packages feed

amazonka-sts 1.2.0.2 → 1.3.0

raw patch · 10 files changed

+109/−109 lines, 10 filesdep ~amazonka-coredep ~amazonka-stsdep ~amazonka-testPVP ok

version bump matches the API change (PVP)

Dependency ranges changed: amazonka-core, amazonka-sts, amazonka-test

API changes (from Hackage documentation)

- Network.AWS.STS.AssumeRole: arrsStatus :: Lens' AssumeRoleResponse Int
- Network.AWS.STS.AssumeRoleWithSAML: arwsamlrsStatus :: Lens' AssumeRoleWithSAMLResponse Int
- Network.AWS.STS.AssumeRoleWithWebIdentity: arwwirsStatus :: Lens' AssumeRoleWithWebIdentityResponse Int
- Network.AWS.STS.DecodeAuthorizationMessage: damrsStatus :: Lens' DecodeAuthorizationMessageResponse Int
- Network.AWS.STS.GetFederationToken: gftrsStatus :: Lens' GetFederationTokenResponse Int
- Network.AWS.STS.GetSessionToken: gstrsStatus :: Lens' GetSessionTokenResponse Int
+ Network.AWS.STS.AssumeRole: arrsResponseStatus :: Lens' AssumeRoleResponse Int
+ Network.AWS.STS.AssumeRoleWithSAML: arwsamlrsResponseStatus :: Lens' AssumeRoleWithSAMLResponse Int
+ Network.AWS.STS.AssumeRoleWithWebIdentity: arwwirsResponseStatus :: Lens' AssumeRoleWithWebIdentityResponse Int
+ Network.AWS.STS.DecodeAuthorizationMessage: damrsResponseStatus :: Lens' DecodeAuthorizationMessageResponse Int
+ Network.AWS.STS.GetFederationToken: gftrsResponseStatus :: Lens' GetFederationTokenResponse Int
+ Network.AWS.STS.GetSessionToken: gstrsResponseStatus :: Lens' GetSessionTokenResponse Int

Files

README.md view
@@ -8,7 +8,7 @@  ## Version -`1.2.0.2`+`1.3.0`   ## Description
amazonka-sts.cabal view
@@ -1,5 +1,5 @@ name:                  amazonka-sts-version:               1.2.0.2+version:               1.3.0 synopsis:              Amazon Security Token Service SDK. homepage:              https://github.com/brendanhay/amazonka bug-reports:           https://github.com/brendanhay/amazonka/issues@@ -110,7 +110,7 @@         , Network.AWS.STS.Types.Sum      build-depends:-          amazonka-core == 1.2.0.*+          amazonka-core == 1.3.0.*         , base          >= 4.7     && < 5  test-suite amazonka-sts-test@@ -130,9 +130,9 @@         , Test.AWS.STS.Internal      build-depends:-          amazonka-core == 1.2.0.*-        , amazonka-test == 1.2.0.*-        , amazonka-sts == 1.2.0.*+          amazonka-core == 1.3.0.*+        , amazonka-test == 1.3.0.*+        , amazonka-sts == 1.3.0.*         , base         , bytestring         , lens
gen/Network/AWS/STS.hs view
@@ -80,20 +80,20 @@     -- ** MalformedPolicyDocumentException     , _MalformedPolicyDocumentException -    -- ** PackedPolicyTooLargeException-    , _PackedPolicyTooLargeException-     -- ** InvalidAuthorizationMessageException     , _InvalidAuthorizationMessageException +    -- ** PackedPolicyTooLargeException+    , _PackedPolicyTooLargeException+     -- ** IdPCommunicationErrorException     , _IdPCommunicationErrorException -    -- ** ExpiredTokenException-    , _ExpiredTokenException-     -- ** InvalidIdentityTokenException     , _InvalidIdentityTokenException++    -- ** ExpiredTokenException+    , _ExpiredTokenException      -- ** IdPRejectedClaimException     , _IdPRejectedClaimException
gen/Network/AWS/STS/AssumeRole.hs view
@@ -106,8 +106,8 @@     -- * Request Lenses     , arTokenCode     , arDurationSeconds-    , arExternalId     , arPolicy+    , arExternalId     , arSerialNumber     , arRoleARN     , arRoleSessionName@@ -119,7 +119,7 @@     , arrsPackedPolicySize     , arrsCredentials     , arrsAssumedRoleUser-    , arrsStatus+    , arrsResponseStatus     ) where  import           Network.AWS.Prelude@@ -132,8 +132,8 @@ data AssumeRole = AssumeRole'     { _arTokenCode       :: !(Maybe Text)     , _arDurationSeconds :: !(Maybe Nat)-    , _arExternalId      :: !(Maybe Text)     , _arPolicy          :: !(Maybe Text)+    , _arExternalId      :: !(Maybe Text)     , _arSerialNumber    :: !(Maybe Text)     , _arRoleARN         :: !Text     , _arRoleSessionName :: !Text@@ -147,10 +147,10 @@ -- -- * 'arDurationSeconds' ----- * 'arExternalId'--- -- * 'arPolicy' --+-- * 'arExternalId'+-- -- * 'arSerialNumber' -- -- * 'arRoleARN'@@ -164,8 +164,8 @@     AssumeRole'     { _arTokenCode = Nothing     , _arDurationSeconds = Nothing-    , _arExternalId = Nothing     , _arPolicy = Nothing+    , _arExternalId = Nothing     , _arSerialNumber = Nothing     , _arRoleARN = pRoleARN_     , _arRoleSessionName = pRoleSessionName_@@ -185,19 +185,6 @@ arDurationSeconds :: Lens' AssumeRole (Maybe Natural) arDurationSeconds = lens _arDurationSeconds (\ s a -> s{_arDurationSeconds = a}) . mapping _Nat; --- | A unique identifier that is used by third parties when assuming roles in--- their customers\' accounts. For each role that the third party can--- assume, they should instruct their customers to ensure the role\'s trust--- policy checks for the external ID that the third party generated. Each--- time the third party assumes the role, they should pass the customer\'s--- external ID. The external ID is useful in order to help third parties--- bind a role to the customer who created it. For more information about--- the external ID, see--- <http://docs.aws.amazon.com/STS/latest/UsingSTS/sts-delegating-externalid.html How to Use External ID When Granting Access to Your AWS Resources>--- in /Using Temporary Security Credentials/.-arExternalId :: Lens' AssumeRole (Maybe Text)-arExternalId = lens _arExternalId (\ s a -> s{_arExternalId = a});- -- | An IAM policy in JSON format. -- -- This parameter is optional. If you pass a policy, the temporary security@@ -219,6 +206,19 @@ arPolicy :: Lens' AssumeRole (Maybe Text) arPolicy = lens _arPolicy (\ s a -> s{_arPolicy = a}); +-- | A unique identifier that is used by third parties when assuming roles in+-- their customers\' accounts. For each role that the third party can+-- assume, they should instruct their customers to ensure the role\'s trust+-- policy checks for the external ID that the third party generated. Each+-- time the third party assumes the role, they should pass the customer\'s+-- external ID. The external ID is useful in order to help third parties+-- bind a role to the customer who created it. For more information about+-- the external ID, see+-- <http://docs.aws.amazon.com/STS/latest/UsingSTS/sts-delegating-externalid.html How to Use External ID When Granting Access to Your AWS Resources>+-- in /Using Temporary Security Credentials/.+arExternalId :: Lens' AssumeRole (Maybe Text)+arExternalId = lens _arExternalId (\ s a -> s{_arExternalId = a});+ -- | The identification number of the MFA device that is associated with the -- user who is making the 'AssumeRole' call. Specify this value if the -- trust policy of the role being assumed includes a condition that@@ -270,7 +270,7 @@                "Version" =: ("2011-06-15" :: ByteString),                "TokenCode" =: _arTokenCode,                "DurationSeconds" =: _arDurationSeconds,-               "ExternalId" =: _arExternalId, "Policy" =: _arPolicy,+               "Policy" =: _arPolicy, "ExternalId" =: _arExternalId,                "SerialNumber" =: _arSerialNumber,                "RoleArn" =: _arRoleARN,                "RoleSessionName" =: _arRoleSessionName]@@ -283,7 +283,7 @@     { _arrsPackedPolicySize :: !(Maybe Nat)     , _arrsCredentials      :: !(Maybe Credentials)     , _arrsAssumedRoleUser  :: !(Maybe AssumedRoleUser)-    , _arrsStatus           :: !Int+    , _arrsResponseStatus   :: !Int     } deriving (Eq,Read,Show,Data,Typeable,Generic)  -- | Creates a value of 'AssumeRoleResponse' with the minimum fields required to make a request.@@ -296,16 +296,16 @@ -- -- * 'arrsAssumedRoleUser' ----- * 'arrsStatus'+-- * 'arrsResponseStatus' assumeRoleResponse-    :: Int -- ^ 'arrsStatus'+    :: Int -- ^ 'arrsResponseStatus'     -> AssumeRoleResponse-assumeRoleResponse pStatus_ =+assumeRoleResponse pResponseStatus_ =     AssumeRoleResponse'     { _arrsPackedPolicySize = Nothing     , _arrsCredentials = Nothing     , _arrsAssumedRoleUser = Nothing-    , _arrsStatus = pStatus_+    , _arrsResponseStatus = pResponseStatus_     }  -- | A percentage value that indicates the size of the policy in packed form.@@ -329,5 +329,5 @@ arrsAssumedRoleUser = lens _arrsAssumedRoleUser (\ s a -> s{_arrsAssumedRoleUser = a});  -- | The response status code.-arrsStatus :: Lens' AssumeRoleResponse Int-arrsStatus = lens _arrsStatus (\ s a -> s{_arrsStatus = a});+arrsResponseStatus :: Lens' AssumeRoleResponse Int+arrsResponseStatus = lens _arrsResponseStatus (\ s a -> s{_arrsResponseStatus = a});
gen/Network/AWS/STS/AssumeRoleWithSAML.hs view
@@ -89,15 +89,15 @@     , assumeRoleWithSAMLResponse     , AssumeRoleWithSAMLResponse     -- * Response Lenses-    , arwsamlrsAudience     , arwsamlrsSubject+    , arwsamlrsAudience     , arwsamlrsPackedPolicySize     , arwsamlrsCredentials     , arwsamlrsSubjectType     , arwsamlrsNameQualifier     , arwsamlrsAssumedRoleUser     , arwsamlrsIssuer-    , arwsamlrsStatus+    , arwsamlrsResponseStatus     ) where  import           Network.AWS.Prelude@@ -199,7 +199,7 @@           = receiveXMLWrapper "AssumeRoleWithSAMLResult"               (\ s h x ->                  AssumeRoleWithSAMLResponse' <$>-                   (x .@? "Audience") <*> (x .@? "Subject") <*>+                   (x .@? "Subject") <*> (x .@? "Audience") <*>                      (x .@? "PackedPolicySize")                      <*> (x .@? "Credentials")                      <*> (x .@? "SubjectType")@@ -231,25 +231,25 @@ -- -- /See:/ 'assumeRoleWithSAMLResponse' smart constructor. data AssumeRoleWithSAMLResponse = AssumeRoleWithSAMLResponse'-    { _arwsamlrsAudience         :: !(Maybe Text)-    , _arwsamlrsSubject          :: !(Maybe Text)+    { _arwsamlrsSubject          :: !(Maybe Text)+    , _arwsamlrsAudience         :: !(Maybe Text)     , _arwsamlrsPackedPolicySize :: !(Maybe Nat)     , _arwsamlrsCredentials      :: !(Maybe Credentials)     , _arwsamlrsSubjectType      :: !(Maybe Text)     , _arwsamlrsNameQualifier    :: !(Maybe Text)     , _arwsamlrsAssumedRoleUser  :: !(Maybe AssumedRoleUser)     , _arwsamlrsIssuer           :: !(Maybe Text)-    , _arwsamlrsStatus           :: !Int+    , _arwsamlrsResponseStatus   :: !Int     } deriving (Eq,Read,Show,Data,Typeable,Generic)  -- | Creates a value of 'AssumeRoleWithSAMLResponse' with the minimum fields required to make a request. -- -- Use one of the following lenses to modify other fields as desired: ----- * 'arwsamlrsAudience'--- -- * 'arwsamlrsSubject' --+-- * 'arwsamlrsAudience'+-- -- * 'arwsamlrsPackedPolicySize' -- -- * 'arwsamlrsCredentials'@@ -262,33 +262,33 @@ -- -- * 'arwsamlrsIssuer' ----- * 'arwsamlrsStatus'+-- * 'arwsamlrsResponseStatus' assumeRoleWithSAMLResponse-    :: Int -- ^ 'arwsamlrsStatus'+    :: Int -- ^ 'arwsamlrsResponseStatus'     -> AssumeRoleWithSAMLResponse-assumeRoleWithSAMLResponse pStatus_ =+assumeRoleWithSAMLResponse pResponseStatus_ =     AssumeRoleWithSAMLResponse'-    { _arwsamlrsAudience = Nothing-    , _arwsamlrsSubject = Nothing+    { _arwsamlrsSubject = Nothing+    , _arwsamlrsAudience = Nothing     , _arwsamlrsPackedPolicySize = Nothing     , _arwsamlrsCredentials = Nothing     , _arwsamlrsSubjectType = Nothing     , _arwsamlrsNameQualifier = Nothing     , _arwsamlrsAssumedRoleUser = Nothing     , _arwsamlrsIssuer = Nothing-    , _arwsamlrsStatus = pStatus_+    , _arwsamlrsResponseStatus = pResponseStatus_     } --- | The value of the 'Recipient' attribute of the 'SubjectConfirmationData'--- element of the SAML assertion.-arwsamlrsAudience :: Lens' AssumeRoleWithSAMLResponse (Maybe Text)-arwsamlrsAudience = lens _arwsamlrsAudience (\ s a -> s{_arwsamlrsAudience = a});- -- | The value of the 'NameID' element in the 'Subject' element of the SAML -- assertion. arwsamlrsSubject :: Lens' AssumeRoleWithSAMLResponse (Maybe Text) arwsamlrsSubject = lens _arwsamlrsSubject (\ s a -> s{_arwsamlrsSubject = a}); +-- | The value of the 'Recipient' attribute of the 'SubjectConfirmationData'+-- element of the SAML assertion.+arwsamlrsAudience :: Lens' AssumeRoleWithSAMLResponse (Maybe Text)+arwsamlrsAudience = lens _arwsamlrsAudience (\ s a -> s{_arwsamlrsAudience = a});+ -- | A percentage value that indicates the size of the policy in packed form. -- The service rejects any policy with a packed size greater than 100 -- percent, which means the policy exceeded the allowed space.@@ -331,5 +331,5 @@ arwsamlrsIssuer = lens _arwsamlrsIssuer (\ s a -> s{_arwsamlrsIssuer = a});  -- | The response status code.-arwsamlrsStatus :: Lens' AssumeRoleWithSAMLResponse Int-arwsamlrsStatus = lens _arwsamlrsStatus (\ s a -> s{_arwsamlrsStatus = a});+arwsamlrsResponseStatus :: Lens' AssumeRoleWithSAMLResponse Int+arwsamlrsResponseStatus = lens _arwsamlrsResponseStatus (\ s a -> s{_arwsamlrsResponseStatus = a});
gen/Network/AWS/STS/AssumeRoleWithWebIdentity.hs view
@@ -118,7 +118,7 @@     , arwwirsCredentials     , arwwirsAssumedRoleUser     , arwwirsProvider-    , arwwirsStatus+    , arwwirsResponseStatus     ) where  import           Network.AWS.Prelude@@ -272,7 +272,7 @@     , _arwwirsCredentials                 :: !(Maybe Credentials)     , _arwwirsAssumedRoleUser             :: !(Maybe AssumedRoleUser)     , _arwwirsProvider                    :: !(Maybe Text)-    , _arwwirsStatus                      :: !Int+    , _arwwirsResponseStatus              :: !Int     } deriving (Eq,Read,Show,Data,Typeable,Generic)  -- | Creates a value of 'AssumeRoleWithWebIdentityResponse' with the minimum fields required to make a request.@@ -291,11 +291,11 @@ -- -- * 'arwwirsProvider' ----- * 'arwwirsStatus'+-- * 'arwwirsResponseStatus' assumeRoleWithWebIdentityResponse-    :: Int -- ^ 'arwwirsStatus'+    :: Int -- ^ 'arwwirsResponseStatus'     -> AssumeRoleWithWebIdentityResponse-assumeRoleWithWebIdentityResponse pStatus_ =+assumeRoleWithWebIdentityResponse pResponseStatus_ =     AssumeRoleWithWebIdentityResponse'     { _arwwirsAudience = Nothing     , _arwwirsSubjectFromWebIdentityToken = Nothing@@ -303,7 +303,7 @@     , _arwwirsCredentials = Nothing     , _arwwirsAssumedRoleUser = Nothing     , _arwwirsProvider = Nothing-    , _arwwirsStatus = pStatus_+    , _arwwirsResponseStatus = pResponseStatus_     }  -- | The intended audience (also known as client ID) of the web identity@@ -350,5 +350,5 @@ arwwirsProvider = lens _arwwirsProvider (\ s a -> s{_arwwirsProvider = a});  -- | The response status code.-arwwirsStatus :: Lens' AssumeRoleWithWebIdentityResponse Int-arwwirsStatus = lens _arwwirsStatus (\ s a -> s{_arwwirsStatus = a});+arwwirsResponseStatus :: Lens' AssumeRoleWithWebIdentityResponse Int+arwwirsResponseStatus = lens _arwwirsResponseStatus (\ s a -> s{_arwwirsResponseStatus = a});
gen/Network/AWS/STS/DecodeAuthorizationMessage.hs view
@@ -62,7 +62,7 @@     , DecodeAuthorizationMessageResponse     -- * Response Lenses     , damrsDecodedMessage-    , damrsStatus+    , damrsResponseStatus     ) where  import           Network.AWS.Prelude@@ -125,7 +125,7 @@ -- /See:/ 'decodeAuthorizationMessageResponse' smart constructor. data DecodeAuthorizationMessageResponse = DecodeAuthorizationMessageResponse'     { _damrsDecodedMessage :: !(Maybe Text)-    , _damrsStatus         :: !Int+    , _damrsResponseStatus :: !Int     } deriving (Eq,Read,Show,Data,Typeable,Generic)  -- | Creates a value of 'DecodeAuthorizationMessageResponse' with the minimum fields required to make a request.@@ -134,14 +134,14 @@ -- -- * 'damrsDecodedMessage' ----- * 'damrsStatus'+-- * 'damrsResponseStatus' decodeAuthorizationMessageResponse-    :: Int -- ^ 'damrsStatus'+    :: Int -- ^ 'damrsResponseStatus'     -> DecodeAuthorizationMessageResponse-decodeAuthorizationMessageResponse pStatus_ =+decodeAuthorizationMessageResponse pResponseStatus_ =     DecodeAuthorizationMessageResponse'     { _damrsDecodedMessage = Nothing-    , _damrsStatus = pStatus_+    , _damrsResponseStatus = pResponseStatus_     }  -- | An XML document that contains the decoded message. For more information,@@ -150,5 +150,5 @@ damrsDecodedMessage = lens _damrsDecodedMessage (\ s a -> s{_damrsDecodedMessage = a});  -- | The response status code.-damrsStatus :: Lens' DecodeAuthorizationMessageResponse Int-damrsStatus = lens _damrsStatus (\ s a -> s{_damrsStatus = a});+damrsResponseStatus :: Lens' DecodeAuthorizationMessageResponse Int+damrsResponseStatus = lens _damrsResponseStatus (\ s a -> s{_damrsResponseStatus = a});
gen/Network/AWS/STS/GetFederationToken.hs view
@@ -108,7 +108,7 @@     , gftrsPackedPolicySize     , gftrsCredentials     , gftrsFederatedUser-    , gftrsStatus+    , gftrsResponseStatus     ) where  import           Network.AWS.Prelude@@ -223,7 +223,7 @@     { _gftrsPackedPolicySize :: !(Maybe Nat)     , _gftrsCredentials      :: !(Maybe Credentials)     , _gftrsFederatedUser    :: !(Maybe FederatedUser)-    , _gftrsStatus           :: !Int+    , _gftrsResponseStatus   :: !Int     } deriving (Eq,Read,Show,Data,Typeable,Generic)  -- | Creates a value of 'GetFederationTokenResponse' with the minimum fields required to make a request.@@ -236,16 +236,16 @@ -- -- * 'gftrsFederatedUser' ----- * 'gftrsStatus'+-- * 'gftrsResponseStatus' getFederationTokenResponse-    :: Int -- ^ 'gftrsStatus'+    :: Int -- ^ 'gftrsResponseStatus'     -> GetFederationTokenResponse-getFederationTokenResponse pStatus_ =+getFederationTokenResponse pResponseStatus_ =     GetFederationTokenResponse'     { _gftrsPackedPolicySize = Nothing     , _gftrsCredentials = Nothing     , _gftrsFederatedUser = Nothing-    , _gftrsStatus = pStatus_+    , _gftrsResponseStatus = pResponseStatus_     }  -- | A percentage value indicating the size of the policy in packed form. The@@ -266,5 +266,5 @@ gftrsFederatedUser = lens _gftrsFederatedUser (\ s a -> s{_gftrsFederatedUser = a});  -- | The response status code.-gftrsStatus :: Lens' GetFederationTokenResponse Int-gftrsStatus = lens _gftrsStatus (\ s a -> s{_gftrsStatus = a});+gftrsResponseStatus :: Lens' GetFederationTokenResponse Int+gftrsResponseStatus = lens _gftrsResponseStatus (\ s a -> s{_gftrsResponseStatus = a});
gen/Network/AWS/STS/GetSessionToken.hs view
@@ -69,7 +69,7 @@     , GetSessionTokenResponse     -- * Response Lenses     , gstrsCredentials-    , gstrsStatus+    , gstrsResponseStatus     ) where  import           Network.AWS.Prelude@@ -161,8 +161,8 @@ -- -- /See:/ 'getSessionTokenResponse' smart constructor. data GetSessionTokenResponse = GetSessionTokenResponse'-    { _gstrsCredentials :: !(Maybe Credentials)-    , _gstrsStatus      :: !Int+    { _gstrsCredentials    :: !(Maybe Credentials)+    , _gstrsResponseStatus :: !Int     } deriving (Eq,Read,Show,Data,Typeable,Generic)  -- | Creates a value of 'GetSessionTokenResponse' with the minimum fields required to make a request.@@ -171,14 +171,14 @@ -- -- * 'gstrsCredentials' ----- * 'gstrsStatus'+-- * 'gstrsResponseStatus' getSessionTokenResponse-    :: Int -- ^ 'gstrsStatus'+    :: Int -- ^ 'gstrsResponseStatus'     -> GetSessionTokenResponse-getSessionTokenResponse pStatus_ =+getSessionTokenResponse pResponseStatus_ =     GetSessionTokenResponse'     { _gstrsCredentials = Nothing-    , _gstrsStatus = pStatus_+    , _gstrsResponseStatus = pResponseStatus_     }  -- | The session credentials for API authentication.@@ -186,5 +186,5 @@ gstrsCredentials = lens _gstrsCredentials (\ s a -> s{_gstrsCredentials = a});  -- | The response status code.-gstrsStatus :: Lens' GetSessionTokenResponse Int-gstrsStatus = lens _gstrsStatus (\ s a -> s{_gstrsStatus = a});+gstrsResponseStatus :: Lens' GetSessionTokenResponse Int+gstrsResponseStatus = lens _gstrsResponseStatus (\ s a -> s{_gstrsResponseStatus = a});
gen/Network/AWS/STS/Types.hs view
@@ -17,11 +17,11 @@      -- * Errors     , _MalformedPolicyDocumentException-    , _PackedPolicyTooLargeException     , _InvalidAuthorizationMessageException+    , _PackedPolicyTooLargeException     , _IdPCommunicationErrorException-    , _ExpiredTokenException     , _InvalidIdentityTokenException+    , _ExpiredTokenException     , _IdPRejectedClaimException      -- * AssumedRoleUser@@ -87,13 +87,6 @@ _MalformedPolicyDocumentException =     _ServiceError . hasStatus 400 . hasCode "MalformedPolicyDocument" --- | The request was rejected because the policy document was too large. The--- error message describes how big the policy document is, in packed form,--- as a percentage of what the API allows.-_PackedPolicyTooLargeException :: AsError a => Getting (First ServiceError) a ServiceError-_PackedPolicyTooLargeException =-    _ServiceError . hasStatus 400 . hasCode "PackedPolicyTooLarge"- -- | The error returned if the message passed to 'DecodeAuthorizationMessage' -- was invalid. This can happen if the token contains invalid characters, -- such as linebreaks.@@ -102,6 +95,13 @@     _ServiceError .     hasStatus 400 . hasCode "InvalidAuthorizationMessageException" +-- | The request was rejected because the policy document was too large. The+-- error message describes how big the policy document is, in packed form,+-- as a percentage of what the API allows.+_PackedPolicyTooLargeException :: AsError a => Getting (First ServiceError) a ServiceError+_PackedPolicyTooLargeException =+    _ServiceError . hasStatus 400 . hasCode "PackedPolicyTooLarge"+ -- | The request could not be fulfilled because the non-AWS identity provider -- (IDP) that was asked to verify the incoming identity token could not be -- reached. This is often a transient error caused by network conditions.@@ -112,19 +112,19 @@ _IdPCommunicationErrorException =     _ServiceError . hasStatus 400 . hasCode "IDPCommunicationError" --- | The web identity token that was passed is expired or is not valid. Get a--- new identity token from the identity provider and then retry the--- request.-_ExpiredTokenException :: AsError a => Getting (First ServiceError) a ServiceError-_ExpiredTokenException =-    _ServiceError . hasStatus 400 . hasCode "ExpiredTokenException"- -- | The web identity token that was passed could not be validated by AWS. -- Get a new identity token from the identity provider and then retry the -- request. _InvalidIdentityTokenException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidIdentityTokenException =     _ServiceError . hasStatus 400 . hasCode "InvalidIdentityToken"++-- | The web identity token that was passed is expired or is not valid. Get a+-- new identity token from the identity provider and then retry the+-- request.+_ExpiredTokenException :: AsError a => Getting (First ServiceError) a ServiceError+_ExpiredTokenException =+    _ServiceError . hasStatus 400 . hasCode "ExpiredTokenException"  -- | The identity provider (IdP) reported that authentication failed. This -- might be because the claim is invalid.