com.amazonaws.services.identitymanagement.AmazonIdentityManagementClient Maven / Gradle / Ivy
/*
* Copyright 2010-2011 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
* A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed
* on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
* express or implied. See the License for the specific language governing
* permissions and limitations under the License.
*/
package com.amazonaws.services.identitymanagement;
import org.w3c.dom.Node;
import java.util.ArrayList;
import java.util.List;
import java.util.Map.Entry;
import java.security.SignatureException;
import com.amazonaws.*;
import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.auth.AWS3Signer;
import com.amazonaws.auth.QueryStringSigner;
import com.amazonaws.handlers.HandlerChainFactory;
import com.amazonaws.handlers.RequestHandler;
import com.amazonaws.http.StaxResponseHandler;
import com.amazonaws.http.DefaultErrorResponseHandler;
import com.amazonaws.http.HttpClient;
import com.amazonaws.http.HttpMethodName;
import com.amazonaws.http.HttpRequest;
import com.amazonaws.transform.Unmarshaller;
import com.amazonaws.transform.StaxUnmarshallerContext;
import com.amazonaws.transform.StandardErrorUnmarshaller;
import com.amazonaws.services.identitymanagement.model.*;
import com.amazonaws.services.identitymanagement.model.transform.*;
/**
* Client for accessing AmazonIdentityManagement. All service calls made
* using this client are blocking, and will not return until the service call
* completes.
*
* AWS Identity and Access Management
* AWS Identity and Access Management (IAM) is a web service that enables
* Amazon Web Services (AWS) customers to manage Users and User
* permissions under their AWS Account.
*
*
* This is the AWS Identity and Access Management API Reference. This
* guide describes who should read this guide and other resources related
* to IAM.
*
*
* Use of this guide assumes you are familiar with the following:
*
*
*
* - Basic understanding of web services (for information, go to W3
* Schools Web Services Tutorial at
* http://www.w3schools.com/webservices/default.asp ).
* - XML (for information, go to W3 Schools XML Tutorial at
* http://www.w3schools.com/xml/default.asp ).
* - JSON (for information, go to
* http://json.org )
* - The specific AWS products you are using or plan to use (e.g.,
* Amazon Elastic Compute Cloud (Amazon EC2), Amazon Simple Storage
* Service (Amazon S3), and so on.)
*
*
*
* If you're new to AWS and need additional technical information about a
* specific AWS product, you can find the product's technical
* documentation at
* http://aws.amazon.com/documentation/ .
*
*
* We will refer to Amazon AWS Identity and Access Management using the
* abbreviated form IAM. All copyrights and legal protections still
* apply.
*
*/
public class AmazonIdentityManagementClient extends AmazonWebServiceClient implements AmazonIdentityManagement {
/**
* The AWS credentials (access key ID and secret key) to use when
* authenticating with AWS services.
*/
private AWSCredentials awsCredentials;
/**
* List of exception unmarshallers for all AmazonIdentityManagement exceptions.
*/
protected final List> exceptionUnmarshallers;
/** Low level client for sending requests to AWS services. */
protected final HttpClient client;
/** Optional request handlers for additional request processing. */
private List requestHandlers = new ArrayList();
/** AWS signer for authenticating requests. */
private QueryStringSigner signer;
/**
* Constructs a new client to invoke service methods on
* AmazonIdentityManagement using the specified AWS account credentials.
*
*
* All service calls made using this new client object are blocking, and will not
* return until the service call completes.
*
* @param awsCredentials The AWS credentials (access key ID and secret key) to use
* when authenticating with AWS services.
*/
public AmazonIdentityManagementClient(AWSCredentials awsCredentials) {
this(awsCredentials, new ClientConfiguration());
}
/**
* Constructs a new client to invoke service methods on
* AmazonIdentityManagement using the specified AWS account credentials
* and client configuration options.
*
*
* All service calls made using this new client object are blocking, and will not
* return until the service call completes.
*
* @param awsCredentials The AWS credentials (access key ID and secret key) to use
* when authenticating with AWS services.
* @param clientConfiguration The client configuration options controlling how this
* client connects to AmazonIdentityManagement
* (ex: proxy settings, retry counts, etc.).
*/
public AmazonIdentityManagementClient(AWSCredentials awsCredentials, ClientConfiguration clientConfiguration) {
super(clientConfiguration);
this.awsCredentials = awsCredentials;
exceptionUnmarshallers = new ArrayList>();
exceptionUnmarshallers.add(new DuplicateCertificateExceptionUnmarshaller());
exceptionUnmarshallers.add(new EntityAlreadyExistsExceptionUnmarshaller());
exceptionUnmarshallers.add(new KeyPairMismatchExceptionUnmarshaller());
exceptionUnmarshallers.add(new DeleteConflictExceptionUnmarshaller());
exceptionUnmarshallers.add(new InvalidAuthenticationCodeExceptionUnmarshaller());
exceptionUnmarshallers.add(new EntityTemporarilyUnmodifiableExceptionUnmarshaller());
exceptionUnmarshallers.add(new MalformedCertificateExceptionUnmarshaller());
exceptionUnmarshallers.add(new InvalidCertificateExceptionUnmarshaller());
exceptionUnmarshallers.add(new MalformedPolicyDocumentExceptionUnmarshaller());
exceptionUnmarshallers.add(new LimitExceededExceptionUnmarshaller());
exceptionUnmarshallers.add(new NoSuchEntityExceptionUnmarshaller());
exceptionUnmarshallers.add(new StandardErrorUnmarshaller());
setEndpoint("iam.amazonaws.com");
signer = new QueryStringSigner(awsCredentials);
requestHandlers = new HandlerChainFactory().newRequestHandlerChain(
"/com/amazonaws/services/identitymanagement/request.handlers");
client = new HttpClient(clientConfiguration);
}
/**
*
* Lists the groups that have the specified path prefix.
*
*
* You can paginate the results using the MaxItems and
* Marker parameters.
*
*
* @param listGroupsRequest Container for the necessary parameters to
* execute the ListGroups service method on AmazonIdentityManagement.
*
* @return The response from the ListGroups service method, as returned
* by AmazonIdentityManagement.
*
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public ListGroupsResult listGroups(ListGroupsRequest listGroupsRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new ListGroupsRequestMarshaller().marshall(listGroupsRequest);
return invoke(request, new ListGroupsResultStaxUnmarshaller());
}
/**
*
* Deletes the access key associated with the specified User.
*
*
* If you do not specify a User name, IAM determines the User name
* implicitly based on the AWS Access Key ID signing the request. Because
* this action works for access keys under the AWS Account, you can use
* this API to manage root credentials even if the AWS Account has no
* associated Users.
*
*
* @param deleteAccessKeyRequest Container for the necessary parameters
* to execute the DeleteAccessKey service method on
* AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void deleteAccessKey(DeleteAccessKeyRequest deleteAccessKeyRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new DeleteAccessKeyRequestMarshaller().marshall(deleteAccessKeyRequest);
invoke(request, null);
}
/**
*
* Returns information about the signing certificates associated with the
* specified User. If there are none, the action returns an empty list.
*
*
* Although each User is limited to a small number of signing
* certificates, you can still paginate the results using the
* MaxItems and Marker parameters.
*
*
* If the UserName field is not specified, the UserName is
* determined implicitly based on the AWS Access Key ID used to sign the
* request. Because this action works for access keys under the AWS
* Account, this API can be used to manage root credentials even if the
* AWS Account has no associated Users.
*
*
* @param listSigningCertificatesRequest Container for the necessary
* parameters to execute the ListSigningCertificates service method on
* AmazonIdentityManagement.
*
* @return The response from the ListSigningCertificates service method,
* as returned by AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public ListSigningCertificatesResult listSigningCertificates(ListSigningCertificatesRequest listSigningCertificatesRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new ListSigningCertificatesRequestMarshaller().marshall(listSigningCertificatesRequest);
return invoke(request, new ListSigningCertificatesResultStaxUnmarshaller());
}
/**
*
* Uploads an X.509 signing certificate and associates it with the
* specified User. Some AWS services use X.509 signing certificates to
* validate requests that are signed with a corresponding private key.
* When you upload the certificate, its default status is
* Active .
*
*
* If the UserName field is not specified, the User name is
* determined implicitly based on the AWS Access Key ID used to sign the
* request. Because this action works for access keys under the AWS
* Account, this API can be used to manage root credentials even if the
* AWS Account has no associated Users.
*
*
* NOTE:Because the body of a X.509 certificate can be large, you
* should use POST rather than GET when calling UploadSigningCertificate.
* For more information, see Making Query Requests in Using AWS Identity
* and Access Management.
*
*
* @param uploadSigningCertificateRequest Container for the necessary
* parameters to execute the UploadSigningCertificate service method on
* AmazonIdentityManagement.
*
* @return The response from the UploadSigningCertificate service method,
* as returned by AmazonIdentityManagement.
*
* @throws DuplicateCertificateException
* @throws InvalidCertificateException
* @throws MalformedCertificateException
* @throws NoSuchEntityException
* @throws LimitExceededException
* @throws EntityAlreadyExistsException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public UploadSigningCertificateResult uploadSigningCertificate(UploadSigningCertificateRequest uploadSigningCertificateRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new UploadSigningCertificateRequestMarshaller().marshall(uploadSigningCertificateRequest);
return invoke(request, new UploadSigningCertificateResultStaxUnmarshaller());
}
/**
*
* Deletes the specified policy associated with the specified User.
*
*
* @param deleteUserPolicyRequest Container for the necessary parameters
* to execute the DeleteUserPolicy service method on
* AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void deleteUserPolicy(DeleteUserPolicyRequest deleteUserPolicyRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new DeleteUserPolicyRequestMarshaller().marshall(deleteUserPolicyRequest);
invoke(request, null);
}
/**
*
* Adds (or updates) a policy document associated with the specified
* User. For information about policies, refer to
* Overview of Policies in Using AWS Identity and Access
* Management .
*
*
* For information about limits on the number of policies you can
* associate with a User, see
* Limitations on IAM Entities in Using AWS Identity and Access
* Management .
*
*
* NOTE:Because policy documents can be large, you should use POST
* rather than GET when calling PutUserPolicy. For more information, see
* Making Query Requests in Using AWS Identity and Access Management.
*
*
* @param putUserPolicyRequest Container for the necessary parameters to
* execute the PutUserPolicy service method on AmazonIdentityManagement.
*
* @throws MalformedPolicyDocumentException
* @throws NoSuchEntityException
* @throws LimitExceededException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void putUserPolicy(PutUserPolicyRequest putUserPolicyRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new PutUserPolicyRequestMarshaller().marshall(putUserPolicyRequest);
invoke(request, null);
}
/**
*
* Lists the server certificates that have the specified path prefix. If
* none exist, the action returns an empty list.
*
*
* You can paginate the results using the MaxItems and
* Marker parameters.
*
*
* @param listServerCertificatesRequest Container for the necessary
* parameters to execute the ListServerCertificates service method on
* AmazonIdentityManagement.
*
* @return The response from the ListServerCertificates service method,
* as returned by AmazonIdentityManagement.
*
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public ListServerCertificatesResult listServerCertificates(ListServerCertificatesRequest listServerCertificatesRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new ListServerCertificatesRequestMarshaller().marshall(listServerCertificatesRequest);
return invoke(request, new ListServerCertificatesResultStaxUnmarshaller());
}
/**
*
* Retrieves the specified policy document for the specified User. The
* returned policy is URL-encoded according to RFC 3986. For more
* information about RFC 3986, go to
* http://www.faqs.org/rfcs/rfc3986.html .
*
*
* @param getUserPolicyRequest Container for the necessary parameters to
* execute the GetUserPolicy service method on AmazonIdentityManagement.
*
* @return The response from the GetUserPolicy service method, as
* returned by AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public GetUserPolicyResult getUserPolicy(GetUserPolicyRequest getUserPolicyRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new GetUserPolicyRequestMarshaller().marshall(getUserPolicyRequest);
return invoke(request, new GetUserPolicyResultStaxUnmarshaller());
}
/**
*
* Updates the login profile for the specified User. Use this API to
* change the User's password.
*
*
* NOTE:In the full release you will be able to use IAM to access
* your services through the AWS Management Console. Although this
* feature is not currently available, you can create login profiles for
* your Users now. Then, when this feature is implemented, your Users can
* use IAM to access your services through the AWS Management Console.
*
*
* @param updateLoginProfileRequest Container for the necessary
* parameters to execute the UpdateLoginProfile service method on
* AmazonIdentityManagement.
*
* @throws EntityTemporarilyUnmodifiableException
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void updateLoginProfile(UpdateLoginProfileRequest updateLoginProfileRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new UpdateLoginProfileRequestMarshaller().marshall(updateLoginProfileRequest);
invoke(request, null);
}
/**
*
* Updates the name and/or the path of the specified server certificate.
*
*
* IMPORTANT: You should understand the implications of changing a
* server certificate's path or name. For more information, see Managing
* Server Certificates in Using AWS Identity and Access Management.
*
*
* NOTE:To change a server certificate name the requester must
* have appropriate permissions on both the source object and the target
* object. For example, to change the name from ProductionCert to
* ProdCert, the entity making the request must have permission on
* ProductionCert and ProdCert, or must have permission on all (*). For
* more information about permissions, see Permissions and Policies.
*
*
* @param updateServerCertificateRequest Container for the necessary
* parameters to execute the UpdateServerCertificate service method on
* AmazonIdentityManagement.
*
* @throws NoSuchEntityException
* @throws EntityAlreadyExistsException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void updateServerCertificate(UpdateServerCertificateRequest updateServerCertificateRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new UpdateServerCertificateRequestMarshaller().marshall(updateServerCertificateRequest);
invoke(request, null);
}
/**
*
* Updates the name and/or the path of the specified User.
*
*
* IMPORTANT: You should understand the implications of changing a
* User's path or name. For more information, see Renaming Users and
* Groups in Using AWS Identity and Access Management.
*
*
* NOTE:To change a User name the requester must have appropriate
* permissions on both the source object and the target object. For
* example, to change Bob to Robert, the entity making the request must
* have permission on Bob and Robert, or must have permission on all (*).
* For more information about permissions, see Permissions and Policies.
*
*
* @param updateUserRequest Container for the necessary parameters to
* execute the UpdateUser service method on AmazonIdentityManagement.
*
* @throws EntityTemporarilyUnmodifiableException
* @throws NoSuchEntityException
* @throws EntityAlreadyExistsException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void updateUser(UpdateUserRequest updateUserRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new UpdateUserRequestMarshaller().marshall(updateUserRequest);
invoke(request, null);
}
/**
*
* Deletes the login profile for the specified User, which terminates the
* User's ability to access AWS services through the IAM login page.
*
*
* IMPORTANT:Deleting a User's login profile does not prevent a
* User from accessing IAM through the command line interface or the API.
* To prevent all User access you must also either make the access key
* inactive or delete it. For more information about making keys
* inactive or deleting them, see UpdateAccessKey and DeleteAccessKey.
*
*
* NOTE:In the full release you will be able to use IAM to access
* your services through the AWS Management Console. Although this
* feature is not currently available, you can create login profiles for
* your Users now. Then, when this feature is implemented, your Users can
* use IAM to access your services through the AWS Management Console.
*
*
* @param deleteLoginProfileRequest Container for the necessary
* parameters to execute the DeleteLoginProfile service method on
* AmazonIdentityManagement.
*
* @throws EntityTemporarilyUnmodifiableException
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void deleteLoginProfile(DeleteLoginProfileRequest deleteLoginProfileRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new DeleteLoginProfileRequestMarshaller().marshall(deleteLoginProfileRequest);
invoke(request, null);
}
/**
*
* Changes the status of the specified signing certificate from active to
* disabled, or vice versa. This action can be used to disable a User's
* signing certificate as part of a certificate rotation workflow.
*
*
* If the UserName field is not specified, the UserName is
* determined implicitly based on the AWS Access Key ID used to sign the
* request. Because this action works for access keys under the AWS
* Account, this API can be used to manage root credentials even if the
* AWS Account has no associated Users.
*
*
* For information about rotating certificates, see
* Managing Keys and Certificates in Using AWS Identity and
* Access Management .
*
*
* @param updateSigningCertificateRequest Container for the necessary
* parameters to execute the UpdateSigningCertificate service method on
* AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void updateSigningCertificate(UpdateSigningCertificateRequest updateSigningCertificateRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new UpdateSigningCertificateRequestMarshaller().marshall(updateSigningCertificateRequest);
invoke(request, null);
}
/**
*
* Deletes the specified policy that is associated with the specified
* group.
*
*
* @param deleteGroupPolicyRequest Container for the necessary parameters
* to execute the DeleteGroupPolicy service method on
* AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void deleteGroupPolicy(DeleteGroupPolicyRequest deleteGroupPolicyRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new DeleteGroupPolicyRequestMarshaller().marshall(deleteGroupPolicyRequest);
invoke(request, null);
}
/**
*
* Lists the Users that have the specified path prefix. If there are
* none, the action returns an empty list.
*
*
* You can paginate the results using the MaxItems and
* Marker parameters.
*
*
* @param listUsersRequest Container for the necessary parameters to
* execute the ListUsers service method on AmazonIdentityManagement.
*
* @return The response from the ListUsers service method, as returned by
* AmazonIdentityManagement.
*
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public ListUsersResult listUsers(ListUsersRequest listUsersRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new ListUsersRequestMarshaller().marshall(listUsersRequest);
return invoke(request, new ListUsersResultStaxUnmarshaller());
}
/**
*
* Updates the name and/or the path of the specified group.
*
*
* IMPORTANT: You should understand the implications of changing a
* group's path or name. For more information, see Renaming Users and
* Groups in Using AWS Identity and Access Management.
*
*
* NOTE:To change a group name the requester must have appropriate
* permissions on both the source object and the target object. For
* example, to change Managers to MGRs, the entity making the request
* must have permission on Managers and MGRs, or must have permission on
* all (*). For more information about permissions, see Permissions and
* Policies.
*
*
* @param updateGroupRequest Container for the necessary parameters to
* execute the UpdateGroup service method on AmazonIdentityManagement.
*
* @throws NoSuchEntityException
* @throws EntityAlreadyExistsException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void updateGroup(UpdateGroupRequest updateGroupRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new UpdateGroupRequestMarshaller().marshall(updateGroupRequest);
invoke(request, null);
}
/**
*
* Retrieves information about the specified server certificate.
*
*
* @param getServerCertificateRequest Container for the necessary
* parameters to execute the GetServerCertificate service method on
* AmazonIdentityManagement.
*
* @return The response from the GetServerCertificate service method, as
* returned by AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public GetServerCertificateResult getServerCertificate(GetServerCertificateRequest getServerCertificateRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new GetServerCertificateRequestMarshaller().marshall(getServerCertificateRequest);
return invoke(request, new GetServerCertificateResultStaxUnmarshaller());
}
/**
*
* Adds (or updates) a policy document associated with the specified
* group. For information about policies, refer to
* Overview of Policies in Using AWS Identity and Access
* Management .
*
*
* For information about limits on the number of policies you can
* associate with a group, see
* Limitations on IAM Entities in Using AWS Identity and Access
* Management .
*
*
* NOTE:Because policy documents can be large, you should use POST
* rather than GET when calling PutGroupPolicy. For more information, see
* Making Query Requests in Using AWS Identity and Access Management.
*
*
* @param putGroupPolicyRequest Container for the necessary parameters to
* execute the PutGroupPolicy service method on AmazonIdentityManagement.
*
* @throws MalformedPolicyDocumentException
* @throws NoSuchEntityException
* @throws LimitExceededException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void putGroupPolicy(PutGroupPolicyRequest putGroupPolicyRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new PutGroupPolicyRequestMarshaller().marshall(putGroupPolicyRequest);
invoke(request, null);
}
/**
*
* Creates a new User for your AWS Account.
*
*
* For information about limitations on the number of Users you can
* create, see
* Limitations on IAM Entities in Using AWS Identity and Access
* Management .
*
*
* @param createUserRequest Container for the necessary parameters to
* execute the CreateUser service method on AmazonIdentityManagement.
*
* @return The response from the CreateUser service method, as returned
* by AmazonIdentityManagement.
*
* @throws NoSuchEntityException
* @throws LimitExceededException
* @throws EntityAlreadyExistsException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public CreateUserResult createUser(CreateUserRequest createUserRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new CreateUserRequestMarshaller().marshall(createUserRequest);
return invoke(request, new CreateUserResultStaxUnmarshaller());
}
/**
*
* Deletes the specified signing certificate associated with the
* specified User.
*
*
* If you do not specify a User name, IAM determines the User name
* implicitly based on the AWS Access Key ID signing the request. Because
* this action works for access keys under the AWS Account, you can use
* this API to manage root credentials even if the AWS Account has no
* associated Users.
*
*
* @param deleteSigningCertificateRequest Container for the necessary
* parameters to execute the DeleteSigningCertificate service method on
* AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void deleteSigningCertificate(DeleteSigningCertificateRequest deleteSigningCertificateRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new DeleteSigningCertificateRequestMarshaller().marshall(deleteSigningCertificateRequest);
invoke(request, null);
}
/**
*
* Enables the specified MFA device and associates it with the specified
* User name. Once enabled, the MFA device is required for every
* subsequent login by the User name associated with the device.
*
*
* @param enableMFADeviceRequest Container for the necessary parameters
* to execute the EnableMFADevice service method on
* AmazonIdentityManagement.
*
* @throws EntityTemporarilyUnmodifiableException
* @throws NoSuchEntityException
* @throws InvalidAuthenticationCodeException
* @throws LimitExceededException
* @throws EntityAlreadyExistsException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void enableMFADevice(EnableMFADeviceRequest enableMFADeviceRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new EnableMFADeviceRequestMarshaller().marshall(enableMFADeviceRequest);
invoke(request, null);
}
/**
*
* Lists the names of the policies associated with the specified User. If
* there are none, the action returns an empty list.
*
*
* You can paginate the results using the MaxItems and
* Marker parameters.
*
*
* @param listUserPoliciesRequest Container for the necessary parameters
* to execute the ListUserPolicies service method on
* AmazonIdentityManagement.
*
* @return The response from the ListUserPolicies service method, as
* returned by AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public ListUserPoliciesResult listUserPolicies(ListUserPoliciesRequest listUserPoliciesRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new ListUserPoliciesRequestMarshaller().marshall(listUserPoliciesRequest);
return invoke(request, new ListUserPoliciesResultStaxUnmarshaller());
}
/**
*
* Returns information about the Access Key IDs associated with the
* specified User. If there are none, the action returns an empty list.
*
*
* Although each User is limited to a small number of keys, you can still
* paginate the results using the MaxItems and
* Marker parameters.
*
*
* If the UserName field is not specified, the UserName is
* determined implicitly based on the AWS Access Key ID used to sign the
* request. Because this action works for access keys under the AWS
* Account, this API can be used to manage root credentials even if the
* AWS Account has no associated Users.
*
*
* NOTE:To ensure the security of your AWS Account, the secret
* access key is accessible only during key and User creation.
*
*
* @param listAccessKeysRequest Container for the necessary parameters to
* execute the ListAccessKeys service method on AmazonIdentityManagement.
*
* @return The response from the ListAccessKeys service method, as
* returned by AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public ListAccessKeysResult listAccessKeys(ListAccessKeysRequest listAccessKeysRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new ListAccessKeysRequestMarshaller().marshall(listAccessKeysRequest);
return invoke(request, new ListAccessKeysResultStaxUnmarshaller());
}
/**
*
* Retrieves the login profile for the specified User.
*
*
* NOTE:In the full release you will be able to use IAM to access
* your services through the AWS Management Console. Although this
* feature is not currently available, you can create login profiles for
* your Users now. Then, when this feature is implemented, your Users can
* use IAM to access your services through the AWS Management Console.
*
*
* @param getLoginProfileRequest Container for the necessary parameters
* to execute the GetLoginProfile service method on
* AmazonIdentityManagement.
*
* @return The response from the GetLoginProfile service method, as
* returned by AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public GetLoginProfileResult getLoginProfile(GetLoginProfileRequest getLoginProfileRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new GetLoginProfileRequestMarshaller().marshall(getLoginProfileRequest);
return invoke(request, new GetLoginProfileResultStaxUnmarshaller());
}
/**
*
* Lists the groups the specified User belongs to.
*
*
* You can paginate the results using the MaxItems and
* Marker parameters.
*
*
* @param listGroupsForUserRequest Container for the necessary parameters
* to execute the ListGroupsForUser service method on
* AmazonIdentityManagement.
*
* @return The response from the ListGroupsForUser service method, as
* returned by AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public ListGroupsForUserResult listGroupsForUser(ListGroupsForUserRequest listGroupsForUserRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new ListGroupsForUserRequestMarshaller().marshall(listGroupsForUserRequest);
return invoke(request, new ListGroupsForUserResultStaxUnmarshaller());
}
/**
*
* Creates a new group.
*
*
* For information about the number of groups you can create, see
* Limitations on IAM Entities in Using AWS Identity and Access
* Management .
*
*
* @param createGroupRequest Container for the necessary parameters to
* execute the CreateGroup service method on AmazonIdentityManagement.
*
* @return The response from the CreateGroup service method, as returned
* by AmazonIdentityManagement.
*
* @throws NoSuchEntityException
* @throws LimitExceededException
* @throws EntityAlreadyExistsException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public CreateGroupResult createGroup(CreateGroupRequest createGroupRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new CreateGroupRequestMarshaller().marshall(createGroupRequest);
return invoke(request, new CreateGroupResultStaxUnmarshaller());
}
/**
*
* Uploads a server certificate entity for the AWS Account. The server
* certificate entity includes a public key certificate, a private key,
* and an optional certificate chain, which should all be PEM-encoded.
*
*
* For information about the number of server certificates you can
* upload, see
* Limitations on IAM Entities in Using AWS Identity and Access
* Management .
*
*
* NOTE:Because the body of the public key certificate, private
* key, and the certificate chain can be large, you should use POST
* rather than GET when calling UploadServerCertificate. For more
* information, see Making Query Requests in Using AWS Identity and
* Access Management.
*
*
* @param uploadServerCertificateRequest Container for the necessary
* parameters to execute the UploadServerCertificate service method on
* AmazonIdentityManagement.
*
* @return The response from the UploadServerCertificate service method,
* as returned by AmazonIdentityManagement.
*
* @throws KeyPairMismatchException
* @throws MalformedCertificateException
* @throws LimitExceededException
* @throws EntityAlreadyExistsException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public UploadServerCertificateResult uploadServerCertificate(UploadServerCertificateRequest uploadServerCertificateRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new UploadServerCertificateRequestMarshaller().marshall(uploadServerCertificateRequest);
return invoke(request, new UploadServerCertificateResultStaxUnmarshaller());
}
/**
*
* Retrieves the specified policy document for the specified group. The
* returned policy is URL-encoded according to RFC 3986. For more
* information about RFC 3986, go to
* http://www.faqs.org/rfcs/rfc3986.html .
*
*
* @param getGroupPolicyRequest Container for the necessary parameters to
* execute the GetGroupPolicy service method on AmazonIdentityManagement.
*
* @return The response from the GetGroupPolicy service method, as
* returned by AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public GetGroupPolicyResult getGroupPolicy(GetGroupPolicyRequest getGroupPolicyRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new GetGroupPolicyRequestMarshaller().marshall(getGroupPolicyRequest);
return invoke(request, new GetGroupPolicyResultStaxUnmarshaller());
}
/**
*
* Deletes the specified User. The User must not belong to any groups,
* have any keys or signing certificates, or have any attached policies.
*
*
* @param deleteUserRequest Container for the necessary parameters to
* execute the DeleteUser service method on AmazonIdentityManagement.
*
* @throws NoSuchEntityException
* @throws DeleteConflictException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void deleteUser(DeleteUserRequest deleteUserRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new DeleteUserRequestMarshaller().marshall(deleteUserRequest);
invoke(request, null);
}
/**
*
* Deactivates the specified MFA device and removes it from association
* with the User name for which it was originally enabled.
*
*
* @param deactivateMFADeviceRequest Container for the necessary
* parameters to execute the DeactivateMFADevice service method on
* AmazonIdentityManagement.
*
* @throws EntityTemporarilyUnmodifiableException
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void deactivateMFADevice(DeactivateMFADeviceRequest deactivateMFADeviceRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new DeactivateMFADeviceRequestMarshaller().marshall(deactivateMFADeviceRequest);
invoke(request, null);
}
/**
*
* Removes the specified User from the specified group.
*
*
* @param removeUserFromGroupRequest Container for the necessary
* parameters to execute the RemoveUserFromGroup service method on
* AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void removeUserFromGroup(RemoveUserFromGroupRequest removeUserFromGroupRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new RemoveUserFromGroupRequestMarshaller().marshall(removeUserFromGroupRequest);
invoke(request, null);
}
/**
*
* Deletes the specified server certificate.
*
*
* IMPORTANT:If your Elastic Load Balancing instances are using a
* server certificate, deleting the certificate could have implications
* for your application. If your Elastic Load Balancing instances do not
* detect the deletion of bound certificates, they may continue to use
* the certificates. This could cause them to stop accepting traffic.
* We recommend that you remove the reference to the certificate from
* your Elastic Load Balancing instances before using this command to
* delete the certificate.
*
*
* @param deleteServerCertificateRequest Container for the necessary
* parameters to execute the DeleteServerCertificate service method on
* AmazonIdentityManagement.
*
* @throws NoSuchEntityException
* @throws DeleteConflictException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void deleteServerCertificate(DeleteServerCertificateRequest deleteServerCertificateRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new DeleteServerCertificateRequestMarshaller().marshall(deleteServerCertificateRequest);
invoke(request, null);
}
/**
*
* Lists the names of the policies associated with the specified group.
* If there are none, the action returns an empty list.
*
*
* You can paginate the results using the MaxItems and
* Marker parameters.
*
*
* @param listGroupPoliciesRequest Container for the necessary parameters
* to execute the ListGroupPolicies service method on
* AmazonIdentityManagement.
*
* @return The response from the ListGroupPolicies service method, as
* returned by AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public ListGroupPoliciesResult listGroupPolicies(ListGroupPoliciesRequest listGroupPoliciesRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new ListGroupPoliciesRequestMarshaller().marshall(listGroupPoliciesRequest);
return invoke(request, new ListGroupPoliciesResultStaxUnmarshaller());
}
/**
*
* Creates a login profile for the specified User, giving the User the
* ability to access AWS services such as the AWS Management Console.
* For more information about login profiles, see
* Managing Login Profiles and MFA Devices in Using AWS Identity
* and Access Management .
*
*
* NOTE:In the full release you will be able to use IAM to access
* your services through the AWS Management Console. Although this
* feature is not currently available, you can create login profiles for
* your Users now. Then, when this feature is implemented, your Users can
* use IAM to access your services through the AWS Management Console.
*
*
* @param createLoginProfileRequest Container for the necessary
* parameters to execute the CreateLoginProfile service method on
* AmazonIdentityManagement.
*
* @return The response from the CreateLoginProfile service method, as
* returned by AmazonIdentityManagement.
*
* @throws NoSuchEntityException
* @throws EntityAlreadyExistsException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public CreateLoginProfileResult createLoginProfile(CreateLoginProfileRequest createLoginProfileRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new CreateLoginProfileRequestMarshaller().marshall(createLoginProfileRequest);
return invoke(request, new CreateLoginProfileResultStaxUnmarshaller());
}
/**
*
* Creates a new AWS Secret Access Key and corresponding AWS Access Key
* ID for the specified User. The default status for new keys is
* Active .
*
*
* If you do not specify a User name, IAM determines the User name
* implicitly based on the AWS Access Key ID signing the request. Because
* this action works for access keys under the AWS Account, you can use
* this API to manage root credentials even if the AWS Account has no
* associated Users.
*
*
* For information about limits on the number of keys you can create, see
*
* Limitations on IAM Entities in Using AWS Identity and Access
* Management .
*
*
* IMPORTANT:To ensure the security of your AWS Account, the
* Secret Access Key is accessible only during key and User creation.
* You must save the key (for example, in a text file) if you want to be
* able to access it again. If a secret key is lost, you can delete the
* access keys for the associated User and then create new keys.
*
*
* @param createAccessKeyRequest Container for the necessary parameters
* to execute the CreateAccessKey service method on
* AmazonIdentityManagement.
*
* @return The response from the CreateAccessKey service method, as
* returned by AmazonIdentityManagement.
*
* @throws NoSuchEntityException
* @throws LimitExceededException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public CreateAccessKeyResult createAccessKey(CreateAccessKeyRequest createAccessKeyRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new CreateAccessKeyRequestMarshaller().marshall(createAccessKeyRequest);
return invoke(request, new CreateAccessKeyResultStaxUnmarshaller());
}
/**
*
* Retrieves information about the specified User, including the User's
* path, GUID, and ARN.
*
*
* If you do not specify a User name, IAM determines the User name
* implicitly based on the AWS Access Key ID signing the request.
*
*
* @param getUserRequest Container for the necessary parameters to
* execute the GetUser service method on AmazonIdentityManagement.
*
* @return The response from the GetUser service method, as returned by
* AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public GetUserResult getUser(GetUserRequest getUserRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new GetUserRequestMarshaller().marshall(getUserRequest);
return invoke(request, new GetUserResultStaxUnmarshaller());
}
/**
*
* Synchronizes the specified MFA device with AWS servers.
*
*
* @param resyncMFADeviceRequest Container for the necessary parameters
* to execute the ResyncMFADevice service method on
* AmazonIdentityManagement.
*
* @throws NoSuchEntityException
* @throws InvalidAuthenticationCodeException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void resyncMFADevice(ResyncMFADeviceRequest resyncMFADeviceRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new ResyncMFADeviceRequestMarshaller().marshall(resyncMFADeviceRequest);
invoke(request, null);
}
/**
*
* Lists the MFA devices associated with the specified User name.
*
*
* You can paginate the results using the MaxItems and
* Marker parameters.
*
*
* @param listMFADevicesRequest Container for the necessary parameters to
* execute the ListMFADevices service method on AmazonIdentityManagement.
*
* @return The response from the ListMFADevices service method, as
* returned by AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public ListMFADevicesResult listMFADevices(ListMFADevicesRequest listMFADevicesRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new ListMFADevicesRequestMarshaller().marshall(listMFADevicesRequest);
return invoke(request, new ListMFADevicesResultStaxUnmarshaller());
}
/**
*
* Changes the status of the specified access key from Active to
* Inactive, or vice versa. This action can be used to disable a User's
* key as part of a key rotation workflow.
*
*
* If the UserName field is not specified, the UserName is
* determined implicitly based on the AWS Access Key ID used to sign the
* request. Because this action works for access keys under the AWS
* Account, this API can be used to manage root credentials even if the
* AWS Account has no associated Users.
*
*
* For information about rotating keys, see
* Managing Keys and Certificates in Using AWS Identity and
* Access Management .
*
*
* @param updateAccessKeyRequest Container for the necessary parameters
* to execute the UpdateAccessKey service method on
* AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void updateAccessKey(UpdateAccessKeyRequest updateAccessKeyRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new UpdateAccessKeyRequestMarshaller().marshall(updateAccessKeyRequest);
invoke(request, null);
}
/**
*
* Adds the specified User to the specified group.
*
*
* @param addUserToGroupRequest Container for the necessary parameters to
* execute the AddUserToGroup service method on AmazonIdentityManagement.
*
* @throws NoSuchEntityException
* @throws LimitExceededException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void addUserToGroup(AddUserToGroupRequest addUserToGroupRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new AddUserToGroupRequestMarshaller().marshall(addUserToGroupRequest);
invoke(request, null);
}
/**
*
* Returns a list of Users that are in the specified group. You can
* paginate the results using the MaxItems and
* Marker parameters.
*
*
* @param getGroupRequest Container for the necessary parameters to
* execute the GetGroup service method on AmazonIdentityManagement.
*
* @return The response from the GetGroup service method, as returned by
* AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public GetGroupResult getGroup(GetGroupRequest getGroupRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new GetGroupRequestMarshaller().marshall(getGroupRequest);
return invoke(request, new GetGroupResultStaxUnmarshaller());
}
/**
*
* Deletes the specified group. The group must not contain any Users or
* have any attached policies.
*
*
* @param deleteGroupRequest Container for the necessary parameters to
* execute the DeleteGroup service method on AmazonIdentityManagement.
*
* @throws NoSuchEntityException
* @throws DeleteConflictException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public void deleteGroup(DeleteGroupRequest deleteGroupRequest)
throws AmazonServiceException, AmazonClientException {
Request request = new DeleteGroupRequestMarshaller().marshall(deleteGroupRequest);
invoke(request, null);
}
/**
*
* Lists the groups that have the specified path prefix.
*
*
* You can paginate the results using the MaxItems and
* Marker parameters.
*
*
* @return The response from the ListGroups service method, as returned
* by AmazonIdentityManagement.
*
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public ListGroupsResult listGroups() throws AmazonServiceException, AmazonClientException {
return listGroups(new ListGroupsRequest());
}
/**
*
* Returns information about the signing certificates associated with the
* specified User. If there are none, the action returns an empty list.
*
*
* Although each User is limited to a small number of signing
* certificates, you can still paginate the results using the
* MaxItems and Marker parameters.
*
*
* If the UserName field is not specified, the UserName is
* determined implicitly based on the AWS Access Key ID used to sign the
* request. Because this action works for access keys under the AWS
* Account, this API can be used to manage root credentials even if the
* AWS Account has no associated Users.
*
*
* @return The response from the ListSigningCertificates service method,
* as returned by AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public ListSigningCertificatesResult listSigningCertificates() throws AmazonServiceException, AmazonClientException {
return listSigningCertificates(new ListSigningCertificatesRequest());
}
/**
*
* Lists the server certificates that have the specified path prefix. If
* none exist, the action returns an empty list.
*
*
* You can paginate the results using the MaxItems and
* Marker parameters.
*
*
* @return The response from the ListServerCertificates service method,
* as returned by AmazonIdentityManagement.
*
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public ListServerCertificatesResult listServerCertificates() throws AmazonServiceException, AmazonClientException {
return listServerCertificates(new ListServerCertificatesRequest());
}
/**
*
* Lists the Users that have the specified path prefix. If there are
* none, the action returns an empty list.
*
*
* You can paginate the results using the MaxItems and
* Marker parameters.
*
*
* @return The response from the ListUsers service method, as returned by
* AmazonIdentityManagement.
*
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public ListUsersResult listUsers() throws AmazonServiceException, AmazonClientException {
return listUsers(new ListUsersRequest());
}
/**
*
* Returns information about the Access Key IDs associated with the
* specified User. If there are none, the action returns an empty list.
*
*
* Although each User is limited to a small number of keys, you can still
* paginate the results using the MaxItems and
* Marker parameters.
*
*
* If the UserName field is not specified, the UserName is
* determined implicitly based on the AWS Access Key ID used to sign the
* request. Because this action works for access keys under the AWS
* Account, this API can be used to manage root credentials even if the
* AWS Account has no associated Users.
*
*
* NOTE:To ensure the security of your AWS Account, the secret
* access key is accessible only during key and User creation.
*
*
* @return The response from the ListAccessKeys service method, as
* returned by AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public ListAccessKeysResult listAccessKeys() throws AmazonServiceException, AmazonClientException {
return listAccessKeys(new ListAccessKeysRequest());
}
/**
*
* Creates a new AWS Secret Access Key and corresponding AWS Access Key
* ID for the specified User. The default status for new keys is
* Active .
*
*
* If you do not specify a User name, IAM determines the User name
* implicitly based on the AWS Access Key ID signing the request. Because
* this action works for access keys under the AWS Account, you can use
* this API to manage root credentials even if the AWS Account has no
* associated Users.
*
*
* For information about limits on the number of keys you can create, see
*
* Limitations on IAM Entities in Using AWS Identity and Access
* Management .
*
*
* IMPORTANT:To ensure the security of your AWS Account, the
* Secret Access Key is accessible only during key and User creation.
* You must save the key (for example, in a text file) if you want to be
* able to access it again. If a secret key is lost, you can delete the
* access keys for the associated User and then create new keys.
*
*
* @return The response from the CreateAccessKey service method, as
* returned by AmazonIdentityManagement.
*
* @throws NoSuchEntityException
* @throws LimitExceededException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public CreateAccessKeyResult createAccessKey() throws AmazonServiceException, AmazonClientException {
return createAccessKey(new CreateAccessKeyRequest());
}
/**
*
* Retrieves information about the specified User, including the User's
* path, GUID, and ARN.
*
*
* If you do not specify a User name, IAM determines the User name
* implicitly based on the AWS Access Key ID signing the request.
*
*
* @return The response from the GetUser service method, as returned by
* AmazonIdentityManagement.
*
* @throws NoSuchEntityException
*
* @throws AmazonClientException
* If any internal errors are encountered inside the client while
* attempting to make the request or handle the response. For example
* if a network connection is not available.
* @throws AmazonServiceException
* If an error response is returned by AmazonIdentityManagement indicating
* either a problem with the data in the request, or a server side issue.
*/
public GetUserResult getUser() throws AmazonServiceException, AmazonClientException {
return getUser(new GetUserRequest());
}
/**
* Returns additional metadata for a previously executed successful, request, typically used for
* debugging issues where a service isn't acting as expected. This data isn't considered part
* of the result data returned by an operation, so it's available through this separate,
* diagnostic interface.
*
* Response metadata is only cached for a limited period of time, so if you need to access
* this extra diagnostic information for an executed request, you should use this method
* to retrieve it as soon as possible after executing the request.
*
* @param request
* The originally executed request
*
* @return The response metadata for the specified request, or null if none
* is available.
*/
public ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request) {
return client.getResponseMetadataForRequest(request);
}
private X invoke(Request request, Unmarshaller unmarshaller) {
request.setEndpoint(endpoint);
for (Entry entry : request.getOriginalRequest().copyPrivateRequestParameters().entrySet()) {
request.addParameter(entry.getKey(), entry.getValue());
}
// Apply any additional service specific request handlers that need to be run
if (requestHandlers != null) {
for (RequestHandler requestHandler : requestHandlers) {
request = requestHandler.handleRequest(request);
}
}
try {
signer.sign(request);
} catch (SignatureException e) {
throw new AmazonServiceException("Unable to sign request", e);
}
HttpRequest httpRequest = convertToHttpRequest(request, HttpMethodName.POST);
StaxResponseHandler responseHandler = new StaxResponseHandler(unmarshaller);
DefaultErrorResponseHandler errorResponseHandler = new DefaultErrorResponseHandler(exceptionUnmarshallers);
return (X)client.execute(httpRequest, responseHandler, errorResponseHandler);
}
}