package types

import "github.com/aws/aws-sdk-go-v2/service/iam/types"

Index

Types

type AccessAdvisorUsageGranularityType 

type AccessAdvisorUsageGranularityType string
const (
	AccessAdvisorUsageGranularityTypeService_level AccessAdvisorUsageGranularityType = "SERVICE_LEVEL"
	AccessAdvisorUsageGranularityTypeAction_level  AccessAdvisorUsageGranularityType = "ACTION_LEVEL"
)

Enum values for AccessAdvisorUsageGranularityType

type AccessDetail 

type AccessDetail struct {

	// The name of the service in which access was attempted.
	//
	// This member is required.
	ServiceName *string

	// The path of the Organizations entity (root, organizational unit, or account)
	// from which an authenticated principal last attempted to access the service. AWS
	// does not report unauthenticated requests. This field is null if no principals
	// (IAM users, IAM roles, or root users) in the reported Organizations entity
	// attempted to access the service within the reporting period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	EntityPath *string

	// The number of accounts with authenticated principals (root users, IAM users, and
	// IAM roles) that attempted to access the service in the reporting period.
	TotalAuthenticatedEntities *int32

	// The Region where the last service access attempt occurred. This field is null if
	// no principals in the reported Organizations entity attempted to access the
	// service within the reporting period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	Region *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when an authenticated principal most recently
	// attempted to access the service. AWS does not report unauthenticated requests.
	// This field is null if no principals in the reported Organizations entity
	// attempted to access the service within the reporting period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAuthenticatedTime *time.Time

	// The namespace of the service in which access was attempted. To learn the service
	// namespace of a service, go to Actions, Resources, and Condition Keys for AWS
	// Services
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_actions-resources-contextkeys.html)
	// in the IAM User Guide. Choose the name of the service to view details for that
	// service. In the first paragraph, find the service prefix. For example, (service
	// prefix: a4b). For more information about service namespaces, see AWS Service
	// Namespaces
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
	// in the AWS General Reference.
	//
	// This member is required.
	ServiceNamespace *string
}

An object that contains details about when a principal in the reported AWS Organizations entity last attempted to access an AWS service. A principal can be an IAM user, an IAM role, or the AWS account root user within the reported Organizations entity. This data type is a response element in the GetOrganizationsAccessReport () operation.

type AccessKey 

type AccessKey struct {

	// The ID for this access key.
	//
	// This member is required.
	AccessKeyId *string

	// The status of the access key. Active means that the key is valid for API calls,
	// while Inactive means it is not.
	//
	// This member is required.
	Status StatusType

	// The secret key used to sign requests.
	//
	// This member is required.
	SecretAccessKey *string

	// The name of the IAM user that the access key is associated with.
	//
	// This member is required.
	UserName *string

	// The date when the access key was created.
	CreateDate *time.Time
}

Contains information about an AWS access key. This data type is used as a response element in the CreateAccessKey () and ListAccessKeys () operations. The SecretAccessKey value is returned only in response to CreateAccessKey (). You can get a secret access key only when you first create an access key; you cannot recover the secret access key later. If you lose a secret access key, you must create a new access key.

type AccessKeyLastUsed 

type AccessKeyLastUsed struct {

	// The name of the AWS service with which this access key was most recently used.
	// The value of this field is "N/A" in the following situations:
	//
	//     * The user
	// does not have an access key.
	//
	//     * An access key exists but has not been used
	// since IAM started tracking this information.
	//
	//     * There is no sign-in data
	// associated with the user.
	//
	// This member is required.
	ServiceName *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the access key was most recently used.
	// This field is null in the following situations:
	//
	//     * The user does not have an
	// access key.
	//
	//     * An access key exists but has not been used since IAM began
	// tracking this information.
	//
	//     * There is no sign-in data associated with the
	// user.
	//
	// This member is required.
	LastUsedDate *time.Time

	// The AWS Region where this access key was most recently used. The value for this
	// field is "N/A" in the following situations:
	//
	//     * The user does not have an
	// access key.
	//
	//     * An access key exists but has not been used since IAM began
	// tracking this information.
	//
	//     * There is no sign-in data associated with the
	// user.
	//
	// For more information about AWS Regions, see Regions and Endpoints
	// (https://docs.aws.amazon.com/general/latest/gr/rande.html) in the Amazon Web
	// Services General Reference.
	//
	// This member is required.
	Region *string
}

Contains information about the last time an AWS access key was used since IAM began tracking this information on April 22, 2015. This data type is used as a response element in the GetAccessKeyLastUsed () operation.

type AccessKeyMetadata 

type AccessKeyMetadata struct {

	// The ID for this access key.
	AccessKeyId *string

	// The name of the IAM user that the key is associated with.
	UserName *string

	// The status of the access key. Active means that the key is valid for API calls;
	// Inactive means it is not.
	Status StatusType

	// The date when the access key was created.
	CreateDate *time.Time
}

Contains information about an AWS access key, without its secret key. This data type is used as a response element in the ListAccessKeys () operation.

type AssignmentStatusType 

type AssignmentStatusType string
const (
	AssignmentStatusTypeAssigned   AssignmentStatusType = "Assigned"
	AssignmentStatusTypeUnassigned AssignmentStatusType = "Unassigned"
	AssignmentStatusTypeAny        AssignmentStatusType = "Any"
)

Enum values for AssignmentStatusType

type AttachedPermissionsBoundary 

type AttachedPermissionsBoundary struct {

	// The ARN of the policy used to set the permissions boundary for the user or role.
	PermissionsBoundaryArn *string

	// The permissions boundary usage type that indicates what type of IAM resource is
	// used as the permissions boundary for an entity. This data type can only have a
	// value of Policy.
	PermissionsBoundaryType PermissionsBoundaryAttachmentType
}

Contains information about an attached permissions boundary. An attached permissions boundary is a managed policy that has been attached to a user or role to set the permissions boundary. For more information about permissions boundaries, see Permissions Boundaries for IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html) in the IAM User Guide.

type AttachedPolicy 

type AttachedPolicy struct {

	// The friendly name of the attached policy.
	PolicyName *string

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the AWS General Reference.
	PolicyArn *string
}

Contains information about an attached policy. An attached policy is a managed policy that has been attached to a user, group, or role. This data type is used as a response element in the ListAttachedGroupPolicies (), ListAttachedRolePolicies (), ListAttachedUserPolicies (), and GetAccountAuthorizationDetails () operations. For more information about managed policies, refer to Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

type ConcurrentModificationException 

type ConcurrentModificationException struct {
	Message *string
}

The request was rejected because multiple requests to change this object were submitted simultaneously. Wait a few minutes and submit your request again.

func (*ConcurrentModificationException) Error 

func (e *ConcurrentModificationException) Error() string

func (*ConcurrentModificationException) ErrorCode 

func (e *ConcurrentModificationException) ErrorCode() string

func (*ConcurrentModificationException) ErrorFault 

func (e *ConcurrentModificationException) ErrorFault() smithy.ErrorFault

func (*ConcurrentModificationException) ErrorMessage 

func (e *ConcurrentModificationException) ErrorMessage() string

type ContextEntry 

type ContextEntry struct {

	// The data type of the value (or values) specified in the ContextKeyValues
	// parameter.
	ContextKeyType ContextKeyTypeEnum

	// The value (or values, if the condition context key supports multiple values) to
	// provide to the simulation when the key is referenced by a Condition element in
	// an input policy.
	ContextKeyValues []*string

	// The full name of a condition context key, including the service prefix. For
	// example, aws:SourceIp or s3:VersionId.
	ContextKeyName *string
}

Contains information about a condition context key. It includes the name of the key and specifies the value (or values, if the context key supports multiple values) to use in the simulation. This information is used when evaluating the Condition elements of the input policies. This data type is used as an input parameter to SimulateCustomPolicy () and SimulatePrincipalPolicy ().

type ContextKeyTypeEnum 

type ContextKeyTypeEnum string
const (
	ContextKeyTypeEnumString       ContextKeyTypeEnum = "string"
	ContextKeyTypeEnumString_list  ContextKeyTypeEnum = "stringList"
	ContextKeyTypeEnumNumeric      ContextKeyTypeEnum = "numeric"
	ContextKeyTypeEnumNumeric_list ContextKeyTypeEnum = "numericList"
	ContextKeyTypeEnumBoolean      ContextKeyTypeEnum = "boolean"
	ContextKeyTypeEnumBoolean_list ContextKeyTypeEnum = "booleanList"
	ContextKeyTypeEnumIp           ContextKeyTypeEnum = "ip"
	ContextKeyTypeEnumIp_list      ContextKeyTypeEnum = "ipList"
	ContextKeyTypeEnumBinary       ContextKeyTypeEnum = "binary"
	ContextKeyTypeEnumBinary_list  ContextKeyTypeEnum = "binaryList"
	ContextKeyTypeEnumDate         ContextKeyTypeEnum = "date"
	ContextKeyTypeEnumDate_list    ContextKeyTypeEnum = "dateList"
)

Enum values for ContextKeyTypeEnum

type CredentialReportExpiredException 

type CredentialReportExpiredException struct {
	Message *string
}

The request was rejected because the most recent credential report has expired. To generate a new credential report, use GenerateCredentialReport (). For more information about credential report expiration, see Getting Credential Reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) in the IAM User Guide.

func (*CredentialReportExpiredException) Error 

func (e *CredentialReportExpiredException) Error() string

func (*CredentialReportExpiredException) ErrorCode 

func (e *CredentialReportExpiredException) ErrorCode() string

func (*CredentialReportExpiredException) ErrorFault 

func (e *CredentialReportExpiredException) ErrorFault() smithy.ErrorFault

func (*CredentialReportExpiredException) ErrorMessage 

func (e *CredentialReportExpiredException) ErrorMessage() string

type CredentialReportNotPresentException 

type CredentialReportNotPresentException struct {
	Message *string
}

The request was rejected because the credential report does not exist. To generate a credential report, use GenerateCredentialReport ().

func (*CredentialReportNotPresentException) Error 

func (e *CredentialReportNotPresentException) Error() string

func (*CredentialReportNotPresentException) ErrorCode 

func (e *CredentialReportNotPresentException) ErrorCode() string

func (*CredentialReportNotPresentException) ErrorFault 

func (e *CredentialReportNotPresentException) ErrorFault() smithy.ErrorFault

func (*CredentialReportNotPresentException) ErrorMessage 

func (e *CredentialReportNotPresentException) ErrorMessage() string

type CredentialReportNotReadyException 

type CredentialReportNotReadyException struct {
	Message *string
}

The request was rejected because the credential report is still being generated.

func (*CredentialReportNotReadyException) Error 

func (e *CredentialReportNotReadyException) Error() string

func (*CredentialReportNotReadyException) ErrorCode 

func (e *CredentialReportNotReadyException) ErrorCode() string

func (*CredentialReportNotReadyException) ErrorFault 

func (e *CredentialReportNotReadyException) ErrorFault() smithy.ErrorFault

func (*CredentialReportNotReadyException) ErrorMessage 

func (e *CredentialReportNotReadyException) ErrorMessage() string

type DeleteConflictException 

type DeleteConflictException struct {
	Message *string
}

The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities.

func (*DeleteConflictException) Error 

func (e *DeleteConflictException) Error() string

func (*DeleteConflictException) ErrorCode 

func (e *DeleteConflictException) ErrorCode() string

func (*DeleteConflictException) ErrorFault 

func (e *DeleteConflictException) ErrorFault() smithy.ErrorFault

func (*DeleteConflictException) ErrorMessage 

func (e *DeleteConflictException) ErrorMessage() string

type DeletionTaskFailureReasonType 

type DeletionTaskFailureReasonType struct {

	// A short description of the reason that the service-linked role deletion failed.
	Reason *string

	// A list of objects that contains details about the service-linked role deletion
	// failure, if that information is returned by the service. If the service-linked
	// role has active sessions or if any resources that were used by the role have not
	// been deleted from the linked service, the role can't be deleted. This parameter
	// includes a list of the resources that are associated with the role and the
	// Region in which the resources are being used.
	RoleUsageList []*RoleUsageType
}

The reason that the service-linked role deletion failed. This data type is used as a response element in the GetServiceLinkedRoleDeletionStatus () operation.

type DeletionTaskStatusType 

type DeletionTaskStatusType string
const (
	DeletionTaskStatusTypeSucceeded   DeletionTaskStatusType = "SUCCEEDED"
	DeletionTaskStatusTypeIn_progress DeletionTaskStatusType = "IN_PROGRESS"
	DeletionTaskStatusTypeFailed      DeletionTaskStatusType = "FAILED"
	DeletionTaskStatusTypeNot_started DeletionTaskStatusType = "NOT_STARTED"
)

Enum values for DeletionTaskStatusType

type DuplicateCertificateException 

type DuplicateCertificateException struct {
	Message *string
}

The request was rejected because the same certificate is associated with an IAM user in the account.

func (*DuplicateCertificateException) Error 

func (e *DuplicateCertificateException) Error() string

func (*DuplicateCertificateException) ErrorCode 

func (e *DuplicateCertificateException) ErrorCode() string

func (*DuplicateCertificateException) ErrorFault 

func (e *DuplicateCertificateException) ErrorFault() smithy.ErrorFault

func (*DuplicateCertificateException) ErrorMessage 

func (e *DuplicateCertificateException) ErrorMessage() string

type DuplicateSSHPublicKeyException 

type DuplicateSSHPublicKeyException struct {
	Message *string
}

The request was rejected because the SSH public key is already associated with the specified IAM user.

func (*DuplicateSSHPublicKeyException) Error 

func (e *DuplicateSSHPublicKeyException) Error() string

func (*DuplicateSSHPublicKeyException) ErrorCode 

func (e *DuplicateSSHPublicKeyException) ErrorCode() string

func (*DuplicateSSHPublicKeyException) ErrorFault 

func (e *DuplicateSSHPublicKeyException) ErrorFault() smithy.ErrorFault

func (*DuplicateSSHPublicKeyException) ErrorMessage 

func (e *DuplicateSSHPublicKeyException) ErrorMessage() string

type EncodingType 

type EncodingType string
const (
	EncodingTypeSsh EncodingType = "SSH"
	EncodingTypePem EncodingType = "PEM"
)

Enum values for EncodingType

type EntityAlreadyExistsException 

type EntityAlreadyExistsException struct {
	Message *string
}

The request was rejected because it attempted to create a resource that already exists.

func (*EntityAlreadyExistsException) Error 

func (e *EntityAlreadyExistsException) Error() string

func (*EntityAlreadyExistsException) ErrorCode 

func (e *EntityAlreadyExistsException) ErrorCode() string

func (*EntityAlreadyExistsException) ErrorFault 

func (e *EntityAlreadyExistsException) ErrorFault() smithy.ErrorFault

func (*EntityAlreadyExistsException) ErrorMessage 

func (e *EntityAlreadyExistsException) ErrorMessage() string

type EntityDetails 

type EntityDetails struct {

	// The EntityInfo object that contains details about the entity (user or role).
	//
	// This member is required.
	EntityInfo *EntityInfo

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the authenticated entity last attempted
	// to access AWS. AWS does not report unauthenticated requests. This field is null
	// if no IAM entities attempted to access the service within the reporting period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAuthenticated *time.Time
}

An object that contains details about when the IAM entities (users or roles) were last used in an attempt to access the specified AWS service. This data type is a response element in the GetServiceLastAccessedDetailsWithEntities () operation.

type EntityInfo 

type EntityInfo struct {

	// The name of the entity (user or role).
	//
	// This member is required.
	Name *string

	// The identifier of the entity (user or role).
	//
	// This member is required.
	Id *string

	// The path to the entity (user or role). For more information about paths, see IAM
	// Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	Path *string

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the AWS General Reference.
	//
	// This member is required.
	Arn *string

	// The type of entity (user or role).
	//
	// This member is required.
	Type PolicyOwnerEntityType
}

Contains details about the specified entity (user or role). This data type is an element of the EntityDetails () object.

type EntityTemporarilyUnmodifiableException 

type EntityTemporarilyUnmodifiableException struct {
	Message *string
}

The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.

func (*EntityTemporarilyUnmodifiableException) Error 

func (e *EntityTemporarilyUnmodifiableException) Error() string

func (*EntityTemporarilyUnmodifiableException) ErrorCode 

func (e *EntityTemporarilyUnmodifiableException) ErrorCode() string

func (*EntityTemporarilyUnmodifiableException) ErrorFault 

func (e *EntityTemporarilyUnmodifiableException) ErrorFault() smithy.ErrorFault

func (*EntityTemporarilyUnmodifiableException) ErrorMessage 

func (e *EntityTemporarilyUnmodifiableException) ErrorMessage() string

type EntityType 

type EntityType string
const (
	EntityTypeUser               EntityType = "User"
	EntityTypeRole               EntityType = "Role"
	EntityTypeGroup              EntityType = "Group"
	EntityTypeLocalmanagedpolicy EntityType = "LocalManagedPolicy"
	EntityTypeAwsmanagedpolicy   EntityType = "AWSManagedPolicy"
)

Enum values for EntityType

type ErrorDetails 

type ErrorDetails struct {

	// The error code associated with the operation failure.
	//
	// This member is required.
	Code *string

	// Detailed information about the reason that the operation failed.
	//
	// This member is required.
	Message *string
}

Contains information about the reason that the operation failed. This data type is used as a response element in the GetOrganizationsAccessReport (), GetServiceLastAccessedDetails (), and GetServiceLastAccessedDetailsWithEntities () operations.

type EvaluationResult 

type EvaluationResult struct {

	// The result of the simulation.
	//
	// This member is required.
	EvalDecision PolicyEvaluationDecisionType

	// The name of the API operation tested on the indicated resource.
	//
	// This member is required.
	EvalActionName *string

	// Additional details about the results of the cross-account evaluation decision.
	// This parameter is populated for only cross-account simulations. It contains a
	// brief summary of how each policy type contributes to the final evaluation
	// decision. If the simulation evaluates policies within the same account and
	// includes a resource ARN, then the parameter is present but the response is
	// empty. If the simulation evaluates policies within the same account and
	// specifies all resources (*), then the parameter is not returned. When you make a
	// cross-account request, AWS evaluates the request in the trusting account and the
	// trusted account. The request is allowed only if both evaluations return true.
	// For more information about how policies are evaluated, see Evaluating Policies
	// Within a Single Account
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-basics).
	// If an AWS Organizations SCP included in the evaluation denies access, the
	// simulation ends. In this case, policy evaluation does not proceed any further
	// and this parameter is not returned.
	EvalDecisionDetails map[string]PolicyEvaluationDecisionType

	// A structure that details how Organizations and its service control policies
	// affect the results of the simulation. Only applies if the simulated user's
	// account is part of an organization.
	OrganizationsDecisionDetail *OrganizationsDecisionDetail

	// The ARN of the resource that the indicated API operation was tested on.
	EvalResourceName *string

	// A list of the statements in the input policies that determine the result for
	// this scenario. Remember that even if multiple statements allow the operation on
	// the resource, if only one statement denies that operation, then the explicit
	// deny overrides any allow. In addition, the deny statement is the only entry
	// included in the result.
	MatchedStatements []*Statement

	// A list of context keys that are required by the included input policies but that
	// were not provided by one of the input parameters. This list is used when the
	// resource in a simulation is "*", either explicitly, or when the ResourceArns
	// parameter blank. If you include a list of resources, then any missing context
	// values are instead included under the ResourceSpecificResults section. To
	// discover the context keys used by a set of policies, you can call
	// GetContextKeysForCustomPolicy () or GetContextKeysForPrincipalPolicy ().
	MissingContextValues []*string

	// Contains information about the effect that a permissions boundary has on a
	// policy simulation when the boundary is applied to an IAM entity.
	PermissionsBoundaryDecisionDetail *PermissionsBoundaryDecisionDetail

	// The individual results of the simulation of the API operation specified in
	// EvalActionName on each resource.
	ResourceSpecificResults []*ResourceSpecificResult
}

Contains the results of a simulation. This data type is used by the return parameter of SimulateCustomPolicy () and SimulatePrincipalPolicy ().

type GlobalEndpointTokenVersion 

type GlobalEndpointTokenVersion string
const (
	GlobalEndpointTokenVersionV1token GlobalEndpointTokenVersion = "v1Token"
	GlobalEndpointTokenVersionV2token GlobalEndpointTokenVersion = "v2Token"
)

Enum values for GlobalEndpointTokenVersion

type Group 

type Group struct {

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the group was created.
	//
	// This member is required.
	CreateDate *time.Time

	// The stable and unique string identifying the group. For more information about
	// IDs, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	GroupId *string

	// The friendly name that identifies the group.
	//
	// This member is required.
	GroupName *string

	// The Amazon Resource Name (ARN) specifying the group. For more information about
	// ARNs and how to use them in policies, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	Arn *string

	// The path to the group. For more information about paths, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	Path *string
}

Contains information about an IAM group entity. This data type is used as a response element in the following operations:

GetGroup ()

type GroupDetail 

type GroupDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the AWS General Reference.
	Arn *string

	// A list of the inline policies embedded in the group.
	GroupPolicyList []*PolicyDetail

	// The path to the group. For more information about paths, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	Path *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the group was created.
	CreateDate *time.Time

	// A list of the managed policies attached to the group.
	AttachedManagedPolicies []*AttachedPolicy

	// The friendly name that identifies the group.
	GroupName *string

	// The stable and unique string identifying the group. For more information about
	// IDs, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	GroupId *string
}

Contains information about an IAM group, including all of the group's policies. This data type is used as a response element in the GetAccountAuthorizationDetails () operation.

type InstanceProfile 

type InstanceProfile struct {

	// The Amazon Resource Name (ARN) specifying the instance profile. For more
	// information about ARNs and how to use them in policies, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	Arn *string

	// The name identifying the instance profile.
	//
	// This member is required.
	InstanceProfileName *string

	// The path to the instance profile. For more information about paths, see IAM
	// Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	Path *string

	// The stable and unique string identifying the instance profile. For more
	// information about IDs, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	InstanceProfileId *string

	// The date when the instance profile was created.
	//
	// This member is required.
	CreateDate *time.Time

	// The role associated with the instance profile.
	//
	// This member is required.
	Roles []*Role
}

Contains information about an instance profile. This data type is used as a response element in the following operations:

* GetInstanceProfile ()

ListInstanceProfilesForRole ()

type InvalidAuthenticationCodeException 

type InvalidAuthenticationCodeException struct {
	Message *string
}

The request was rejected because the authentication code was not recognized. The error message describes the specific error.

func (*InvalidAuthenticationCodeException) Error 

func (e *InvalidAuthenticationCodeException) Error() string

func (*InvalidAuthenticationCodeException) ErrorCode 

func (e *InvalidAuthenticationCodeException) ErrorCode() string

func (*InvalidAuthenticationCodeException) ErrorFault 

func (e *InvalidAuthenticationCodeException) ErrorFault() smithy.ErrorFault

func (*InvalidAuthenticationCodeException) ErrorMessage 

func (e *InvalidAuthenticationCodeException) ErrorMessage() string

type InvalidCertificateException 

type InvalidCertificateException struct {
	Message *string
}

The request was rejected because the certificate is invalid.

func (*InvalidCertificateException) Error 

func (e *InvalidCertificateException) Error() string

func (*InvalidCertificateException) ErrorCode 

func (e *InvalidCertificateException) ErrorCode() string

func (*InvalidCertificateException) ErrorFault 

func (e *InvalidCertificateException) ErrorFault() smithy.ErrorFault

func (*InvalidCertificateException) ErrorMessage 

func (e *InvalidCertificateException) ErrorMessage() string

type InvalidInputException 

type InvalidInputException struct {
	Message *string
}

The request was rejected because an invalid or out-of-range value was supplied for an input parameter.

func (*InvalidInputException) Error 

func (e *InvalidInputException) Error() string

func (*InvalidInputException) ErrorCode 

func (e *InvalidInputException) ErrorCode() string

func (*InvalidInputException) ErrorFault 

func (e *InvalidInputException) ErrorFault() smithy.ErrorFault

func (*InvalidInputException) ErrorMessage 

func (e *InvalidInputException) ErrorMessage() string

type InvalidPublicKeyException 

type InvalidPublicKeyException struct {
	Message *string
}

The request was rejected because the public key is malformed or otherwise invalid.

func (*InvalidPublicKeyException) Error 

func (e *InvalidPublicKeyException) Error() string

func (*InvalidPublicKeyException) ErrorCode 

func (e *InvalidPublicKeyException) ErrorCode() string

func (*InvalidPublicKeyException) ErrorFault 

func (e *InvalidPublicKeyException) ErrorFault() smithy.ErrorFault

func (*InvalidPublicKeyException) ErrorMessage 

func (e *InvalidPublicKeyException) ErrorMessage() string

type InvalidUserTypeException 

type InvalidUserTypeException struct {
	Message *string
}

The request was rejected because the type of user for the transaction was incorrect.

func (*InvalidUserTypeException) Error 

func (e *InvalidUserTypeException) Error() string

func (*InvalidUserTypeException) ErrorCode 

func (e *InvalidUserTypeException) ErrorCode() string

func (*InvalidUserTypeException) ErrorFault 

func (e *InvalidUserTypeException) ErrorFault() smithy.ErrorFault

func (*InvalidUserTypeException) ErrorMessage 

func (e *InvalidUserTypeException) ErrorMessage() string

type JobStatusType 

type JobStatusType string
const (
	JobStatusTypeIn_progress JobStatusType = "IN_PROGRESS"
	JobStatusTypeCompleted   JobStatusType = "COMPLETED"
	JobStatusTypeFailed      JobStatusType = "FAILED"
)

Enum values for JobStatusType

type KeyPairMismatchException 

type KeyPairMismatchException struct {
	Message *string
}

The request was rejected because the public key certificate and the private key do not match.

func (*KeyPairMismatchException) Error 

func (e *KeyPairMismatchException) Error() string

func (*KeyPairMismatchException) ErrorCode 

func (e *KeyPairMismatchException) ErrorCode() string

func (*KeyPairMismatchException) ErrorFault 

func (e *KeyPairMismatchException) ErrorFault() smithy.ErrorFault

func (*KeyPairMismatchException) ErrorMessage 

func (e *KeyPairMismatchException) ErrorMessage() string

type LimitExceededException 

type LimitExceededException struct {
	Message *string
}

The request was rejected because it attempted to create resources beyond the current AWS account limitations. The error message describes the limit exceeded.

func (*LimitExceededException) Error 

func (e *LimitExceededException) Error() string

func (*LimitExceededException) ErrorCode 

func (e *LimitExceededException) ErrorCode() string

func (*LimitExceededException) ErrorFault 

func (e *LimitExceededException) ErrorFault() smithy.ErrorFault

func (*LimitExceededException) ErrorMessage 

func (e *LimitExceededException) ErrorMessage() string

type ListPoliciesGrantingServiceAccessEntry 

type ListPoliciesGrantingServiceAccessEntry struct {

	// The namespace of the service that was accessed. To learn the service namespace
	// of a service, go to Actions, Resources, and Condition Keys for AWS Services
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_actions-resources-contextkeys.html)
	// in the IAM User Guide. Choose the name of the service to view details for that
	// service. In the first paragraph, find the service prefix. For example, (service
	// prefix: a4b). For more information about service namespaces, see AWS Service
	// Namespaces
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
	// in the AWS General Reference.
	ServiceNamespace *string

	// The PoliciesGrantingServiceAccess object that contains details about the policy.
	Policies []*PolicyGrantingServiceAccess
}

Contains details about the permissions policies that are attached to the specified identity (user, group, or role). This data type is used as a response element in the ListPoliciesGrantingServiceAccess () operation.

type LoginProfile 

type LoginProfile struct {

	// The date when the password for the user was created.
	//
	// This member is required.
	CreateDate *time.Time

	// Specifies whether the user is required to set a new password on next sign-in.
	PasswordResetRequired *bool

	// The name of the user, which can be used for signing in to the AWS Management
	// Console.
	//
	// This member is required.
	UserName *string
}

Contains the user name and password create date for a user. This data type is used as a response element in the CreateLoginProfile () and GetLoginProfile () operations.

type MFADevice 

type MFADevice struct {

	// The user with whom the MFA device is associated.
	//
	// This member is required.
	UserName *string

	// The serial number that uniquely identifies the MFA device. For virtual MFA
	// devices, the serial number is the device ARN.
	//
	// This member is required.
	SerialNumber *string

	// The date when the MFA device was enabled for the user.
	//
	// This member is required.
	EnableDate *time.Time
}

Contains information about an MFA device. This data type is used as a response element in the ListMFADevices () operation.

type MalformedCertificateException 

type MalformedCertificateException struct {
	Message *string
}

The request was rejected because the certificate was malformed or expired. The error message describes the specific error.

func (*MalformedCertificateException) Error 

func (e *MalformedCertificateException) Error() string

func (*MalformedCertificateException) ErrorCode 

func (e *MalformedCertificateException) ErrorCode() string

func (*MalformedCertificateException) ErrorFault 

func (e *MalformedCertificateException) ErrorFault() smithy.ErrorFault

func (*MalformedCertificateException) ErrorMessage 

func (e *MalformedCertificateException) ErrorMessage() string

type MalformedPolicyDocumentException 

type MalformedPolicyDocumentException struct {
	Message *string
}

The request was rejected because the policy document was malformed. The error message describes the specific error.

func (*MalformedPolicyDocumentException) Error 

func (e *MalformedPolicyDocumentException) Error() string

func (*MalformedPolicyDocumentException) ErrorCode 

func (e *MalformedPolicyDocumentException) ErrorCode() string

func (*MalformedPolicyDocumentException) ErrorFault 

func (e *MalformedPolicyDocumentException) ErrorFault() smithy.ErrorFault

func (*MalformedPolicyDocumentException) ErrorMessage 

func (e *MalformedPolicyDocumentException) ErrorMessage() string

type ManagedPolicyDetail 

type ManagedPolicyDetail struct {

	// The friendly name (not ARN) identifying the policy.
	PolicyName *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the policy was created.
	CreateDate *time.Time

	// Specifies whether the policy can be attached to an IAM user, group, or role.
	IsAttachable *bool

	// The path to the policy. For more information about paths, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	Path *string

	// A friendly description of the policy.
	Description *string

	// The number of entities (users and roles) for which the policy is used as the
	// permissions boundary. For more information about permissions boundaries, see
	// Permissions Boundaries for IAM Identities
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundaryUsageCount *int32

	// A list containing information about the versions of the policy.
	PolicyVersionList []*PolicyVersion

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the AWS General Reference.
	Arn *string

	// The identifier for the version of the policy that is set as the default
	// (operative) version. For more information about policy versions, see Versioning
	// for Managed Policies
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-versions.html)
	// in the IAM User Guide.
	DefaultVersionId *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the policy was last updated. When a
	// policy has only one version, this field contains the date and time when the
	// policy was created. When a policy has more than one version, this field contains
	// the date and time when the most recent policy version was created.
	UpdateDate *time.Time

	// The stable and unique string identifying the policy. For more information about
	// IDs, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	PolicyId *string

	// The number of principal entities (users, groups, and roles) that the policy is
	// attached to.
	AttachmentCount *int32
}

Contains information about a managed policy, including the policy's ARN, versions, and the number of principal entities (users, groups, and roles) that the policy is attached to. This data type is used as a response element in the GetAccountAuthorizationDetails () operation. For more information about managed policies, see Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

type NoSuchEntityException 

type NoSuchEntityException struct {
	Message *string
}

The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.

func (*NoSuchEntityException) Error 

func (e *NoSuchEntityException) Error() string

func (*NoSuchEntityException) ErrorCode 

func (e *NoSuchEntityException) ErrorCode() string

func (*NoSuchEntityException) ErrorFault 

func (e *NoSuchEntityException) ErrorFault() smithy.ErrorFault

func (*NoSuchEntityException) ErrorMessage 

func (e *NoSuchEntityException) ErrorMessage() string

type OpenIDConnectProviderListEntry 

type OpenIDConnectProviderListEntry struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the AWS General Reference.
	Arn *string
}

Contains the Amazon Resource Name (ARN) for an IAM OpenID Connect provider.

type OrganizationsDecisionDetail 

type OrganizationsDecisionDetail struct {

	// Specifies whether the simulated operation is allowed by the Organizations
	// service control policies that impact the simulated user's account.
	AllowedByOrganizations *bool
}

Contains information about the effect that Organizations has on a policy simulation.

type PasswordPolicy 

type PasswordPolicy struct {

	// Specifies whether to require lowercase characters for IAM user passwords.
	RequireLowercaseCharacters *bool

	// Minimum length to require for IAM user passwords.
	MinimumPasswordLength *int32

	// Specifies whether to require numbers for IAM user passwords.
	RequireNumbers *bool

	// Indicates whether passwords in the account expire. Returns true if
	// MaxPasswordAge contains a value greater than 0. Returns false if MaxPasswordAge
	// is 0 or not present.
	ExpirePasswords *bool

	// Specifies the number of previous passwords that IAM users are prevented from
	// reusing.
	PasswordReusePrevention *int32

	// Specifies whether IAM users are prevented from setting a new password after
	// their password has expired.
	HardExpiry *bool

	// The number of days that an IAM user password is valid.
	MaxPasswordAge *int32

	// Specifies whether to require uppercase characters for IAM user passwords.
	RequireUppercaseCharacters *bool

	// Specifies whether IAM users are allowed to change their own password.
	AllowUsersToChangePassword *bool

	// Specifies whether to require symbols for IAM user passwords.
	RequireSymbols *bool
}

Contains information about the account password policy. This data type is used as a response element in the GetAccountPasswordPolicy () operation.

type PasswordPolicyViolationException 

type PasswordPolicyViolationException struct {
	Message *string
}

The request was rejected because the provided password did not meet the requirements imposed by the account password policy.

func (*PasswordPolicyViolationException) Error 

func (e *PasswordPolicyViolationException) Error() string

func (*PasswordPolicyViolationException) ErrorCode 

func (e *PasswordPolicyViolationException) ErrorCode() string

func (*PasswordPolicyViolationException) ErrorFault 

func (e *PasswordPolicyViolationException) ErrorFault() smithy.ErrorFault

func (*PasswordPolicyViolationException) ErrorMessage 

func (e *PasswordPolicyViolationException) ErrorMessage() string

type PermissionsBoundaryAttachmentType 

type PermissionsBoundaryAttachmentType string
const (
	PermissionsBoundaryAttachmentTypePolicy PermissionsBoundaryAttachmentType = "PermissionsBoundaryPolicy"
)

Enum values for PermissionsBoundaryAttachmentType

type PermissionsBoundaryDecisionDetail 

type PermissionsBoundaryDecisionDetail struct {

	// Specifies whether an action is allowed by a permissions boundary that is applied
	// to an IAM entity (user or role). A value of true means that the permissions
	// boundary does not deny the action. This means that the policy includes an Allow
	// statement that matches the request. In this case, if an identity-based policy
	// also allows the action, the request is allowed. A value of false means that
	// either the requested action is not allowed (implicitly denied) or that the
	// action is explicitly denied by the permissions boundary. In both of these cases,
	// the action is not allowed, regardless of the identity-based policy.
	AllowedByPermissionsBoundary *bool
}

Contains information about the effect that a permissions boundary has on a policy simulation when the boundary is applied to an IAM entity.

type Policy 

type Policy struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the AWS General Reference.
	Arn *string

	// The stable and unique string identifying the policy. For more information about
	// IDs, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	PolicyId *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the policy was created.
	CreateDate *time.Time

	// The number of entities (users, groups, and roles) that the policy is attached
	// to.
	AttachmentCount *int32

	// Specifies whether the policy can be attached to an IAM user, group, or role.
	IsAttachable *bool

	// The friendly name (not ARN) identifying the policy.
	PolicyName *string

	// The path to the policy. For more information about paths, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	Path *string

	// The identifier for the version of the policy that is set as the default version.
	DefaultVersionId *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the policy was last updated. When a
	// policy has only one version, this field contains the date and time when the
	// policy was created. When a policy has more than one version, this field contains
	// the date and time when the most recent policy version was created.
	UpdateDate *time.Time

	// A friendly description of the policy. This element is included in the response
	// to the GetPolicy () operation. It is not included in the response to the
	// ListPolicies () operation.
	Description *string

	// The number of entities (users and roles) for which the policy is used to set the
	// permissions boundary. For more information about permissions boundaries, see
	// Permissions Boundaries for IAM Identities
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundaryUsageCount *int32
}

Contains information about a managed policy. This data type is used as a response element in the CreatePolicy (), GetPolicy (), and ListPolicies () operations. For more information about managed policies, refer to Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

type PolicyDetail 

type PolicyDetail struct {

	// The policy document.
	PolicyDocument *string

	// The name of the policy.
	PolicyName *string
}

Contains information about an IAM policy, including the policy document. This data type is used as a response element in the GetAccountAuthorizationDetails () operation.

type PolicyEvaluationDecisionType 

type PolicyEvaluationDecisionType string
const (
	PolicyEvaluationDecisionTypeAllowed       PolicyEvaluationDecisionType = "allowed"
	PolicyEvaluationDecisionTypeExplicit_deny PolicyEvaluationDecisionType = "explicitDeny"
	PolicyEvaluationDecisionTypeImplicit_deny PolicyEvaluationDecisionType = "implicitDeny"
)

Enum values for PolicyEvaluationDecisionType

type PolicyEvaluationException 

type PolicyEvaluationException struct {
	Message *string
}

The request failed because a provided policy could not be successfully evaluated. An additional detailed message indicates the source of the failure.

func (*PolicyEvaluationException) Error 

func (e *PolicyEvaluationException) Error() string

func (*PolicyEvaluationException) ErrorCode 

func (e *PolicyEvaluationException) ErrorCode() string

func (*PolicyEvaluationException) ErrorFault 

func (e *PolicyEvaluationException) ErrorFault() smithy.ErrorFault

func (*PolicyEvaluationException) ErrorMessage 

func (e *PolicyEvaluationException) ErrorMessage() string

type PolicyGrantingServiceAccess 

type PolicyGrantingServiceAccess struct {

	// The policy type. For more information about these policy types, see Managed
	// Policies and Inline Policies
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
	// in the IAM User Guide.
	//
	// This member is required.
	PolicyType PolicyType

	// The policy name.
	//
	// This member is required.
	PolicyName *string

	// The name of the entity (user or role) to which the inline policy is attached.
	// This field is null for managed policies. For more information about these policy
	// types, see Managed Policies and Inline Policies
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
	// in the IAM User Guide.
	EntityName *string

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the AWS General Reference.
	PolicyArn *string

	// The type of entity (user or role) that used the policy to access the service to
	// which the inline policy is attached. This field is null for managed policies.
	// For more information about these policy types, see Managed Policies and Inline
	// Policies
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html)
	// in the IAM User Guide.
	EntityType PolicyOwnerEntityType
}

Contains details about the permissions policies that are attached to the specified identity (user, group, or role). This data type is an element of the ListPoliciesGrantingServiceAccessEntry () object.

type PolicyGroup 

type PolicyGroup struct {

	// The stable and unique string identifying the group. For more information about
	// IDs, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in
	// the IAM User Guide.
	GroupId *string

	// The name (friendly name, not ARN) identifying the group.
	GroupName *string
}

Contains information about a group that a managed policy is attached to. This data type is used as a response element in the ListEntitiesForPolicy () operation. For more information about managed policies, refer to Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

type PolicyNotAttachableException 

type PolicyNotAttachableException struct {
	Message *string
}

The request failed because AWS service role policies can only be attached to the service-linked role for that service.

func (*PolicyNotAttachableException) Error 

func (e *PolicyNotAttachableException) Error() string

func (*PolicyNotAttachableException) ErrorCode 

func (e *PolicyNotAttachableException) ErrorCode() string

func (*PolicyNotAttachableException) ErrorFault 

func (e *PolicyNotAttachableException) ErrorFault() smithy.ErrorFault

func (*PolicyNotAttachableException) ErrorMessage 

func (e *PolicyNotAttachableException) ErrorMessage() string

type PolicyOwnerEntityType 

type PolicyOwnerEntityType string
const (
	PolicyOwnerEntityTypeUser  PolicyOwnerEntityType = "USER"
	PolicyOwnerEntityTypeRole  PolicyOwnerEntityType = "ROLE"
	PolicyOwnerEntityTypeGroup PolicyOwnerEntityType = "GROUP"
)

Enum values for PolicyOwnerEntityType

type PolicyRole 

type PolicyRole struct {

	// The name (friendly name, not ARN) identifying the role.
	RoleName *string

	// The stable and unique string identifying the role. For more information about
	// IDs, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in
	// the IAM User Guide.
	RoleId *string
}

Contains information about a role that a managed policy is attached to. This data type is used as a response element in the ListEntitiesForPolicy () operation. For more information about managed policies, refer to Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

type PolicyScopeType 

type PolicyScopeType string
const (
	PolicyScopeTypeAll   PolicyScopeType = "All"
	PolicyScopeTypeAws   PolicyScopeType = "AWS"
	PolicyScopeTypeLocal PolicyScopeType = "Local"
)

Enum values for PolicyScopeType

type PolicySourceType 

type PolicySourceType string
const (
	PolicySourceTypeUser         PolicySourceType = "user"
	PolicySourceTypeGroup        PolicySourceType = "group"
	PolicySourceTypeRole         PolicySourceType = "role"
	PolicySourceTypeAws_managed  PolicySourceType = "aws-managed"
	PolicySourceTypeUser_managed PolicySourceType = "user-managed"
	PolicySourceTypeResource     PolicySourceType = "resource"
	PolicySourceTypeNone         PolicySourceType = "none"
)

Enum values for PolicySourceType

type PolicyType 

type PolicyType string
const (
	PolicyTypeInline  PolicyType = "INLINE"
	PolicyTypeManaged PolicyType = "MANAGED"
)

Enum values for PolicyType

type PolicyUsageType 

type PolicyUsageType string
const (
	PolicyUsageTypePermissionspolicy   PolicyUsageType = "PermissionsPolicy"
	PolicyUsageTypePermissionsboundary PolicyUsageType = "PermissionsBoundary"
)

Enum values for PolicyUsageType

type PolicyUser 

type PolicyUser struct {

	// The name (friendly name, not ARN) identifying the user.
	UserName *string

	// The stable and unique string identifying the user. For more information about
	// IDs, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html) in
	// the IAM User Guide.
	UserId *string
}

Contains information about a user that a managed policy is attached to. This data type is used as a response element in the ListEntitiesForPolicy () operation. For more information about managed policies, refer to Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

type PolicyVersion 

type PolicyVersion struct {

	// Specifies whether the policy version is set as the policy's default version.
	IsDefaultVersion *bool

	// The policy document. The policy document is returned in the response to the
	// GetPolicyVersion () and GetAccountAuthorizationDetails () operations. It is not
	// returned in the response to the CreatePolicyVersion () or ListPolicyVersions ()
	// operations. The policy document returned in this structure is URL-encoded
	// compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986). You can use a URL
	// decoding method to convert the policy back to plain JSON text. For example, if
	// you use Java, you can use the decode method of the java.net.URLDecoder utility
	// class in the Java SDK. Other languages and SDKs provide similar functionality.
	Document *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the policy version was created.
	CreateDate *time.Time

	// The identifier for the policy version. Policy version identifiers always begin
	// with v (always lowercase). When a policy is created, the first policy version is
	// v1.
	VersionId *string
}

Contains information about a version of a managed policy. This data type is used as a response element in the CreatePolicyVersion (), GetPolicyVersion (), ListPolicyVersions (), and GetAccountAuthorizationDetails () operations. For more information about managed policies, refer to Managed Policies and Inline Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the IAM User Guide.

type Position 

type Position struct {

	// The column in the line containing the specified position in the document.
	Column *int32

	// The line containing the specified position in the document.
	Line *int32
}

Contains the row and column of a location of a Statement element in a policy document. This data type is used as a member of the Statement () type.

type ReportFormatType 

type ReportFormatType string
const (
	ReportFormatTypeTextCsv ReportFormatType = "text/csv"
)

Enum values for ReportFormatType

type ReportGenerationLimitExceededException 

type ReportGenerationLimitExceededException struct {
	Message *string
}

The request failed because the maximum number of concurrent requests for this account are already running.

func (*ReportGenerationLimitExceededException) Error 

func (e *ReportGenerationLimitExceededException) Error() string

func (*ReportGenerationLimitExceededException) ErrorCode 

func (e *ReportGenerationLimitExceededException) ErrorCode() string

func (*ReportGenerationLimitExceededException) ErrorFault 

func (e *ReportGenerationLimitExceededException) ErrorFault() smithy.ErrorFault

func (*ReportGenerationLimitExceededException) ErrorMessage 

func (e *ReportGenerationLimitExceededException) ErrorMessage() string

type ReportStateType 

type ReportStateType string
const (
	ReportStateTypeStarted    ReportStateType = "STARTED"
	ReportStateTypeInprogress ReportStateType = "INPROGRESS"
	ReportStateTypeComplete   ReportStateType = "COMPLETE"
)

Enum values for ReportStateType

type ResourceSpecificResult 

type ResourceSpecificResult struct {

	// Contains information about the effect that a permissions boundary has on a
	// policy simulation when that boundary is applied to an IAM entity.
	PermissionsBoundaryDecisionDetail *PermissionsBoundaryDecisionDetail

	// A list of context keys that are required by the included input policies but that
	// were not provided by one of the input parameters. This list is used when a list
	// of ARNs is included in the ResourceArns parameter instead of "*". If you do not
	// specify individual resources, by setting ResourceArns to "*" or by not including
	// the ResourceArns parameter, then any missing context values are instead included
	// under the EvaluationResults section. To discover the context keys used by a set
	// of policies, you can call GetContextKeysForCustomPolicy () or
	// GetContextKeysForPrincipalPolicy ().
	MissingContextValues []*string

	// Additional details about the results of the evaluation decision on a single
	// resource. This parameter is returned only for cross-account simulations. This
	// parameter explains how each policy type contributes to the resource-specific
	// evaluation decision.
	EvalDecisionDetails map[string]PolicyEvaluationDecisionType

	// The name of the simulated resource, in Amazon Resource Name (ARN) format.
	//
	// This member is required.
	EvalResourceName *string

	// A list of the statements in the input policies that determine the result for
	// this part of the simulation. Remember that even if multiple statements allow the
	// operation on the resource, if any statement denies that operation, then the
	// explicit deny overrides any allow. In addition, the deny statement is the only
	// entry included in the result.
	MatchedStatements []*Statement

	// The result of the simulation of the simulated API operation on the resource
	// specified in EvalResourceName.
	//
	// This member is required.
	EvalResourceDecision PolicyEvaluationDecisionType
}

Contains the result of the simulation of a single API operation call on a single resource. This data type is used by a member of the EvaluationResult () data type.

type Role 

type Role struct {

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the role was created.
	//
	// This member is required.
	CreateDate *time.Time

	// A list of tags that are attached to the specified role. For more information
	// about tagging, see Tagging IAM Identities
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User
	// Guide.
	Tags []*Tag

	// The policy that grants an entity permission to assume the role.
	AssumeRolePolicyDocument *string

	// Contains information about the last time that an IAM role was used. This
	// includes the date and time and the Region in which the role was last used.
	// Activity is only reported for the trailing 400 days. This period can be shorter
	// if your Region began supporting these features within the last year. The role
	// might have been used more than 400 days ago. For more information, see Regions
	// Where Data Is Tracked
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
	// in the IAM User Guide.
	RoleLastUsed *RoleLastUsed

	// The friendly name that identifies the role.
	//
	// This member is required.
	RoleName *string

	// The ARN of the policy used to set the permissions boundary for the role. For
	// more information about permissions boundaries, see Permissions Boundaries for
	// IAM Identities
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundary *AttachedPermissionsBoundary

	// The path to the role. For more information about paths, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	Path *string

	// A description of the role that you provide.
	Description *string

	// The Amazon Resource Name (ARN) specifying the role. For more information about
	// ARNs and how to use them in policies, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide guide.
	//
	// This member is required.
	Arn *string

	// The stable and unique string identifying the role. For more information about
	// IDs, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	RoleId *string

	// The maximum session duration (in seconds) for the specified role. Anyone who
	// uses the AWS CLI, or API to assume the role can specify the duration using the
	// optional DurationSeconds API parameter or duration-seconds CLI parameter.
	MaxSessionDuration *int32
}

Contains information about an IAM role. This structure is returned as a response element in several API operations that interact with roles.

type RoleDetail 

type RoleDetail struct {

	// The ARN of the policy used to set the permissions boundary for the role. For
	// more information about permissions boundaries, see Permissions Boundaries for
	// IAM Identities
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundary *AttachedPermissionsBoundary

	// The friendly name that identifies the role.
	RoleName *string

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the AWS General Reference.
	Arn *string

	// The path to the role. For more information about paths, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	Path *string

	// The trust policy that grants permission to assume the role.
	AssumeRolePolicyDocument *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the role was created.
	CreateDate *time.Time

	// A list of inline policies embedded in the role. These policies are the role's
	// access (permissions) policies.
	RolePolicyList []*PolicyDetail

	// A list of managed policies attached to the role. These policies are the role's
	// access (permissions) policies.
	AttachedManagedPolicies []*AttachedPolicy

	// The stable and unique string identifying the role. For more information about
	// IDs, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	RoleId *string

	// A list of instance profiles that contain this role.
	InstanceProfileList []*InstanceProfile

	// Contains information about the last time that an IAM role was used. This
	// includes the date and time and the Region in which the role was last used.
	// Activity is only reported for the trailing 400 days. This period can be shorter
	// if your Region began supporting these features within the last year. The role
	// might have been used more than 400 days ago. For more information, see Regions
	// Where Data Is Tracked
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
	// in the IAM User Guide.
	RoleLastUsed *RoleLastUsed

	// A list of tags that are attached to the specified role. For more information
	// about tagging, see Tagging IAM Identities
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User
	// Guide.
	Tags []*Tag
}

Contains information about an IAM role, including all of the role's policies. This data type is used as a response element in the GetAccountAuthorizationDetails () operation.

type RoleLastUsed 

type RoleLastUsed struct {

	// The name of the AWS Region in which the role was last used.
	Region *string

	// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601)
	// that the role was last used. This field is null if the role has not been used
	// within the IAM tracking period. For more information about the tracking period,
	// see Regions Where Data Is Tracked
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period)
	// in the IAM User Guide.
	LastUsedDate *time.Time
}

Contains information about the last time that an IAM role was used. This includes the date and time and the Region in which the role was last used. Activity is only reported for the trailing 400 days. This period can be shorter if your Region began supporting these features within the last year. The role might have been used more than 400 days ago. For more information, see Regions Where Data Is Tracked (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#access-advisor_tracking-period) in the IAM User Guide. This data type is returned as a response element in the GetRole () and GetAccountAuthorizationDetails () operations.

type RoleUsageType 

type RoleUsageType struct {

	// The name of the resource that is using the service-linked role.
	Resources []*string

	// The name of the Region where the service-linked role is being used.
	Region *string
}

An object that contains details about how a service-linked role is used, if that information is returned by the service. This data type is used as a response element in the GetServiceLinkedRoleDeletionStatus () operation.

type SAMLProviderListEntry 

type SAMLProviderListEntry struct {

	// The Amazon Resource Name (ARN) of the SAML provider.
	Arn *string

	// The date and time when the SAML provider was created.
	CreateDate *time.Time

	// The expiration date and time for the SAML provider.
	ValidUntil *time.Time
}

Contains the list of SAML providers for this account.

type SSHPublicKey 

type SSHPublicKey struct {

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the SSH public key was uploaded.
	UploadDate *time.Time

	// The name of the IAM user associated with the SSH public key.
	//
	// This member is required.
	UserName *string

	// The status of the SSH public key. Active means that the key can be used for
	// authentication with an AWS CodeCommit repository. Inactive means that the key
	// cannot be used.
	//
	// This member is required.
	Status StatusType

	// The SSH public key.
	//
	// This member is required.
	SSHPublicKeyBody *string

	// The MD5 message digest of the SSH public key.
	//
	// This member is required.
	Fingerprint *string

	// The unique identifier for the SSH public key.
	//
	// This member is required.
	SSHPublicKeyId *string
}

Contains information about an SSH public key. This data type is used as a response element in the GetSSHPublicKey () and UploadSSHPublicKey () operations.

type SSHPublicKeyMetadata 

type SSHPublicKeyMetadata struct {

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the SSH public key was uploaded.
	//
	// This member is required.
	UploadDate *time.Time

	// The status of the SSH public key. Active means that the key can be used for
	// authentication with an AWS CodeCommit repository. Inactive means that the key
	// cannot be used.
	//
	// This member is required.
	Status StatusType

	// The name of the IAM user associated with the SSH public key.
	//
	// This member is required.
	UserName *string

	// The unique identifier for the SSH public key.
	//
	// This member is required.
	SSHPublicKeyId *string
}

Contains information about an SSH public key, without the key's body or fingerprint. This data type is used as a response element in the ListSSHPublicKeys () operation.

type ServerCertificate 

type ServerCertificate struct {

	// The meta information of the server certificate, such as its name, path, ID, and
	// ARN.
	//
	// This member is required.
	ServerCertificateMetadata *ServerCertificateMetadata

	// The contents of the public key certificate chain.
	CertificateChain *string

	// The contents of the public key certificate.
	//
	// This member is required.
	CertificateBody *string
}

Contains information about a server certificate. This data type is used as a response element in the GetServerCertificate () operation.

type ServerCertificateMetadata 

type ServerCertificateMetadata struct {

	// The stable and unique string identifying the server certificate. For more
	// information about IDs, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	ServerCertificateId *string

	// The name that identifies the server certificate.
	//
	// This member is required.
	ServerCertificateName *string

	// The date on which the certificate is set to expire.
	Expiration *time.Time

	// The path to the server certificate. For more information about paths, see IAM
	// Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	Path *string

	// The date when the server certificate was uploaded.
	UploadDate *time.Time

	// The Amazon Resource Name (ARN) specifying the server certificate. For more
	// information about ARNs and how to use them in policies, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	Arn *string
}

Contains information about a server certificate without its certificate body, certificate chain, and private key. This data type is used as a response element in the UploadServerCertificate () and ListServerCertificates () operations.

type ServiceFailureException 

type ServiceFailureException struct {
	Message *string
}

The request processing has failed because of an unknown error, exception or failure.

func (*ServiceFailureException) Error 

func (e *ServiceFailureException) Error() string

func (*ServiceFailureException) ErrorCode 

func (e *ServiceFailureException) ErrorCode() string

func (*ServiceFailureException) ErrorFault 

func (e *ServiceFailureException) ErrorFault() smithy.ErrorFault

func (*ServiceFailureException) ErrorMessage 

func (e *ServiceFailureException) ErrorMessage() string

type ServiceLastAccessed 

type ServiceLastAccessed struct {

	// An object that contains details about the most recent attempt to access a
	// tracked action within the service. This field is null if there no tracked
	// actions or if the principal did not use the tracked actions within the reporting
	// period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	// This field is also null if the report was generated at the service level and not
	// the action level. For more information, see the Granularity field in
	// GenerateServiceLastAccessedDetails ().
	TrackedActionsLastAccessed []*TrackedActionLastAccessed

	// The name of the service in which access was attempted.
	//
	// This member is required.
	ServiceName *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when an authenticated entity most recently
	// attempted to access the service. AWS does not report unauthenticated requests.
	// This field is null if no IAM entities attempted to access the service within the
	// reporting period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAuthenticated *time.Time

	// The Region from which the authenticated entity (user or role) last attempted to
	// access the service. AWS does not report unauthenticated requests. This field is
	// null if no IAM entities attempted to access the service within the reporting
	// period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAuthenticatedRegion *string

	// The namespace of the service in which access was attempted. To learn the service
	// namespace of a service, go to Actions, Resources, and Condition Keys for AWS
	// Services
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_actions-resources-contextkeys.html)
	// in the IAM User Guide. Choose the name of the service to view details for that
	// service. In the first paragraph, find the service prefix. For example, (service
	// prefix: a4b). For more information about service namespaces, see AWS Service
	// Namespaces
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#genref-aws-service-namespaces)
	// in the AWS General Reference.
	//
	// This member is required.
	ServiceNamespace *string

	// The ARN of the authenticated entity (user or role) that last attempted to access
	// the service. AWS does not report unauthenticated requests. This field is null if
	// no IAM entities attempted to access the service within the reporting period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAuthenticatedEntity *string

	// The total number of authenticated principals (root user, IAM users, or IAM
	// roles) that have attempted to access the service. This field is null if no
	// principals attempted to access the service within the reporting period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	TotalAuthenticatedEntities *int32
}

Contains details about the most recent attempt to access the service. This data type is used as a response element in the GetServiceLastAccessedDetails () operation.

type ServiceNotSupportedException 

type ServiceNotSupportedException struct {
	Message *string
}

The specified service does not support service-specific credentials.

func (*ServiceNotSupportedException) Error 

func (e *ServiceNotSupportedException) Error() string

func (*ServiceNotSupportedException) ErrorCode 

func (e *ServiceNotSupportedException) ErrorCode() string

func (*ServiceNotSupportedException) ErrorFault 

func (e *ServiceNotSupportedException) ErrorFault() smithy.ErrorFault

func (*ServiceNotSupportedException) ErrorMessage 

func (e *ServiceNotSupportedException) ErrorMessage() string

type ServiceSpecificCredential 

type ServiceSpecificCredential struct {

	// The name of the IAM user associated with the service-specific credential.
	//
	// This member is required.
	UserName *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the service-specific credential were
	// created.
	//
	// This member is required.
	CreateDate *time.Time

	// The generated user name for the service-specific credential. This value is
	// generated by combining the IAM user's name combined with the ID number of the
	// AWS account, as in jane-at-123456789012, for example. This value cannot be
	// configured by the user.
	//
	// This member is required.
	ServiceUserName *string

	// The status of the service-specific credential. Active means that the key is
	// valid for API calls, while Inactive means it is not.
	//
	// This member is required.
	Status StatusType

	// The name of the service associated with the service-specific credential.
	//
	// This member is required.
	ServiceName *string

	// The generated password for the service-specific credential.
	//
	// This member is required.
	ServicePassword *string

	// The unique identifier for the service-specific credential.
	//
	// This member is required.
	ServiceSpecificCredentialId *string
}

Contains the details of a service-specific credential.

type ServiceSpecificCredentialMetadata 

type ServiceSpecificCredentialMetadata struct {

	// The unique identifier for the service-specific credential.
	//
	// This member is required.
	ServiceSpecificCredentialId *string

	// The generated user name for the service-specific credential.
	//
	// This member is required.
	ServiceUserName *string

	// The name of the service associated with the service-specific credential.
	//
	// This member is required.
	ServiceName *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the service-specific credential were
	// created.
	//
	// This member is required.
	CreateDate *time.Time

	// The status of the service-specific credential. Active means that the key is
	// valid for API calls, while Inactive means it is not.
	//
	// This member is required.
	Status StatusType

	// The name of the IAM user associated with the service-specific credential.
	//
	// This member is required.
	UserName *string
}

Contains additional details about a service-specific credential.

type SigningCertificate 

type SigningCertificate struct {

	// The contents of the signing certificate.
	//
	// This member is required.
	CertificateBody *string

	// The ID for the signing certificate.
	//
	// This member is required.
	CertificateId *string

	// The status of the signing certificate. Active means that the key is valid for
	// API calls, while Inactive means it is not.
	//
	// This member is required.
	Status StatusType

	// The name of the user the signing certificate is associated with.
	//
	// This member is required.
	UserName *string

	// The date when the signing certificate was uploaded.
	UploadDate *time.Time
}

Contains information about an X.509 signing certificate. This data type is used as a response element in the UploadSigningCertificate () and ListSigningCertificates () operations.

type SortKeyType 

type SortKeyType string
const (
	SortKeyTypeService_namespace_ascending        SortKeyType = "SERVICE_NAMESPACE_ASCENDING"
	SortKeyTypeService_namespace_descending       SortKeyType = "SERVICE_NAMESPACE_DESCENDING"
	SortKeyTypeLast_authenticated_time_ascending  SortKeyType = "LAST_AUTHENTICATED_TIME_ASCENDING"
	SortKeyTypeLast_authenticated_time_descending SortKeyType = "LAST_AUTHENTICATED_TIME_DESCENDING"
)

Enum values for SortKeyType

type Statement 

type Statement struct {

	// The identifier of the policy that was provided as an input.
	SourcePolicyId *string

	// The row and column of the end of a Statement in an IAM policy.
	EndPosition *Position

	// The type of the policy.
	SourcePolicyType PolicySourceType

	// The row and column of the beginning of the Statement in an IAM policy.
	StartPosition *Position
}

Contains a reference to a Statement element in a policy document that determines the result of the simulation. This data type is used by the MatchedStatements member of the EvaluationResult () type.

type StatusType 

type StatusType string
const (
	StatusTypeActive   StatusType = "Active"
	StatusTypeInactive StatusType = "Inactive"
)

Enum values for StatusType

type SummaryKeyType 

type SummaryKeyType string
const (
	SummaryKeyTypeUsers                             SummaryKeyType = "Users"
	SummaryKeyTypeUsersquota                        SummaryKeyType = "UsersQuota"
	SummaryKeyTypeGroups                            SummaryKeyType = "Groups"
	SummaryKeyTypeGroupsquota                       SummaryKeyType = "GroupsQuota"
	SummaryKeyTypeServercertificates                SummaryKeyType = "ServerCertificates"
	SummaryKeyTypeServercertificatesquota           SummaryKeyType = "ServerCertificatesQuota"
	SummaryKeyTypeUserpolicysizequota               SummaryKeyType = "UserPolicySizeQuota"
	SummaryKeyTypeGrouppolicysizequota              SummaryKeyType = "GroupPolicySizeQuota"
	SummaryKeyTypeGroupsperuserquota                SummaryKeyType = "GroupsPerUserQuota"
	SummaryKeyTypeSigningcertificatesperuserquota   SummaryKeyType = "SigningCertificatesPerUserQuota"
	SummaryKeyTypeAccesskeysperuserquota            SummaryKeyType = "AccessKeysPerUserQuota"
	SummaryKeyTypeMfadevices                        SummaryKeyType = "MFADevices"
	SummaryKeyTypeMfadevicesinuse                   SummaryKeyType = "MFADevicesInUse"
	SummaryKeyTypeAccountmfaenabled                 SummaryKeyType = "AccountMFAEnabled"
	SummaryKeyTypeAccountaccesskeyspresent          SummaryKeyType = "AccountAccessKeysPresent"
	SummaryKeyTypeAccountsigningcertificatespresent SummaryKeyType = "AccountSigningCertificatesPresent"
	SummaryKeyTypeAttachedpoliciespergroupquota     SummaryKeyType = "AttachedPoliciesPerGroupQuota"
	SummaryKeyTypeAttachedpoliciesperrolequota      SummaryKeyType = "AttachedPoliciesPerRoleQuota"
	SummaryKeyTypeAttachedpoliciesperuserquota      SummaryKeyType = "AttachedPoliciesPerUserQuota"
	SummaryKeyTypePolicies                          SummaryKeyType = "Policies"
	SummaryKeyTypePoliciesquota                     SummaryKeyType = "PoliciesQuota"
	SummaryKeyTypePolicysizequota                   SummaryKeyType = "PolicySizeQuota"
	SummaryKeyTypePolicyversionsinuse               SummaryKeyType = "PolicyVersionsInUse"
	SummaryKeyTypePolicyversionsinusequota          SummaryKeyType = "PolicyVersionsInUseQuota"
	SummaryKeyTypeVersionsperpolicyquota            SummaryKeyType = "VersionsPerPolicyQuota"
	SummaryKeyTypeGlobalendpointtokenversion        SummaryKeyType = "GlobalEndpointTokenVersion"
)

Enum values for SummaryKeyType

type Tag 

type Tag struct {

	// The key name that can be used to look up or retrieve the associated value. For
	// example, Department or Cost Center are common choices.
	//
	// This member is required.
	Key *string

	// The value associated with this tag. For example, tags with a key name of
	// Department could have values such as Human Resources, Accounting, and Support.
	// Tags with a key name of Cost Center might have values that consist of the number
	// associated with the different cost centers in your company. Typically, many
	// resources have tags with the same key name but with different values. AWS always
	// interprets the tag Value as a single string. If you need to store an array, you
	// can store comma-separated values in the string. However, you must interpret the
	// value in your code.
	//
	// This member is required.
	Value *string
}

A structure that represents user-provided metadata that can be associated with a resource such as an IAM user or role. For more information about tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User Guide.

type TrackedActionLastAccessed 

type TrackedActionLastAccessed struct {

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when an authenticated entity most recently
	// attempted to access the tracked service. AWS does not report unauthenticated
	// requests. This field is null if no IAM entities attempted to access the service
	// within the reporting period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAccessedTime *time.Time

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the AWS General Reference.
	LastAccessedEntity *string

	// The Region from which the authenticated entity (user or role) last attempted to
	// access the tracked action. AWS does not report unauthenticated requests. This
	// field is null if no IAM entities attempted to access the service within the
	// reporting period
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_access-advisor.html#service-last-accessed-reporting-period).
	LastAccessedRegion *string

	// The name of the tracked action to which access was attempted. Tracked actions
	// are actions that report activity to IAM.
	ActionName *string
}

Contains details about the most recent attempt to access an action within the service. This data type is used as a response element in the GetServiceLastAccessedDetails () operation.

type UnmodifiableEntityException 

type UnmodifiableEntityException struct {
	Message *string
}

The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service.

func (*UnmodifiableEntityException) Error 

func (e *UnmodifiableEntityException) Error() string

func (*UnmodifiableEntityException) ErrorCode 

func (e *UnmodifiableEntityException) ErrorCode() string

func (*UnmodifiableEntityException) ErrorFault 

func (e *UnmodifiableEntityException) ErrorFault() smithy.ErrorFault

func (*UnmodifiableEntityException) ErrorMessage 

func (e *UnmodifiableEntityException) ErrorMessage() string

type UnrecognizedPublicKeyEncodingException 

type UnrecognizedPublicKeyEncodingException struct {
	Message *string
}

The request was rejected because the public key encoding format is unsupported or unrecognized.

func (*UnrecognizedPublicKeyEncodingException) Error 

func (e *UnrecognizedPublicKeyEncodingException) Error() string

func (*UnrecognizedPublicKeyEncodingException) ErrorCode 

func (e *UnrecognizedPublicKeyEncodingException) ErrorCode() string

func (*UnrecognizedPublicKeyEncodingException) ErrorFault 

func (e *UnrecognizedPublicKeyEncodingException) ErrorFault() smithy.ErrorFault

func (*UnrecognizedPublicKeyEncodingException) ErrorMessage 

func (e *UnrecognizedPublicKeyEncodingException) ErrorMessage() string

type User 

type User struct {

	// The stable and unique string identifying the user. For more information about
	// IDs, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	UserId *string

	// The friendly name identifying the user.
	//
	// This member is required.
	UserName *string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the user's password was last used to sign
	// in to an AWS website. For a list of AWS websites that capture a user's last
	// sign-in time, see the Credential Reports
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html) topic
	// in the IAM User Guide. If a password is used more than once in a five-minute
	// span, only the first use is returned in this field. If the field is null (no
	// value), then it indicates that they never signed in with a password. This can be
	// because:
	//
	//     * The user never had a password.
	//
	//     * A password exists but has
	// not been used since IAM started tracking this information on October 20,
	// 2014.
	//
	// A null value does not mean that the user never had a password. Also, if
	// the user does not currently have a password but had one in the past, then this
	// field contains the date and time the most recent password was used. This value
	// is returned only in the GetUser () and ListUsers () operations.
	PasswordLastUsed *time.Time

	// The ARN of the policy used to set the permissions boundary for the user. For
	// more information about permissions boundaries, see Permissions Boundaries for
	// IAM Identities
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundary *AttachedPermissionsBoundary

	// The Amazon Resource Name (ARN) that identifies the user. For more information
	// about ARNs and how to use ARNs in policies, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	Arn *string

	// The path to the user. For more information about paths, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	//
	// This member is required.
	Path *string

	// A list of tags that are associated with the specified user. For more information
	// about tagging, see Tagging IAM Identities
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User
	// Guide.
	Tags []*Tag

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the user was created.
	//
	// This member is required.
	CreateDate *time.Time
}

Contains information about an IAM user entity. This data type is used as a response element in the following operations:

GetUser ()

type UserDetail 

type UserDetail struct {

	// The Amazon Resource Name (ARN). ARNs are unique identifiers for AWS resources.
	// For more information about ARNs, go to Amazon Resource Names (ARNs) and AWS
	// Service Namespaces
	// (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) in
	// the AWS General Reference.
	Arn *string

	// The ARN of the policy used to set the permissions boundary for the user. For
	// more information about permissions boundaries, see Permissions Boundaries for
	// IAM Identities
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
	// in the IAM User Guide.
	PermissionsBoundary *AttachedPermissionsBoundary

	// A list of tags that are associated with the specified user. For more information
	// about tagging, see Tagging IAM Identities
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html) in the IAM User
	// Guide.
	Tags []*Tag

	// A list of IAM groups that the user is in.
	GroupList []*string

	// The date and time, in ISO 8601 date-time format
	// (http://www.iso.org/iso/iso8601), when the user was created.
	CreateDate *time.Time

	// A list of the inline policies embedded in the user.
	UserPolicyList []*PolicyDetail

	// A list of the managed policies attached to the user.
	AttachedManagedPolicies []*AttachedPolicy

	// The friendly name identifying the user.
	UserName *string

	// The path to the user. For more information about paths, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	Path *string

	// The stable and unique string identifying the user. For more information about
	// IDs, see IAM Identifiers
	// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html) in the
	// IAM User Guide.
	UserId *string
}

Contains information about an IAM user, including all the user's policies and all the IAM groups the user is in. This data type is used as a response element in the GetAccountAuthorizationDetails () operation.

type VirtualMFADevice 

type VirtualMFADevice struct {

	// A QR code PNG image that encodes
	// otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String where
	// $virtualMFADeviceName is one of the create call arguments. AccountName is the
	// user name if set (otherwise, the account ID otherwise), and Base32String is the
	// seed in base32 format. The Base32String value is base64-encoded.
	QRCodePNG []byte

	// The date and time on which the virtual MFA device was enabled.
	EnableDate *time.Time

	// The serial number associated with VirtualMFADevice.
	//
	// This member is required.
	SerialNumber *string

	// The base32 seed defined as specified in RFC3548
	// (https://tools.ietf.org/html/rfc3548.txt). The Base32StringSeed is
	// base64-encoded.
	Base32StringSeed []byte

	// The IAM user associated with this virtual MFA device.
	User *User
}

Contains information about a virtual MFA device.

Source Files

enums.go errors.go types.go

Version
v0.26.0
Published
Oct 1, 2020
Platform
js/wasm
Imports
3 packages
Last checked
7 hours ago

Tools for package owners.