.0.+-- A copy of the MPL can be found in the LICENSE file or+-- you can obtain it at http://mozilla.org/MPL/2.0/.+-- Maintainer : Brendan Hay <brendan.g.hay@gmail.com>+-- Stability : experimental+-- Portability : non-portable (GHC extensions)+--+-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- | Retrieves information about all IAM users, groups, and roles in your account,+-- including their relationships to one another and their attached policies. Use+-- this API to obtain a snapshot of the configuration of IAM permissions (users,+-- groups, roles, and policies) in your account.+--+-- You can optionally filter the results using the 'Filter' parameter. You can+-- paginate the results using the 'MaxItems' and 'Marker' parameters.+--+-- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_GetAccountAuthorizationDetails.html>+module Network.AWS.IAM.GetAccountAuthorizationDetails+ (+ -- * Request+ GetAccountAuthorizationDetails+ -- ** Request constructor+ , getAccountAuthorizationDetails+ -- ** Request lenses+ , gaadFilter+ , gaadMarker+ , gaadMaxItems++ -- * Response+ , GetAccountAuthorizationDetailsResponse+ -- ** Response constructor+ , getAccountAuthorizationDetailsResponse+ -- ** Response lenses+ , gaadrGroupDetailList+ , gaadrIsTruncated+ , gaadrMarker+ , gaadrRoleDetailList+ , gaadrUserDetailList+ ) where++import Network.AWS.Prelude+import Network.AWS.Request.Query+import Network.AWS.IAM.Types+import qualified GHC.Exts++data GetAccountAuthorizationDetails = GetAccountAuthorizationDetails+ { _gaadFilter :: List "member" EntityType+ , _gaadMarker :: Maybe Text+ , _gaadMaxItems :: Maybe Nat+ } deriving (Eq, Show)++-- | 'GetAccountAuthorizationDetails' constructor.+--+-- The fields accessible through corresponding lenses are:+--+-- * 'gaadFilter' @::@ ['EntityType']+--+-- * 'gaadMarker' @::@ 'Maybe' 'Text'+--+-- * 'gaadMaxItems' @::@ 'Maybe' 'Natural'+--+getAccountAuthorizationDetails :: GetAccountAuthorizationDetails+getAccountAuthorizationDetails = GetAccountAuthorizationDetails+ { _gaadFilter = mempty+ , _gaadMaxItems = Nothing+ , _gaadMarker = Nothing+ }++-- | A list of entity types (user, group, or role) for filtering the results.+gaadFilter :: Lens' GetAccountAuthorizationDetails [EntityType]+gaadFilter = lens _gaadFilter (\s a -> s { _gaadFilter = a }) . _List++-- | Use this only when paginating results, and only in a subsequent request after+-- you've received a response where the results are truncated. Set it to the+-- value of the 'Marker' element in the response you just received.+gaadMarker :: Lens' GetAccountAuthorizationDetails (Maybe Text)+gaadMarker = lens _gaadMarker (\s a -> s { _gaadMarker = a })++-- | Use this only when paginating results to indicate the maximum number of items+-- you want in the response. If there are additional items beyond the maximum+-- you specify, the 'IsTruncated' response element is 'true'. This parameter is+-- optional. If you do not include it, it defaults to 100.+gaadMaxItems :: Lens' GetAccountAuthorizationDetails (Maybe Natural)+gaadMaxItems = lens _gaadMaxItems (\s a -> s { _gaadMaxItems = a }) . mapping _Nat++data GetAccountAuthorizationDetailsResponse = GetAccountAuthorizationDetailsResponse+ { _gaadrGroupDetailList :: List "member" GroupDetail+ , _gaadrIsTruncated :: Maybe Bool+ , _gaadrMarker :: Maybe Text+ , _gaadrRoleDetailList :: List "member" RoleDetail+ , _gaadrUserDetailList :: List "member" UserDetail+ } deriving (Eq, Show)++-- | 'GetAccountAuthorizationDetailsResponse' constructor.+--+-- The fields accessible through corresponding lenses are:+--+-- * 'gaadrGroupDetailList' @::@ ['GroupDetail']+--+-- * 'gaadrIsTruncated' @::@ 'Maybe' 'Bool'+--+-- * 'gaadrMarker' @::@ 'Maybe' 'Text'+--+-- * 'gaadrRoleDetailList' @::@ ['RoleDetail']+--+-- * 'gaadrUserDetailList' @::@ ['UserDetail']+--+getAccountAuthorizationDetailsResponse :: GetAccountAuthorizationDetailsResponse+getAccountAuthorizationDetailsResponse = GetAccountAuthorizationDetailsResponse+ { _gaadrUserDetailList = mempty+ , _gaadrGroupDetailList = mempty+ , _gaadrRoleDetailList = mempty+ , _gaadrIsTruncated = Nothing+ , _gaadrMarker = Nothing+ }++-- | A list containing information about IAM groups.+gaadrGroupDetailList :: Lens' GetAccountAuthorizationDetailsResponse [GroupDetail]+gaadrGroupDetailList =+ lens _gaadrGroupDetailList (\s a -> s { _gaadrGroupDetailList = a })+ . _List++-- | A flag that indicates whether there are more items to return. If your results+-- were truncated, you can make a subsequent pagination request using the 'Marker'+-- request parameter to retrieve more items.+gaadrIsTruncated :: Lens' GetAccountAuthorizationDetailsResponse (Maybe Bool)+gaadrIsTruncated = lens _gaadrIsTruncated (\s a -> s { _gaadrIsTruncated = a })++-- | If 'IsTruncated' is 'true', this element is present and contains the value to use+-- for the 'Marker' parameter in a subsequent pagination request.+gaadrMarker :: Lens' GetAccountAuthorizationDetailsResponse (Maybe Text)+gaadrMarker = lens _gaadrMarker (\s a -> s { _gaadrMarker = a })++-- | A list containing information about IAM roles.+gaadrRoleDetailList :: Lens' GetAccountAuthorizationDetailsResponse [RoleDetail]+gaadrRoleDetailList =+ lens _gaadrRoleDetailList (\s a -> s { _gaadrRoleDetailList = a })+ . _List++-- | A list containing information about IAM users.+gaadrUserDetailList :: Lens' GetAccountAuthorizationDetailsResponse [UserDetail]+gaadrUserDetailList =+ lens _gaadrUserDetailList (\s a -> s { _gaadrUserDetailList = a })+ . _List++instance ToPath GetAccountAuthorizationDetails where+ toPath = const "/"++instance ToQuery GetAccountAuthorizationDetails where+ toQuery GetAccountAuthorizationDetails{..} = mconcat+ [ "Filter" =? _gaadFilter+ , "Marker" =? _gaadMarker+ , "MaxItems" =? _gaadMaxItems+ ]++instance ToHeaders GetAccountAuthorizationDetails++instance AWSRequest GetAccountAuthorizationDetails where+ type Sv GetAccountAuthorizationDetails = IAM+ type Rs GetAccountAuthorizationDetails = GetAccountAuthorizationDetailsResponse++ request = post "GetAccountAuthorizationDetails"+ response = xmlResponse++instance FromXML GetAccountAuthorizationDetailsResponse where+ parseXML = withElement "GetAccountAuthorizationDetailsResult" $ \x -> GetAccountAuthorizationDetailsResponse+ <$> x .@? "GroupDetailList" .!@ mempty+ <*> x .@? "IsTruncated"+ <*> x .@? "Marker"+ <*> x .@? "RoleDetailList" .!@ mempty+ <*> x .@? "UserDetailList" .!@ mempty
gen/Network/AWS/IAM/GetCredentialReport.hs view
@@ -83,7 +83,7 @@ gcrrContent :: Lens' GetCredentialReportResponse (Maybe Base64) gcrrContent = lens _gcrrContent (\s a -> s { _gcrrContent = a }) --- | The time and date when the credential report was created, in <http://www.iso.org/iso/iso8601 ISO 8601date-time format>.+-- | The date and time when the credential report was created, in <http://www.iso.org/iso/iso8601 ISO 8601date-time format>. gcrrGeneratedTime :: Lens' GetCredentialReportResponse (Maybe UTCTime) gcrrGeneratedTime = lens _gcrrGeneratedTime (\s a -> s { _gcrrGeneratedTime = a })
gen/Network/AWS/IAM/GetSAMLProvider.hs view
@@ -25,6 +25,8 @@ -- | Returns the SAML provider metadocument that was uploaded when the provider -- was created or updated. --+-- This operation requires <http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html Signature Version 4>.+-- -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_GetSAMLProvider.html> module Network.AWS.IAM.GetSAMLProvider (
gen/Network/AWS/IAM/ListAccessKeys.hs view
@@ -34,6 +34,9 @@ -- action to manage root credentials even if the AWS account has no associated -- users. --+-- To ensure the security of your AWS account, the secret access key is+-- accessible only during key and user creation.+-- -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAccessKeys.html> module Network.AWS.IAM.ListAccessKeys (
gen/Network/AWS/IAM/ListSAMLProviders.hs view
@@ -24,6 +24,8 @@ -- | Lists the SAML providers in the account. --+-- This operation requires <http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html Signature Version 4>.+-- -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_ListSAMLProviders.html> module Network.AWS.IAM.ListSAMLProviders (
gen/Network/AWS/IAM/PutGroupPolicy.hs view
@@ -29,6 +29,11 @@ -- For information about limits on the number of policies you can associate -- with a group, see <http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html Limitations on IAM Entities> in the /Using IAM/ guide. --+-- Because policy documents can be large, you should use POST rather than GET+-- when calling 'PutGroupPolicy'. For information about setting up signatures and+-- authorization through the API, go to <http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html Signing AWS API Requests> in the /AWSGeneral Reference/. For general information about using the Query API with+-- IAM, go to <http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html Making Query Requests> in the /Using IAM/ guide.+-- -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_PutGroupPolicy.html> module Network.AWS.IAM.PutGroupPolicy (
gen/Network/AWS/IAM/PutRolePolicy.hs view
@@ -29,6 +29,11 @@ -- For information about limits on the policies you can associate with a role, -- see <http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html Limitations on IAM Entities> in the /Using IAM/ guide. --+-- Because policy documents can be large, you should use POST rather than GET+-- when calling 'PutRolePolicy'. For information about setting up signatures and+-- authorization through the API, go to <http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html Signing AWS API Requests> in the /AWSGeneral Reference/. For general information about using the Query API with+-- IAM, go to <http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html Making Query Requests> in the /Using IAM/ guide.+-- -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_PutRolePolicy.html> module Network.AWS.IAM.PutRolePolicy (
gen/Network/AWS/IAM/PutUserPolicy.hs view
@@ -29,6 +29,11 @@ -- For information about limits on the number of policies you can associate -- with a user, see <http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html Limitations on IAM Entities> in the /Using IAM/ guide. --+-- Because policy documents can be large, you should use POST rather than GET+-- when calling 'PutUserPolicy'. For information about setting up signatures and+-- authorization through the API, go to <http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html Signing AWS API Requests> in the /AWSGeneral Reference/. For general information about using the Query API with+-- IAM, go to <http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html Making Query Requests> in the /Using IAM/ guide.+-- -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_PutUserPolicy.html> module Network.AWS.IAM.PutUserPolicy (
gen/Network/AWS/IAM/Types.hs view
@@ -7,6 +7,7 @@ {-# LANGUAGE OverloadedStrings #-} {-# LANGUAGE RecordWildCards #-} {-# LANGUAGE TypeFamilies #-}+{-# LANGUAGE ViewPatterns #-} {-# OPTIONS_GHC -fno-warn-unused-imports #-} @@ -74,6 +75,18 @@ , ipPath , ipRoles + -- * RoleDetail+ , RoleDetail+ , roleDetail+ , rdArn+ , rdAssumeRolePolicyDocument+ , rdCreateDate+ , rdInstanceProfileList+ , rdPath+ , rdRoleId+ , rdRoleName+ , rdRolePolicyList+ -- * ReportFormatType , ReportFormatType (..) @@ -99,9 +112,22 @@ , lpPasswordResetRequired , lpUserName + -- * EntityType+ , EntityType (..)+ -- * SummaryKeyType , SummaryKeyType (..) + -- * GroupDetail+ , GroupDetail+ , groupDetail+ , gdArn+ , gdCreateDate+ , gdGroupId+ , gdGroupName+ , gdGroupPolicyList+ , gdPath+ -- * ReportStateType , ReportStateType (..) @@ -115,6 +141,12 @@ , uUserId , uUserName + -- * PolicyDetail+ , PolicyDetail+ , policyDetail+ , pdPolicyDocument+ , pdPolicyName+ -- * StatusType , StatusType (..) @@ -135,6 +167,17 @@ , rRoleId , rRoleName + -- * UserDetail+ , UserDetail+ , userDetail+ , udArn+ , udCreateDate+ , udGroupList+ , udPath+ , udUserId+ , udUserName+ , udUserPolicyList+ -- * ServerCertificate , ServerCertificate , serverCertificate@@ -178,7 +221,6 @@ , akmUserName ) where -import Network.AWS.Error import Network.AWS.Prelude import Network.AWS.Signing import qualified GHC.Exts@@ -190,18 +232,44 @@ type Sg IAM = V4 type Er IAM = RESTError - service = Service- { _svcAbbrev = "IAM"- , _svcPrefix = "iam"- , _svcVersion = "2010-05-08"- , _svcTargetPrefix = Nothing- , _svcJSONVersion = Nothing- }+ service = service'+ where+ service' :: Service IAM+ service' = Service+ { _svcAbbrev = "IAM"+ , _svcPrefix = "iam"+ , _svcVersion = "2010-05-08"+ , _svcTargetPrefix = Nothing+ , _svcJSONVersion = Nothing+ , _svcHandle = handle+ , _svcRetry = retry+ } - handle = restError statusSuccess+ handle :: Status+ -> Maybe (LazyByteString -> ServiceError RESTError)+ handle = restError statusSuccess service' + retry :: Retry IAM+ retry = Exponential+ { _retryBase = 0.05+ , _retryGrowth = 2+ , _retryAttempts = 5+ , _retryCheck = check+ }++ check :: Status+ -> RESTError+ -> Bool+ check (statusCode -> s) (awsErrorCode -> e)+ | s == 400 && "Throttling" == e = True -- Throttling+ | s == 500 = True -- General Server Error+ | s == 509 = True -- Limit Exceeded+ | s == 503 = True -- Service Unavailable+ | otherwise = False+ ns :: Text ns = "https://iam.amazonaws.com/doc/2010-05-08/"+{-# INLINE ns #-} data AssignmentStatusType = Any -- ^ Any@@ -406,7 +474,7 @@ gArn :: Lens' Group Text gArn = lens _gArn (\s a -> s { _gArn = a }) --- | The date when the group was created.+-- | The date and time, in <http://www.iso.org/iso/iso8601 ISO 8601 date-time format>, when the group was created. gCreateDate :: Lens' Group UTCTime gCreateDate = lens _gCreateDate (\s a -> s { _gCreateDate = a }) . _Time @@ -415,7 +483,7 @@ gGroupId :: Lens' Group Text gGroupId = lens _gGroupId (\s a -> s { _gGroupId = a }) --- | The name that identifies the group.+-- | The friendly name that identifies the group. gGroupName :: Lens' Group Text gGroupName = lens _gGroupName (\s a -> s { _gGroupName = a }) @@ -581,6 +649,110 @@ , "Roles" =? _ipRoles ] +data RoleDetail = RoleDetail+ { _rdArn :: Maybe Text+ , _rdAssumeRolePolicyDocument :: Maybe Text+ , _rdCreateDate :: Maybe ISO8601+ , _rdInstanceProfileList :: List "member" InstanceProfile+ , _rdPath :: Maybe Text+ , _rdRoleId :: Maybe Text+ , _rdRoleName :: Maybe Text+ , _rdRolePolicyList :: List "member" PolicyDetail+ } deriving (Eq, Show)++-- | 'RoleDetail' constructor.+--+-- The fields accessible through corresponding lenses are:+--+-- * 'rdArn' @::@ 'Maybe' 'Text'+--+-- * 'rdAssumeRolePolicyDocument' @::@ 'Maybe' 'Text'+--+-- * 'rdCreateDate' @::@ 'Maybe' 'UTCTime'+--+-- * 'rdInstanceProfileList' @::@ ['InstanceProfile']+--+-- * 'rdPath' @::@ 'Maybe' 'Text'+--+-- * 'rdRoleId' @::@ 'Maybe' 'Text'+--+-- * 'rdRoleName' @::@ 'Maybe' 'Text'+--+-- * 'rdRolePolicyList' @::@ ['PolicyDetail']+--+roleDetail :: RoleDetail+roleDetail = RoleDetail+ { _rdPath = Nothing+ , _rdRoleName = Nothing+ , _rdRoleId = Nothing+ , _rdArn = Nothing+ , _rdCreateDate = Nothing+ , _rdAssumeRolePolicyDocument = Nothing+ , _rdInstanceProfileList = mempty+ , _rdRolePolicyList = mempty+ }++rdArn :: Lens' RoleDetail (Maybe Text)+rdArn = lens _rdArn (\s a -> s { _rdArn = a })++-- | The trust policy that grants an entity permission to assume the role.+--+-- The returned policy is URL-encoded according to <http://www.faqs.org/rfcs/rfc3986.html RFC 3986>.+rdAssumeRolePolicyDocument :: Lens' RoleDetail (Maybe Text)+rdAssumeRolePolicyDocument =+ lens _rdAssumeRolePolicyDocument+ (\s a -> s { _rdAssumeRolePolicyDocument = a })++-- | The date and time, in <http://www.iso.org/iso/iso8601 ISO 8601 date-time format>, when the role was created.+rdCreateDate :: Lens' RoleDetail (Maybe UTCTime)+rdCreateDate = lens _rdCreateDate (\s a -> s { _rdCreateDate = a }) . mapping _Time++rdInstanceProfileList :: Lens' RoleDetail [InstanceProfile]+rdInstanceProfileList =+ lens _rdInstanceProfileList (\s a -> s { _rdInstanceProfileList = a })+ . _List++-- | The path to the role. For more information about paths, see <http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html IAM Identifiers>+-- in the /Using IAM/ guide.+rdPath :: Lens' RoleDetail (Maybe Text)+rdPath = lens _rdPath (\s a -> s { _rdPath = a })++-- | The stable and unique string identifying the role. For more information about+-- IDs, see <http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html IAM Identifiers> in the /Using IAM/ guide.+rdRoleId :: Lens' RoleDetail (Maybe Text)+rdRoleId = lens _rdRoleId (\s a -> s { _rdRoleId = a })++-- | The friendly name that identifies the role.+rdRoleName :: Lens' RoleDetail (Maybe Text)+rdRoleName = lens _rdRoleName (\s a -> s { _rdRoleName = a })++-- | A list of the access (permissions) policies attached to the role.+rdRolePolicyList :: Lens' RoleDetail [PolicyDetail]+rdRolePolicyList = lens _rdRolePolicyList (\s a -> s { _rdRolePolicyList = a }) . _List++instance FromXML RoleDetail where+ parseXML x = RoleDetail+ <$> x .@? "Arn"+ <*> x .@? "AssumeRolePolicyDocument"+ <*> x .@? "CreateDate"+ <*> x .@? "InstanceProfileList" .!@ mempty+ <*> x .@? "Path"+ <*> x .@? "RoleId"+ <*> x .@? "RoleName"+ <*> x .@? "RolePolicyList" .!@ mempty++instance ToQuery RoleDetail where+ toQuery RoleDetail{..} = mconcat+ [ "Arn" =? _rdArn+ , "AssumeRolePolicyDocument" =? _rdAssumeRolePolicyDocument+ , "CreateDate" =? _rdCreateDate+ , "InstanceProfileList" =? _rdInstanceProfileList+ , "Path" =? _rdPath+ , "RoleId" =? _rdRoleId+ , "RoleName" =? _rdRoleName+ , "RolePolicyList" =? _rdRolePolicyList+ ]+ data ReportFormatType = TextCsv -- ^ text/csv deriving (Eq, Ord, Show, Generic, Enum)@@ -770,6 +942,35 @@ , "UserName" =? _lpUserName ] +data EntityType+ = ETGroup -- ^ Group+ | ETRole -- ^ Role+ | ETUser -- ^ User+ deriving (Eq, Ord, Show, Generic, Enum)++instance Hashable EntityType++instance FromText EntityType where+ parser = takeText >>= \case+ "Group" -> pure ETGroup+ "Role" -> pure ETRole+ "User" -> pure ETUser+ e -> fail $+ "Failure parsing EntityType from " ++ show e++instance ToText EntityType where+ toText = \case+ ETGroup -> "Group"+ ETRole -> "Role"+ ETUser -> "User"++instance ToByteString EntityType+instance ToHeader EntityType+instance ToQuery EntityType++instance FromXML EntityType where+ parseXML = parseXMLText "EntityType"+ data SummaryKeyType = AccessKeysPerUserQuota -- ^ AccessKeysPerUserQuota | AccountMFAEnabled -- ^ AccountMFAEnabled@@ -832,6 +1033,87 @@ instance FromXML SummaryKeyType where parseXML = parseXMLText "SummaryKeyType" +data GroupDetail = GroupDetail+ { _gdArn :: Maybe Text+ , _gdCreateDate :: Maybe ISO8601+ , _gdGroupId :: Maybe Text+ , _gdGroupName :: Maybe Text+ , _gdGroupPolicyList :: List "member" PolicyDetail+ , _gdPath :: Maybe Text+ } deriving (Eq, Show)++-- | 'GroupDetail' constructor.+--+-- The fields accessible through corresponding lenses are:+--+-- * 'gdArn' @::@ 'Maybe' 'Text'+--+-- * 'gdCreateDate' @::@ 'Maybe' 'UTCTime'+--+-- * 'gdGroupId' @::@ 'Maybe' 'Text'+--+-- * 'gdGroupName' @::@ 'Maybe' 'Text'+--+-- * 'gdGroupPolicyList' @::@ ['PolicyDetail']+--+-- * 'gdPath' @::@ 'Maybe' 'Text'+--+groupDetail :: GroupDetail+groupDetail = GroupDetail+ { _gdPath = Nothing+ , _gdGroupName = Nothing+ , _gdGroupId = Nothing+ , _gdArn = Nothing+ , _gdCreateDate = Nothing+ , _gdGroupPolicyList = mempty+ }++gdArn :: Lens' GroupDetail (Maybe Text)+gdArn = lens _gdArn (\s a -> s { _gdArn = a })++-- | The date and time, in <http://www.iso.org/iso/iso8601 ISO 8601 date-time format>, when the group was created.+gdCreateDate :: Lens' GroupDetail (Maybe UTCTime)+gdCreateDate = lens _gdCreateDate (\s a -> s { _gdCreateDate = a }) . mapping _Time++-- | The stable and unique string identifying the group. For more information+-- about IDs, see <http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html IAM Identifiers> in the /Using IAM/ guide.+gdGroupId :: Lens' GroupDetail (Maybe Text)+gdGroupId = lens _gdGroupId (\s a -> s { _gdGroupId = a })++-- | The friendly name that identifies the group.+gdGroupName :: Lens' GroupDetail (Maybe Text)+gdGroupName = lens _gdGroupName (\s a -> s { _gdGroupName = a })++-- | A list of the policies attached to the group.+gdGroupPolicyList :: Lens' GroupDetail [PolicyDetail]+gdGroupPolicyList =+ lens _gdGroupPolicyList (\s a -> s { _gdGroupPolicyList = a })+ . _List++-- | The path to the group. For more information about paths, see <http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html IAM Identifiers>+-- in the /Using IAM/ guide.+gdPath :: Lens' GroupDetail (Maybe Text)+gdPath = lens _gdPath (\s a -> s { _gdPath = a })++instance FromXML GroupDetail where+ parseXML x = GroupDetail+ <$> x .@? "Arn"+ <*> x .@? "CreateDate"+ <*> x .@? "GroupId"+ <*> x .@? "GroupName"+ <*> x .@? "GroupPolicyList" .!@ mempty+ <*> x .@? "Path"++instance ToQuery GroupDetail where+ toQuery GroupDetail{..} = mconcat+ [ "Arn" =? _gdArn+ , "CreateDate" =? _gdCreateDate+ , "GroupId" =? _gdGroupId+ , "GroupName" =? _gdGroupName+ , "GroupPolicyList" =? _gdGroupPolicyList+ , "Path" =? _gdPath+ ]+ data ReportStateType = Complete -- ^ COMPLETE | Inprogress -- ^ INPROGRESS@@ -957,6 +1239,46 @@ , "UserName" =? _uUserName ] +data PolicyDetail = PolicyDetail+ { _pdPolicyDocument :: Maybe Text+ , _pdPolicyName :: Maybe Text+ } deriving (Eq, Ord, Show)++-- | 'PolicyDetail' constructor.+--+-- The fields accessible through corresponding lenses are:+--+-- * 'pdPolicyDocument' @::@ 'Maybe' 'Text'+--+-- * 'pdPolicyName' @::@ 'Maybe' 'Text'+--+policyDetail :: PolicyDetail+policyDetail = PolicyDetail+ { _pdPolicyName = Nothing+ , _pdPolicyDocument = Nothing+ }++-- | The policy document.+--+-- The returned policy is URL-encoded according to <http://www.faqs.org/rfcs/rfc3986.html RFC 3986>.+pdPolicyDocument :: Lens' PolicyDetail (Maybe Text)+pdPolicyDocument = lens _pdPolicyDocument (\s a -> s { _pdPolicyDocument = a })++-- | The name of the policy.+pdPolicyName :: Lens' PolicyDetail (Maybe Text)+pdPolicyName = lens _pdPolicyName (\s a -> s { _pdPolicyName = a })++instance FromXML PolicyDetail where+ parseXML x = PolicyDetail+ <$> x .@? "PolicyDocument"+ <*> x .@? "PolicyName"++instance ToQuery PolicyDetail where+ toQuery PolicyDetail{..} = mconcat+ [ "PolicyDocument" =? _pdPolicyDocument+ , "PolicyName" =? _pdPolicyName+ ]+ data StatusType = Active -- ^ Active | Inactive -- ^ Inactive@@ -1082,14 +1404,13 @@ -- | The policy that grants an entity permission to assume the role. ----- The returned policy is URL-encoded according to RFC 3986. For more--- information about RFC 3986, go to <http://www.faqs.org/rfcs/rfc3986.html http://www.faqs.org/rfcs/rfc3986.html>.+-- The returned policy is URL-encoded according to <http://www.faqs.org/rfcs/rfc3986.html RFC 3986>. rAssumeRolePolicyDocument :: Lens' Role (Maybe Text) rAssumeRolePolicyDocument = lens _rAssumeRolePolicyDocument (\s a -> s { _rAssumeRolePolicyDocument = a }) --- | The date when the role was created.+-- | The date and time, in <http://www.iso.org/iso/iso8601 ISO 8601 date-time format>, when the role was created. rCreateDate :: Lens' Role UTCTime rCreateDate = lens _rCreateDate (\s a -> s { _rCreateDate = a }) . _Time @@ -1103,7 +1424,7 @@ rRoleId :: Lens' Role Text rRoleId = lens _rRoleId (\s a -> s { _rRoleId = a }) --- | The name that identifies the role.+-- | The friendly name that identifies the role. rRoleName :: Lens' Role Text rRoleName = lens _rRoleName (\s a -> s { _rRoleName = a }) @@ -1124,6 +1445,95 @@ , "Path" =? _rPath , "RoleId" =? _rRoleId , "RoleName" =? _rRoleName+ ]++data UserDetail = UserDetail+ { _udArn :: Maybe Text+ , _udCreateDate :: Maybe ISO8601+ , _udGroupList :: List "member" Text+ , _udPath :: Maybe Text+ , _udUserId :: Maybe Text+ , _udUserName :: Maybe Text+ , _udUserPolicyList :: List "member" PolicyDetail+ } deriving (Eq, Show)++-- | 'UserDetail' constructor.+--+-- The fields accessible through corresponding lenses are:+--+-- * 'udArn' @::@ 'Maybe' 'Text'+--+-- * 'udCreateDate' @::@ 'Maybe' 'UTCTime'+--+-- * 'udGroupList' @::@ ['Text']+--+-- * 'udPath' @::@ 'Maybe' 'Text'+--+-- * 'udUserId' @::@ 'Maybe' 'Text'+--+-- * 'udUserName' @::@ 'Maybe' 'Text'+--+-- * 'udUserPolicyList' @::@ ['PolicyDetail']+--+userDetail :: UserDetail+userDetail = UserDetail+ { _udPath = Nothing+ , _udUserName = Nothing+ , _udUserId = Nothing+ , _udArn = Nothing+ , _udCreateDate = Nothing+ , _udUserPolicyList = mempty+ , _udGroupList = mempty+ }++udArn :: Lens' UserDetail (Maybe Text)+udArn = lens _udArn (\s a -> s { _udArn = a })++-- | The date and time, in <http://www.iso.org/iso/iso8601 ISO 8601 date-time format>, when the user was created.+udCreateDate :: Lens' UserDetail (Maybe UTCTime)+udCreateDate = lens _udCreateDate (\s a -> s { _udCreateDate = a }) . mapping _Time++-- | A list of the IAM groups that the user is in.+udGroupList :: Lens' UserDetail [Text]+udGroupList = lens _udGroupList (\s a -> s { _udGroupList = a }) . _List++-- | The path to the user. For more information about paths, see <http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html IAM Identifiers>+-- in the /Using IAM/ guide.+udPath :: Lens' UserDetail (Maybe Text)+udPath = lens _udPath (\s a -> s { _udPath = a })++-- | The stable and unique string identifying the user. For more information about+-- IDs, see <http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html IAM Identifiers> in the /Using IAM/ guide.+udUserId :: Lens' UserDetail (Maybe Text)+udUserId = lens _udUserId (\s a -> s { _udUserId = a })++-- | The friendly name identifying the user.+udUserName :: Lens' UserDetail (Maybe Text)+udUserName = lens _udUserName (\s a -> s { _udUserName = a })++-- | A list of the policies attached to the user.+udUserPolicyList :: Lens' UserDetail [PolicyDetail]+udUserPolicyList = lens _udUserPolicyList (\s a -> s { _udUserPolicyList = a }) . _List++instance FromXML UserDetail where+ parseXML x = UserDetail+ <$> x .@? "Arn"+ <*> x .@? "CreateDate"+ <*> x .@? "GroupList" .!@ mempty+ <*> x .@? "Path"+ <*> x .@? "UserId"+ <*> x .@? "UserName"+ <*> x .@? "UserPolicyList" .!@ mempty++instance ToQuery UserDetail where+ toQuery UserDetail{..} = mconcat+ [ "Arn" =? _udArn+ , "CreateDate" =? _udCreateDate+ , "GroupList" =? _udGroupList+ , "Path" =? _udPath+ , "UserId" =? _udUserId+ , "UserName" =? _udUserName+ , "UserPolicyList" =? _udUserPolicyList ] data ServerCertificate = ServerCertificate
gen/Network/AWS/IAM/UpdateAccountPasswordPolicy.hs view
@@ -24,6 +24,11 @@ -- | Updates the password policy settings for the AWS account. --+-- This action does not support partial updates. No parameters are required,+-- but if you do not specify a parameter, that parameter's value reverts to its+-- default value. See the Request Parameters section for each parameter's+-- default value.+-- -- For more information about using a password policy, see <http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html Managing an IAMPassword Policy> in the /Using IAM/ guide. -- -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateAccountPasswordPolicy.html>
gen/Network/AWS/IAM/UpdateGroup.hs view
@@ -26,6 +26,11 @@ -- -- You should understand the implications of changing a group's path or name. -- For more information, see <http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_WorkingWithGroupsAndUsers.html Renaming Users and Groups> in the /Using IAM/ guide.+-- To change a group name the requester must have appropriate permissions on+-- both the source object and the target object. For example, to change Managers+-- to MGRs, the entity making the request must have permission on Managers and+-- MGRs, or must have permission on all (*). For more information about+-- permissions, see Permissions and Policies. -- -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateGroup.html> module Network.AWS.IAM.UpdateGroup
gen/Network/AWS/IAM/UpdateOpenIDConnectProviderThumbprint.hs view
@@ -33,6 +33,11 @@ -- IAM provider as a principal will fail until the certificate thumbprint is -- updated. --+-- Because trust for the OpenID Connect provider is ultimately derived from the+-- provider's certificate and is validated by the thumbprint, it is a best+-- practice to limit access to the 'UpdateOpenIDConnectProviderThumbprint' action+-- to highly-privileged users.+-- -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateOpenIDConnectProviderThumbprint.html> module Network.AWS.IAM.UpdateOpenIDConnectProviderThumbprint (
gen/Network/AWS/IAM/UpdateSAMLProvider.hs view
@@ -24,6 +24,8 @@ -- | Updates the metadata document for an existing SAML provider. --+-- This operation requires <http://docs.aws.amazon.com/general/latest/gr/signature-version-4.html Signature Version 4>.+-- -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateSAMLProvider.html> module Network.AWS.IAM.UpdateSAMLProvider (
gen/Network/AWS/IAM/UpdateServerCertificate.hs view
@@ -25,7 +25,12 @@ -- | Updates the name and/or the path of the specified server certificate. -- -- You should understand the implications of changing a server certificate's--- path or name. For more information, see <http://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingServerCerts.html Managing Server Certificates> in the /Using IAM/ guide.+-- path or name. For more information, see <http://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingServerCerts.html Managing Server Certificates> in the /Using IAM/ guide. To change a server certificate name the requester must have+-- appropriate permissions on both the source object and the target object. For+-- example, to change the name from ProductionCert to ProdCert, the entity+-- making the request must have permission on ProductionCert and ProdCert, or+-- must have permission on all (*). For more information about permissions, see Permissions and Policies+-- . -- -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateServerCertificate.html> module Network.AWS.IAM.UpdateServerCertificate
gen/Network/AWS/IAM/UpdateUser.hs view
@@ -26,6 +26,11 @@ -- -- You should understand the implications of changing a user's path or name. -- For more information, see <http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_WorkingWithGroupsAndUsers.html Renaming Users and Groups> in the /Using IAM/ guide.+-- To change a user name the requester must have appropriate permissions on both+-- the source object and the target object. For example, to change Bob to+-- Robert, the entity making the request must have permission on Bob and Robert,+-- or must have permission on all (*). For more information about permissions,+-- see Permissions and Policies. -- -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_UpdateUser.html> module Network.AWS.IAM.UpdateUser
gen/Network/AWS/IAM/UploadServerCertificate.hs view
@@ -28,6 +28,12 @@ -- -- For information about the number of server certificates you can upload, see <http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html Limitations on IAM Entities> in the /Using IAM/ guide. --+-- Because the body of the public key certificate, private key, and the+-- certificate chain can be large, you should use POST rather than GET when+-- calling 'UploadServerCertificate'. For information about setting up signatures+-- and authorization through the API, go to <http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html Signing AWS API Requests> in the /AWSGeneral Reference/. For general information about using the Query API with+-- IAM, go to <http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html Making Query Requests> in the /Using IAM/ guide.+-- -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_UploadServerCertificate.html> module Network.AWS.IAM.UploadServerCertificate (@@ -104,6 +110,11 @@ -- -- This parameter is optional. If it is not included, it defaults to a slash -- (/).+--+-- If you are uploading a server certificate specifically for use with Amazon+-- CloudFront distributions, you must specify a path using the '--path' option.+-- The path must begin with '/cloudfront' and must include a trailing slash (for+-- example, '/cloudfront/test/'). uscPath :: Lens' UploadServerCertificate (Maybe Text) uscPath = lens _uscPath (\s a -> s { _uscPath = a })
gen/Network/AWS/IAM/UploadSigningCertificate.hs view
@@ -33,6 +33,11 @@ -- action to manage root credentials even if the AWS account has no associated -- users. --+-- Because the body of a X.509 certificate can be large, you should use POST+-- rather than GET when calling 'UploadSigningCertificate'. For information about+-- setting up signatures and authorization through the API, go to <http://docs.aws.amazon.com/general/latest/gr/signing_aws_api_requests.html Signing AWSAPI Requests> in the /AWS General Reference/. For general information about+-- using the Query API with IAM, go to <http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html Making Query Requests> in the /Using IAM/guide.+-- -- <http://docs.aws.amazon.com/IAM/latest/APIReference/API_UploadSigningCertificate.html> module Network.AWS.IAM.UploadSigningCertificate (