packages feed

amazonka-sts 1.3.5 → 1.3.6

raw patch · 9 files changed

+63/−58 lines, 9 filesdep ~amazonka-coredep ~amazonka-stsdep ~amazonka-testPVP ok

version bump matches the API change (PVP)

Dependency ranges changed: amazonka-core, amazonka-sts, amazonka-test

API changes (from Hackage documentation)

Files

README.md view
@@ -8,7 +8,7 @@  ## Version -`1.3.5`+`1.3.6`   ## Description@@ -20,7 +20,7 @@ Access Management (IAM) users or for users that you authenticate (federated users). This guide provides descriptions of the STS API. For more detailed information about using this service, go to-<http://docs.aws.amazon.com/STS/latest/UsingSTS/Welcome.html Using Temporary Security Credentials>.+<http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html Temporary Security Credentials>.  As an alternative to using the API, you can use one of the AWS SDKs, which consist of libraries and sample code for various programming@@ -39,8 +39,8 @@ <http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html Making Query Requests> in /Using IAM/. For information about using security tokens with other AWS products, go to-<http://docs.aws.amazon.com/STS/latest/UsingSTS/UsingTokens.html Using Temporary Security Credentials to Access AWS>-in /Using Temporary Security Credentials/.+<http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html AWS Services That Work with IAM>+in the /Using IAM/.  If you\'re new to AWS and need additional technical information about a specific AWS product, you can find the product\'s technical@@ -53,8 +53,8 @@ region. Additional regions are available, but must first be activated in the AWS Management Console before you can use a different region\'s endpoint. For more information about activating a region for STS see-<http://docs.aws.amazon.com/STS/latest/UsingSTS/sts-enableregions.html Activating STS in a New Region>-in the /Using Temporary Security Credentials/ guide.+<http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html Activating STS in a New Region>+in the /Using IAM/.  For information about STS endpoints, see <http://docs.aws.amazon.com/general/latest/gr/rande.html#sts_region Regions and Endpoints>
amazonka-sts.cabal view
@@ -1,5 +1,5 @@ name:                  amazonka-sts-version:               1.3.5+version:               1.3.6 synopsis:              Amazon Security Token Service SDK. homepage:              https://github.com/brendanhay/amazonka bug-reports:           https://github.com/brendanhay/amazonka/issues@@ -20,7 +20,7 @@     Access Management (IAM) users or for users that you authenticate     (federated users). This guide provides descriptions of the STS API. For     more detailed information about using this service, go to-    <http://docs.aws.amazon.com/STS/latest/UsingSTS/Welcome.html Using Temporary Security Credentials>.+    <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html Temporary Security Credentials>.      As an alternative to using the API, you can use one of the AWS SDKs,     which consist of libraries and sample code for various programming@@ -39,8 +39,8 @@     <http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html Making Query Requests>     in /Using IAM/. For information about using security tokens with other     AWS products, go to-    <http://docs.aws.amazon.com/STS/latest/UsingSTS/UsingTokens.html Using Temporary Security Credentials to Access AWS>-    in /Using Temporary Security Credentials/.+    <http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html AWS Services That Work with IAM>+    in the /Using IAM/.      If you\'re new to AWS and need additional technical information about a     specific AWS product, you can find the product\'s technical@@ -53,8 +53,8 @@     region. Additional regions are available, but must first be activated in     the AWS Management Console before you can use a different region\'s     endpoint. For more information about activating a region for STS see-    <http://docs.aws.amazon.com/STS/latest/UsingSTS/sts-enableregions.html Activating STS in a New Region>-    in the /Using Temporary Security Credentials/ guide.+    <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html Activating STS in a New Region>+    in the /Using IAM/.      For information about STS endpoints, see     <http://docs.aws.amazon.com/general/latest/gr/rande.html#sts_region Regions and Endpoints>@@ -110,7 +110,7 @@         , Network.AWS.STS.Types.Sum      build-depends:-          amazonka-core == 1.3.5.*+          amazonka-core == 1.3.6.*         , base          >= 4.7     && < 5  test-suite amazonka-sts-test@@ -130,9 +130,9 @@         , Test.AWS.STS.Internal      build-depends:-          amazonka-core == 1.3.5.*-        , amazonka-test == 1.3.5.*-        , amazonka-sts == 1.3.5.*+          amazonka-core == 1.3.6.*+        , amazonka-test == 1.3.6.*+        , amazonka-sts == 1.3.6.*         , base         , bytestring         , lens
gen/Network/AWS/STS.hs view
@@ -18,7 +18,7 @@ -- Access Management (IAM) users or for users that you authenticate -- (federated users). This guide provides descriptions of the STS API. For -- more detailed information about using this service, go to--- <http://docs.aws.amazon.com/STS/latest/UsingSTS/Welcome.html Using Temporary Security Credentials>.+-- <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html Temporary Security Credentials>. -- -- As an alternative to using the API, you can use one of the AWS SDKs, -- which consist of libraries and sample code for various programming@@ -37,8 +37,8 @@ -- <http://docs.aws.amazon.com/IAM/latest/UserGuide/IAM_UsingQueryAPI.html Making Query Requests> -- in /Using IAM/. For information about using security tokens with other -- AWS products, go to--- <http://docs.aws.amazon.com/STS/latest/UsingSTS/UsingTokens.html Using Temporary Security Credentials to Access AWS>--- in /Using Temporary Security Credentials/.+-- <http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-services-that-work-with-iam.html AWS Services That Work with IAM>+-- in the /Using IAM/. -- -- If you\'re new to AWS and need additional technical information about a -- specific AWS product, you can find the product\'s technical@@ -51,8 +51,8 @@ -- region. Additional regions are available, but must first be activated in -- the AWS Management Console before you can use a different region\'s -- endpoint. For more information about activating a region for STS see--- <http://docs.aws.amazon.com/STS/latest/UsingSTS/sts-enableregions.html Activating STS in a New Region>--- in the /Using Temporary Security Credentials/ guide.+-- <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html Activating STS in a New Region>+-- in the /Using IAM/. -- -- For information about STS endpoints, see -- <http://docs.aws.amazon.com/general/latest/gr/rande.html#sts_region Regions and Endpoints>
gen/Network/AWS/STS/AssumeRole.hs view
@@ -36,7 +36,7 @@ -- to access all the other accounts by assuming roles in those accounts. -- For more information about roles, see -- <http://docs.aws.amazon.com/IAM/latest/UserGuide/roles-toplevel.html IAM Roles (Delegation and Federation)>--- in /Using IAM/.+-- in the /Using IAM/. -- -- For federation, you can, for example, grant single sign-on access to the -- AWS Management Console. If you already have an identity and@@ -47,8 +47,8 @@ -- get temporary security credentials for that user. With those temporary -- security credentials, you construct a sign-in URL that users can use to -- access the console. For more information, see--- <http://docs.aws.amazon.com/STS/latest/UsingSTS/STSUseCases.html Scenarios for Granting Temporary Access>--- in /Using Temporary Security Credentials/.+-- <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html#sts-introduction Common Scenarios for Temporary Credentials>+-- in the /Using IAM/. -- -- The temporary security credentials are valid for the duration that you -- specified when calling 'AssumeRole', which can be from 900 seconds (15@@ -66,8 +66,8 @@ -- policy to grant permissions that are in excess of those allowed by the -- access policy of the role that is being assumed. For more information, -- see--- <http://docs.aws.amazon.com/STS/latest/UsingSTS/permissions-assume-role.html Permissions for AssumeRole, AssumeRoleWithSAML, and AssumeRoleWithWebIdentity>--- in /Using Temporary Security Credentials/.+-- <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_assumerole.html Permissions for AssumeRole, AssumeRoleWithSAML, and AssumeRoleWithWebIdentity>+-- in the /Using IAM/. -- -- To assume a role, your AWS account must be trusted by the role. The -- trust relationship is defined in the role\'s trust policy when the role@@ -90,7 +90,7 @@ -- -- For more information, see -- <http://docs.aws.amazon.com/IAM/latest/UserGuide/MFAProtectedAPI.html Configuring MFA-Protected API Access>--- in /Using IAM/ guide.+-- in the /Using IAM/ guide. -- -- To use MFA with 'AssumeRole', you pass values for the 'SerialNumber' and -- 'TokenCode' parameters. The 'SerialNumber' value identifies the user\'s@@ -195,8 +195,8 @@ -- security credentials. You cannot use the passed policy to grant -- permissions that are in excess of those allowed by the access policy of -- the role that is being assumed. For more information, see--- <http://docs.aws.amazon.com/STS/latest/UsingSTS/permissions-assume-role.html Permissions for AssumeRole, AssumeRoleWithSAML, and AssumeRoleWithWebIdentity>--- in /Using Temporary Security Credentials/.+-- <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_assumerole.html Permissions for AssumeRole, AssumeRoleWithSAML, and AssumeRoleWithWebIdentity>+-- in the /Using IAM/. -- -- The policy plain text must be 2048 bytes or shorter. However, an -- internal conversion compresses it into a packed binary format with a@@ -214,8 +214,8 @@ -- external ID. The external ID is useful in order to help third parties -- bind a role to the customer who created it. For more information about -- the external ID, see--- <http://docs.aws.amazon.com/STS/latest/UsingSTS/sts-delegating-externalid.html How to Use External ID When Granting Access to Your AWS Resources>--- in /Using Temporary Security Credentials/.+-- <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html How to Use an External ID When Granting Access to Your AWS Resources to a Third Party>+-- in the /Using IAM/. arExternalId :: Lens' AssumeRole (Maybe Text) arExternalId = lens _arExternalId (\ s a -> s{_arExternalId = a}); 
gen/Network/AWS/STS/AssumeRoleWithSAML.hs view
@@ -47,8 +47,8 @@ -- policy to grant permissions that are in excess of those allowed by the -- access policy of the role that is being assumed. For more information, -- see--- <http://docs.aws.amazon.com/STS/latest/UsingSTS/permissions-assume-role.html Permissions for AssumeRoleWithSAML>--- in /Using Temporary Security Credentials/.+-- <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_assumerole.html Permissions for AssumeRole, AssumeRoleWithSAML, and AssumeRoleWithWebIdentity>+-- in the /Using IAM/. -- -- Before your application can call 'AssumeRoleWithSAML', you must -- configure your SAML identity provider (IdP) to issue the claims required@@ -64,13 +64,14 @@ -- -- For more information, see the following resources: ----- -   <http://docs.aws.amazon.com/STS/latest/UsingSTS/CreatingSAML.html Creating Temporary Security Credentials for SAML Federation>.--- -   <http://docs.aws.amazon.com/IAM/latest/UserGuide/idp-managing-identityproviders.html SAML Providers>---     in /Using IAM/.--- -   <http://docs.aws.amazon.com/IAM/latest/UserGuide/create-role-saml-IdP-tasks.html Configuring a Relying Party and Claims>---     in /Using IAM/.--- -   <http://docs.aws.amazon.com/IAM/latest/UserGuide/create-role-saml.html Creating a Role for SAML-Based Federation>---     in /Using IAM/.+-- -   <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html About SAML 2.0-based Federation>+--     in the /Using IAM/.+-- -   <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml.html Creating SAML Identity Providers>+--     in the /Using IAM/.+-- -   <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml_relying-party.html Configuring a Relying Party and Claims>+--     in the /Using IAM/.+-- -   <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_saml.html Creating a Role for SAML 2.0 Federation>+--     in the /Using IAM/. -- -- /See:/ <http://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithSAML.html AWS API Reference> for AssumeRoleWithSAML. module Network.AWS.STS.AssumeRoleWithSAML@@ -162,9 +163,9 @@ -- way to further restrict the permissions for the resulting temporary -- security credentials. You cannot use the passed policy to grant -- permissions that are in excess of those allowed by the access policy of--- the role that is being assumed. For more information, see--- <http://docs.aws.amazon.com/STS/latest/UsingSTS/permissions-assume-role.html Permissions for AssumeRoleWithSAML>--- in /Using Temporary Security Credentials/.+-- the role that is being assumed. For more information,+-- <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_assumerole.html Permissions for AssumeRole, AssumeRoleWithSAML, and AssumeRoleWithWebIdentity>+-- in the /Using IAM/. -- -- The policy plain text must be 2048 bytes or shorter. However, an -- internal conversion compresses it into a packed binary format with a
gen/Network/AWS/STS/AssumeRoleWithWebIdentity.hs view
@@ -64,7 +64,8 @@ -- policy to grant permissions that are in excess of those allowed by the -- access policy of the role that is being assumed. For more information, -- see--- <http://docs.aws.amazon.com/STS/latest/UsingSTS/permissions-assume-role.html Permissions for AssumeRoleWithWebIdentity>.+-- <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_assumerole.html Permissions for AssumeRole, AssumeRoleWithSAML, and AssumeRoleWithWebIdentity>+-- in the /Using IAM/. -- -- Before your application can call 'AssumeRoleWithWebIdentity', you must -- have an identity token from a supported identity provider and create a@@ -76,9 +77,9 @@ -- For more information about how to use web identity federation and the -- 'AssumeRoleWithWebIdentity' API, see the following resources: ----- -   <http://docs.aws.amazon.com/STS/latest/UsingSTS/STSUseCases.html#MobileApplication-KnownProvider Creating a Mobile Application with Third-Party Sign-In>+-- -   <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc_manual Using Web Identity Federation APIs for Mobile Apps> --     and---     <http://docs.aws.amazon.com/STS/latest/UsingSTS/CreatingWIF.html Creating Temporary Security Credentials for Mobile Apps Using Third-Party Identity Providers>.+--     <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity Federation Through a Web-based Identity Provider>. -- -   <https://web-identity-federation-playground.s3.amazonaws.com/index.html Web Identity Federation Playground>. --     This interactive website lets you walk through the process of --     authenticating via Login with Amazon, Facebook, or Google, getting@@ -195,7 +196,8 @@ -- security credentials. You cannot use the passed policy to grant -- permissions that are in excess of those allowed by the access policy of -- the role that is being assumed. For more information, see--- <http://docs.aws.amazon.com/STS/latest/UsingSTS/permissions-assume-role.html Permissions for AssumeRoleWithWebIdentity>.+-- <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_assumerole.html Permissions for AssumeRoleWithWebIdentity>+-- in the /Using IAM/. -- -- The policy plain text must be 2048 bytes or shorter. However, an -- internal conversion compresses it into a packed binary format with a
gen/Network/AWS/STS/DecodeAuthorizationMessage.hs view
@@ -41,8 +41,8 @@ -- -- -   Whether the request was denied due to an explicit deny or due to the --     absence of an explicit allow. For more information, see---     <http://docs.aws.amazon.com/IAM/latest/UserGuide/AccessPolicyLanguage_EvaluationLogic.html#policy-eval-denyallow Determining Whether a Request is Allowed or Denied>---     in /Using IAM/.+--     <http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-denyallow Determining Whether a Request is Allowed or Denied>+--     in the /Using IAM/. -- -   The principal who made the request. -- -   The requested action. -- -   The requested resource.
gen/Network/AWS/STS/GetFederationToken.hs view
@@ -32,7 +32,7 @@ -- Facebook, Google, or an OpenID Connect-compatible identity provider, we -- recommend that you use <http://aws.amazon.com/cognito/ Amazon Cognito> -- or 'AssumeRoleWithWebIdentity'. For more information, see--- <http://docs.aws.amazon.com/STS/latest/UsingSTS/CreatingWIF.html Creating Temporary Security Credentials for Mobile Apps Using Identity Providers>.+-- <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity Federation Through a Web-based Identity Provider>. -- -- The 'GetFederationToken' action must be called by using the long-term -- AWS security credentials of an IAM user. You can also call@@ -41,8 +41,8 @@ -- create an IAM user for the purpose of the proxy application and then -- attach a policy to the IAM user that limits federated users to only the -- actions and resources they need access to. For more information, see--- <http://docs.aws.amazon.com/IAM/latest/UserGuide/IAMBestPractices.html IAM Best Practices>--- in /Using IAM/.+-- <http://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html IAM Best Practices>+-- in the /Using IAM/. -- -- The temporary security credentials that are obtained by using the -- long-term credentials of an IAM user are valid for the specified@@ -85,10 +85,10 @@ -- to access the resource. -- -- For more information about how permissions work, see--- <http://docs.aws.amazon.com/STS/latest/UsingSTS/permissions-get-federation-token.html Permissions for GetFederationToken>.+-- <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_getfederationtoken.html Permissions for GetFederationToken>. -- For information about using 'GetFederationToken' to create temporary -- security credentials, see--- <http://docs.aws.amazon.com/STS/latest/UsingSTS/CreatingFedTokens.html Creating Temporary Credentials to Enable Access for Federated Users>.+-- <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getfederationtoken GetFederationToken—Federation Through a Custom Identity Broker>. -- -- /See:/ <http://docs.aws.amazon.com/STS/latest/APIReference/API_GetFederationToken.html AWS API Reference> for GetFederationToken. module Network.AWS.STS.GetFederationToken@@ -177,7 +177,7 @@ -- equaling the maximum allowed size. -- -- For more information about how permissions work, see--- <http://docs.aws.amazon.com/STS/latest/UsingSTS/permissions-get-federation-token.html Permissions for GetFederationToken>.+-- <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_getfederationtoken.html Permissions for GetFederationToken>. gftPolicy :: Lens' GetFederationToken (Maybe Text) gftPolicy = lens _gftPolicy (\ s a -> s{_gftPolicy = a}); 
gen/Network/AWS/STS/GetSessionToken.hs view
@@ -26,7 +26,8 @@ -- 'GetSessionToken' and submit an MFA code that is associated with their -- MFA device. Using the temporary security credentials that are returned -- from the call, IAM users can then make programmatic calls to APIs that--- require MFA authentication.+-- require MFA authentication. If you do not supply a correct MFA code,+-- then the API returns an access denied error. -- -- The 'GetSessionToken' action must be called by using the long-term AWS -- security credentials of the AWS account or an IAM user. Credentials that@@ -37,7 +38,7 @@ -- -- We recommend that you do not call 'GetSessionToken' with root account -- credentials. Instead, follow our--- <http://docs.aws.amazon.com/IAM/latest/UserGuide/IAMBestPractices.html#create-iam-users best practices>+-- <http://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#create-iam-users best practices> -- by creating one or more IAM users, giving them the necessary -- permissions, and using IAM users for everyday interaction with AWS. --@@ -51,7 +52,8 @@ -- -- For more information about using 'GetSessionToken' to create temporary -- credentials, go to--- <http://docs.aws.amazon.com/STS/latest/UsingSTS/CreatingSessionTokens.html Creating Temporary Credentials to Enable Access for IAM Users>.+-- <http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken Temporary Credentials for Users in Untrusted Environments>+-- in the /Using IAM/. -- -- /See:/ <http://docs.aws.amazon.com/STS/latest/APIReference/API_GetSessionToken.html AWS API Reference> for GetSessionToken. module Network.AWS.STS.GetSessionToken