class Aws::IAM::Resource

This class provides a resource oriented interface for IAM. To create a resource object:

resource = Aws::IAM::Resource.new(region: 'us-west-2')

You can supply a client object with custom configuration that will be used for all resource operations. If you do not pass `:client`, a default client will be constructed.

client = Aws::IAM::Client.new(region: 'us-west-2')
resource = Aws::IAM::Resource.new(client: client)

Public Class Methods

new(options = {}) click to toggle source

@param options ({}) @option options [Client] :client

# File lib/aws-sdk-iam/resource.rb, line 27
def initialize(options = {})
  @client = options[:client] || Client.new(options)
end

Public Instance Methods

account_password_policy() click to toggle source

@return [AccountPasswordPolicy]

# File lib/aws-sdk-iam/resource.rb, line 890
def account_password_policy
  AccountPasswordPolicy.new(client: @client)
end
account_summary() click to toggle source

@return [AccountSummary]

# File lib/aws-sdk-iam/resource.rb, line 895
def account_summary
  AccountSummary.new(client: @client)
end
change_password(options = {}) click to toggle source

@example Request syntax with placeholder values

iam.change_password({
  old_password: "passwordType", # required
  new_password: "passwordType", # required
})

@param [Hash] options ({}) @option options [required, String] :old_password

The IAM user's current password.

@option options [required, String] :new_password

The new password. The new password must conform to the account's
password policy, if one exists.

The [regex pattern][1] that is used to validate this parameter is a
string of characters. That string can include almost any printable
ASCII character from the space (`\u0020`) through the end of the ASCII
character range (`\u00FF`). You can also include the tab (`\u0009`),
line feed (`\u000A`), and carriage return (`\u000D`) characters. Any
of these characters are valid in a password. However, many tools, such
as the Management Console, might restrict the ability to type certain
characters because they have special meaning within that tool.

[1]: http://wikipedia.org/wiki/regex

@return [EmptyStructure]

# File lib/aws-sdk-iam/resource.rb, line 64
def change_password(options = {})
  resp = @client.change_password(options)
  resp.data
end
client() click to toggle source

@return [Client]

# File lib/aws-sdk-iam/resource.rb, line 32
def client
  @client
end
create_account_alias(options = {}) click to toggle source

@example Request syntax with placeholder values

iam.create_account_alias({
  account_alias: "accountAliasType", # required
})

@param [Hash] options ({}) @option options [required, String] :account_alias

The account alias to create.

This parameter allows (through its [regex pattern][1]) a string of
characters consisting of lowercase letters, digits, and dashes. You
cannot start or finish with a dash, nor can you have two dashes in a
row.

[1]: http://wikipedia.org/wiki/regex

@return [EmptyStructure]

# File lib/aws-sdk-iam/resource.rb, line 87
def create_account_alias(options = {})
  resp = @client.create_account_alias(options)
  resp.data
end
create_account_password_policy(options = {}) click to toggle source

@example Request syntax with placeholder values

accountpasswordpolicy = iam.create_account_password_policy({
  minimum_password_length: 1,
  require_symbols: false,
  require_numbers: false,
  require_uppercase_characters: false,
  require_lowercase_characters: false,
  allow_users_to_change_password: false,
  max_password_age: 1,
  password_reuse_prevention: 1,
  hard_expiry: false,
})

@param [Hash] options ({}) @option options [Integer] :minimum_password_length

The minimum number of characters allowed in an IAM user password.

If you do not specify a value for this parameter, then the operation
uses the default value of `6`.

@option options [Boolean] :require_symbols

Specifies whether IAM user passwords must contain at least one of the
following non-alphanumeric characters:

! @ # $ % ^ & * ( ) \_ + - = \[ \] \\\{ \\} \| '

If you do not specify a value for this parameter, then the operation
uses the default value of `false`. The result is that passwords do not
require at least one symbol character.

@option options [Boolean] :require_numbers

Specifies whether IAM user passwords must contain at least one numeric
character (0 to 9).

If you do not specify a value for this parameter, then the operation
uses the default value of `false`. The result is that passwords do not
require at least one numeric character.

@option options [Boolean] :require_uppercase_characters

Specifies whether IAM user passwords must contain at least one
uppercase character from the ISO basic Latin alphabet (A to Z).

If you do not specify a value for this parameter, then the operation
uses the default value of `false`. The result is that passwords do not
require at least one uppercase character.

@option options [Boolean] :require_lowercase_characters

Specifies whether IAM user passwords must contain at least one
lowercase character from the ISO basic Latin alphabet (a to z).

If you do not specify a value for this parameter, then the operation
uses the default value of `false`. The result is that passwords do not
require at least one lowercase character.

@option options [Boolean] :allow_users_to_change_password

Allows all IAM users in your account to use the Management Console to
change their own passwords. For more information, see [Letting IAM
users change their own passwords][1] in the *IAM User Guide*.

If you do not specify a value for this parameter, then the operation
uses the default value of `false`. The result is that IAM users in the
account do not automatically have permissions to change their own
password.

[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/HowToPwdIAMUser.html

@option options [Integer] :max_password_age

The number of days that an IAM user password is valid.

If you do not specify a value for this parameter, then the operation
uses the default value of `0`. The result is that IAM user passwords
never expire.

@option options [Integer] :password_reuse_prevention

Specifies the number of previous passwords that IAM users are
prevented from reusing.

If you do not specify a value for this parameter, then the operation
uses the default value of `0`. The result is that IAM users are not
prevented from reusing previous passwords.

@option options [Boolean] :hard_expiry

Prevents IAM users from setting a new password after their password
has expired. The IAM user cannot be accessed until an administrator
resets the password.

If you do not specify a value for this parameter, then the operation
uses the default value of `false`. The result is that IAM users can
change their passwords after they expire and continue to sign in as
the user.

@return [AccountPasswordPolicy]

# File lib/aws-sdk-iam/resource.rb, line 177
def create_account_password_policy(options = {})
  @client.update_account_password_policy(options)
  AccountPasswordPolicy.new(client: @client)
end
create_group(options = {}) click to toggle source

@example Request syntax with placeholder values

group = iam.create_group({
  path: "pathType",
  group_name: "groupNameType", # required
})

@param [Hash] options ({}) @option options [String] :path

The path to the group. For more information about paths, see [IAM
identifiers][1] in the *IAM User Guide*.

This parameter is optional. If it is not included, it defaults to a
slash (/).

This parameter allows (through its [regex pattern][2]) a string of
characters consisting of either a forward slash (/) by itself or a
string that must begin and end with forward slashes. In addition, it
can contain any ASCII character from the ! (`\u0021`) through the DEL
character (`\u007F`), including most punctuation characters, digits,
and upper and lowercased letters.

[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
[2]: http://wikipedia.org/wiki/regex

@option options [required, String] :group_name

The name of the group to create. Do not include the path in this
value.

IAM user, group, role, and policy names must be unique within the
account. Names are not distinguished by case. For example, you cannot
create resources named both "MyResource" and "myresource".

@return [Group]

# File lib/aws-sdk-iam/resource.rb, line 215
def create_group(options = {})
  resp = @client.create_group(options)
  Group.new(
    name: options[:group_name],
    data: resp.data.group,
    client: @client
  )
end
create_instance_profile(options = {}) click to toggle source

@example Request syntax with placeholder values

instanceprofile = iam.create_instance_profile({
  instance_profile_name: "instanceProfileNameType", # required
  path: "pathType",
  tags: [
    {
      key: "tagKeyType", # required
      value: "tagValueType", # required
    },
  ],
})

@param [Hash] options ({}) @option options [required, String] :instance_profile_name

The name of the instance profile to create.

This parameter allows (through its [regex pattern][1]) a string of
characters consisting of upper and lowercase alphanumeric characters
with no spaces. You can also include any of the following characters:
\_+=,.@-

[1]: http://wikipedia.org/wiki/regex

@option options [String] :path

The path to the instance profile. For more information about paths,
see [IAM Identifiers][1] in the *IAM User Guide*.

This parameter is optional. If it is not included, it defaults to a
slash (/).

This parameter allows (through its [regex pattern][2]) a string of
characters consisting of either a forward slash (/) by itself or a
string that must begin and end with forward slashes. In addition, it
can contain any ASCII character from the ! (`\u0021`) through the DEL
character (`\u007F`), including most punctuation characters, digits,
and upper and lowercased letters.

[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
[2]: http://wikipedia.org/wiki/regex

@option options [Array<Types::Tag>] :tags

A list of tags that you want to attach to the newly created IAM
instance profile. Each tag consists of a key name and an associated
value. For more information about tagging, see [Tagging IAM
resources][1] in the *IAM User Guide*.

<note markdown="1"> If any one of the tags is invalid or if you exceed the allowed maximum
number of tags, then the entire request fails and the resource is not
created.

 </note>

[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html

@return [InstanceProfile]

# File lib/aws-sdk-iam/resource.rb, line 282
def create_instance_profile(options = {})
  resp = @client.create_instance_profile(options)
  InstanceProfile.new(
    name: options[:instance_profile_name],
    data: resp.data.instance_profile,
    client: @client
  )
end
create_policy(options = {}) click to toggle source

@example Request syntax with placeholder values

policy = iam.create_policy({
  policy_name: "policyNameType", # required
  path: "policyPathType",
  policy_document: "policyDocumentType", # required
  description: "policyDescriptionType",
  tags: [
    {
      key: "tagKeyType", # required
      value: "tagValueType", # required
    },
  ],
})

@param [Hash] options ({}) @option options [required, String] :policy_name

The friendly name of the policy.

IAM user, group, role, and policy names must be unique within the
account. Names are not distinguished by case. For example, you cannot
create resources named both "MyResource" and "myresource".

@option options [String] :path

The path for the policy.

For more information about paths, see [IAM identifiers][1] in the *IAM
User Guide*.

This parameter is optional. If it is not included, it defaults to a
slash (/).

This parameter allows (through its [regex pattern][2]) a string of
characters consisting of either a forward slash (/) by itself or a
string that must begin and end with forward slashes. In addition, it
can contain any ASCII character from the ! (`\u0021`) through the DEL
character (`\u007F`), including most punctuation characters, digits,
and upper and lowercased letters.

[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
[2]: http://wikipedia.org/wiki/regex

@option options [required, String] :policy_document

The JSON policy document that you want to use as the content for the
new policy.

You must provide policies in JSON format in IAM. However, for
CloudFormation templates formatted in YAML, you can provide the policy
in JSON or YAML format. CloudFormation always converts a YAML policy
to JSON format before submitting it to IAM.

The maximum length of the policy document that you can pass in this
operation, including whitespace, is listed below. To view the maximum
character counts of a managed policy with no whitespaces, see [IAM and
STS character quotas][1].

To learn more about JSON policy grammar, see [Grammar of the IAM JSON
policy language][2] in the *IAM User Guide*.

The [regex pattern][3] used to validate this parameter is a string of
characters consisting of the following:

* Any printable ASCII character ranging from the space character
  (`\u0020`) through the end of the ASCII character range

* The printable characters in the Basic Latin and Latin-1 Supplement
  character set (through `\u00FF`)

* The special characters tab (`\u0009`), line feed (`\u000A`), and
  carriage return (`\u000D`)

[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-quotas-entity-length
[2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_grammar.html
[3]: http://wikipedia.org/wiki/regex

@option options [String] :description

A friendly description of the policy.

Typically used to store information about the permissions defined in
the policy. For example, "Grants access to production DynamoDB
tables."

The policy description is immutable. After a value is assigned, it
cannot be changed.

@option options [Array<Types::Tag>] :tags

A list of tags that you want to attach to the new IAM customer managed
policy. Each tag consists of a key name and an associated value. For
more information about tagging, see [Tagging IAM resources][1] in the
*IAM User Guide*.

<note markdown="1"> If any one of the tags is invalid or if you exceed the allowed maximum
number of tags, then the entire request fails and the resource is not
created.

 </note>

[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html

@return [Policy]

# File lib/aws-sdk-iam/resource.rb, line 391
def create_policy(options = {})
  resp = @client.create_policy(options)
  Policy.new(
    arn: resp.data.policy.arn,
    client: @client
  )
end
create_role(options = {}) click to toggle source

@example Request syntax with placeholder values

role = iam.create_role({
  path: "pathType",
  role_name: "roleNameType", # required
  assume_role_policy_document: "policyDocumentType", # required
  description: "roleDescriptionType",
  max_session_duration: 1,
  permissions_boundary: "arnType",
  tags: [
    {
      key: "tagKeyType", # required
      value: "tagValueType", # required
    },
  ],
})

@param [Hash] options ({}) @option options [String] :path

The path to the role. For more information about paths, see [IAM
Identifiers][1] in the *IAM User Guide*.

This parameter is optional. If it is not included, it defaults to a
slash (/).

This parameter allows (through its [regex pattern][2]) a string of
characters consisting of either a forward slash (/) by itself or a
string that must begin and end with forward slashes. In addition, it
can contain any ASCII character from the ! (`\u0021`) through the DEL
character (`\u007F`), including most punctuation characters, digits,
and upper and lowercased letters.

[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
[2]: http://wikipedia.org/wiki/regex

@option options [required, String] :role_name

The name of the role to create.

IAM user, group, role, and policy names must be unique within the
account. Names are not distinguished by case. For example, you cannot
create resources named both "MyResource" and "myresource".

@option options [required, String] :assume_role_policy_document

The trust relationship policy document that grants an entity
permission to assume the role.

In IAM, you must provide a JSON policy that has been converted to a
string. However, for CloudFormation templates formatted in YAML, you
can provide the policy in JSON or YAML format. CloudFormation always
converts a YAML policy to JSON format before submitting it to IAM.

The [regex pattern][1] used to validate this parameter is a string of
characters consisting of the following:

* Any printable ASCII character ranging from the space character
  (`\u0020`) through the end of the ASCII character range

* The printable characters in the Basic Latin and Latin-1 Supplement
  character set (through `\u00FF`)

* The special characters tab (`\u0009`), line feed (`\u000A`), and
  carriage return (`\u000D`)

Upon success, the response includes the same trust policy in JSON
format.

[1]: http://wikipedia.org/wiki/regex

@option options [String] :description

A description of the role.

@option options [Integer] :max_session_duration

The maximum session duration (in seconds) that you want to set for the
specified role. If you do not specify a value for this setting, the
default maximum of one hour is applied. This setting can have a value
from 1 hour to 12 hours.

Anyone who assumes the role from the or API can use the
`DurationSeconds` API parameter or the `duration-seconds` CLI
parameter to request a longer session. The `MaxSessionDuration`
setting determines the maximum duration that can be requested using
the `DurationSeconds` parameter. If users don't specify a value for
the `DurationSeconds` parameter, their security credentials are valid
for one hour by default. This applies when you use the `AssumeRole*`
API operations or the `assume-role*` CLI operations but does not apply
when you use those operations to create a console URL. For more
information, see [Using IAM roles][1] in the *IAM User Guide*.

[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html

@option options [String] :permissions_boundary

The ARN of the policy that is used to set the permissions boundary for
the role.

@option options [Array<Types::Tag>] :tags

A list of tags that you want to attach to the new role. Each tag
consists of a key name and an associated value. For more information
about tagging, see [Tagging IAM resources][1] in the *IAM User Guide*.

<note markdown="1"> If any one of the tags is invalid or if you exceed the allowed maximum
number of tags, then the entire request fails and the resource is not
created.

 </note>

[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html

@return [Role]

# File lib/aws-sdk-iam/resource.rb, line 507
def create_role(options = {})
  resp = @client.create_role(options)
  Role.new(
    name: options[:role_name],
    data: resp.data.role,
    client: @client
  )
end
create_saml_provider(options = {}) click to toggle source

@example Request syntax with placeholder values

samlprovider = iam.create_saml_provider({
  saml_metadata_document: "SAMLMetadataDocumentType", # required
  name: "SAMLProviderNameType", # required
  tags: [
    {
      key: "tagKeyType", # required
      value: "tagValueType", # required
    },
  ],
})

@param [Hash] options ({}) @option options [required, String] :saml_metadata_document

An XML document generated by an identity provider (IdP) that supports
SAML 2.0. The document includes the issuer's name, expiration
information, and keys that can be used to validate the SAML
authentication response (assertions) that are received from the IdP.
You must generate the metadata document using the identity management
software that is used as your organization's IdP.

For more information, see [About SAML 2.0-based federation][1] in the
*IAM User Guide*

[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html

@option options [required, String] :name

The name of the provider to create.

This parameter allows (through its [regex pattern][1]) a string of
characters consisting of upper and lowercase alphanumeric characters
with no spaces. You can also include any of the following characters:
\_+=,.@-

[1]: http://wikipedia.org/wiki/regex

@option options [Array<Types::Tag>] :tags

A list of tags that you want to attach to the new IAM SAML provider.
Each tag consists of a key name and an associated value. For more
information about tagging, see [Tagging IAM resources][1] in the *IAM
User Guide*.

<note markdown="1"> If any one of the tags is invalid or if you exceed the allowed maximum
number of tags, then the entire request fails and the resource is not
created.

 </note>

[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html

@return [SamlProvider]

# File lib/aws-sdk-iam/resource.rb, line 570
def create_saml_provider(options = {})
  resp = @client.create_saml_provider(options)
  SamlProvider.new(
    arn: resp.data.saml_provider_arn,
    client: @client
  )
end
create_server_certificate(options = {}) click to toggle source

@example Request syntax with placeholder values

servercertificate = iam.create_server_certificate({
  path: "pathType",
  server_certificate_name: "serverCertificateNameType", # required
  certificate_body: "certificateBodyType", # required
  private_key: "privateKeyType", # required
  certificate_chain: "certificateChainType",
  tags: [
    {
      key: "tagKeyType", # required
      value: "tagValueType", # required
    },
  ],
})

@param [Hash] options ({}) @option options [String] :path

The path for the server certificate. For more information about paths,
see [IAM identifiers][1] in the *IAM User Guide*.

This parameter is optional. If it is not included, it defaults to a
slash (/). This parameter allows (through its [regex pattern][2]) a
string of characters consisting of either a forward slash (/) by
itself or a string that must begin and end with forward slashes. In
addition, it can contain any ASCII character from the ! (`\u0021`)
through the DEL character (`\u007F`), including most punctuation
characters, digits, and upper and lowercased letters.

<note markdown="1"> If you are uploading a server certificate specifically for use with
Amazon CloudFront distributions, you must specify a path using the
`path` parameter. The path must begin with `/cloudfront` and must
include a trailing slash (for example, `/cloudfront/test/`).

 </note>

[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
[2]: http://wikipedia.org/wiki/regex

@option options [required, String] :server_certificate_name

The name for the server certificate. Do not include the path in this
value. The name of the certificate cannot contain any spaces.

This parameter allows (through its [regex pattern][1]) a string of
characters consisting of upper and lowercase alphanumeric characters
with no spaces. You can also include any of the following characters:
\_+=,.@-

[1]: http://wikipedia.org/wiki/regex

@option options [required, String] :certificate_body

The contents of the public key certificate in PEM-encoded format.

The [regex pattern][1] used to validate this parameter is a string of
characters consisting of the following:

* Any printable ASCII character ranging from the space character
  (`\u0020`) through the end of the ASCII character range

* The printable characters in the Basic Latin and Latin-1 Supplement
  character set (through `\u00FF`)

* The special characters tab (`\u0009`), line feed (`\u000A`), and
  carriage return (`\u000D`)

[1]: http://wikipedia.org/wiki/regex

@option options [required, String] :private_key

The contents of the private key in PEM-encoded format.

The [regex pattern][1] used to validate this parameter is a string of
characters consisting of the following:

* Any printable ASCII character ranging from the space character
  (`\u0020`) through the end of the ASCII character range

* The printable characters in the Basic Latin and Latin-1 Supplement
  character set (through `\u00FF`)

* The special characters tab (`\u0009`), line feed (`\u000A`), and
  carriage return (`\u000D`)

[1]: http://wikipedia.org/wiki/regex

@option options [String] :certificate_chain

The contents of the certificate chain. This is typically a
concatenation of the PEM-encoded public key certificates of the chain.

The [regex pattern][1] used to validate this parameter is a string of
characters consisting of the following:

* Any printable ASCII character ranging from the space character
  (`\u0020`) through the end of the ASCII character range

* The printable characters in the Basic Latin and Latin-1 Supplement
  character set (through `\u00FF`)

* The special characters tab (`\u0009`), line feed (`\u000A`), and
  carriage return (`\u000D`)

[1]: http://wikipedia.org/wiki/regex

@option options [Array<Types::Tag>] :tags

A list of tags that you want to attach to the new IAM server
certificate resource. Each tag consists of a key name and an
associated value. For more information about tagging, see [Tagging IAM
resources][1] in the *IAM User Guide*.

<note markdown="1"> If any one of the tags is invalid or if you exceed the allowed maximum
number of tags, then the entire request fails and the resource is not
created.

 </note>

[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html

@return [ServerCertificate]

# File lib/aws-sdk-iam/resource.rb, line 700
def create_server_certificate(options = {})
  @client.upload_server_certificate(options)
  ServerCertificate.new(
    name: options[:server_certificate_name],
    client: @client
  )
end
create_signing_certificate(options = {}) click to toggle source

@example Request syntax with placeholder values

signingcertificate = iam.create_signing_certificate({
  user_name: "existingUserNameType",
  certificate_body: "certificateBodyType", # required
})

@param [Hash] options ({}) @option options [String] :user_name

The name of the user the signing certificate is for.

This parameter allows (through its [regex pattern][1]) a string of
characters consisting of upper and lowercase alphanumeric characters
with no spaces. You can also include any of the following characters:
\_+=,.@-

[1]: http://wikipedia.org/wiki/regex

@option options [required, String] :certificate_body

The contents of the signing certificate.

The [regex pattern][1] used to validate this parameter is a string of
characters consisting of the following:

* Any printable ASCII character ranging from the space character
  (`\u0020`) through the end of the ASCII character range

* The printable characters in the Basic Latin and Latin-1 Supplement
  character set (through `\u00FF`)

* The special characters tab (`\u0009`), line feed (`\u000A`), and
  carriage return (`\u000D`)

[1]: http://wikipedia.org/wiki/regex

@return [SigningCertificate]

# File lib/aws-sdk-iam/resource.rb, line 745
def create_signing_certificate(options = {})
  resp = @client.upload_signing_certificate(options)
  SigningCertificate.new(
    id: resp.data.certificate.certificate_id,
    data: resp.data.certificate,
    client: @client
  )
end
create_user(options = {}) click to toggle source

@example Request syntax with placeholder values

user = iam.create_user({
  path: "pathType",
  user_name: "userNameType", # required
  permissions_boundary: "arnType",
  tags: [
    {
      key: "tagKeyType", # required
      value: "tagValueType", # required
    },
  ],
})

@param [Hash] options ({}) @option options [String] :path

The path for the user name. For more information about paths, see [IAM
identifiers][1] in the *IAM User Guide*.

This parameter is optional. If it is not included, it defaults to a
slash (/).

This parameter allows (through its [regex pattern][2]) a string of
characters consisting of either a forward slash (/) by itself or a
string that must begin and end with forward slashes. In addition, it
can contain any ASCII character from the ! (`\u0021`) through the DEL
character (`\u007F`), including most punctuation characters, digits,
and upper and lowercased letters.

[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
[2]: http://wikipedia.org/wiki/regex

@option options [required, String] :user_name

The name of the user to create.

IAM user, group, role, and policy names must be unique within the
account. Names are not distinguished by case. For example, you cannot
create resources named both "MyResource" and "myresource".

@option options [String] :permissions_boundary

The ARN of the policy that is used to set the permissions boundary for
the user.

@option options [Array<Types::Tag>] :tags

A list of tags that you want to attach to the new user. Each tag
consists of a key name and an associated value. For more information
about tagging, see [Tagging IAM resources][1] in the *IAM User Guide*.

<note markdown="1"> If any one of the tags is invalid or if you exceed the allowed maximum
number of tags, then the entire request fails and the resource is not
created.

 </note>

[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html

@return [User]

# File lib/aws-sdk-iam/resource.rb, line 810
def create_user(options = {})
  resp = @client.create_user(options)
  User.new(
    name: options[:user_name],
    data: resp.data.user,
    client: @client
  )
end
create_virtual_mfa_device(options = {}) click to toggle source

@example Request syntax with placeholder values

virtualmfadevice = iam.create_virtual_mfa_device({
  path: "pathType",
  virtual_mfa_device_name: "virtualMFADeviceName", # required
  tags: [
    {
      key: "tagKeyType", # required
      value: "tagValueType", # required
    },
  ],
})

@param [Hash] options ({}) @option options [String] :path

The path for the virtual MFA device. For more information about paths,
see [IAM identifiers][1] in the *IAM User Guide*.

This parameter is optional. If it is not included, it defaults to a
slash (/).

This parameter allows (through its [regex pattern][2]) a string of
characters consisting of either a forward slash (/) by itself or a
string that must begin and end with forward slashes. In addition, it
can contain any ASCII character from the ! (`\u0021`) through the DEL
character (`\u007F`), including most punctuation characters, digits,
and upper and lowercased letters.

[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html
[2]: http://wikipedia.org/wiki/regex

@option options [required, String] :virtual_mfa_device_name

The name of the virtual MFA device. Use with path to uniquely identify
a virtual MFA device.

This parameter allows (through its [regex pattern][1]) a string of
characters consisting of upper and lowercase alphanumeric characters
with no spaces. You can also include any of the following characters:
\_+=,.@-

[1]: http://wikipedia.org/wiki/regex

@option options [Array<Types::Tag>] :tags

A list of tags that you want to attach to the new IAM virtual MFA
device. Each tag consists of a key name and an associated value. For
more information about tagging, see [Tagging IAM resources][1] in the
*IAM User Guide*.

<note markdown="1"> If any one of the tags is invalid or if you exceed the allowed maximum
number of tags, then the entire request fails and the resource is not
created.

 </note>

[1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html

@return [VirtualMfaDevice]

# File lib/aws-sdk-iam/resource.rb, line 878
def create_virtual_mfa_device(options = {})
  resp = @client.create_virtual_mfa_device(options)
  VirtualMfaDevice.new(
    serial_number: resp.data.virtual_mfa_device.serial_number,
    data: resp.data.virtual_mfa_device,
    client: @client
  )
end
current_user() click to toggle source

@return [CurrentUser]

# File lib/aws-sdk-iam/resource.rb, line 900
def current_user
  CurrentUser.new(client: @client)
end
delete_account_alias() click to toggle source

@return [Seahorse::Client::Response, false] Returns the response

from {Client#delete_account_alias} if an alias was deleted.
Returns `false` if this account had no alias to remove.

@see Client#delete_account_alias

# File lib/aws-sdk-iam/customizations/resource.rb, line 11
def delete_account_alias
  if name = @client.list_account_aliases.account_aliases.first
    @client.delete_account_alias(account_alias: name)
  else
    false
  end
end
group(name) click to toggle source

@param [String] name @return [Group]

# File lib/aws-sdk-iam/resource.rb, line 906
def group(name)
  Group.new(
    name: name,
    client: @client
  )
end
groups(options = {}) click to toggle source

@example Request syntax with placeholder values

groups = iam.groups({
  path_prefix: "pathPrefixType",
})

@param [Hash] options ({}) @option options [String] :path_prefix

The path prefix for filtering the results. For example, the prefix
`/division_abc/subdivision_xyz/` gets all groups whose path starts
with `/division_abc/subdivision_xyz/`.

This parameter is optional. If it is not included, it defaults to a
slash (/), listing all groups. This parameter allows (through its
[regex pattern][1]) a string of characters consisting of either a
forward slash (/) by itself or a string that must begin and end with
forward slashes. In addition, it can contain any ASCII character from
the ! (`\u0021`) through the DEL character (`\u007F`), including most
punctuation characters, digits, and upper and lowercased letters.

[1]: http://wikipedia.org/wiki/regex

@return [Group::Collection]

# File lib/aws-sdk-iam/resource.rb, line 936
def groups(options = {})
  batches = Enumerator.new do |y|
    resp = @client.list_groups(options)
    resp.each_page do |page|
      batch = []
      page.data.groups.each do |g|
        batch << Group.new(
          name: g.group_name,
          data: g,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  Group::Collection.new(batches)
end
instance_profile(name) click to toggle source

@param [String] name @return [InstanceProfile]

# File lib/aws-sdk-iam/resource.rb, line 956
def instance_profile(name)
  InstanceProfile.new(
    name: name,
    client: @client
  )
end
instance_profiles(options = {}) click to toggle source

@example Request syntax with placeholder values

instance_profiles = iam.instance_profiles({
  path_prefix: "pathPrefixType",
})

@param [Hash] options ({}) @option options [String] :path_prefix

The path prefix for filtering the results. For example, the prefix
`/application_abc/component_xyz/` gets all instance profiles whose
path starts with `/application_abc/component_xyz/`.

This parameter is optional. If it is not included, it defaults to a
slash (/), listing all instance profiles. This parameter allows
(through its [regex pattern][1]) a string of characters consisting of
either a forward slash (/) by itself or a string that must begin and
end with forward slashes. In addition, it can contain any ASCII
character from the ! (`\u0021`) through the DEL character (`\u007F`),
including most punctuation characters, digits, and upper and
lowercased letters.

[1]: http://wikipedia.org/wiki/regex

@return [InstanceProfile::Collection]

# File lib/aws-sdk-iam/resource.rb, line 987
def instance_profiles(options = {})
  batches = Enumerator.new do |y|
    resp = @client.list_instance_profiles(options)
    resp.each_page do |page|
      batch = []
      page.data.instance_profiles.each do |i|
        batch << InstanceProfile.new(
          name: i.instance_profile_name,
          data: i,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  InstanceProfile::Collection.new(batches)
end
policies(options = {}) click to toggle source

@example Request syntax with placeholder values

policies = iam.policies({
  scope: "All", # accepts All, AWS, Local
  only_attached: false,
  path_prefix: "policyPathType",
  policy_usage_filter: "PermissionsPolicy", # accepts PermissionsPolicy, PermissionsBoundary
})

@param [Hash] options ({}) @option options [String] :scope

The scope to use for filtering the results.

To list only Amazon Web Services managed policies, set `Scope` to
`AWS`. To list only the customer managed policies in your account, set
`Scope` to `Local`.

This parameter is optional. If it is not included, or if it is set to
`All`, all policies are returned.

@option options [Boolean] :only_attached

A flag to filter the results to only the attached policies.

When `OnlyAttached` is `true`, the returned list contains only the
policies that are attached to an IAM user, group, or role. When
`OnlyAttached` is `false`, or when the parameter is not included, all
policies are returned.

@option options [String] :path_prefix

The path prefix for filtering the results. This parameter is optional.
If it is not included, it defaults to a slash (/), listing all
policies. This parameter allows (through its [regex pattern][1]) a
string of characters consisting of either a forward slash (/) by
itself or a string that must begin and end with forward slashes. In
addition, it can contain any ASCII character from the ! (`\u0021`)
through the DEL character (`\u007F`), including most punctuation
characters, digits, and upper and lowercased letters.

[1]: http://wikipedia.org/wiki/regex

@option options [String] :policy_usage_filter

The policy usage method to use for filtering the results.

To list only permissions policies,
set `PolicyUsageFilter` to `PermissionsPolicy`. To list only the
policies used to set permissions boundaries, set the value
to `PermissionsBoundary`.

This parameter is optional. If it is not included, all policies are
returned.

@return [Policy::Collection]

# File lib/aws-sdk-iam/resource.rb, line 1054
def policies(options = {})
  batches = Enumerator.new do |y|
    resp = @client.list_policies(options)
    resp.each_page do |page|
      batch = []
      page.data.policies.each do |p|
        batch << Policy.new(
          arn: p.arn,
          data: p,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  Policy::Collection.new(batches)
end
policy(arn) click to toggle source

@param [String] arn @return [Policy]

# File lib/aws-sdk-iam/resource.rb, line 1074
def policy(arn)
  Policy.new(
    arn: arn,
    client: @client
  )
end
role(name) click to toggle source

@param [String] name @return [Role]

# File lib/aws-sdk-iam/resource.rb, line 1083
def role(name)
  Role.new(
    name: name,
    client: @client
  )
end
roles(options = {}) click to toggle source

@example Request syntax with placeholder values

roles = iam.roles({
  path_prefix: "pathPrefixType",
})

@param [Hash] options ({}) @option options [String] :path_prefix

The path prefix for filtering the results. For example, the prefix
`/application_abc/component_xyz/` gets all roles whose path starts
with `/application_abc/component_xyz/`.

This parameter is optional. If it is not included, it defaults to a
slash (/), listing all roles. This parameter allows (through its
[regex pattern][1]) a string of characters consisting of either a
forward slash (/) by itself or a string that must begin and end with
forward slashes. In addition, it can contain any ASCII character from
the ! (`\u0021`) through the DEL character (`\u007F`), including most
punctuation characters, digits, and upper and lowercased letters.

[1]: http://wikipedia.org/wiki/regex

@return [Role::Collection]

# File lib/aws-sdk-iam/resource.rb, line 1113
def roles(options = {})
  batches = Enumerator.new do |y|
    resp = @client.list_roles(options)
    resp.each_page do |page|
      batch = []
      page.data.roles.each do |r|
        batch << Role.new(
          name: r.role_name,
          data: r,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  Role::Collection.new(batches)
end
saml_provider(arn) click to toggle source

@param [String] arn @return [SamlProvider]

# File lib/aws-sdk-iam/resource.rb, line 1133
def saml_provider(arn)
  SamlProvider.new(
    arn: arn,
    client: @client
  )
end
saml_providers(options = {}) click to toggle source

@example Request syntax with placeholder values

iam.saml_providers()

@param [Hash] options ({}) @return [SamlProvider::Collection]

# File lib/aws-sdk-iam/resource.rb, line 1145
def saml_providers(options = {})
  batches = Enumerator.new do |y|
    batch = []
    resp = @client.list_saml_providers(options)
    resp.data.saml_provider_list.each do |s|
      batch << SamlProvider.new(
        arn: s.arn,
        client: @client
      )
    end
    y.yield(batch)
  end
  SamlProvider::Collection.new(batches)
end
server_certificate(name) click to toggle source

@param [String] name @return [ServerCertificate]

# File lib/aws-sdk-iam/resource.rb, line 1162
def server_certificate(name)
  ServerCertificate.new(
    name: name,
    client: @client
  )
end
server_certificates(options = {}) click to toggle source

@example Request syntax with placeholder values

server_certificates = iam.server_certificates({
  path_prefix: "pathPrefixType",
})

@param [Hash] options ({}) @option options [String] :path_prefix

The path prefix for filtering the results. For example:
`/company/servercerts` would get all server certificates for which the
path starts with `/company/servercerts`.

This parameter is optional. If it is not included, it defaults to a
slash (/), listing all server certificates. This parameter allows
(through its [regex pattern][1]) a string of characters consisting of
either a forward slash (/) by itself or a string that must begin and
end with forward slashes. In addition, it can contain any ASCII
character from the ! (`\u0021`) through the DEL character (`\u007F`),
including most punctuation characters, digits, and upper and
lowercased letters.

[1]: http://wikipedia.org/wiki/regex

@return [ServerCertificate::Collection]

# File lib/aws-sdk-iam/resource.rb, line 1193
def server_certificates(options = {})
  batches = Enumerator.new do |y|
    resp = @client.list_server_certificates(options)
    resp.each_page do |page|
      batch = []
      page.data.server_certificate_metadata_list.each do |s|
        batch << ServerCertificate.new(
          name: s.server_certificate_name,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  ServerCertificate::Collection.new(batches)
end
user(name) click to toggle source

@param [String] name @return [User]

# File lib/aws-sdk-iam/resource.rb, line 1212
def user(name)
  User.new(
    name: name,
    client: @client
  )
end
users(options = {}) click to toggle source

@example Request syntax with placeholder values

users = iam.users({
  path_prefix: "pathPrefixType",
})

@param [Hash] options ({}) @option options [String] :path_prefix

The path prefix for filtering the results. For example:
`/division_abc/subdivision_xyz/`, which would get all user names whose
path starts with `/division_abc/subdivision_xyz/`.

This parameter is optional. If it is not included, it defaults to a
slash (/), listing all user names. This parameter allows (through its
[regex pattern][1]) a string of characters consisting of either a
forward slash (/) by itself or a string that must begin and end with
forward slashes. In addition, it can contain any ASCII character from
the ! (`\u0021`) through the DEL character (`\u007F`), including most
punctuation characters, digits, and upper and lowercased letters.

[1]: http://wikipedia.org/wiki/regex

@return [User::Collection]

# File lib/aws-sdk-iam/resource.rb, line 1242
def users(options = {})
  batches = Enumerator.new do |y|
    resp = @client.list_users(options)
    resp.each_page do |page|
      batch = []
      page.data.users.each do |u|
        batch << User.new(
          name: u.user_name,
          data: u,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  User::Collection.new(batches)
end
virtual_mfa_device(serial_number) click to toggle source

@param [String] serial_number @return [VirtualMfaDevice]

# File lib/aws-sdk-iam/resource.rb, line 1262
def virtual_mfa_device(serial_number)
  VirtualMfaDevice.new(
    serial_number: serial_number,
    client: @client
  )
end
virtual_mfa_devices(options = {}) click to toggle source

@example Request syntax with placeholder values

virtual_mfa_devices = iam.virtual_mfa_devices({
  assignment_status: "Assigned", # accepts Assigned, Unassigned, Any
})

@param [Hash] options ({}) @option options [String] :assignment_status

The status (`Unassigned` or `Assigned`) of the devices to list. If you
do not specify an `AssignmentStatus`, the operation defaults to `Any`,
which lists both assigned and unassigned virtual MFA devices.,

@return [VirtualMfaDevice::Collection]

# File lib/aws-sdk-iam/resource.rb, line 1280
def virtual_mfa_devices(options = {})
  batches = Enumerator.new do |y|
    resp = @client.list_virtual_mfa_devices(options)
    resp.each_page do |page|
      batch = []
      page.data.virtual_mfa_devices.each do |v|
        batch << VirtualMfaDevice.new(
          serial_number: v.serial_number,
          data: v,
          client: @client
        )
      end
      y.yield(batch)
    end
  end
  VirtualMfaDevice::Collection.new(batches)
end