com.amazonaws.services.identitymanagement.AmazonIdentityManagementClient Maven / Gradle / Ivy
Show all versions of aws-java-sdk-iam Show documentation
/*
* Copyright 2011-2016 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.identitymanagement;
import org.w3c.dom.*;
import java.net.*;
import java.util.*;
import java.util.Map.Entry;
import org.apache.commons.logging.*;
import com.amazonaws.*;
import com.amazonaws.auth.*;
import com.amazonaws.handlers.*;
import com.amazonaws.http.*;
import com.amazonaws.internal.*;
import com.amazonaws.internal.auth.*;
import com.amazonaws.metrics.*;
import com.amazonaws.regions.*;
import com.amazonaws.transform.*;
import com.amazonaws.util.*;
import com.amazonaws.protocol.json.*;
import com.amazonaws.util.AWSRequestMetrics.Field;
import com.amazonaws.annotation.ThreadSafe;
import com.amazonaws.client.AwsSyncClientParams;
import com.amazonaws.services.identitymanagement.waiters.AmazonIdentityManagementWaiters;
import com.amazonaws.AmazonServiceException;
import com.amazonaws.services.identitymanagement.model.*;
import com.amazonaws.services.identitymanagement.model.transform.*;
/**
* Client for accessing IAM. All service calls made using this client are blocking, and will not return until the
* service call completes.
*
* AWS Identity and Access Management
*
* AWS Identity and Access Management (IAM) is a web service that you can use to manage users and user permissions under
* your AWS account. This guide provides descriptions of IAM actions that you can call programmatically. For general
* information about IAM, see AWS Identity and Access Management (IAM). For the
* user guide for IAM, see Using IAM.
*
*
*
* AWS provides SDKs that consist of libraries and sample code for various programming languages and platforms (Java,
* Ruby, .NET, iOS, Android, etc.). The SDKs provide a convenient way to create programmatic access to IAM and AWS. For
* example, the SDKs take care of tasks such as cryptographically signing requests (see below), managing errors, and
* retrying requests automatically. For information about the AWS SDKs, including how to download and install them, see
* the Tools for Amazon Web Services page.
*
*
*
* We recommend that you use the AWS SDKs to make programmatic API calls to IAM. However, you can also use the IAM Query
* API to make direct calls to the IAM web service. To learn more about the IAM Query API, see Making Query Requests in the
* Using IAM guide. IAM supports GET and POST requests for all actions. That is, the API does not require you to
* use GET for some actions and POST for others. However, GET requests are subject to the limitation size of a URL.
* Therefore, for operations that require larger sizes, use a POST request.
*
*
* Signing Requests
*
*
* Requests must be signed using an access key ID and a secret access key. We strongly recommend that you do not use
* your AWS account access key ID and secret access key for everyday work with IAM. You can use the access key ID and
* secret access key for an IAM user or you can use the AWS Security Token Service to generate temporary security
* credentials and use those to sign requests.
*
*
* To sign requests, we recommend that you use Signature Version 4. If you have an
* existing application that uses Signature Version 2, you do not have to update it to use Signature Version 4. However,
* some operations now require Signature Version 4. The documentation for operations that require version 4 indicate
* this requirement.
*
*
* Additional Resources
*
*
* For more information, see the following:
*
*
* -
*
* AWS Security Credentials.
* This topic provides general information about the types of credentials used for accessing AWS.
*
*
* -
*
* IAM Best Practices. This topic
* presents a list of suggestions for using the IAM service to help secure your AWS resources.
*
*
* -
*
* Signing AWS API Requests.
* This set of topics walk you through the process of signing a request using an access key ID and secret access key.
*
*
*
*/
@ThreadSafe
public class AmazonIdentityManagementClient extends AmazonWebServiceClient implements AmazonIdentityManagement {
/** Provider for AWS credentials. */
private final AWSCredentialsProvider awsCredentialsProvider;
private static final Log log = LogFactory.getLog(AmazonIdentityManagement.class);
/** Default signing name for the service. */
private static final String DEFAULT_SIGNING_NAME = "iam";
private volatile AmazonIdentityManagementWaiters waiters;
/** Client configuration factory providing ClientConfigurations tailored to this client */
protected static final ClientConfigurationFactory configFactory = new ClientConfigurationFactory();
/**
* List of exception unmarshallers for all modeled exceptions
*/
protected final List> exceptionUnmarshallers = new ArrayList>();
/**
* Constructs a new client to invoke service methods on IAM. A credentials provider chain will be used that searches
* for credentials in this order:
*
* - Environment Variables - AWS_ACCESS_KEY_ID and AWS_SECRET_KEY
* - Java System Properties - aws.accessKeyId and aws.secretKey
* - Instance profile credentials delivered through the Amazon EC2 metadata service
*
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @see DefaultAWSCredentialsProviderChain
*/
public AmazonIdentityManagementClient() {
this(DefaultAWSCredentialsProviderChain.getInstance(), configFactory.getConfig());
}
/**
* Constructs a new client to invoke service methods on IAM. A credentials provider chain will be used that searches
* for credentials in this order:
*
* - Environment Variables - AWS_ACCESS_KEY_ID and AWS_SECRET_KEY
* - Java System Properties - aws.accessKeyId and aws.secretKey
* - Instance profile credentials delivered through the Amazon EC2 metadata service
*
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param clientConfiguration
* The client configuration options controlling how this client connects to IAM (ex: proxy settings, retry
* counts, etc.).
*
* @see DefaultAWSCredentialsProviderChain
*/
public AmazonIdentityManagementClient(ClientConfiguration clientConfiguration) {
this(DefaultAWSCredentialsProviderChain.getInstance(), clientConfiguration);
}
/**
* Constructs a new client to invoke service methods on IAM using the specified AWS account credentials.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param awsCredentials
* The AWS credentials (access key ID and secret key) to use when authenticating with AWS services.
*/
public AmazonIdentityManagementClient(AWSCredentials awsCredentials) {
this(awsCredentials, configFactory.getConfig());
}
/**
* Constructs a new client to invoke service methods on IAM using the specified AWS account credentials and client
* configuration options.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param awsCredentials
* The AWS credentials (access key ID and secret key) to use when authenticating with AWS services.
* @param clientConfiguration
* The client configuration options controlling how this client connects to IAM (ex: proxy settings, retry
* counts, etc.).
*/
public AmazonIdentityManagementClient(AWSCredentials awsCredentials, ClientConfiguration clientConfiguration) {
super(clientConfiguration);
this.awsCredentialsProvider = new StaticCredentialsProvider(awsCredentials);
init();
}
/**
* Constructs a new client to invoke service methods on IAM using the specified AWS account credentials provider.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param awsCredentialsProvider
* The AWS credentials provider which will provide credentials to authenticate requests with AWS services.
*/
public AmazonIdentityManagementClient(AWSCredentialsProvider awsCredentialsProvider) {
this(awsCredentialsProvider, configFactory.getConfig());
}
/**
* Constructs a new client to invoke service methods on IAM using the specified AWS account credentials provider and
* client configuration options.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param awsCredentialsProvider
* The AWS credentials provider which will provide credentials to authenticate requests with AWS services.
* @param clientConfiguration
* The client configuration options controlling how this client connects to IAM (ex: proxy settings, retry
* counts, etc.).
*/
public AmazonIdentityManagementClient(AWSCredentialsProvider awsCredentialsProvider, ClientConfiguration clientConfiguration) {
this(awsCredentialsProvider, clientConfiguration, null);
}
/**
* Constructs a new client to invoke service methods on IAM using the specified AWS account credentials provider,
* client configuration options, and request metric collector.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param awsCredentialsProvider
* The AWS credentials provider which will provide credentials to authenticate requests with AWS services.
* @param clientConfiguration
* The client configuration options controlling how this client connects to IAM (ex: proxy settings, retry
* counts, etc.).
* @param requestMetricCollector
* optional request metric collector
*/
public AmazonIdentityManagementClient(AWSCredentialsProvider awsCredentialsProvider, ClientConfiguration clientConfiguration,
RequestMetricCollector requestMetricCollector) {
super(clientConfiguration, requestMetricCollector);
this.awsCredentialsProvider = awsCredentialsProvider;
init();
}
/**
* Constructs a new client to invoke service methods on IAM using the specified parameters.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param clientParams
* Object providing client parameters.
*/
AmazonIdentityManagementClient(AwsSyncClientParams clientParams) {
super(clientParams);
this.awsCredentialsProvider = clientParams.getCredentialsProvider();
init();
}
private void init() {
exceptionUnmarshallers.add(new MalformedPolicyDocumentExceptionUnmarshaller());
exceptionUnmarshallers.add(new DeleteConflictExceptionUnmarshaller());
exceptionUnmarshallers.add(new InvalidCertificateExceptionUnmarshaller());
exceptionUnmarshallers.add(new PasswordPolicyViolationExceptionUnmarshaller());
exceptionUnmarshallers.add(new CredentialReportExpiredExceptionUnmarshaller());
exceptionUnmarshallers.add(new LimitExceededExceptionUnmarshaller());
exceptionUnmarshallers.add(new InvalidUserTypeExceptionUnmarshaller());
exceptionUnmarshallers.add(new NoSuchEntityExceptionUnmarshaller());
exceptionUnmarshallers.add(new EntityTemporarilyUnmodifiableExceptionUnmarshaller());
exceptionUnmarshallers.add(new DuplicateSSHPublicKeyExceptionUnmarshaller());
exceptionUnmarshallers.add(new DuplicateCertificateExceptionUnmarshaller());
exceptionUnmarshallers.add(new KeyPairMismatchExceptionUnmarshaller());
exceptionUnmarshallers.add(new CredentialReportNotReadyExceptionUnmarshaller());
exceptionUnmarshallers.add(new EntityAlreadyExistsExceptionUnmarshaller());
exceptionUnmarshallers.add(new ServiceFailureExceptionUnmarshaller());
exceptionUnmarshallers.add(new InvalidPublicKeyExceptionUnmarshaller());
exceptionUnmarshallers.add(new PolicyEvaluationExceptionUnmarshaller());
exceptionUnmarshallers.add(new InvalidAuthenticationCodeExceptionUnmarshaller());
exceptionUnmarshallers.add(new InvalidInputExceptionUnmarshaller());
exceptionUnmarshallers.add(new CredentialReportNotPresentExceptionUnmarshaller());
exceptionUnmarshallers.add(new UnrecognizedPublicKeyEncodingExceptionUnmarshaller());
exceptionUnmarshallers.add(new MalformedCertificateExceptionUnmarshaller());
exceptionUnmarshallers.add(new StandardErrorUnmarshaller(com.amazonaws.services.identitymanagement.model.AmazonIdentityManagementException.class));
setServiceNameIntern(DEFAULT_SIGNING_NAME);
setEndpointPrefix(ENDPOINT_PREFIX);
// calling this.setEndPoint(...) will also modify the signer accordingly
this.setEndpoint("iam.amazonaws.com");
HandlerChainFactory chainFactory = new HandlerChainFactory();
requestHandler2s.addAll(chainFactory.newRequestHandlerChain("/com/amazonaws/services/identitymanagement/request.handlers"));
requestHandler2s.addAll(chainFactory.newRequestHandler2Chain("/com/amazonaws/services/identitymanagement/request.handler2s"));
requestHandler2s.addAll(chainFactory.getGlobalHandlers());
}
/**
*
* Adds a new client ID (also known as audience) to the list of client IDs already registered for the specified IAM
* OpenID Connect (OIDC) provider resource.
*
*
* This action is idempotent; it does not fail or return an error if you add an existing client ID to the provider.
*
*
* @param addClientIDToOpenIDConnectProviderRequest
* @return Result of the AddClientIDToOpenIDConnectProvider operation returned by the service.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.AddClientIDToOpenIDConnectProvider
*/
@Override
public AddClientIDToOpenIDConnectProviderResult addClientIDToOpenIDConnectProvider(
AddClientIDToOpenIDConnectProviderRequest addClientIDToOpenIDConnectProviderRequest) {
ExecutionContext executionContext = createExecutionContext(addClientIDToOpenIDConnectProviderRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new AddClientIDToOpenIDConnectProviderRequestMarshaller()
.marshall(super.beforeMarshalling(addClientIDToOpenIDConnectProviderRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new AddClientIDToOpenIDConnectProviderResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Adds the specified IAM role to the specified instance profile.
*
*
*
* The caller of this API must be granted the PassRole permission on the IAM role by a permission
* policy.
*
*
*
* For more information about roles, go to Working with Roles. For more
* information about instance profiles, go to About Instance Profiles.
*
*
* @param addRoleToInstanceProfileRequest
* @return Result of the AddRoleToInstanceProfile operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.AddRoleToInstanceProfile
*/
@Override
public AddRoleToInstanceProfileResult addRoleToInstanceProfile(AddRoleToInstanceProfileRequest addRoleToInstanceProfileRequest) {
ExecutionContext executionContext = createExecutionContext(addRoleToInstanceProfileRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new AddRoleToInstanceProfileRequestMarshaller().marshall(super.beforeMarshalling(addRoleToInstanceProfileRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new AddRoleToInstanceProfileResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Adds the specified user to the specified group.
*
*
* @param addUserToGroupRequest
* @return Result of the AddUserToGroup operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.AddUserToGroup
*/
@Override
public AddUserToGroupResult addUserToGroup(AddUserToGroupRequest addUserToGroupRequest) {
ExecutionContext executionContext = createExecutionContext(addUserToGroupRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new AddUserToGroupRequestMarshaller().marshall(super.beforeMarshalling(addUserToGroupRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new AddUserToGroupResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Attaches the specified managed policy to the specified IAM group.
*
*
* You use this API to attach a managed policy to a group. To embed an inline policy in a group, use
* PutGroupPolicy.
*
*
* For more information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param attachGroupPolicyRequest
* @return Result of the AttachGroupPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.AttachGroupPolicy
*/
@Override
public AttachGroupPolicyResult attachGroupPolicy(AttachGroupPolicyRequest attachGroupPolicyRequest) {
ExecutionContext executionContext = createExecutionContext(attachGroupPolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new AttachGroupPolicyRequestMarshaller().marshall(super.beforeMarshalling(attachGroupPolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new AttachGroupPolicyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Attaches the specified managed policy to the specified IAM role.
*
*
* When you attach a managed policy to a role, the managed policy becomes part of the role's permission (access)
* policy. You cannot use a managed policy as the role's trust policy. The role's trust policy is created at the
* same time as the role, using CreateRole. You can update a role's trust policy using
* UpdateAssumeRolePolicy.
*
*
* Use this API to attach a managed policy to a role. To embed an inline policy in a role, use
* PutRolePolicy. For more information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param attachRolePolicyRequest
* @return Result of the AttachRolePolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.AttachRolePolicy
*/
@Override
public AttachRolePolicyResult attachRolePolicy(AttachRolePolicyRequest attachRolePolicyRequest) {
ExecutionContext executionContext = createExecutionContext(attachRolePolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new AttachRolePolicyRequestMarshaller().marshall(super.beforeMarshalling(attachRolePolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new AttachRolePolicyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Attaches the specified managed policy to the specified user.
*
*
* You use this API to attach a managed policy to a user. To embed an inline policy in a user, use
* PutUserPolicy.
*
*
* For more information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param attachUserPolicyRequest
* @return Result of the AttachUserPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.AttachUserPolicy
*/
@Override
public AttachUserPolicyResult attachUserPolicy(AttachUserPolicyRequest attachUserPolicyRequest) {
ExecutionContext executionContext = createExecutionContext(attachUserPolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new AttachUserPolicyRequestMarshaller().marshall(super.beforeMarshalling(attachUserPolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new AttachUserPolicyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Changes the password of the IAM user who is calling this action. The root account password is not affected by
* this action.
*
*
* To change the password for a different user, see UpdateLoginProfile. For more information about modifying
* passwords, see Managing
* Passwords in the IAM User Guide.
*
*
* @param changePasswordRequest
* @return Result of the ChangePassword operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws InvalidUserTypeException
* The request was rejected because the type of user for the transaction was incorrect.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws EntityTemporarilyUnmodifiableException
* The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user
* name that was deleted and then recreated. The error indicates that the request is likely to succeed if
* you try again after waiting several minutes. The error message describes the entity.
* @throws PasswordPolicyViolationException
* The request was rejected because the provided password did not meet the requirements imposed by the
* account password policy.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.ChangePassword
*/
@Override
public ChangePasswordResult changePassword(ChangePasswordRequest changePasswordRequest) {
ExecutionContext executionContext = createExecutionContext(changePasswordRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ChangePasswordRequestMarshaller().marshall(super.beforeMarshalling(changePasswordRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new ChangePasswordResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates a new AWS secret access key and corresponding AWS access key ID for the specified user. The default
* status for new keys is Active.
*
*
* If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing
* the request. Because this action works for access keys under the AWS account, you can use this action to manage
* root credentials even if the AWS account has no associated users.
*
*
* For information about limits on the number of keys you can create, see Limitations on IAM Entities
* in the IAM User Guide.
*
*
*
* To ensure the security of your AWS account, the secret access key is accessible only during key and user
* creation. You must save the key (for example, in a text file) if you want to be able to access it again. If a
* secret key is lost, you can delete the access keys for the associated user and then create new keys.
*
*
*
* @param createAccessKeyRequest
* @return Result of the CreateAccessKey operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.CreateAccessKey
*/
@Override
public CreateAccessKeyResult createAccessKey(CreateAccessKeyRequest createAccessKeyRequest) {
ExecutionContext executionContext = createExecutionContext(createAccessKeyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateAccessKeyRequestMarshaller().marshall(super.beforeMarshalling(createAccessKeyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new CreateAccessKeyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
@Override
public CreateAccessKeyResult createAccessKey() {
return createAccessKey(new CreateAccessKeyRequest());
}
/**
*
* Creates an alias for your AWS account. For information about using an AWS account alias, see Using an Alias for Your AWS Account
* ID in the IAM User Guide.
*
*
* @param createAccountAliasRequest
* @return Result of the CreateAccountAlias operation returned by the service.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.CreateAccountAlias
*/
@Override
public CreateAccountAliasResult createAccountAlias(CreateAccountAliasRequest createAccountAliasRequest) {
ExecutionContext executionContext = createExecutionContext(createAccountAliasRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateAccountAliasRequestMarshaller().marshall(super.beforeMarshalling(createAccountAliasRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new CreateAccountAliasResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates a new group.
*
*
* For information about the number of groups you can create, see Limitations on IAM Entities
* in the IAM User Guide.
*
*
* @param createGroupRequest
* @return Result of the CreateGroup operation returned by the service.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.CreateGroup
*/
@Override
public CreateGroupResult createGroup(CreateGroupRequest createGroupRequest) {
ExecutionContext executionContext = createExecutionContext(createGroupRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateGroupRequestMarshaller().marshall(super.beforeMarshalling(createGroupRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(new CreateGroupResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates a new instance profile. For information about instance profiles, go to About Instance Profiles.
*
*
* For information about the number of instance profiles you can create, see Limitations on IAM Entities
* in the IAM User Guide.
*
*
* @param createInstanceProfileRequest
* @return Result of the CreateInstanceProfile operation returned by the service.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.CreateInstanceProfile
*/
@Override
public CreateInstanceProfileResult createInstanceProfile(CreateInstanceProfileRequest createInstanceProfileRequest) {
ExecutionContext executionContext = createExecutionContext(createInstanceProfileRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateInstanceProfileRequestMarshaller().marshall(super.beforeMarshalling(createInstanceProfileRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new CreateInstanceProfileResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates a password for the specified user, giving the user the ability to access AWS services through the AWS
* Management Console. For more information about managing passwords, see Managing Passwords in the
* IAM User Guide.
*
*
* @param createLoginProfileRequest
* @return Result of the CreateLoginProfile operation returned by the service.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws PasswordPolicyViolationException
* The request was rejected because the provided password did not meet the requirements imposed by the
* account password policy.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.CreateLoginProfile
*/
@Override
public CreateLoginProfileResult createLoginProfile(CreateLoginProfileRequest createLoginProfileRequest) {
ExecutionContext executionContext = createExecutionContext(createLoginProfileRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateLoginProfileRequestMarshaller().marshall(super.beforeMarshalling(createLoginProfileRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new CreateLoginProfileResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC).
*
*
* The OIDC provider that you create with this operation can be used as a principal in a role's trust policy to
* establish a trust relationship between AWS and the OIDC provider.
*
*
* When you create the IAM OIDC provider, you specify the URL of the OIDC identity provider (IdP) to trust, a list
* of client IDs (also known as audiences) that identify the application or applications that are allowed to
* authenticate using the OIDC provider, and a list of thumbprints of the server certificate(s) that the IdP uses.
* You get all of this information from the OIDC IdP that you want to use for access to AWS.
*
*
*
* Because trust for the OIDC provider is ultimately derived from the IAM provider that this action creates, it is a
* best practice to limit access to the CreateOpenIDConnectProvider action to highly-privileged users.
*
*
*
* @param createOpenIDConnectProviderRequest
* @return Result of the CreateOpenIDConnectProvider operation returned by the service.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.CreateOpenIDConnectProvider
*/
@Override
public CreateOpenIDConnectProviderResult createOpenIDConnectProvider(CreateOpenIDConnectProviderRequest createOpenIDConnectProviderRequest) {
ExecutionContext executionContext = createExecutionContext(createOpenIDConnectProviderRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateOpenIDConnectProviderRequestMarshaller().marshall(super.beforeMarshalling(createOpenIDConnectProviderRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new CreateOpenIDConnectProviderResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates a new managed policy for your AWS account.
*
*
* This operation creates a policy version with a version identifier of v1 and sets v1 as the policy's
* default version. For more information about policy versions, see Versioning for Managed
* Policies in the IAM User Guide.
*
*
* For more information about managed policies in general, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param createPolicyRequest
* @return Result of the CreatePolicy operation returned by the service.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws MalformedPolicyDocumentException
* The request was rejected because the policy document was malformed. The error message describes the
* specific error.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.CreatePolicy
*/
@Override
public CreatePolicyResult createPolicy(CreatePolicyRequest createPolicyRequest) {
ExecutionContext executionContext = createExecutionContext(createPolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreatePolicyRequestMarshaller().marshall(super.beforeMarshalling(createPolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(new CreatePolicyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates a new version of the specified managed policy. To update a managed policy, you create a new policy
* version. A managed policy can have up to five versions. If the policy has five versions, you must delete an
* existing version using DeletePolicyVersion before you create a new version.
*
*
* Optionally, you can set the new version as the policy's default version. The default version is the version that
* is in effect for the IAM users, groups, and roles to which the policy is attached.
*
*
* For more information about managed policy versions, see Versioning for Managed
* Policies in the IAM User Guide.
*
*
* @param createPolicyVersionRequest
* @return Result of the CreatePolicyVersion operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws MalformedPolicyDocumentException
* The request was rejected because the policy document was malformed. The error message describes the
* specific error.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.CreatePolicyVersion
*/
@Override
public CreatePolicyVersionResult createPolicyVersion(CreatePolicyVersionRequest createPolicyVersionRequest) {
ExecutionContext executionContext = createExecutionContext(createPolicyVersionRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreatePolicyVersionRequestMarshaller().marshall(super.beforeMarshalling(createPolicyVersionRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new CreatePolicyVersionResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates a new role for your AWS account. For more information about roles, go to Working with Roles. For
* information about limitations on role names and the number of roles you can create, go to Limitations on IAM Entities
* in the IAM User Guide.
*
*
* @param createRoleRequest
* @return Result of the CreateRole operation returned by the service.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws MalformedPolicyDocumentException
* The request was rejected because the policy document was malformed. The error message describes the
* specific error.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.CreateRole
*/
@Override
public CreateRoleResult createRole(CreateRoleRequest createRoleRequest) {
ExecutionContext executionContext = createExecutionContext(createRoleRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateRoleRequestMarshaller().marshall(super.beforeMarshalling(createRoleRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(new CreateRoleResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates an IAM resource that describes an identity provider (IdP) that supports SAML 2.0.
*
*
* The SAML provider resource that you create with this operation can be used as a principal in an IAM role's trust
* policy to enable federated users who sign-in using the SAML IdP to assume the role. You can create an IAM role
* that supports Web-based single sign-on (SSO) to the AWS Management Console or one that supports API access to
* AWS.
*
*
* When you create the SAML provider resource, you upload an a SAML metadata document that you get from your IdP and
* that includes the issuer's name, expiration information, and keys that can be used to validate the SAML
* authentication response (assertions) that the IdP sends. You must generate the metadata document using the
* identity management software that is used as your organization's IdP.
*
*
*
* This operation requires Signature
* Version 4.
*
*
*
* For more information, see Enabling SAML
* 2.0 Federated Users to Access the AWS Management Console and About SAML 2.0-based
* Federation in the IAM User Guide.
*
*
* @param createSAMLProviderRequest
* @return Result of the CreateSAMLProvider operation returned by the service.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.CreateSAMLProvider
*/
@Override
public CreateSAMLProviderResult createSAMLProvider(CreateSAMLProviderRequest createSAMLProviderRequest) {
ExecutionContext executionContext = createExecutionContext(createSAMLProviderRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateSAMLProviderRequestMarshaller().marshall(super.beforeMarshalling(createSAMLProviderRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new CreateSAMLProviderResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates a new IAM user for your AWS account.
*
*
* For information about limitations on the number of IAM users you can create, see Limitations on IAM Entities
* in the IAM User Guide.
*
*
* @param createUserRequest
* @return Result of the CreateUser operation returned by the service.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.CreateUser
*/
@Override
public CreateUserResult createUser(CreateUserRequest createUserRequest) {
ExecutionContext executionContext = createExecutionContext(createUserRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateUserRequestMarshaller().marshall(super.beforeMarshalling(createUserRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(new CreateUserResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Creates a new virtual MFA device for the AWS account. After creating the virtual MFA, use EnableMFADevice
* to attach the MFA device to an IAM user. For more information about creating and working with virtual MFA
* devices, go to Using a Virtual
* MFA Device in the IAM User Guide.
*
*
* For information about limits on the number of MFA devices you can create, see Limitations on Entities in
* the IAM User Guide.
*
*
*
* The seed information contained in the QR code and the Base32 string should be treated like any other secret
* access information, such as your AWS access keys or your passwords. After you provision your virtual device, you
* should ensure that the information is destroyed following secure procedures.
*
*
*
* @param createVirtualMFADeviceRequest
* @return Result of the CreateVirtualMFADevice operation returned by the service.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.CreateVirtualMFADevice
*/
@Override
public CreateVirtualMFADeviceResult createVirtualMFADevice(CreateVirtualMFADeviceRequest createVirtualMFADeviceRequest) {
ExecutionContext executionContext = createExecutionContext(createVirtualMFADeviceRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new CreateVirtualMFADeviceRequestMarshaller().marshall(super.beforeMarshalling(createVirtualMFADeviceRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new CreateVirtualMFADeviceResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deactivates the specified MFA device and removes it from association with the user name for which it was
* originally enabled.
*
*
* For more information about creating and working with virtual MFA devices, go to Using a Virtual MFA Device in
* the IAM User Guide.
*
*
* @param deactivateMFADeviceRequest
* @return Result of the DeactivateMFADevice operation returned by the service.
* @throws EntityTemporarilyUnmodifiableException
* The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user
* name that was deleted and then recreated. The error indicates that the request is likely to succeed if
* you try again after waiting several minutes. The error message describes the entity.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DeactivateMFADevice
*/
@Override
public DeactivateMFADeviceResult deactivateMFADevice(DeactivateMFADeviceRequest deactivateMFADeviceRequest) {
ExecutionContext executionContext = createExecutionContext(deactivateMFADeviceRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeactivateMFADeviceRequestMarshaller().marshall(super.beforeMarshalling(deactivateMFADeviceRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new DeactivateMFADeviceResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the access key pair associated with the specified IAM user.
*
*
* If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing
* the request. Because this action works for access keys under the AWS account, you can use this action to manage
* root credentials even if the AWS account has no associated users.
*
*
* @param deleteAccessKeyRequest
* @return Result of the DeleteAccessKey operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DeleteAccessKey
*/
@Override
public DeleteAccessKeyResult deleteAccessKey(DeleteAccessKeyRequest deleteAccessKeyRequest) {
ExecutionContext executionContext = createExecutionContext(deleteAccessKeyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteAccessKeyRequestMarshaller().marshall(super.beforeMarshalling(deleteAccessKeyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new DeleteAccessKeyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the specified AWS account alias. For information about using an AWS account alias, see Using an Alias for Your AWS Account
* ID in the IAM User Guide.
*
*
* @param deleteAccountAliasRequest
* @return Result of the DeleteAccountAlias operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DeleteAccountAlias
*/
@Override
public DeleteAccountAliasResult deleteAccountAlias(DeleteAccountAliasRequest deleteAccountAliasRequest) {
ExecutionContext executionContext = createExecutionContext(deleteAccountAliasRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteAccountAliasRequestMarshaller().marshall(super.beforeMarshalling(deleteAccountAliasRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new DeleteAccountAliasResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the password policy for the AWS account. There are no parameters.
*
*
* @param deleteAccountPasswordPolicyRequest
* @return Result of the DeleteAccountPasswordPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DeleteAccountPasswordPolicy
*/
@Override
public DeleteAccountPasswordPolicyResult deleteAccountPasswordPolicy(DeleteAccountPasswordPolicyRequest deleteAccountPasswordPolicyRequest) {
ExecutionContext executionContext = createExecutionContext(deleteAccountPasswordPolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteAccountPasswordPolicyRequestMarshaller().marshall(super.beforeMarshalling(deleteAccountPasswordPolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new DeleteAccountPasswordPolicyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
@Override
public DeleteAccountPasswordPolicyResult deleteAccountPasswordPolicy() {
return deleteAccountPasswordPolicy(new DeleteAccountPasswordPolicyRequest());
}
/**
*
* Deletes the specified IAM group. The group must not contain any users or have any attached policies.
*
*
* @param deleteGroupRequest
* @return Result of the DeleteGroup operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws DeleteConflictException
* The request was rejected because it attempted to delete a resource that has attached subordinate
* entities. The error message describes these entities.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DeleteGroup
*/
@Override
public DeleteGroupResult deleteGroup(DeleteGroupRequest deleteGroupRequest) {
ExecutionContext executionContext = createExecutionContext(deleteGroupRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteGroupRequestMarshaller().marshall(super.beforeMarshalling(deleteGroupRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(new DeleteGroupResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the specified inline policy that is embedded in the specified IAM group.
*
*
* A group can also have managed policies attached to it. To detach a managed policy from a group, use
* DetachGroupPolicy. For more information about policies, refer to Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param deleteGroupPolicyRequest
* @return Result of the DeleteGroupPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DeleteGroupPolicy
*/
@Override
public DeleteGroupPolicyResult deleteGroupPolicy(DeleteGroupPolicyRequest deleteGroupPolicyRequest) {
ExecutionContext executionContext = createExecutionContext(deleteGroupPolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteGroupPolicyRequestMarshaller().marshall(super.beforeMarshalling(deleteGroupPolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new DeleteGroupPolicyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the specified instance profile. The instance profile must not have an associated role.
*
*
*
* Make sure you do not have any Amazon EC2 instances running with the instance profile you are about to delete.
* Deleting a role or instance profile that is associated with a running instance will break any applications
* running on the instance.
*
*
*
* For more information about instance profiles, go to About Instance Profiles.
*
*
* @param deleteInstanceProfileRequest
* @return Result of the DeleteInstanceProfile operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws DeleteConflictException
* The request was rejected because it attempted to delete a resource that has attached subordinate
* entities. The error message describes these entities.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DeleteInstanceProfile
*/
@Override
public DeleteInstanceProfileResult deleteInstanceProfile(DeleteInstanceProfileRequest deleteInstanceProfileRequest) {
ExecutionContext executionContext = createExecutionContext(deleteInstanceProfileRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteInstanceProfileRequestMarshaller().marshall(super.beforeMarshalling(deleteInstanceProfileRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new DeleteInstanceProfileResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the password for the specified IAM user, which terminates the user's ability to access AWS services
* through the AWS Management Console.
*
*
*
* Deleting a user's password does not prevent a user from accessing AWS through the command line interface or the
* API. To prevent all user access you must also either make any access keys inactive or delete them. For more
* information about making keys inactive or deleting them, see UpdateAccessKey and DeleteAccessKey.
*
*
*
* @param deleteLoginProfileRequest
* @return Result of the DeleteLoginProfile operation returned by the service.
* @throws EntityTemporarilyUnmodifiableException
* The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user
* name that was deleted and then recreated. The error indicates that the request is likely to succeed if
* you try again after waiting several minutes. The error message describes the entity.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DeleteLoginProfile
*/
@Override
public DeleteLoginProfileResult deleteLoginProfile(DeleteLoginProfileRequest deleteLoginProfileRequest) {
ExecutionContext executionContext = createExecutionContext(deleteLoginProfileRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteLoginProfileRequestMarshaller().marshall(super.beforeMarshalling(deleteLoginProfileRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new DeleteLoginProfileResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes an OpenID Connect identity provider (IdP) resource object in IAM.
*
*
* Deleting an IAM OIDC provider resource does not update any roles that reference the provider as a principal in
* their trust policies. Any attempt to assume a role that references a deleted provider fails.
*
*
* This action is idempotent; it does not fail or return an error if you call the action for a provider that does
* not exist.
*
*
* @param deleteOpenIDConnectProviderRequest
* @return Result of the DeleteOpenIDConnectProvider operation returned by the service.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DeleteOpenIDConnectProvider
*/
@Override
public DeleteOpenIDConnectProviderResult deleteOpenIDConnectProvider(DeleteOpenIDConnectProviderRequest deleteOpenIDConnectProviderRequest) {
ExecutionContext executionContext = createExecutionContext(deleteOpenIDConnectProviderRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteOpenIDConnectProviderRequestMarshaller().marshall(super.beforeMarshalling(deleteOpenIDConnectProviderRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new DeleteOpenIDConnectProviderResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the specified managed policy.
*
*
* Before you can delete a managed policy, you must first detach the policy from all users, groups, and roles that
* it is attached to, and you must delete all of the policy's versions. The following steps describe the process for
* deleting a managed policy:
*
*
* -
*
* Detach the policy from all users, groups, and roles that the policy is attached to, using the
* DetachUserPolicy, DetachGroupPolicy, or DetachRolePolicy APIs. To list all the users,
* groups, and roles that a policy is attached to, use ListEntitiesForPolicy.
*
*
* -
*
* Delete all versions of the policy using DeletePolicyVersion. To list the policy's versions, use
* ListPolicyVersions. You cannot use DeletePolicyVersion to delete the version that is marked as the
* default version. You delete the policy's default version in the next step of the process.
*
*
* -
*
* Delete the policy (this automatically deletes the policy's default version) using this API.
*
*
*
*
* For information about managed policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param deletePolicyRequest
* @return Result of the DeletePolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws DeleteConflictException
* The request was rejected because it attempted to delete a resource that has attached subordinate
* entities. The error message describes these entities.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DeletePolicy
*/
@Override
public DeletePolicyResult deletePolicy(DeletePolicyRequest deletePolicyRequest) {
ExecutionContext executionContext = createExecutionContext(deletePolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeletePolicyRequestMarshaller().marshall(super.beforeMarshalling(deletePolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(new DeletePolicyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the specified version from the specified managed policy.
*
*
* You cannot delete the default version from a policy using this API. To delete the default version from a policy,
* use DeletePolicy. To find out which version of a policy is marked as the default version, use
* ListPolicyVersions.
*
*
* For information about versions for managed policies, see Versioning for Managed
* Policies in the IAM User Guide.
*
*
* @param deletePolicyVersionRequest
* @return Result of the DeletePolicyVersion operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws DeleteConflictException
* The request was rejected because it attempted to delete a resource that has attached subordinate
* entities. The error message describes these entities.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DeletePolicyVersion
*/
@Override
public DeletePolicyVersionResult deletePolicyVersion(DeletePolicyVersionRequest deletePolicyVersionRequest) {
ExecutionContext executionContext = createExecutionContext(deletePolicyVersionRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeletePolicyVersionRequestMarshaller().marshall(super.beforeMarshalling(deletePolicyVersionRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new DeletePolicyVersionResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the specified role. The role must not have any policies attached. For more information about roles, go to
* Working with Roles.
*
*
*
* Make sure you do not have any Amazon EC2 instances running with the role you are about to delete. Deleting a role
* or instance profile that is associated with a running instance will break any applications running on the
* instance.
*
*
*
* @param deleteRoleRequest
* @return Result of the DeleteRole operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws DeleteConflictException
* The request was rejected because it attempted to delete a resource that has attached subordinate
* entities. The error message describes these entities.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DeleteRole
*/
@Override
public DeleteRoleResult deleteRole(DeleteRoleRequest deleteRoleRequest) {
ExecutionContext executionContext = createExecutionContext(deleteRoleRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteRoleRequestMarshaller().marshall(super.beforeMarshalling(deleteRoleRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(new DeleteRoleResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the specified inline policy that is embedded in the specified IAM role.
*
*
* A role can also have managed policies attached to it. To detach a managed policy from a role, use
* DetachRolePolicy. For more information about policies, refer to Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param deleteRolePolicyRequest
* @return Result of the DeleteRolePolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DeleteRolePolicy
*/
@Override
public DeleteRolePolicyResult deleteRolePolicy(DeleteRolePolicyRequest deleteRolePolicyRequest) {
ExecutionContext executionContext = createExecutionContext(deleteRolePolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteRolePolicyRequestMarshaller().marshall(super.beforeMarshalling(deleteRolePolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new DeleteRolePolicyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes a SAML provider resource in IAM.
*
*
* Deleting the provider resource from IAM does not update any roles that reference the SAML provider resource's ARN
* as a principal in their trust policies. Any attempt to assume a role that references a non-existent provider
* resource ARN fails.
*
*
*
* This operation requires Signature
* Version 4.
*
*
*
* @param deleteSAMLProviderRequest
* @return Result of the DeleteSAMLProvider operation returned by the service.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DeleteSAMLProvider
*/
@Override
public DeleteSAMLProviderResult deleteSAMLProvider(DeleteSAMLProviderRequest deleteSAMLProviderRequest) {
ExecutionContext executionContext = createExecutionContext(deleteSAMLProviderRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteSAMLProviderRequestMarshaller().marshall(super.beforeMarshalling(deleteSAMLProviderRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new DeleteSAMLProviderResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the specified SSH public key.
*
*
* The SSH public key deleted by this action is used only for authenticating the associated IAM user to an AWS
* CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository,
* see Set up AWS
* CodeCommit for SSH Connections in the AWS CodeCommit User Guide.
*
*
* @param deleteSSHPublicKeyRequest
* @return Result of the DeleteSSHPublicKey operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @sample AmazonIdentityManagement.DeleteSSHPublicKey
*/
@Override
public DeleteSSHPublicKeyResult deleteSSHPublicKey(DeleteSSHPublicKeyRequest deleteSSHPublicKeyRequest) {
ExecutionContext executionContext = createExecutionContext(deleteSSHPublicKeyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteSSHPublicKeyRequestMarshaller().marshall(super.beforeMarshalling(deleteSSHPublicKeyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new DeleteSSHPublicKeyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the specified server certificate.
*
*
* For more information about working with server certificates, including a list of AWS services that can use the
* server certificates that you manage with IAM, go to Working with Server
* Certificates in the IAM User Guide.
*
*
*
* If you are using a server certificate with Elastic Load Balancing, deleting the certificate could have
* implications for your application. If Elastic Load Balancing doesn't detect the deletion of bound certificates,
* it may continue to use the certificates. This could cause Elastic Load Balancing to stop accepting traffic. We
* recommend that you remove the reference to the certificate from Elastic Load Balancing before using this command
* to delete the certificate. For more information, go to DeleteLoadBalancerListeners in the Elastic Load Balancing API Reference.
*
*
*
* @param deleteServerCertificateRequest
* @return Result of the DeleteServerCertificate operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws DeleteConflictException
* The request was rejected because it attempted to delete a resource that has attached subordinate
* entities. The error message describes these entities.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DeleteServerCertificate
*/
@Override
public DeleteServerCertificateResult deleteServerCertificate(DeleteServerCertificateRequest deleteServerCertificateRequest) {
ExecutionContext executionContext = createExecutionContext(deleteServerCertificateRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteServerCertificateRequestMarshaller().marshall(super.beforeMarshalling(deleteServerCertificateRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new DeleteServerCertificateResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes a signing certificate associated with the specified IAM user.
*
*
* If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing
* the request. Because this action works for access keys under the AWS account, you can use this action to manage
* root credentials even if the AWS account has no associated IAM users.
*
*
* @param deleteSigningCertificateRequest
* @return Result of the DeleteSigningCertificate operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DeleteSigningCertificate
*/
@Override
public DeleteSigningCertificateResult deleteSigningCertificate(DeleteSigningCertificateRequest deleteSigningCertificateRequest) {
ExecutionContext executionContext = createExecutionContext(deleteSigningCertificateRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteSigningCertificateRequestMarshaller().marshall(super.beforeMarshalling(deleteSigningCertificateRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new DeleteSigningCertificateResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the specified IAM user. The user must not belong to any groups or have any access keys, signing
* certificates, or attached policies.
*
*
* @param deleteUserRequest
* @return Result of the DeleteUser operation returned by the service.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws DeleteConflictException
* The request was rejected because it attempted to delete a resource that has attached subordinate
* entities. The error message describes these entities.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DeleteUser
*/
@Override
public DeleteUserResult deleteUser(DeleteUserRequest deleteUserRequest) {
ExecutionContext executionContext = createExecutionContext(deleteUserRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteUserRequestMarshaller().marshall(super.beforeMarshalling(deleteUserRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(new DeleteUserResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes the specified inline policy that is embedded in the specified IAM user.
*
*
* A user can also have managed policies attached to it. To detach a managed policy from a user, use
* DetachUserPolicy. For more information about policies, refer to Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param deleteUserPolicyRequest
* @return Result of the DeleteUserPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DeleteUserPolicy
*/
@Override
public DeleteUserPolicyResult deleteUserPolicy(DeleteUserPolicyRequest deleteUserPolicyRequest) {
ExecutionContext executionContext = createExecutionContext(deleteUserPolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteUserPolicyRequestMarshaller().marshall(super.beforeMarshalling(deleteUserPolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new DeleteUserPolicyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes a virtual MFA device.
*
*
*
* You must deactivate a user's virtual MFA device before you can delete it. For information about deactivating MFA
* devices, see DeactivateMFADevice.
*
*
*
* @param deleteVirtualMFADeviceRequest
* @return Result of the DeleteVirtualMFADevice operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws DeleteConflictException
* The request was rejected because it attempted to delete a resource that has attached subordinate
* entities. The error message describes these entities.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DeleteVirtualMFADevice
*/
@Override
public DeleteVirtualMFADeviceResult deleteVirtualMFADevice(DeleteVirtualMFADeviceRequest deleteVirtualMFADeviceRequest) {
ExecutionContext executionContext = createExecutionContext(deleteVirtualMFADeviceRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteVirtualMFADeviceRequestMarshaller().marshall(super.beforeMarshalling(deleteVirtualMFADeviceRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new DeleteVirtualMFADeviceResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Removes the specified managed policy from the specified IAM group.
*
*
* A group can also have inline policies embedded with it. To delete an inline policy, use the
* DeleteGroupPolicy API. For information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param detachGroupPolicyRequest
* @return Result of the DetachGroupPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DetachGroupPolicy
*/
@Override
public DetachGroupPolicyResult detachGroupPolicy(DetachGroupPolicyRequest detachGroupPolicyRequest) {
ExecutionContext executionContext = createExecutionContext(detachGroupPolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DetachGroupPolicyRequestMarshaller().marshall(super.beforeMarshalling(detachGroupPolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new DetachGroupPolicyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Removes the specified managed policy from the specified role.
*
*
* A role can also have inline policies embedded with it. To delete an inline policy, use the
* DeleteRolePolicy API. For information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param detachRolePolicyRequest
* @return Result of the DetachRolePolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DetachRolePolicy
*/
@Override
public DetachRolePolicyResult detachRolePolicy(DetachRolePolicyRequest detachRolePolicyRequest) {
ExecutionContext executionContext = createExecutionContext(detachRolePolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DetachRolePolicyRequestMarshaller().marshall(super.beforeMarshalling(detachRolePolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new DetachRolePolicyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Removes the specified managed policy from the specified user.
*
*
* A user can also have inline policies embedded with it. To delete an inline policy, use the
* DeleteUserPolicy API. For information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param detachUserPolicyRequest
* @return Result of the DetachUserPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.DetachUserPolicy
*/
@Override
public DetachUserPolicyResult detachUserPolicy(DetachUserPolicyRequest detachUserPolicyRequest) {
ExecutionContext executionContext = createExecutionContext(detachUserPolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DetachUserPolicyRequestMarshaller().marshall(super.beforeMarshalling(detachUserPolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new DetachUserPolicyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Enables the specified MFA device and associates it with the specified IAM user. When enabled, the MFA device is
* required for every subsequent login by the IAM user associated with the device.
*
*
* @param enableMFADeviceRequest
* @return Result of the EnableMFADevice operation returned by the service.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws EntityTemporarilyUnmodifiableException
* The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user
* name that was deleted and then recreated. The error indicates that the request is likely to succeed if
* you try again after waiting several minutes. The error message describes the entity.
* @throws InvalidAuthenticationCodeException
* The request was rejected because the authentication code was not recognized. The error message describes
* the specific error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.EnableMFADevice
*/
@Override
public EnableMFADeviceResult enableMFADevice(EnableMFADeviceRequest enableMFADeviceRequest) {
ExecutionContext executionContext = createExecutionContext(enableMFADeviceRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new EnableMFADeviceRequestMarshaller().marshall(super.beforeMarshalling(enableMFADeviceRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new EnableMFADeviceResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Generates a credential report for the AWS account. For more information about the credential report, see Getting Credential Reports in
* the IAM User Guide.
*
*
* @param generateCredentialReportRequest
* @return Result of the GenerateCredentialReport operation returned by the service.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.GenerateCredentialReport
*/
@Override
public GenerateCredentialReportResult generateCredentialReport(GenerateCredentialReportRequest generateCredentialReportRequest) {
ExecutionContext executionContext = createExecutionContext(generateCredentialReportRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GenerateCredentialReportRequestMarshaller().marshall(super.beforeMarshalling(generateCredentialReportRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new GenerateCredentialReportResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
@Override
public GenerateCredentialReportResult generateCredentialReport() {
return generateCredentialReport(new GenerateCredentialReportRequest());
}
/**
*
* Retrieves information about when the specified access key was last used. The information includes the date and
* time of last use, along with the AWS service and region that were specified in the last request made with that
* key.
*
*
* @param getAccessKeyLastUsedRequest
* @return Result of the GetAccessKeyLastUsed operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @sample AmazonIdentityManagement.GetAccessKeyLastUsed
*/
@Override
public GetAccessKeyLastUsedResult getAccessKeyLastUsed(GetAccessKeyLastUsedRequest getAccessKeyLastUsedRequest) {
ExecutionContext executionContext = createExecutionContext(getAccessKeyLastUsedRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetAccessKeyLastUsedRequestMarshaller().marshall(super.beforeMarshalling(getAccessKeyLastUsedRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new GetAccessKeyLastUsedResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Retrieves information about all IAM users, groups, roles, and policies in your AWS account, including their
* relationships to one another. Use this API to obtain a snapshot of the configuration of IAM permissions (users,
* groups, roles, and policies) in your account.
*
*
* You can optionally filter the results using the Filter parameter. You can paginate the results using
* the MaxItems and Marker parameters.
*
*
* @param getAccountAuthorizationDetailsRequest
* @return Result of the GetAccountAuthorizationDetails operation returned by the service.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.GetAccountAuthorizationDetails
*/
@Override
public GetAccountAuthorizationDetailsResult getAccountAuthorizationDetails(GetAccountAuthorizationDetailsRequest getAccountAuthorizationDetailsRequest) {
ExecutionContext executionContext = createExecutionContext(getAccountAuthorizationDetailsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetAccountAuthorizationDetailsRequestMarshaller().marshall(super.beforeMarshalling(getAccountAuthorizationDetailsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new GetAccountAuthorizationDetailsResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
@Override
public GetAccountAuthorizationDetailsResult getAccountAuthorizationDetails() {
return getAccountAuthorizationDetails(new GetAccountAuthorizationDetailsRequest());
}
/**
*
* Retrieves the password policy for the AWS account. For more information about using a password policy, go to Managing an IAM
* Password Policy.
*
*
* @param getAccountPasswordPolicyRequest
* @return Result of the GetAccountPasswordPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.GetAccountPasswordPolicy
*/
@Override
public GetAccountPasswordPolicyResult getAccountPasswordPolicy(GetAccountPasswordPolicyRequest getAccountPasswordPolicyRequest) {
ExecutionContext executionContext = createExecutionContext(getAccountPasswordPolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetAccountPasswordPolicyRequestMarshaller().marshall(super.beforeMarshalling(getAccountPasswordPolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new GetAccountPasswordPolicyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
@Override
public GetAccountPasswordPolicyResult getAccountPasswordPolicy() {
return getAccountPasswordPolicy(new GetAccountPasswordPolicyRequest());
}
/**
*
* Retrieves information about IAM entity usage and IAM quotas in the AWS account.
*
*
* For information about limitations on IAM entities, see Limitations on IAM Entities
* in the IAM User Guide.
*
*
* @param getAccountSummaryRequest
* @return Result of the GetAccountSummary operation returned by the service.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.GetAccountSummary
*/
@Override
public GetAccountSummaryResult getAccountSummary(GetAccountSummaryRequest getAccountSummaryRequest) {
ExecutionContext executionContext = createExecutionContext(getAccountSummaryRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetAccountSummaryRequestMarshaller().marshall(super.beforeMarshalling(getAccountSummaryRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new GetAccountSummaryResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
@Override
public GetAccountSummaryResult getAccountSummary() {
return getAccountSummary(new GetAccountSummaryRequest());
}
/**
*
* Gets a list of all of the context keys referenced in the input policies. The policies are supplied as a list of
* one or more strings. To get the context keys from policies associated with an IAM user, group, or role, use
* GetContextKeysForPrincipalPolicy.
*
*
* Context keys are variables maintained by AWS and its services that provide details about the context of an API
* query request, and can be evaluated by testing against a value specified in an IAM policy. Use
* GetContextKeysForCustomPolicy to understand what key names and values you must supply when you call
* SimulateCustomPolicy. Note that all parameters are shown in unencoded form here for clarity, but must be
* URL encoded to be included as a part of a real HTML request.
*
*
* @param getContextKeysForCustomPolicyRequest
* @return Result of the GetContextKeysForCustomPolicy operation returned by the service.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @sample AmazonIdentityManagement.GetContextKeysForCustomPolicy
*/
@Override
public GetContextKeysForCustomPolicyResult getContextKeysForCustomPolicy(GetContextKeysForCustomPolicyRequest getContextKeysForCustomPolicyRequest) {
ExecutionContext executionContext = createExecutionContext(getContextKeysForCustomPolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetContextKeysForCustomPolicyRequestMarshaller().marshall(super.beforeMarshalling(getContextKeysForCustomPolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new GetContextKeysForCustomPolicyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Gets a list of all of the context keys referenced in all of the IAM policies attached to the specified IAM
* entity. The entity can be an IAM user, group, or role. If you specify a user, then the request also includes all
* of the policies attached to groups that the user is a member of.
*
*
* You can optionally include a list of one or more additional policies, specified as strings. If you want to
* include only a list of policies by string, use GetContextKeysForCustomPolicy instead.
*
*
* Note: This API discloses information about the permissions granted to other users. If you do not want
* users to see other user's permissions, then consider allowing them to use GetContextKeysForCustomPolicy
* instead.
*
*
* Context keys are variables maintained by AWS and its services that provide details about the context of an API
* query request, and can be evaluated by testing against a value in an IAM policy. Use
* GetContextKeysForPrincipalPolicy to understand what key names and values you must supply when you call
* SimulatePrincipalPolicy.
*
*
* @param getContextKeysForPrincipalPolicyRequest
* @return Result of the GetContextKeysForPrincipalPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @sample AmazonIdentityManagement.GetContextKeysForPrincipalPolicy
*/
@Override
public GetContextKeysForPrincipalPolicyResult getContextKeysForPrincipalPolicy(
GetContextKeysForPrincipalPolicyRequest getContextKeysForPrincipalPolicyRequest) {
ExecutionContext executionContext = createExecutionContext(getContextKeysForPrincipalPolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetContextKeysForPrincipalPolicyRequestMarshaller().marshall(super.beforeMarshalling(getContextKeysForPrincipalPolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new GetContextKeysForPrincipalPolicyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Retrieves a credential report for the AWS account. For more information about the credential report, see Getting Credential Reports in
* the IAM User Guide.
*
*
* @param getCredentialReportRequest
* @return Result of the GetCredentialReport operation returned by the service.
* @throws CredentialReportNotPresentException
* The request was rejected because the credential report does not exist. To generate a credential report,
* use GenerateCredentialReport.
* @throws CredentialReportExpiredException
* The request was rejected because the most recent credential report has expired. To generate a new
* credential report, use GenerateCredentialReport. For more information about credential report
* expiration, see Getting
* Credential Reports in the IAM User Guide.
* @throws CredentialReportNotReadyException
* The request was rejected because the credential report is still being generated.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.GetCredentialReport
*/
@Override
public GetCredentialReportResult getCredentialReport(GetCredentialReportRequest getCredentialReportRequest) {
ExecutionContext executionContext = createExecutionContext(getCredentialReportRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetCredentialReportRequestMarshaller().marshall(super.beforeMarshalling(getCredentialReportRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new GetCredentialReportResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
@Override
public GetCredentialReportResult getCredentialReport() {
return getCredentialReport(new GetCredentialReportRequest());
}
/**
*
* Returns a list of IAM users that are in the specified IAM group. You can paginate the results using the
* MaxItems and Marker parameters.
*
*
* @param getGroupRequest
* @return Result of the GetGroup operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.GetGroup
*/
@Override
public GetGroupResult getGroup(GetGroupRequest getGroupRequest) {
ExecutionContext executionContext = createExecutionContext(getGroupRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetGroupRequestMarshaller().marshall(super.beforeMarshalling(getGroupRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(new GetGroupResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Retrieves the specified inline policy document that is embedded in the specified IAM group.
*
*
*
* Policies returned by this API are URL-encoded compliant with RFC
* 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you
* use Java, you can use the decode method of the java.net.URLDecoder utility class in the
* Java SDK. Other languages and SDKs provide similar functionality.
*
*
*
* An IAM group can also have managed policies attached to it. To retrieve a managed policy document that is
* attached to a group, use GetPolicy to determine the policy's default version, then use
* GetPolicyVersion to retrieve the policy document.
*
*
* For more information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param getGroupPolicyRequest
* @return Result of the GetGroupPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.GetGroupPolicy
*/
@Override
public GetGroupPolicyResult getGroupPolicy(GetGroupPolicyRequest getGroupPolicyRequest) {
ExecutionContext executionContext = createExecutionContext(getGroupPolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetGroupPolicyRequestMarshaller().marshall(super.beforeMarshalling(getGroupPolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new GetGroupPolicyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Retrieves information about the specified instance profile, including the instance profile's path, GUID, ARN, and
* role. For more information about instance profiles, see About Instance Profiles in
* the IAM User Guide.
*
*
* @param getInstanceProfileRequest
* @return Result of the GetInstanceProfile operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.GetInstanceProfile
*/
@Override
public GetInstanceProfileResult getInstanceProfile(GetInstanceProfileRequest getInstanceProfileRequest) {
ExecutionContext executionContext = createExecutionContext(getInstanceProfileRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetInstanceProfileRequestMarshaller().marshall(super.beforeMarshalling(getInstanceProfileRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new GetInstanceProfileResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Retrieves the user name and password-creation date for the specified IAM user. If the user has not been assigned
* a password, the action returns a 404 (NoSuchEntity) error.
*
*
* @param getLoginProfileRequest
* @return Result of the GetLoginProfile operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.GetLoginProfile
*/
@Override
public GetLoginProfileResult getLoginProfile(GetLoginProfileRequest getLoginProfileRequest) {
ExecutionContext executionContext = createExecutionContext(getLoginProfileRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetLoginProfileRequestMarshaller().marshall(super.beforeMarshalling(getLoginProfileRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new GetLoginProfileResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns information about the specified OpenID Connect (OIDC) provider resource object in IAM.
*
*
* @param getOpenIDConnectProviderRequest
* @return Result of the GetOpenIDConnectProvider operation returned by the service.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.GetOpenIDConnectProvider
*/
@Override
public GetOpenIDConnectProviderResult getOpenIDConnectProvider(GetOpenIDConnectProviderRequest getOpenIDConnectProviderRequest) {
ExecutionContext executionContext = createExecutionContext(getOpenIDConnectProviderRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetOpenIDConnectProviderRequestMarshaller().marshall(super.beforeMarshalling(getOpenIDConnectProviderRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new GetOpenIDConnectProviderResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Retrieves information about the specified managed policy, including the policy's default version and the total
* number of IAM users, groups, and roles to which the policy is attached. To retrieve the list of the specific
* users, groups, and roles that the policy is attached to, use the ListEntitiesForPolicy API. This API
* returns metadata about the policy. To retrieve the actual policy document for a specific version of the policy,
* use GetPolicyVersion.
*
*
* This API retrieves information about managed policies. To retrieve information about an inline policy that is
* embedded with an IAM user, group, or role, use the GetUserPolicy, GetGroupPolicy, or
* GetRolePolicy API.
*
*
* For more information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param getPolicyRequest
* @return Result of the GetPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.GetPolicy
*/
@Override
public GetPolicyResult getPolicy(GetPolicyRequest getPolicyRequest) {
ExecutionContext executionContext = createExecutionContext(getPolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetPolicyRequestMarshaller().marshall(super.beforeMarshalling(getPolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(new GetPolicyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Retrieves information about the specified version of the specified managed policy, including the policy document.
*
*
*
* Policies returned by this API are URL-encoded compliant with RFC
* 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you
* use Java, you can use the decode method of the java.net.URLDecoder utility class in the
* Java SDK. Other languages and SDKs provide similar functionality.
*
*
*
* To list the available versions for a policy, use ListPolicyVersions.
*
*
* This API retrieves information about managed policies. To retrieve information about an inline policy that is
* embedded in a user, group, or role, use the GetUserPolicy, GetGroupPolicy, or GetRolePolicy
* API.
*
*
* For more information about the types of policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* For more information about managed policy versions, see Versioning for Managed
* Policies in the IAM User Guide.
*
*
* @param getPolicyVersionRequest
* @return Result of the GetPolicyVersion operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.GetPolicyVersion
*/
@Override
public GetPolicyVersionResult getPolicyVersion(GetPolicyVersionRequest getPolicyVersionRequest) {
ExecutionContext executionContext = createExecutionContext(getPolicyVersionRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetPolicyVersionRequestMarshaller().marshall(super.beforeMarshalling(getPolicyVersionRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new GetPolicyVersionResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Retrieves information about the specified role, including the role's path, GUID, ARN, and the role's trust policy
* that grants permission to assume the role. For more information about roles, see Working with Roles.
*
*
*
* Policies returned by this API are URL-encoded compliant with RFC
* 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you
* use Java, you can use the decode method of the java.net.URLDecoder utility class in the
* Java SDK. Other languages and SDKs provide similar functionality.
*
*
*
* @param getRoleRequest
* @return Result of the GetRole operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.GetRole
*/
@Override
public GetRoleResult getRole(GetRoleRequest getRoleRequest) {
ExecutionContext executionContext = createExecutionContext(getRoleRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetRoleRequestMarshaller().marshall(super.beforeMarshalling(getRoleRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(new GetRoleResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Retrieves the specified inline policy document that is embedded with the specified IAM role.
*
*
*
* Policies returned by this API are URL-encoded compliant with RFC
* 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you
* use Java, you can use the decode method of the java.net.URLDecoder utility class in the
* Java SDK. Other languages and SDKs provide similar functionality.
*
*
*
* An IAM role can also have managed policies attached to it. To retrieve a managed policy document that is attached
* to a role, use GetPolicy to determine the policy's default version, then use GetPolicyVersion to
* retrieve the policy document.
*
*
* For more information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* For more information about roles, see Using Roles to Delegate Permissions
* and Federate Identities.
*
*
* @param getRolePolicyRequest
* @return Result of the GetRolePolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.GetRolePolicy
*/
@Override
public GetRolePolicyResult getRolePolicy(GetRolePolicyRequest getRolePolicyRequest) {
ExecutionContext executionContext = createExecutionContext(getRolePolicyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetRolePolicyRequestMarshaller().marshall(super.beforeMarshalling(getRolePolicyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(new GetRolePolicyResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns the SAML provider metadocument that was uploaded when the IAM SAML provider resource object was created
* or updated.
*
*
*
* This operation requires Signature
* Version 4.
*
*
*
* @param getSAMLProviderRequest
* @return Result of the GetSAMLProvider operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @sample AmazonIdentityManagement.GetSAMLProvider
*/
@Override
public GetSAMLProviderResult getSAMLProvider(GetSAMLProviderRequest getSAMLProviderRequest) {
ExecutionContext executionContext = createExecutionContext(getSAMLProviderRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetSAMLProviderRequestMarshaller().marshall(super.beforeMarshalling(getSAMLProviderRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler(
new GetSAMLProviderResultStaxUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Retrieves the specified SSH public key, including metadata about the key.
*
*
* The SSH public key retrieved by this action is used only for authenticating the associated IAM user to an AWS
* CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository,
* see Set up AWS
* CodeCommit for SSH Connections in the AWS CodeCommit User Guide.
*
*
* @param getSSHPublicKeyRequest
* @return Result of the GetSSHPublicKey operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced an entity that does not exist. The error message describes
* the entity.
* @throws UnrecognizedPublicKeyEncodingException
* The request was rejected because the public key encoding format is unsupported or unrecognized.
* @sample AmazonIdentityManagement.GetSSHPublicKey
*/
@Override
public GetSSHPublicKeyResult getSSHPublicKey(GetSSHPublicKeyRequest getSSHPublicKeyRequest) {
ExecutionContext executionContext = createExecutionContext(getSSHPublicKeyRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetSSHPublicKeyRequestMarshaller().marshall(super.beforeMarshalling(getSSHPublicKeyRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
StaxResponseHandler responseHandler = new StaxResponseHandler