All Downloads are FREE. Search and download functionalities are using the official Maven repository.

software.amazon.awssdk.services.iam.DefaultIamClient Maven / Gradle / Ivy

Go to download

The AWS Java SDK for AWS IAM module holds the client classes that are used for communicating with AWS Identity and Access Management Service

There is a newer version: 2.30.1
Show newest version
/*
 * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
 * 
 * Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
 * the License. A copy of the License is located at
 * 
 * http://aws.amazon.com/apache2.0
 * 
 * or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
 * CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
 * and limitations under the License.
 */

package software.amazon.awssdk.services.iam;

import java.util.function.Consumer;
import software.amazon.awssdk.annotations.Generated;
import software.amazon.awssdk.annotations.SdkInternalApi;
import software.amazon.awssdk.awscore.AwsRequestOverrideConfiguration;
import software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler;
import software.amazon.awssdk.awscore.exception.AwsServiceException;
import software.amazon.awssdk.core.ApiName;
import software.amazon.awssdk.core.client.config.SdkClientConfiguration;
import software.amazon.awssdk.core.client.handler.ClientExecutionParams;
import software.amazon.awssdk.core.client.handler.SyncClientHandler;
import software.amazon.awssdk.core.exception.SdkClientException;
import software.amazon.awssdk.core.http.HttpResponseHandler;
import software.amazon.awssdk.core.util.VersionInfo;
import software.amazon.awssdk.protocols.core.ExceptionMetadata;
import software.amazon.awssdk.protocols.query.AwsQueryProtocolFactory;
import software.amazon.awssdk.services.iam.model.AddClientIdToOpenIdConnectProviderRequest;
import software.amazon.awssdk.services.iam.model.AddClientIdToOpenIdConnectProviderResponse;
import software.amazon.awssdk.services.iam.model.AddRoleToInstanceProfileRequest;
import software.amazon.awssdk.services.iam.model.AddRoleToInstanceProfileResponse;
import software.amazon.awssdk.services.iam.model.AddUserToGroupRequest;
import software.amazon.awssdk.services.iam.model.AddUserToGroupResponse;
import software.amazon.awssdk.services.iam.model.AttachGroupPolicyRequest;
import software.amazon.awssdk.services.iam.model.AttachGroupPolicyResponse;
import software.amazon.awssdk.services.iam.model.AttachRolePolicyRequest;
import software.amazon.awssdk.services.iam.model.AttachRolePolicyResponse;
import software.amazon.awssdk.services.iam.model.AttachUserPolicyRequest;
import software.amazon.awssdk.services.iam.model.AttachUserPolicyResponse;
import software.amazon.awssdk.services.iam.model.ChangePasswordRequest;
import software.amazon.awssdk.services.iam.model.ChangePasswordResponse;
import software.amazon.awssdk.services.iam.model.ConcurrentModificationException;
import software.amazon.awssdk.services.iam.model.CreateAccessKeyRequest;
import software.amazon.awssdk.services.iam.model.CreateAccessKeyResponse;
import software.amazon.awssdk.services.iam.model.CreateAccountAliasRequest;
import software.amazon.awssdk.services.iam.model.CreateAccountAliasResponse;
import software.amazon.awssdk.services.iam.model.CreateGroupRequest;
import software.amazon.awssdk.services.iam.model.CreateGroupResponse;
import software.amazon.awssdk.services.iam.model.CreateInstanceProfileRequest;
import software.amazon.awssdk.services.iam.model.CreateInstanceProfileResponse;
import software.amazon.awssdk.services.iam.model.CreateLoginProfileRequest;
import software.amazon.awssdk.services.iam.model.CreateLoginProfileResponse;
import software.amazon.awssdk.services.iam.model.CreateOpenIdConnectProviderRequest;
import software.amazon.awssdk.services.iam.model.CreateOpenIdConnectProviderResponse;
import software.amazon.awssdk.services.iam.model.CreatePolicyRequest;
import software.amazon.awssdk.services.iam.model.CreatePolicyResponse;
import software.amazon.awssdk.services.iam.model.CreatePolicyVersionRequest;
import software.amazon.awssdk.services.iam.model.CreatePolicyVersionResponse;
import software.amazon.awssdk.services.iam.model.CreateRoleRequest;
import software.amazon.awssdk.services.iam.model.CreateRoleResponse;
import software.amazon.awssdk.services.iam.model.CreateSamlProviderRequest;
import software.amazon.awssdk.services.iam.model.CreateSamlProviderResponse;
import software.amazon.awssdk.services.iam.model.CreateServiceLinkedRoleRequest;
import software.amazon.awssdk.services.iam.model.CreateServiceLinkedRoleResponse;
import software.amazon.awssdk.services.iam.model.CreateServiceSpecificCredentialRequest;
import software.amazon.awssdk.services.iam.model.CreateServiceSpecificCredentialResponse;
import software.amazon.awssdk.services.iam.model.CreateUserRequest;
import software.amazon.awssdk.services.iam.model.CreateUserResponse;
import software.amazon.awssdk.services.iam.model.CreateVirtualMfaDeviceRequest;
import software.amazon.awssdk.services.iam.model.CreateVirtualMfaDeviceResponse;
import software.amazon.awssdk.services.iam.model.CredentialReportExpiredException;
import software.amazon.awssdk.services.iam.model.CredentialReportNotPresentException;
import software.amazon.awssdk.services.iam.model.CredentialReportNotReadyException;
import software.amazon.awssdk.services.iam.model.DeactivateMfaDeviceRequest;
import software.amazon.awssdk.services.iam.model.DeactivateMfaDeviceResponse;
import software.amazon.awssdk.services.iam.model.DeleteAccessKeyRequest;
import software.amazon.awssdk.services.iam.model.DeleteAccessKeyResponse;
import software.amazon.awssdk.services.iam.model.DeleteAccountAliasRequest;
import software.amazon.awssdk.services.iam.model.DeleteAccountAliasResponse;
import software.amazon.awssdk.services.iam.model.DeleteAccountPasswordPolicyRequest;
import software.amazon.awssdk.services.iam.model.DeleteAccountPasswordPolicyResponse;
import software.amazon.awssdk.services.iam.model.DeleteConflictException;
import software.amazon.awssdk.services.iam.model.DeleteGroupPolicyRequest;
import software.amazon.awssdk.services.iam.model.DeleteGroupPolicyResponse;
import software.amazon.awssdk.services.iam.model.DeleteGroupRequest;
import software.amazon.awssdk.services.iam.model.DeleteGroupResponse;
import software.amazon.awssdk.services.iam.model.DeleteInstanceProfileRequest;
import software.amazon.awssdk.services.iam.model.DeleteInstanceProfileResponse;
import software.amazon.awssdk.services.iam.model.DeleteLoginProfileRequest;
import software.amazon.awssdk.services.iam.model.DeleteLoginProfileResponse;
import software.amazon.awssdk.services.iam.model.DeleteOpenIdConnectProviderRequest;
import software.amazon.awssdk.services.iam.model.DeleteOpenIdConnectProviderResponse;
import software.amazon.awssdk.services.iam.model.DeletePolicyRequest;
import software.amazon.awssdk.services.iam.model.DeletePolicyResponse;
import software.amazon.awssdk.services.iam.model.DeletePolicyVersionRequest;
import software.amazon.awssdk.services.iam.model.DeletePolicyVersionResponse;
import software.amazon.awssdk.services.iam.model.DeleteRolePermissionsBoundaryRequest;
import software.amazon.awssdk.services.iam.model.DeleteRolePermissionsBoundaryResponse;
import software.amazon.awssdk.services.iam.model.DeleteRolePolicyRequest;
import software.amazon.awssdk.services.iam.model.DeleteRolePolicyResponse;
import software.amazon.awssdk.services.iam.model.DeleteRoleRequest;
import software.amazon.awssdk.services.iam.model.DeleteRoleResponse;
import software.amazon.awssdk.services.iam.model.DeleteSamlProviderRequest;
import software.amazon.awssdk.services.iam.model.DeleteSamlProviderResponse;
import software.amazon.awssdk.services.iam.model.DeleteServerCertificateRequest;
import software.amazon.awssdk.services.iam.model.DeleteServerCertificateResponse;
import software.amazon.awssdk.services.iam.model.DeleteServiceLinkedRoleRequest;
import software.amazon.awssdk.services.iam.model.DeleteServiceLinkedRoleResponse;
import software.amazon.awssdk.services.iam.model.DeleteServiceSpecificCredentialRequest;
import software.amazon.awssdk.services.iam.model.DeleteServiceSpecificCredentialResponse;
import software.amazon.awssdk.services.iam.model.DeleteSigningCertificateRequest;
import software.amazon.awssdk.services.iam.model.DeleteSigningCertificateResponse;
import software.amazon.awssdk.services.iam.model.DeleteSshPublicKeyRequest;
import software.amazon.awssdk.services.iam.model.DeleteSshPublicKeyResponse;
import software.amazon.awssdk.services.iam.model.DeleteUserPermissionsBoundaryRequest;
import software.amazon.awssdk.services.iam.model.DeleteUserPermissionsBoundaryResponse;
import software.amazon.awssdk.services.iam.model.DeleteUserPolicyRequest;
import software.amazon.awssdk.services.iam.model.DeleteUserPolicyResponse;
import software.amazon.awssdk.services.iam.model.DeleteUserRequest;
import software.amazon.awssdk.services.iam.model.DeleteUserResponse;
import software.amazon.awssdk.services.iam.model.DeleteVirtualMfaDeviceRequest;
import software.amazon.awssdk.services.iam.model.DeleteVirtualMfaDeviceResponse;
import software.amazon.awssdk.services.iam.model.DetachGroupPolicyRequest;
import software.amazon.awssdk.services.iam.model.DetachGroupPolicyResponse;
import software.amazon.awssdk.services.iam.model.DetachRolePolicyRequest;
import software.amazon.awssdk.services.iam.model.DetachRolePolicyResponse;
import software.amazon.awssdk.services.iam.model.DetachUserPolicyRequest;
import software.amazon.awssdk.services.iam.model.DetachUserPolicyResponse;
import software.amazon.awssdk.services.iam.model.DuplicateCertificateException;
import software.amazon.awssdk.services.iam.model.DuplicateSshPublicKeyException;
import software.amazon.awssdk.services.iam.model.EnableMfaDeviceRequest;
import software.amazon.awssdk.services.iam.model.EnableMfaDeviceResponse;
import software.amazon.awssdk.services.iam.model.EntityAlreadyExistsException;
import software.amazon.awssdk.services.iam.model.EntityTemporarilyUnmodifiableException;
import software.amazon.awssdk.services.iam.model.GenerateCredentialReportRequest;
import software.amazon.awssdk.services.iam.model.GenerateCredentialReportResponse;
import software.amazon.awssdk.services.iam.model.GenerateOrganizationsAccessReportRequest;
import software.amazon.awssdk.services.iam.model.GenerateOrganizationsAccessReportResponse;
import software.amazon.awssdk.services.iam.model.GenerateServiceLastAccessedDetailsRequest;
import software.amazon.awssdk.services.iam.model.GenerateServiceLastAccessedDetailsResponse;
import software.amazon.awssdk.services.iam.model.GetAccessKeyLastUsedRequest;
import software.amazon.awssdk.services.iam.model.GetAccessKeyLastUsedResponse;
import software.amazon.awssdk.services.iam.model.GetAccountAuthorizationDetailsRequest;
import software.amazon.awssdk.services.iam.model.GetAccountAuthorizationDetailsResponse;
import software.amazon.awssdk.services.iam.model.GetAccountPasswordPolicyRequest;
import software.amazon.awssdk.services.iam.model.GetAccountPasswordPolicyResponse;
import software.amazon.awssdk.services.iam.model.GetAccountSummaryRequest;
import software.amazon.awssdk.services.iam.model.GetAccountSummaryResponse;
import software.amazon.awssdk.services.iam.model.GetContextKeysForCustomPolicyRequest;
import software.amazon.awssdk.services.iam.model.GetContextKeysForCustomPolicyResponse;
import software.amazon.awssdk.services.iam.model.GetContextKeysForPrincipalPolicyRequest;
import software.amazon.awssdk.services.iam.model.GetContextKeysForPrincipalPolicyResponse;
import software.amazon.awssdk.services.iam.model.GetCredentialReportRequest;
import software.amazon.awssdk.services.iam.model.GetCredentialReportResponse;
import software.amazon.awssdk.services.iam.model.GetGroupPolicyRequest;
import software.amazon.awssdk.services.iam.model.GetGroupPolicyResponse;
import software.amazon.awssdk.services.iam.model.GetGroupRequest;
import software.amazon.awssdk.services.iam.model.GetGroupResponse;
import software.amazon.awssdk.services.iam.model.GetInstanceProfileRequest;
import software.amazon.awssdk.services.iam.model.GetInstanceProfileResponse;
import software.amazon.awssdk.services.iam.model.GetLoginProfileRequest;
import software.amazon.awssdk.services.iam.model.GetLoginProfileResponse;
import software.amazon.awssdk.services.iam.model.GetOpenIdConnectProviderRequest;
import software.amazon.awssdk.services.iam.model.GetOpenIdConnectProviderResponse;
import software.amazon.awssdk.services.iam.model.GetOrganizationsAccessReportRequest;
import software.amazon.awssdk.services.iam.model.GetOrganizationsAccessReportResponse;
import software.amazon.awssdk.services.iam.model.GetPolicyRequest;
import software.amazon.awssdk.services.iam.model.GetPolicyResponse;
import software.amazon.awssdk.services.iam.model.GetPolicyVersionRequest;
import software.amazon.awssdk.services.iam.model.GetPolicyVersionResponse;
import software.amazon.awssdk.services.iam.model.GetRolePolicyRequest;
import software.amazon.awssdk.services.iam.model.GetRolePolicyResponse;
import software.amazon.awssdk.services.iam.model.GetRoleRequest;
import software.amazon.awssdk.services.iam.model.GetRoleResponse;
import software.amazon.awssdk.services.iam.model.GetSamlProviderRequest;
import software.amazon.awssdk.services.iam.model.GetSamlProviderResponse;
import software.amazon.awssdk.services.iam.model.GetServerCertificateRequest;
import software.amazon.awssdk.services.iam.model.GetServerCertificateResponse;
import software.amazon.awssdk.services.iam.model.GetServiceLastAccessedDetailsRequest;
import software.amazon.awssdk.services.iam.model.GetServiceLastAccessedDetailsResponse;
import software.amazon.awssdk.services.iam.model.GetServiceLastAccessedDetailsWithEntitiesRequest;
import software.amazon.awssdk.services.iam.model.GetServiceLastAccessedDetailsWithEntitiesResponse;
import software.amazon.awssdk.services.iam.model.GetServiceLinkedRoleDeletionStatusRequest;
import software.amazon.awssdk.services.iam.model.GetServiceLinkedRoleDeletionStatusResponse;
import software.amazon.awssdk.services.iam.model.GetSshPublicKeyRequest;
import software.amazon.awssdk.services.iam.model.GetSshPublicKeyResponse;
import software.amazon.awssdk.services.iam.model.GetUserPolicyRequest;
import software.amazon.awssdk.services.iam.model.GetUserPolicyResponse;
import software.amazon.awssdk.services.iam.model.GetUserRequest;
import software.amazon.awssdk.services.iam.model.GetUserResponse;
import software.amazon.awssdk.services.iam.model.IamException;
import software.amazon.awssdk.services.iam.model.IamRequest;
import software.amazon.awssdk.services.iam.model.InvalidAuthenticationCodeException;
import software.amazon.awssdk.services.iam.model.InvalidCertificateException;
import software.amazon.awssdk.services.iam.model.InvalidInputException;
import software.amazon.awssdk.services.iam.model.InvalidPublicKeyException;
import software.amazon.awssdk.services.iam.model.InvalidUserTypeException;
import software.amazon.awssdk.services.iam.model.KeyPairMismatchException;
import software.amazon.awssdk.services.iam.model.LimitExceededException;
import software.amazon.awssdk.services.iam.model.ListAccessKeysRequest;
import software.amazon.awssdk.services.iam.model.ListAccessKeysResponse;
import software.amazon.awssdk.services.iam.model.ListAccountAliasesRequest;
import software.amazon.awssdk.services.iam.model.ListAccountAliasesResponse;
import software.amazon.awssdk.services.iam.model.ListAttachedGroupPoliciesRequest;
import software.amazon.awssdk.services.iam.model.ListAttachedGroupPoliciesResponse;
import software.amazon.awssdk.services.iam.model.ListAttachedRolePoliciesRequest;
import software.amazon.awssdk.services.iam.model.ListAttachedRolePoliciesResponse;
import software.amazon.awssdk.services.iam.model.ListAttachedUserPoliciesRequest;
import software.amazon.awssdk.services.iam.model.ListAttachedUserPoliciesResponse;
import software.amazon.awssdk.services.iam.model.ListEntitiesForPolicyRequest;
import software.amazon.awssdk.services.iam.model.ListEntitiesForPolicyResponse;
import software.amazon.awssdk.services.iam.model.ListGroupPoliciesRequest;
import software.amazon.awssdk.services.iam.model.ListGroupPoliciesResponse;
import software.amazon.awssdk.services.iam.model.ListGroupsForUserRequest;
import software.amazon.awssdk.services.iam.model.ListGroupsForUserResponse;
import software.amazon.awssdk.services.iam.model.ListGroupsRequest;
import software.amazon.awssdk.services.iam.model.ListGroupsResponse;
import software.amazon.awssdk.services.iam.model.ListInstanceProfilesForRoleRequest;
import software.amazon.awssdk.services.iam.model.ListInstanceProfilesForRoleResponse;
import software.amazon.awssdk.services.iam.model.ListInstanceProfilesRequest;
import software.amazon.awssdk.services.iam.model.ListInstanceProfilesResponse;
import software.amazon.awssdk.services.iam.model.ListMfaDevicesRequest;
import software.amazon.awssdk.services.iam.model.ListMfaDevicesResponse;
import software.amazon.awssdk.services.iam.model.ListOpenIdConnectProvidersRequest;
import software.amazon.awssdk.services.iam.model.ListOpenIdConnectProvidersResponse;
import software.amazon.awssdk.services.iam.model.ListPoliciesGrantingServiceAccessRequest;
import software.amazon.awssdk.services.iam.model.ListPoliciesGrantingServiceAccessResponse;
import software.amazon.awssdk.services.iam.model.ListPoliciesRequest;
import software.amazon.awssdk.services.iam.model.ListPoliciesResponse;
import software.amazon.awssdk.services.iam.model.ListPolicyVersionsRequest;
import software.amazon.awssdk.services.iam.model.ListPolicyVersionsResponse;
import software.amazon.awssdk.services.iam.model.ListRolePoliciesRequest;
import software.amazon.awssdk.services.iam.model.ListRolePoliciesResponse;
import software.amazon.awssdk.services.iam.model.ListRoleTagsRequest;
import software.amazon.awssdk.services.iam.model.ListRoleTagsResponse;
import software.amazon.awssdk.services.iam.model.ListRolesRequest;
import software.amazon.awssdk.services.iam.model.ListRolesResponse;
import software.amazon.awssdk.services.iam.model.ListSamlProvidersRequest;
import software.amazon.awssdk.services.iam.model.ListSamlProvidersResponse;
import software.amazon.awssdk.services.iam.model.ListServerCertificatesRequest;
import software.amazon.awssdk.services.iam.model.ListServerCertificatesResponse;
import software.amazon.awssdk.services.iam.model.ListServiceSpecificCredentialsRequest;
import software.amazon.awssdk.services.iam.model.ListServiceSpecificCredentialsResponse;
import software.amazon.awssdk.services.iam.model.ListSigningCertificatesRequest;
import software.amazon.awssdk.services.iam.model.ListSigningCertificatesResponse;
import software.amazon.awssdk.services.iam.model.ListSshPublicKeysRequest;
import software.amazon.awssdk.services.iam.model.ListSshPublicKeysResponse;
import software.amazon.awssdk.services.iam.model.ListUserPoliciesRequest;
import software.amazon.awssdk.services.iam.model.ListUserPoliciesResponse;
import software.amazon.awssdk.services.iam.model.ListUserTagsRequest;
import software.amazon.awssdk.services.iam.model.ListUserTagsResponse;
import software.amazon.awssdk.services.iam.model.ListUsersRequest;
import software.amazon.awssdk.services.iam.model.ListUsersResponse;
import software.amazon.awssdk.services.iam.model.ListVirtualMfaDevicesRequest;
import software.amazon.awssdk.services.iam.model.ListVirtualMfaDevicesResponse;
import software.amazon.awssdk.services.iam.model.MalformedCertificateException;
import software.amazon.awssdk.services.iam.model.MalformedPolicyDocumentException;
import software.amazon.awssdk.services.iam.model.NoSuchEntityException;
import software.amazon.awssdk.services.iam.model.PasswordPolicyViolationException;
import software.amazon.awssdk.services.iam.model.PolicyEvaluationException;
import software.amazon.awssdk.services.iam.model.PolicyNotAttachableException;
import software.amazon.awssdk.services.iam.model.PutGroupPolicyRequest;
import software.amazon.awssdk.services.iam.model.PutGroupPolicyResponse;
import software.amazon.awssdk.services.iam.model.PutRolePermissionsBoundaryRequest;
import software.amazon.awssdk.services.iam.model.PutRolePermissionsBoundaryResponse;
import software.amazon.awssdk.services.iam.model.PutRolePolicyRequest;
import software.amazon.awssdk.services.iam.model.PutRolePolicyResponse;
import software.amazon.awssdk.services.iam.model.PutUserPermissionsBoundaryRequest;
import software.amazon.awssdk.services.iam.model.PutUserPermissionsBoundaryResponse;
import software.amazon.awssdk.services.iam.model.PutUserPolicyRequest;
import software.amazon.awssdk.services.iam.model.PutUserPolicyResponse;
import software.amazon.awssdk.services.iam.model.RemoveClientIdFromOpenIdConnectProviderRequest;
import software.amazon.awssdk.services.iam.model.RemoveClientIdFromOpenIdConnectProviderResponse;
import software.amazon.awssdk.services.iam.model.RemoveRoleFromInstanceProfileRequest;
import software.amazon.awssdk.services.iam.model.RemoveRoleFromInstanceProfileResponse;
import software.amazon.awssdk.services.iam.model.RemoveUserFromGroupRequest;
import software.amazon.awssdk.services.iam.model.RemoveUserFromGroupResponse;
import software.amazon.awssdk.services.iam.model.ReportGenerationLimitExceededException;
import software.amazon.awssdk.services.iam.model.ResetServiceSpecificCredentialRequest;
import software.amazon.awssdk.services.iam.model.ResetServiceSpecificCredentialResponse;
import software.amazon.awssdk.services.iam.model.ResyncMfaDeviceRequest;
import software.amazon.awssdk.services.iam.model.ResyncMfaDeviceResponse;
import software.amazon.awssdk.services.iam.model.ServiceFailureException;
import software.amazon.awssdk.services.iam.model.ServiceNotSupportedException;
import software.amazon.awssdk.services.iam.model.SetDefaultPolicyVersionRequest;
import software.amazon.awssdk.services.iam.model.SetDefaultPolicyVersionResponse;
import software.amazon.awssdk.services.iam.model.SetSecurityTokenServicePreferencesRequest;
import software.amazon.awssdk.services.iam.model.SetSecurityTokenServicePreferencesResponse;
import software.amazon.awssdk.services.iam.model.SimulateCustomPolicyRequest;
import software.amazon.awssdk.services.iam.model.SimulateCustomPolicyResponse;
import software.amazon.awssdk.services.iam.model.SimulatePrincipalPolicyRequest;
import software.amazon.awssdk.services.iam.model.SimulatePrincipalPolicyResponse;
import software.amazon.awssdk.services.iam.model.TagRoleRequest;
import software.amazon.awssdk.services.iam.model.TagRoleResponse;
import software.amazon.awssdk.services.iam.model.TagUserRequest;
import software.amazon.awssdk.services.iam.model.TagUserResponse;
import software.amazon.awssdk.services.iam.model.UnmodifiableEntityException;
import software.amazon.awssdk.services.iam.model.UnrecognizedPublicKeyEncodingException;
import software.amazon.awssdk.services.iam.model.UntagRoleRequest;
import software.amazon.awssdk.services.iam.model.UntagRoleResponse;
import software.amazon.awssdk.services.iam.model.UntagUserRequest;
import software.amazon.awssdk.services.iam.model.UntagUserResponse;
import software.amazon.awssdk.services.iam.model.UpdateAccessKeyRequest;
import software.amazon.awssdk.services.iam.model.UpdateAccessKeyResponse;
import software.amazon.awssdk.services.iam.model.UpdateAccountPasswordPolicyRequest;
import software.amazon.awssdk.services.iam.model.UpdateAccountPasswordPolicyResponse;
import software.amazon.awssdk.services.iam.model.UpdateAssumeRolePolicyRequest;
import software.amazon.awssdk.services.iam.model.UpdateAssumeRolePolicyResponse;
import software.amazon.awssdk.services.iam.model.UpdateGroupRequest;
import software.amazon.awssdk.services.iam.model.UpdateGroupResponse;
import software.amazon.awssdk.services.iam.model.UpdateLoginProfileRequest;
import software.amazon.awssdk.services.iam.model.UpdateLoginProfileResponse;
import software.amazon.awssdk.services.iam.model.UpdateOpenIdConnectProviderThumbprintRequest;
import software.amazon.awssdk.services.iam.model.UpdateOpenIdConnectProviderThumbprintResponse;
import software.amazon.awssdk.services.iam.model.UpdateRoleDescriptionRequest;
import software.amazon.awssdk.services.iam.model.UpdateRoleDescriptionResponse;
import software.amazon.awssdk.services.iam.model.UpdateRoleRequest;
import software.amazon.awssdk.services.iam.model.UpdateRoleResponse;
import software.amazon.awssdk.services.iam.model.UpdateSamlProviderRequest;
import software.amazon.awssdk.services.iam.model.UpdateSamlProviderResponse;
import software.amazon.awssdk.services.iam.model.UpdateServerCertificateRequest;
import software.amazon.awssdk.services.iam.model.UpdateServerCertificateResponse;
import software.amazon.awssdk.services.iam.model.UpdateServiceSpecificCredentialRequest;
import software.amazon.awssdk.services.iam.model.UpdateServiceSpecificCredentialResponse;
import software.amazon.awssdk.services.iam.model.UpdateSigningCertificateRequest;
import software.amazon.awssdk.services.iam.model.UpdateSigningCertificateResponse;
import software.amazon.awssdk.services.iam.model.UpdateSshPublicKeyRequest;
import software.amazon.awssdk.services.iam.model.UpdateSshPublicKeyResponse;
import software.amazon.awssdk.services.iam.model.UpdateUserRequest;
import software.amazon.awssdk.services.iam.model.UpdateUserResponse;
import software.amazon.awssdk.services.iam.model.UploadServerCertificateRequest;
import software.amazon.awssdk.services.iam.model.UploadServerCertificateResponse;
import software.amazon.awssdk.services.iam.model.UploadSigningCertificateRequest;
import software.amazon.awssdk.services.iam.model.UploadSigningCertificateResponse;
import software.amazon.awssdk.services.iam.model.UploadSshPublicKeyRequest;
import software.amazon.awssdk.services.iam.model.UploadSshPublicKeyResponse;
import software.amazon.awssdk.services.iam.paginators.GetAccountAuthorizationDetailsIterable;
import software.amazon.awssdk.services.iam.paginators.GetGroupIterable;
import software.amazon.awssdk.services.iam.paginators.ListAccessKeysIterable;
import software.amazon.awssdk.services.iam.paginators.ListAccountAliasesIterable;
import software.amazon.awssdk.services.iam.paginators.ListAttachedGroupPoliciesIterable;
import software.amazon.awssdk.services.iam.paginators.ListAttachedRolePoliciesIterable;
import software.amazon.awssdk.services.iam.paginators.ListAttachedUserPoliciesIterable;
import software.amazon.awssdk.services.iam.paginators.ListEntitiesForPolicyIterable;
import software.amazon.awssdk.services.iam.paginators.ListGroupPoliciesIterable;
import software.amazon.awssdk.services.iam.paginators.ListGroupsForUserIterable;
import software.amazon.awssdk.services.iam.paginators.ListGroupsIterable;
import software.amazon.awssdk.services.iam.paginators.ListInstanceProfilesForRoleIterable;
import software.amazon.awssdk.services.iam.paginators.ListInstanceProfilesIterable;
import software.amazon.awssdk.services.iam.paginators.ListMFADevicesIterable;
import software.amazon.awssdk.services.iam.paginators.ListPoliciesIterable;
import software.amazon.awssdk.services.iam.paginators.ListPolicyVersionsIterable;
import software.amazon.awssdk.services.iam.paginators.ListRolePoliciesIterable;
import software.amazon.awssdk.services.iam.paginators.ListRolesIterable;
import software.amazon.awssdk.services.iam.paginators.ListSSHPublicKeysIterable;
import software.amazon.awssdk.services.iam.paginators.ListServerCertificatesIterable;
import software.amazon.awssdk.services.iam.paginators.ListSigningCertificatesIterable;
import software.amazon.awssdk.services.iam.paginators.ListUserPoliciesIterable;
import software.amazon.awssdk.services.iam.paginators.ListUsersIterable;
import software.amazon.awssdk.services.iam.paginators.ListVirtualMFADevicesIterable;
import software.amazon.awssdk.services.iam.paginators.SimulateCustomPolicyIterable;
import software.amazon.awssdk.services.iam.paginators.SimulatePrincipalPolicyIterable;
import software.amazon.awssdk.services.iam.transform.AddClientIdToOpenIdConnectProviderRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.AddRoleToInstanceProfileRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.AddUserToGroupRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.AttachGroupPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.AttachRolePolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.AttachUserPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ChangePasswordRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateAccessKeyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateAccountAliasRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateGroupRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateInstanceProfileRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateLoginProfileRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateOpenIdConnectProviderRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreatePolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreatePolicyVersionRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateRoleRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateSamlProviderRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateServiceLinkedRoleRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateServiceSpecificCredentialRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateUserRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateVirtualMfaDeviceRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeactivateMfaDeviceRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteAccessKeyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteAccountAliasRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteAccountPasswordPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteGroupPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteGroupRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteInstanceProfileRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteLoginProfileRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteOpenIdConnectProviderRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeletePolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeletePolicyVersionRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteRolePermissionsBoundaryRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteRolePolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteRoleRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteSamlProviderRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteServerCertificateRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteServiceLinkedRoleRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteServiceSpecificCredentialRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteSigningCertificateRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteSshPublicKeyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteUserPermissionsBoundaryRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteUserPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteUserRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteVirtualMfaDeviceRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DetachGroupPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DetachRolePolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DetachUserPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.EnableMfaDeviceRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GenerateCredentialReportRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GenerateOrganizationsAccessReportRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GenerateServiceLastAccessedDetailsRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetAccessKeyLastUsedRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetAccountAuthorizationDetailsRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetAccountPasswordPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetAccountSummaryRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetContextKeysForCustomPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetContextKeysForPrincipalPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetCredentialReportRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetGroupPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetGroupRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetInstanceProfileRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetLoginProfileRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetOpenIdConnectProviderRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetOrganizationsAccessReportRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetPolicyVersionRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetRolePolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetRoleRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetSamlProviderRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetServerCertificateRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetServiceLastAccessedDetailsRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetServiceLastAccessedDetailsWithEntitiesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetServiceLinkedRoleDeletionStatusRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetSshPublicKeyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetUserPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetUserRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListAccessKeysRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListAccountAliasesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListAttachedGroupPoliciesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListAttachedRolePoliciesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListAttachedUserPoliciesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListEntitiesForPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListGroupPoliciesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListGroupsForUserRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListGroupsRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListInstanceProfilesForRoleRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListInstanceProfilesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListMfaDevicesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListOpenIdConnectProvidersRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListPoliciesGrantingServiceAccessRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListPoliciesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListPolicyVersionsRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListRolePoliciesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListRoleTagsRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListRolesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListSamlProvidersRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListServerCertificatesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListServiceSpecificCredentialsRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListSigningCertificatesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListSshPublicKeysRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListUserPoliciesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListUserTagsRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListUsersRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListVirtualMfaDevicesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.PutGroupPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.PutRolePermissionsBoundaryRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.PutRolePolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.PutUserPermissionsBoundaryRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.PutUserPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.RemoveClientIdFromOpenIdConnectProviderRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.RemoveRoleFromInstanceProfileRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.RemoveUserFromGroupRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ResetServiceSpecificCredentialRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ResyncMfaDeviceRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.SetDefaultPolicyVersionRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.SetSecurityTokenServicePreferencesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.SimulateCustomPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.SimulatePrincipalPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.TagRoleRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.TagUserRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UntagRoleRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UntagUserRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateAccessKeyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateAccountPasswordPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateAssumeRolePolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateGroupRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateLoginProfileRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateOpenIdConnectProviderThumbprintRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateRoleDescriptionRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateRoleRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateSamlProviderRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateServerCertificateRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateServiceSpecificCredentialRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateSigningCertificateRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateSshPublicKeyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateUserRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UploadServerCertificateRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UploadSigningCertificateRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UploadSshPublicKeyRequestMarshaller;

/**
 * Internal implementation of {@link IamClient}.
 *
 * @see IamClient#builder()
 */
@Generated("software.amazon.awssdk:codegen")
@SdkInternalApi
final class DefaultIamClient implements IamClient {
    private final SyncClientHandler clientHandler;

    private final AwsQueryProtocolFactory protocolFactory;

    private final SdkClientConfiguration clientConfiguration;

    protected DefaultIamClient(SdkClientConfiguration clientConfiguration) {
        this.clientHandler = new AwsSyncClientHandler(clientConfiguration);
        this.clientConfiguration = clientConfiguration;
        this.protocolFactory = init();
    }

    @Override
    public final String serviceName() {
        return SERVICE_NAME;
    }

    /**
     * 

* Adds a new client ID (also known as audience) to the list of client IDs already registered for the specified IAM * OpenID Connect (OIDC) provider resource. *

*

* This operation is idempotent; it does not fail or return an error if you add an existing client ID to the * provider. *

* * @param addClientIdToOpenIdConnectProviderRequest * @return Result of the AddClientIDToOpenIDConnectProvider operation returned by the service. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.AddClientIDToOpenIDConnectProvider * @see AWS API Documentation */ @Override public AddClientIdToOpenIdConnectProviderResponse addClientIDToOpenIDConnectProvider( AddClientIdToOpenIdConnectProviderRequest addClientIdToOpenIdConnectProviderRequest) throws InvalidInputException, NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(AddClientIdToOpenIdConnectProviderResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("AddClientIDToOpenIDConnectProvider").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(addClientIdToOpenIdConnectProviderRequest) .withMarshaller(new AddClientIdToOpenIdConnectProviderRequestMarshaller(protocolFactory))); } /** *

* Adds the specified IAM role to the specified instance profile. An instance profile can contain only one role, and * this limit cannot be increased. You can remove the existing role and then add a different role to an instance * profile. You must then wait for the change to appear across all of AWS because of eventual consistency. To force the change, you must * * disassociate the instance profile and then associate the * instance profile, or you can stop your instance and then restart it. *

* *

* The caller of this API must be granted the PassRole permission on the IAM role by a permissions * policy. *

*
*

* For more information about roles, go to Working with Roles. For more * information about instance profiles, go to About Instance Profiles. *

* * @param addRoleToInstanceProfileRequest * @return Result of the AddRoleToInstanceProfile operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws EntityAlreadyExistsException * The request was rejected because it attempted to create a resource that already exists. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws UnmodifiableEntityException * The request was rejected because only the service that depends on the service-linked role can modify or * delete the role on your behalf. The error message includes the name of the service that depends on this * service-linked role. You must request the change through that service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.AddRoleToInstanceProfile * @see AWS * API Documentation */ @Override public AddRoleToInstanceProfileResponse addRoleToInstanceProfile( AddRoleToInstanceProfileRequest addRoleToInstanceProfileRequest) throws NoSuchEntityException, EntityAlreadyExistsException, LimitExceededException, UnmodifiableEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(AddRoleToInstanceProfileResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("AddRoleToInstanceProfile").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(addRoleToInstanceProfileRequest) .withMarshaller(new AddRoleToInstanceProfileRequestMarshaller(protocolFactory))); } /** *

* Adds the specified user to the specified group. *

* * @param addUserToGroupRequest * @return Result of the AddUserToGroup operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.AddUserToGroup * @see AWS API * Documentation */ @Override public AddUserToGroupResponse addUserToGroup(AddUserToGroupRequest addUserToGroupRequest) throws NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(AddUserToGroupResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("AddUserToGroup").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(addUserToGroupRequest) .withMarshaller(new AddUserToGroupRequestMarshaller(protocolFactory))); } /** *

* Attaches the specified managed policy to the specified IAM group. *

*

* You use this API to attach a managed policy to a group. To embed an inline policy in a group, use * PutGroupPolicy. *

*

* For more information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

* * @param attachGroupPolicyRequest * @return Result of the AttachGroupPolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws PolicyNotAttachableException * The request failed because AWS service role policies can only be attached to the service-linked role for * that service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.AttachGroupPolicy * @see AWS API * Documentation */ @Override public AttachGroupPolicyResponse attachGroupPolicy(AttachGroupPolicyRequest attachGroupPolicyRequest) throws NoSuchEntityException, LimitExceededException, InvalidInputException, PolicyNotAttachableException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(AttachGroupPolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("AttachGroupPolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(attachGroupPolicyRequest) .withMarshaller(new AttachGroupPolicyRequestMarshaller(protocolFactory))); } /** *

* Attaches the specified managed policy to the specified IAM role. When you attach a managed policy to a role, the * managed policy becomes part of the role's permission (access) policy. *

* *

* You cannot use a managed policy as the role's trust policy. The role's trust policy is created at the same time * as the role, using CreateRole. You can update a role's trust policy using UpdateAssumeRolePolicy. *

*
*

* Use this API to attach a managed policy to a role. To embed an inline policy in a role, use * PutRolePolicy. For more information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

* * @param attachRolePolicyRequest * @return Result of the AttachRolePolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws UnmodifiableEntityException * The request was rejected because only the service that depends on the service-linked role can modify or * delete the role on your behalf. The error message includes the name of the service that depends on this * service-linked role. You must request the change through that service. * @throws PolicyNotAttachableException * The request failed because AWS service role policies can only be attached to the service-linked role for * that service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.AttachRolePolicy * @see AWS API * Documentation */ @Override public AttachRolePolicyResponse attachRolePolicy(AttachRolePolicyRequest attachRolePolicyRequest) throws NoSuchEntityException, LimitExceededException, InvalidInputException, UnmodifiableEntityException, PolicyNotAttachableException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(AttachRolePolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("AttachRolePolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(attachRolePolicyRequest) .withMarshaller(new AttachRolePolicyRequestMarshaller(protocolFactory))); } /** *

* Attaches the specified managed policy to the specified user. *

*

* You use this API to attach a managed policy to a user. To embed an inline policy in a user, use * PutUserPolicy. *

*

* For more information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

* * @param attachUserPolicyRequest * @return Result of the AttachUserPolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws PolicyNotAttachableException * The request failed because AWS service role policies can only be attached to the service-linked role for * that service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.AttachUserPolicy * @see AWS API * Documentation */ @Override public AttachUserPolicyResponse attachUserPolicy(AttachUserPolicyRequest attachUserPolicyRequest) throws NoSuchEntityException, LimitExceededException, InvalidInputException, PolicyNotAttachableException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(AttachUserPolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("AttachUserPolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(attachUserPolicyRequest) .withMarshaller(new AttachUserPolicyRequestMarshaller(protocolFactory))); } /** *

* Changes the password of the IAM user who is calling this operation. The AWS account root user password is not * affected by this operation. *

*

* To change the password for a different user, see UpdateLoginProfile. For more information about modifying * passwords, see Managing * Passwords in the IAM User Guide. *

* * @param changePasswordRequest * @return Result of the ChangePassword operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidUserTypeException * The request was rejected because the type of user for the transaction was incorrect. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws EntityTemporarilyUnmodifiableException * The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user * name that was deleted and then recreated. The error indicates that the request is likely to succeed if * you try again after waiting several minutes. The error message describes the entity. * @throws PasswordPolicyViolationException * The request was rejected because the provided password did not meet the requirements imposed by the * account password policy. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ChangePassword * @see AWS API * Documentation */ @Override public ChangePasswordResponse changePassword(ChangePasswordRequest changePasswordRequest) throws NoSuchEntityException, InvalidUserTypeException, LimitExceededException, EntityTemporarilyUnmodifiableException, PasswordPolicyViolationException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ChangePasswordResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ChangePassword").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(changePasswordRequest) .withMarshaller(new ChangePasswordRequestMarshaller(protocolFactory))); } /** *

* Creates a new AWS secret access key and corresponding AWS access key ID for the specified user. The default * status for new keys is Active. *

*

* If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing * the request. This operation works for access keys under the AWS account. Consequently, you can use this operation * to manage AWS account root user credentials. This is true even if the AWS account has no associated users. *

*

* For information about limits on the number of keys you can create, see Limitations on IAM * Entities in the IAM User Guide. *

* *

* To ensure the security of your AWS account, the secret access key is accessible only during key and user * creation. You must save the key (for example, in a text file) if you want to be able to access it again. If a * secret key is lost, you can delete the access keys for the associated user and then create new keys. *

*
* * @param createAccessKeyRequest * @return Result of the CreateAccessKey operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.CreateAccessKey * @see AWS API * Documentation */ @Override public CreateAccessKeyResponse createAccessKey(CreateAccessKeyRequest createAccessKeyRequest) throws NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(CreateAccessKeyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("CreateAccessKey").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(createAccessKeyRequest) .withMarshaller(new CreateAccessKeyRequestMarshaller(protocolFactory))); } /** *

* Creates an alias for your AWS account. For information about using an AWS account alias, see Using an Alias for Your AWS Account * ID in the IAM User Guide. *

* * @param createAccountAliasRequest * @return Result of the CreateAccountAlias operation returned by the service. * @throws EntityAlreadyExistsException * The request was rejected because it attempted to create a resource that already exists. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.CreateAccountAlias * @see AWS API * Documentation */ @Override public CreateAccountAliasResponse createAccountAlias(CreateAccountAliasRequest createAccountAliasRequest) throws EntityAlreadyExistsException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(CreateAccountAliasResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("CreateAccountAlias").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(createAccountAliasRequest) .withMarshaller(new CreateAccountAliasRequestMarshaller(protocolFactory))); } /** *

* Creates a new group. *

*

* For information about the number of groups you can create, see Limitations on IAM * Entities in the IAM User Guide. *

* * @param createGroupRequest * @return Result of the CreateGroup operation returned by the service. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws EntityAlreadyExistsException * The request was rejected because it attempted to create a resource that already exists. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.CreateGroup * @see AWS API * Documentation */ @Override public CreateGroupResponse createGroup(CreateGroupRequest createGroupRequest) throws LimitExceededException, EntityAlreadyExistsException, NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(CreateGroupResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("CreateGroup").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(createGroupRequest) .withMarshaller(new CreateGroupRequestMarshaller(protocolFactory))); } /** *

* Creates a new instance profile. For information about instance profiles, go to About Instance Profiles. *

*

* For information about the number of instance profiles you can create, see Limitations on IAM * Entities in the IAM User Guide. *

* * @param createInstanceProfileRequest * @return Result of the CreateInstanceProfile operation returned by the service. * @throws EntityAlreadyExistsException * The request was rejected because it attempted to create a resource that already exists. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.CreateInstanceProfile * @see AWS API * Documentation */ @Override public CreateInstanceProfileResponse createInstanceProfile(CreateInstanceProfileRequest createInstanceProfileRequest) throws EntityAlreadyExistsException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(CreateInstanceProfileResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("CreateInstanceProfile").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(createInstanceProfileRequest) .withMarshaller(new CreateInstanceProfileRequestMarshaller(protocolFactory))); } /** *

* Creates a password for the specified user, giving the user the ability to access AWS services through the AWS * Management Console. For more information about managing passwords, see Managing Passwords in the * IAM User Guide. *

* * @param createLoginProfileRequest * @return Result of the CreateLoginProfile operation returned by the service. * @throws EntityAlreadyExistsException * The request was rejected because it attempted to create a resource that already exists. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws PasswordPolicyViolationException * The request was rejected because the provided password did not meet the requirements imposed by the * account password policy. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.CreateLoginProfile * @see AWS API * Documentation */ @Override public CreateLoginProfileResponse createLoginProfile(CreateLoginProfileRequest createLoginProfileRequest) throws EntityAlreadyExistsException, NoSuchEntityException, PasswordPolicyViolationException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(CreateLoginProfileResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("CreateLoginProfile").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(createLoginProfileRequest) .withMarshaller(new CreateLoginProfileRequestMarshaller(protocolFactory))); } /** *

* Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC). *

*

* The OIDC provider that you create with this operation can be used as a principal in a role's trust policy. Such a * policy establishes a trust relationship between AWS and the OIDC provider. *

*

* When you create the IAM OIDC provider, you specify the following: *

*
    *
  • *

    * The URL of the OIDC identity provider (IdP) to trust *

    *
  • *
  • *

    * A list of client IDs (also known as audiences) that identify the application or applications that are allowed to * authenticate using the OIDC provider *

    *
  • *
  • *

    * A list of thumbprints of one or more server certificates that the IdP uses *

    *
  • *
*

* You get all of this information from the OIDC IdP that you want to use to access AWS. *

* *

* The trust for the OIDC provider is derived from the IAM provider that this operation creates. Therefore, it is * best to limit access to the CreateOpenIDConnectProvider operation to highly privileged users. *

*
* * @param createOpenIdConnectProviderRequest * @return Result of the CreateOpenIDConnectProvider operation returned by the service. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws EntityAlreadyExistsException * The request was rejected because it attempted to create a resource that already exists. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.CreateOpenIDConnectProvider * @see AWS API Documentation */ @Override public CreateOpenIdConnectProviderResponse createOpenIDConnectProvider( CreateOpenIdConnectProviderRequest createOpenIdConnectProviderRequest) throws InvalidInputException, EntityAlreadyExistsException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(CreateOpenIdConnectProviderResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("CreateOpenIDConnectProvider").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(createOpenIdConnectProviderRequest) .withMarshaller(new CreateOpenIdConnectProviderRequestMarshaller(protocolFactory))); } /** *

* Creates a new managed policy for your AWS account. *

*

* This operation creates a policy version with a version identifier of v1 and sets v1 as the policy's * default version. For more information about policy versions, see Versioning for Managed * Policies in the IAM User Guide. *

*

* For more information about managed policies in general, see Managed Policies and * Inline Policies in the IAM User Guide. *

* * @param createPolicyRequest * @return Result of the CreatePolicy operation returned by the service. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws EntityAlreadyExistsException * The request was rejected because it attempted to create a resource that already exists. * @throws MalformedPolicyDocumentException * The request was rejected because the policy document was malformed. The error message describes the * specific error. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.CreatePolicy * @see AWS API * Documentation */ @Override public CreatePolicyResponse createPolicy(CreatePolicyRequest createPolicyRequest) throws InvalidInputException, LimitExceededException, EntityAlreadyExistsException, MalformedPolicyDocumentException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(CreatePolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("CreatePolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(createPolicyRequest) .withMarshaller(new CreatePolicyRequestMarshaller(protocolFactory))); } /** *

* Creates a new version of the specified managed policy. To update a managed policy, you create a new policy * version. A managed policy can have up to five versions. If the policy has five versions, you must delete an * existing version using DeletePolicyVersion before you create a new version. *

*

* Optionally, you can set the new version as the policy's default version. The default version is the version that * is in effect for the IAM users, groups, and roles to which the policy is attached. *

*

* For more information about managed policy versions, see Versioning for Managed * Policies in the IAM User Guide. *

* * @param createPolicyVersionRequest * @return Result of the CreatePolicyVersion operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws MalformedPolicyDocumentException * The request was rejected because the policy document was malformed. The error message describes the * specific error. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.CreatePolicyVersion * @see AWS API * Documentation */ @Override public CreatePolicyVersionResponse createPolicyVersion(CreatePolicyVersionRequest createPolicyVersionRequest) throws NoSuchEntityException, MalformedPolicyDocumentException, InvalidInputException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(CreatePolicyVersionResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("CreatePolicyVersion").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(createPolicyVersionRequest) .withMarshaller(new CreatePolicyVersionRequestMarshaller(protocolFactory))); } /** *

* Creates a new role for your AWS account. For more information about roles, go to IAM Roles. For information * about limitations on role names and the number of roles you can create, go to Limitations on IAM * Entities in the IAM User Guide. *

* * @param createRoleRequest * @return Result of the CreateRole operation returned by the service. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws EntityAlreadyExistsException * The request was rejected because it attempted to create a resource that already exists. * @throws MalformedPolicyDocumentException * The request was rejected because the policy document was malformed. The error message describes the * specific error. * @throws ConcurrentModificationException * The request was rejected because multiple requests to change this object were submitted simultaneously. * Wait a few minutes and submit your request again. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.CreateRole * @see AWS API * Documentation */ @Override public CreateRoleResponse createRole(CreateRoleRequest createRoleRequest) throws LimitExceededException, InvalidInputException, EntityAlreadyExistsException, MalformedPolicyDocumentException, ConcurrentModificationException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(CreateRoleResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("CreateRole").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(createRoleRequest) .withMarshaller(new CreateRoleRequestMarshaller(protocolFactory))); } /** *

* Creates an IAM resource that describes an identity provider (IdP) that supports SAML 2.0. *

*

* The SAML provider resource that you create with this operation can be used as a principal in an IAM role's trust * policy. Such a policy can enable federated users who sign in using the SAML IdP to assume the role. You can * create an IAM role that supports Web-based single sign-on (SSO) to the AWS Management Console or one that * supports API access to AWS. *

*

* When you create the SAML provider resource, you upload a SAML metadata document that you get from your IdP. That * document includes the issuer's name, expiration information, and keys that can be used to validate the SAML * authentication response (assertions) that the IdP sends. You must generate the metadata document using the * identity management software that is used as your organization's IdP. *

* *

* This operation requires Signature Version 4. *

*
*

* For more information, see Enabling SAML * 2.0 Federated Users to Access the AWS Management Console and About SAML 2.0-based * Federation in the IAM User Guide. *

* * @param createSamlProviderRequest * @return Result of the CreateSAMLProvider operation returned by the service. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws EntityAlreadyExistsException * The request was rejected because it attempted to create a resource that already exists. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.CreateSAMLProvider * @see AWS API * Documentation */ @Override public CreateSamlProviderResponse createSAMLProvider(CreateSamlProviderRequest createSamlProviderRequest) throws InvalidInputException, EntityAlreadyExistsException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(CreateSamlProviderResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("CreateSAMLProvider").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(createSamlProviderRequest) .withMarshaller(new CreateSamlProviderRequestMarshaller(protocolFactory))); } /** *

* Creates an IAM role that is linked to a specific AWS service. The service controls the attached policies and when * the role can be deleted. This helps ensure that the service is not broken by an unexpectedly changed or deleted * role, which could put your AWS resources into an unknown state. Allowing the service to control the role helps * improve service stability and proper cleanup when a service and its role are no longer needed. For more * information, see Using * Service-Linked Roles in the IAM User Guide. *

*

* To attach a policy to this service-linked role, you must make the request using the AWS service that depends on * this role. *

* * @param createServiceLinkedRoleRequest * @return Result of the CreateServiceLinkedRole operation returned by the service. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.CreateServiceLinkedRole * @see AWS * API Documentation */ @Override public CreateServiceLinkedRoleResponse createServiceLinkedRole(CreateServiceLinkedRoleRequest createServiceLinkedRoleRequest) throws InvalidInputException, LimitExceededException, NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(CreateServiceLinkedRoleResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("CreateServiceLinkedRole").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(createServiceLinkedRoleRequest) .withMarshaller(new CreateServiceLinkedRoleRequestMarshaller(protocolFactory))); } /** *

* Generates a set of credentials consisting of a user name and password that can be used to access the service * specified in the request. These credentials are generated by IAM, and can be used only for the specified service. *

*

* You can have a maximum of two sets of service-specific credentials for each supported service per user. *

*

* The only supported service at this time is AWS CodeCommit. *

*

* You can reset the password to a new service-generated value by calling ResetServiceSpecificCredential. *

*

* For more information about service-specific credentials, see Using IAM with AWS * CodeCommit: Git Credentials, SSH Keys, and AWS Access Keys in the IAM User Guide. *

* * @param createServiceSpecificCredentialRequest * @return Result of the CreateServiceSpecificCredential operation returned by the service. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceNotSupportedException * The specified service does not support service-specific credentials. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.CreateServiceSpecificCredential * @see AWS API Documentation */ @Override public CreateServiceSpecificCredentialResponse createServiceSpecificCredential( CreateServiceSpecificCredentialRequest createServiceSpecificCredentialRequest) throws LimitExceededException, NoSuchEntityException, ServiceNotSupportedException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(CreateServiceSpecificCredentialResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("CreateServiceSpecificCredential").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(createServiceSpecificCredentialRequest) .withMarshaller(new CreateServiceSpecificCredentialRequestMarshaller(protocolFactory))); } /** *

* Creates a new IAM user for your AWS account. *

*

* For information about limitations on the number of IAM users you can create, see Limitations on IAM * Entities in the IAM User Guide. *

* * @param createUserRequest * @return Result of the CreateUser operation returned by the service. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws EntityAlreadyExistsException * The request was rejected because it attempted to create a resource that already exists. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws ConcurrentModificationException * The request was rejected because multiple requests to change this object were submitted simultaneously. * Wait a few minutes and submit your request again. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.CreateUser * @see AWS API * Documentation */ @Override public CreateUserResponse createUser(CreateUserRequest createUserRequest) throws LimitExceededException, EntityAlreadyExistsException, NoSuchEntityException, InvalidInputException, ConcurrentModificationException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(CreateUserResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("CreateUser").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(createUserRequest) .withMarshaller(new CreateUserRequestMarshaller(protocolFactory))); } /** *

* Creates a new virtual MFA device for the AWS account. After creating the virtual MFA, use EnableMFADevice * to attach the MFA device to an IAM user. For more information about creating and working with virtual MFA * devices, go to Using a Virtual * MFA Device in the IAM User Guide. *

*

* For information about limits on the number of MFA devices you can create, see Limitations on Entities in * the IAM User Guide. *

* *

* The seed information contained in the QR code and the Base32 string should be treated like any other secret * access information. In other words, protect the seed information as you would your AWS access keys or your * passwords. After you provision your virtual device, you should ensure that the information is destroyed following * secure procedures. *

*
* * @param createVirtualMfaDeviceRequest * @return Result of the CreateVirtualMFADevice operation returned by the service. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws EntityAlreadyExistsException * The request was rejected because it attempted to create a resource that already exists. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.CreateVirtualMFADevice * @see AWS API * Documentation */ @Override public CreateVirtualMfaDeviceResponse createVirtualMFADevice(CreateVirtualMfaDeviceRequest createVirtualMfaDeviceRequest) throws LimitExceededException, EntityAlreadyExistsException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(CreateVirtualMfaDeviceResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("CreateVirtualMFADevice").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(createVirtualMfaDeviceRequest) .withMarshaller(new CreateVirtualMfaDeviceRequestMarshaller(protocolFactory))); } /** *

* Deactivates the specified MFA device and removes it from association with the user name for which it was * originally enabled. *

*

* For more information about creating and working with virtual MFA devices, go to Enabling a Virtual Multi-factor * Authentication (MFA) Device in the IAM User Guide. *

* * @param deactivateMfaDeviceRequest * @return Result of the DeactivateMFADevice operation returned by the service. * @throws EntityTemporarilyUnmodifiableException * The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user * name that was deleted and then recreated. The error indicates that the request is likely to succeed if * you try again after waiting several minutes. The error message describes the entity. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeactivateMFADevice * @see AWS API * Documentation */ @Override public DeactivateMfaDeviceResponse deactivateMFADevice(DeactivateMfaDeviceRequest deactivateMfaDeviceRequest) throws EntityTemporarilyUnmodifiableException, NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeactivateMfaDeviceResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DeactivateMFADevice").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deactivateMfaDeviceRequest) .withMarshaller(new DeactivateMfaDeviceRequestMarshaller(protocolFactory))); } /** *

* Deletes the access key pair associated with the specified IAM user. *

*

* If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing * the request. This operation works for access keys under the AWS account. Consequently, you can use this operation * to manage AWS account root user credentials even if the AWS account has no associated users. *

* * @param deleteAccessKeyRequest * @return Result of the DeleteAccessKey operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteAccessKey * @see AWS API * Documentation */ @Override public DeleteAccessKeyResponse deleteAccessKey(DeleteAccessKeyRequest deleteAccessKeyRequest) throws NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteAccessKeyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DeleteAccessKey").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteAccessKeyRequest) .withMarshaller(new DeleteAccessKeyRequestMarshaller(protocolFactory))); } /** *

* Deletes the specified AWS account alias. For information about using an AWS account alias, see Using an Alias for Your AWS Account * ID in the IAM User Guide. *

* * @param deleteAccountAliasRequest * @return Result of the DeleteAccountAlias operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteAccountAlias * @see AWS API * Documentation */ @Override public DeleteAccountAliasResponse deleteAccountAlias(DeleteAccountAliasRequest deleteAccountAliasRequest) throws NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteAccountAliasResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DeleteAccountAlias").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteAccountAliasRequest) .withMarshaller(new DeleteAccountAliasRequestMarshaller(protocolFactory))); } /** *

* Deletes the password policy for the AWS account. There are no parameters. *

* * @param deleteAccountPasswordPolicyRequest * @return Result of the DeleteAccountPasswordPolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteAccountPasswordPolicy * @see AWS API Documentation */ @Override public DeleteAccountPasswordPolicyResponse deleteAccountPasswordPolicy( DeleteAccountPasswordPolicyRequest deleteAccountPasswordPolicyRequest) throws NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteAccountPasswordPolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("DeleteAccountPasswordPolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteAccountPasswordPolicyRequest) .withMarshaller(new DeleteAccountPasswordPolicyRequestMarshaller(protocolFactory))); } /** *

* Deletes the specified IAM group. The group must not contain any users or have any attached policies. *

* * @param deleteGroupRequest * @return Result of the DeleteGroup operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws DeleteConflictException * The request was rejected because it attempted to delete a resource that has attached subordinate * entities. The error message describes these entities. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteGroup * @see AWS API * Documentation */ @Override public DeleteGroupResponse deleteGroup(DeleteGroupRequest deleteGroupRequest) throws NoSuchEntityException, DeleteConflictException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteGroupResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DeleteGroup").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteGroupRequest) .withMarshaller(new DeleteGroupRequestMarshaller(protocolFactory))); } /** *

* Deletes the specified inline policy that is embedded in the specified IAM group. *

*

* A group can also have managed policies attached to it. To detach a managed policy from a group, use * DetachGroupPolicy. For more information about policies, refer to Managed Policies and * Inline Policies in the IAM User Guide. *

* * @param deleteGroupPolicyRequest * @return Result of the DeleteGroupPolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteGroupPolicy * @see AWS API * Documentation */ @Override public DeleteGroupPolicyResponse deleteGroupPolicy(DeleteGroupPolicyRequest deleteGroupPolicyRequest) throws NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteGroupPolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DeleteGroupPolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteGroupPolicyRequest) .withMarshaller(new DeleteGroupPolicyRequestMarshaller(protocolFactory))); } /** *

* Deletes the specified instance profile. The instance profile must not have an associated role. *

* *

* Make sure that you do not have any Amazon EC2 instances running with the instance profile you are about to * delete. Deleting a role or instance profile that is associated with a running instance will break any * applications running on the instance. *

*
*

* For more information about instance profiles, go to About Instance Profiles. *

* * @param deleteInstanceProfileRequest * @return Result of the DeleteInstanceProfile operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws DeleteConflictException * The request was rejected because it attempted to delete a resource that has attached subordinate * entities. The error message describes these entities. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteInstanceProfile * @see AWS API * Documentation */ @Override public DeleteInstanceProfileResponse deleteInstanceProfile(DeleteInstanceProfileRequest deleteInstanceProfileRequest) throws NoSuchEntityException, DeleteConflictException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteInstanceProfileResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DeleteInstanceProfile").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteInstanceProfileRequest) .withMarshaller(new DeleteInstanceProfileRequestMarshaller(protocolFactory))); } /** *

* Deletes the password for the specified IAM user, which terminates the user's ability to access AWS services * through the AWS Management Console. *

* *

* Deleting a user's password does not prevent a user from accessing AWS through the command line interface or the * API. To prevent all user access, you must also either make any access keys inactive or delete them. For more * information about making keys inactive or deleting them, see UpdateAccessKey and DeleteAccessKey. *

*
* * @param deleteLoginProfileRequest * @return Result of the DeleteLoginProfile operation returned by the service. * @throws EntityTemporarilyUnmodifiableException * The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user * name that was deleted and then recreated. The error indicates that the request is likely to succeed if * you try again after waiting several minutes. The error message describes the entity. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteLoginProfile * @see AWS API * Documentation */ @Override public DeleteLoginProfileResponse deleteLoginProfile(DeleteLoginProfileRequest deleteLoginProfileRequest) throws EntityTemporarilyUnmodifiableException, NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteLoginProfileResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DeleteLoginProfile").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteLoginProfileRequest) .withMarshaller(new DeleteLoginProfileRequestMarshaller(protocolFactory))); } /** *

* Deletes an OpenID Connect identity provider (IdP) resource object in IAM. *

*

* Deleting an IAM OIDC provider resource does not update any roles that reference the provider as a principal in * their trust policies. Any attempt to assume a role that references a deleted provider fails. *

*

* This operation is idempotent; it does not fail or return an error if you call the operation for a provider that * does not exist. *

* * @param deleteOpenIdConnectProviderRequest * @return Result of the DeleteOpenIDConnectProvider operation returned by the service. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteOpenIDConnectProvider * @see AWS API Documentation */ @Override public DeleteOpenIdConnectProviderResponse deleteOpenIDConnectProvider( DeleteOpenIdConnectProviderRequest deleteOpenIdConnectProviderRequest) throws InvalidInputException, NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteOpenIdConnectProviderResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("DeleteOpenIDConnectProvider").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteOpenIdConnectProviderRequest) .withMarshaller(new DeleteOpenIdConnectProviderRequestMarshaller(protocolFactory))); } /** *

* Deletes the specified managed policy. *

*

* Before you can delete a managed policy, you must first detach the policy from all users, groups, and roles that * it is attached to. In addition, you must delete all the policy's versions. The following steps describe the * process for deleting a managed policy: *

*
    *
  • *

    * Detach the policy from all users, groups, and roles that the policy is attached to, using the * DetachUserPolicy, DetachGroupPolicy, or DetachRolePolicy API operations. To list all the * users, groups, and roles that a policy is attached to, use ListEntitiesForPolicy. *

    *
  • *
  • *

    * Delete all versions of the policy using DeletePolicyVersion. To list the policy's versions, use * ListPolicyVersions. You cannot use DeletePolicyVersion to delete the version that is marked as the * default version. You delete the policy's default version in the next step of the process. *

    *
  • *
  • *

    * Delete the policy (this automatically deletes the policy's default version) using this API. *

    *
  • *
*

* For information about managed policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

* * @param deletePolicyRequest * @return Result of the DeletePolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws DeleteConflictException * The request was rejected because it attempted to delete a resource that has attached subordinate * entities. The error message describes these entities. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeletePolicy * @see AWS API * Documentation */ @Override public DeletePolicyResponse deletePolicy(DeletePolicyRequest deletePolicyRequest) throws NoSuchEntityException, LimitExceededException, InvalidInputException, DeleteConflictException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeletePolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DeletePolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deletePolicyRequest) .withMarshaller(new DeletePolicyRequestMarshaller(protocolFactory))); } /** *

* Deletes the specified version from the specified managed policy. *

*

* You cannot delete the default version from a policy using this API. To delete the default version from a policy, * use DeletePolicy. To find out which version of a policy is marked as the default version, use * ListPolicyVersions. *

*

* For information about versions for managed policies, see Versioning for Managed * Policies in the IAM User Guide. *

* * @param deletePolicyVersionRequest * @return Result of the DeletePolicyVersion operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws DeleteConflictException * The request was rejected because it attempted to delete a resource that has attached subordinate * entities. The error message describes these entities. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeletePolicyVersion * @see AWS API * Documentation */ @Override public DeletePolicyVersionResponse deletePolicyVersion(DeletePolicyVersionRequest deletePolicyVersionRequest) throws NoSuchEntityException, LimitExceededException, InvalidInputException, DeleteConflictException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeletePolicyVersionResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DeletePolicyVersion").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deletePolicyVersionRequest) .withMarshaller(new DeletePolicyVersionRequestMarshaller(protocolFactory))); } /** *

* Deletes the specified role. The role must not have any policies attached. For more information about roles, go to * Working with Roles. *

* *

* Make sure that you do not have any Amazon EC2 instances running with the role you are about to delete. Deleting a * role or instance profile that is associated with a running instance will break any applications running on the * instance. *

*
* * @param deleteRoleRequest * @return Result of the DeleteRole operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws DeleteConflictException * The request was rejected because it attempted to delete a resource that has attached subordinate * entities. The error message describes these entities. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws UnmodifiableEntityException * The request was rejected because only the service that depends on the service-linked role can modify or * delete the role on your behalf. The error message includes the name of the service that depends on this * service-linked role. You must request the change through that service. * @throws ConcurrentModificationException * The request was rejected because multiple requests to change this object were submitted simultaneously. * Wait a few minutes and submit your request again. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteRole * @see AWS API * Documentation */ @Override public DeleteRoleResponse deleteRole(DeleteRoleRequest deleteRoleRequest) throws NoSuchEntityException, DeleteConflictException, LimitExceededException, UnmodifiableEntityException, ConcurrentModificationException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteRoleResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DeleteRole").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteRoleRequest) .withMarshaller(new DeleteRoleRequestMarshaller(protocolFactory))); } /** *

* Deletes the permissions boundary for the specified IAM role. *

* *

* Deleting the permissions boundary for a role might increase its permissions. For example, it might allow anyone * who assumes the role to perform all the actions granted in its permissions policies. *

*
* * @param deleteRolePermissionsBoundaryRequest * @return Result of the DeleteRolePermissionsBoundary operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws UnmodifiableEntityException * The request was rejected because only the service that depends on the service-linked role can modify or * delete the role on your behalf. The error message includes the name of the service that depends on this * service-linked role. You must request the change through that service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteRolePermissionsBoundary * @see AWS API Documentation */ @Override public DeleteRolePermissionsBoundaryResponse deleteRolePermissionsBoundary( DeleteRolePermissionsBoundaryRequest deleteRolePermissionsBoundaryRequest) throws NoSuchEntityException, UnmodifiableEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteRolePermissionsBoundaryResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("DeleteRolePermissionsBoundary").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteRolePermissionsBoundaryRequest) .withMarshaller(new DeleteRolePermissionsBoundaryRequestMarshaller(protocolFactory))); } /** *

* Deletes the specified inline policy that is embedded in the specified IAM role. *

*

* A role can also have managed policies attached to it. To detach a managed policy from a role, use * DetachRolePolicy. For more information about policies, refer to Managed Policies and * Inline Policies in the IAM User Guide. *

* * @param deleteRolePolicyRequest * @return Result of the DeleteRolePolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws UnmodifiableEntityException * The request was rejected because only the service that depends on the service-linked role can modify or * delete the role on your behalf. The error message includes the name of the service that depends on this * service-linked role. You must request the change through that service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteRolePolicy * @see AWS API * Documentation */ @Override public DeleteRolePolicyResponse deleteRolePolicy(DeleteRolePolicyRequest deleteRolePolicyRequest) throws NoSuchEntityException, LimitExceededException, UnmodifiableEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteRolePolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DeleteRolePolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteRolePolicyRequest) .withMarshaller(new DeleteRolePolicyRequestMarshaller(protocolFactory))); } /** *

* Deletes a SAML provider resource in IAM. *

*

* Deleting the provider resource from IAM does not update any roles that reference the SAML provider resource's ARN * as a principal in their trust policies. Any attempt to assume a role that references a non-existent provider * resource ARN fails. *

* *

* This operation requires Signature Version 4. *

*
* * @param deleteSamlProviderRequest * @return Result of the DeleteSAMLProvider operation returned by the service. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteSAMLProvider * @see AWS API * Documentation */ @Override public DeleteSamlProviderResponse deleteSAMLProvider(DeleteSamlProviderRequest deleteSamlProviderRequest) throws InvalidInputException, LimitExceededException, NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteSamlProviderResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DeleteSAMLProvider").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteSamlProviderRequest) .withMarshaller(new DeleteSamlProviderRequestMarshaller(protocolFactory))); } /** *

* Deletes the specified SSH public key. *

*

* The SSH public key deleted by this operation is used only for authenticating the associated IAM user to an AWS * CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, * see Set up AWS * CodeCommit for SSH Connections in the AWS CodeCommit User Guide. *

* * @param deleteSshPublicKeyRequest * @return Result of the DeleteSSHPublicKey operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteSSHPublicKey * @see AWS API * Documentation */ @Override public DeleteSshPublicKeyResponse deleteSSHPublicKey(DeleteSshPublicKeyRequest deleteSshPublicKeyRequest) throws NoSuchEntityException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteSshPublicKeyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DeleteSSHPublicKey").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteSshPublicKeyRequest) .withMarshaller(new DeleteSshPublicKeyRequestMarshaller(protocolFactory))); } /** *

* Deletes the specified server certificate. *

*

* For more information about working with server certificates, see Working with Server * Certificates in the IAM User Guide. This topic also includes a list of AWS services that can use the * server certificates that you manage with IAM. *

* *

* If you are using a server certificate with Elastic Load Balancing, deleting the certificate could have * implications for your application. If Elastic Load Balancing doesn't detect the deletion of bound certificates, * it may continue to use the certificates. This could cause Elastic Load Balancing to stop accepting traffic. We * recommend that you remove the reference to the certificate from Elastic Load Balancing before using this command * to delete the certificate. For more information, go to DeleteLoadBalancerListeners in the Elastic Load Balancing API Reference. *

*
* * @param deleteServerCertificateRequest * @return Result of the DeleteServerCertificate operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws DeleteConflictException * The request was rejected because it attempted to delete a resource that has attached subordinate * entities. The error message describes these entities. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteServerCertificate * @see AWS * API Documentation */ @Override public DeleteServerCertificateResponse deleteServerCertificate(DeleteServerCertificateRequest deleteServerCertificateRequest) throws NoSuchEntityException, DeleteConflictException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteServerCertificateResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DeleteServerCertificate").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteServerCertificateRequest) .withMarshaller(new DeleteServerCertificateRequestMarshaller(protocolFactory))); } /** *

* Submits a service-linked role deletion request and returns a DeletionTaskId, which you can use to * check the status of the deletion. Before you call this operation, confirm that the role has no active sessions * and that any resources used by the role in the linked service are deleted. If you call this operation more than * once for the same service-linked role and an earlier deletion task is not complete, then the * DeletionTaskId of the earlier request is returned. *

*

* If you submit a deletion request for a service-linked role whose linked service is still accessing a resource, * then the deletion task fails. If it fails, the GetServiceLinkedRoleDeletionStatus API operation returns * the reason for the failure, usually including the resources that must be deleted. To delete the service-linked * role, you must first remove those resources from the linked service and then submit the deletion request again. * Resources are specific to the service that is linked to the role. For more information about removing resources * from a service, see the AWS documentation for your service. *

*

* For more information about service-linked roles, see Roles Terms and Concepts: AWS Service-Linked Role in the IAM User Guide. *

* * @param deleteServiceLinkedRoleRequest * @return Result of the DeleteServiceLinkedRole operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteServiceLinkedRole * @see AWS * API Documentation */ @Override public DeleteServiceLinkedRoleResponse deleteServiceLinkedRole(DeleteServiceLinkedRoleRequest deleteServiceLinkedRoleRequest) throws NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteServiceLinkedRoleResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DeleteServiceLinkedRole").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteServiceLinkedRoleRequest) .withMarshaller(new DeleteServiceLinkedRoleRequestMarshaller(protocolFactory))); } /** *

* Deletes the specified service-specific credential. *

* * @param deleteServiceSpecificCredentialRequest * @return Result of the DeleteServiceSpecificCredential operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteServiceSpecificCredential * @see AWS API Documentation */ @Override public DeleteServiceSpecificCredentialResponse deleteServiceSpecificCredential( DeleteServiceSpecificCredentialRequest deleteServiceSpecificCredentialRequest) throws NoSuchEntityException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteServiceSpecificCredentialResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("DeleteServiceSpecificCredential").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteServiceSpecificCredentialRequest) .withMarshaller(new DeleteServiceSpecificCredentialRequestMarshaller(protocolFactory))); } /** *

* Deletes a signing certificate associated with the specified IAM user. *

*

* If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing * the request. This operation works for access keys under the AWS account. Consequently, you can use this operation * to manage AWS account root user credentials even if the AWS account has no associated IAM users. *

* * @param deleteSigningCertificateRequest * @return Result of the DeleteSigningCertificate operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteSigningCertificate * @see AWS * API Documentation */ @Override public DeleteSigningCertificateResponse deleteSigningCertificate( DeleteSigningCertificateRequest deleteSigningCertificateRequest) throws NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteSigningCertificateResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("DeleteSigningCertificate").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteSigningCertificateRequest) .withMarshaller(new DeleteSigningCertificateRequestMarshaller(protocolFactory))); } /** *

* Deletes the specified IAM user. Unlike the AWS Management Console, when you delete a user programmatically, you * must delete the items attached to the user manually, or the deletion fails. For more information, see Deleting an * IAM User. Before attempting to delete a user, remove the following items: *

* * * @param deleteUserRequest * @return Result of the DeleteUser operation returned by the service. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws DeleteConflictException * The request was rejected because it attempted to delete a resource that has attached subordinate * entities. The error message describes these entities. * @throws ConcurrentModificationException * The request was rejected because multiple requests to change this object were submitted simultaneously. * Wait a few minutes and submit your request again. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteUser * @see AWS API * Documentation */ @Override public DeleteUserResponse deleteUser(DeleteUserRequest deleteUserRequest) throws LimitExceededException, NoSuchEntityException, DeleteConflictException, ConcurrentModificationException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteUserResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DeleteUser").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteUserRequest) .withMarshaller(new DeleteUserRequestMarshaller(protocolFactory))); } /** *

* Deletes the permissions boundary for the specified IAM user. *

* *

* Deleting the permissions boundary for a user might increase its permissions by allowing the user to perform all * the actions granted in its permissions policies. *

*
* * @param deleteUserPermissionsBoundaryRequest * @return Result of the DeleteUserPermissionsBoundary operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteUserPermissionsBoundary * @see AWS API Documentation */ @Override public DeleteUserPermissionsBoundaryResponse deleteUserPermissionsBoundary( DeleteUserPermissionsBoundaryRequest deleteUserPermissionsBoundaryRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteUserPermissionsBoundaryResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("DeleteUserPermissionsBoundary").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteUserPermissionsBoundaryRequest) .withMarshaller(new DeleteUserPermissionsBoundaryRequestMarshaller(protocolFactory))); } /** *

* Deletes the specified inline policy that is embedded in the specified IAM user. *

*

* A user can also have managed policies attached to it. To detach a managed policy from a user, use * DetachUserPolicy. For more information about policies, refer to Managed Policies and * Inline Policies in the IAM User Guide. *

* * @param deleteUserPolicyRequest * @return Result of the DeleteUserPolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteUserPolicy * @see AWS API * Documentation */ @Override public DeleteUserPolicyResponse deleteUserPolicy(DeleteUserPolicyRequest deleteUserPolicyRequest) throws NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteUserPolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DeleteUserPolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteUserPolicyRequest) .withMarshaller(new DeleteUserPolicyRequestMarshaller(protocolFactory))); } /** *

* Deletes a virtual MFA device. *

* *

* You must deactivate a user's virtual MFA device before you can delete it. For information about deactivating MFA * devices, see DeactivateMFADevice. *

*
* * @param deleteVirtualMfaDeviceRequest * @return Result of the DeleteVirtualMFADevice operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws DeleteConflictException * The request was rejected because it attempted to delete a resource that has attached subordinate * entities. The error message describes these entities. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DeleteVirtualMFADevice * @see AWS API * Documentation */ @Override public DeleteVirtualMfaDeviceResponse deleteVirtualMFADevice(DeleteVirtualMfaDeviceRequest deleteVirtualMfaDeviceRequest) throws NoSuchEntityException, DeleteConflictException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DeleteVirtualMfaDeviceResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DeleteVirtualMFADevice").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(deleteVirtualMfaDeviceRequest) .withMarshaller(new DeleteVirtualMfaDeviceRequestMarshaller(protocolFactory))); } /** *

* Removes the specified managed policy from the specified IAM group. *

*

* A group can also have inline policies embedded with it. To delete an inline policy, use the * DeleteGroupPolicy API. For information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

* * @param detachGroupPolicyRequest * @return Result of the DetachGroupPolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DetachGroupPolicy * @see AWS API * Documentation */ @Override public DetachGroupPolicyResponse detachGroupPolicy(DetachGroupPolicyRequest detachGroupPolicyRequest) throws NoSuchEntityException, LimitExceededException, InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DetachGroupPolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DetachGroupPolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(detachGroupPolicyRequest) .withMarshaller(new DetachGroupPolicyRequestMarshaller(protocolFactory))); } /** *

* Removes the specified managed policy from the specified role. *

*

* A role can also have inline policies embedded with it. To delete an inline policy, use the * DeleteRolePolicy API. For information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

* * @param detachRolePolicyRequest * @return Result of the DetachRolePolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws UnmodifiableEntityException * The request was rejected because only the service that depends on the service-linked role can modify or * delete the role on your behalf. The error message includes the name of the service that depends on this * service-linked role. You must request the change through that service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DetachRolePolicy * @see AWS API * Documentation */ @Override public DetachRolePolicyResponse detachRolePolicy(DetachRolePolicyRequest detachRolePolicyRequest) throws NoSuchEntityException, LimitExceededException, InvalidInputException, UnmodifiableEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DetachRolePolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DetachRolePolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(detachRolePolicyRequest) .withMarshaller(new DetachRolePolicyRequestMarshaller(protocolFactory))); } /** *

* Removes the specified managed policy from the specified user. *

*

* A user can also have inline policies embedded with it. To delete an inline policy, use the * DeleteUserPolicy API. For information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

* * @param detachUserPolicyRequest * @return Result of the DetachUserPolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.DetachUserPolicy * @see AWS API * Documentation */ @Override public DetachUserPolicyResponse detachUserPolicy(DetachUserPolicyRequest detachUserPolicyRequest) throws NoSuchEntityException, LimitExceededException, InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(DetachUserPolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("DetachUserPolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(detachUserPolicyRequest) .withMarshaller(new DetachUserPolicyRequestMarshaller(protocolFactory))); } /** *

* Enables the specified MFA device and associates it with the specified IAM user. When enabled, the MFA device is * required for every subsequent login by the IAM user associated with the device. *

* * @param enableMfaDeviceRequest * @return Result of the EnableMFADevice operation returned by the service. * @throws EntityAlreadyExistsException * The request was rejected because it attempted to create a resource that already exists. * @throws EntityTemporarilyUnmodifiableException * The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user * name that was deleted and then recreated. The error indicates that the request is likely to succeed if * you try again after waiting several minutes. The error message describes the entity. * @throws InvalidAuthenticationCodeException * The request was rejected because the authentication code was not recognized. The error message describes * the specific error. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.EnableMFADevice * @see AWS API * Documentation */ @Override public EnableMfaDeviceResponse enableMFADevice(EnableMfaDeviceRequest enableMfaDeviceRequest) throws EntityAlreadyExistsException, EntityTemporarilyUnmodifiableException, InvalidAuthenticationCodeException, LimitExceededException, NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(EnableMfaDeviceResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("EnableMFADevice").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(enableMfaDeviceRequest) .withMarshaller(new EnableMfaDeviceRequestMarshaller(protocolFactory))); } /** *

* Generates a credential report for the AWS account. For more information about the credential report, see Getting Credential Reports in * the IAM User Guide. *

* * @param generateCredentialReportRequest * @return Result of the GenerateCredentialReport operation returned by the service. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GenerateCredentialReport * @see AWS * API Documentation */ @Override public GenerateCredentialReportResponse generateCredentialReport( GenerateCredentialReportRequest generateCredentialReportRequest) throws LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GenerateCredentialReportResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("GenerateCredentialReport").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(generateCredentialReportRequest) .withMarshaller(new GenerateCredentialReportRequestMarshaller(protocolFactory))); } /** *

* Generates a report for service last accessed data for AWS Organizations. You can generate a report for any * entities (organization root, organizational unit, or account) or policies in your organization. *

*

* To call this operation, you must be signed in using your AWS Organizations master account credentials. You can * use your long-term IAM user or root user credentials, or temporary credentials from assuming an IAM role. SCPs * must be enabled for your organization root. You must have the required IAM and AWS Organizations permissions. For * more information, see Refining Permissions * Using Service Last Accessed Data in the IAM User Guide. *

*

* You can generate a service last accessed data report for entities by specifying only the entity's path. This data * includes a list of services that are allowed by any service control policies (SCPs) that apply to the entity. *

*

* You can generate a service last accessed data report for a policy by specifying an entity's path and an optional * AWS Organizations policy ID. This data includes a list of services that are allowed by the specified SCP. *

*

* For each service in both report types, the data includes the most recent account activity that the policy allows * to account principals in the entity or the entity's children. For important information about the data, reporting * period, permissions required, troubleshooting, and supported Regions see Reducing Permissions * Using Service Last Accessed Data in the IAM User Guide. *

* *

* The data includes all attempts to access AWS, not just the successful ones. This includes all attempts that were * made using the AWS Management Console, the AWS API through any of the SDKs, or any of the command line tools. An * unexpected entry in the service last accessed data does not mean that an account has been compromised, because * the request might have been denied. Refer to your CloudTrail logs as the authoritative source for information * about all API calls and whether they were successful or denied access. For more information, see Logging IAM Events with * CloudTrail in the IAM User Guide. *

*
*

* This operation returns a JobId. Use this parameter in the * GetOrganizationsAccessReport operation to check the status of the report generation. To * check the status of this request, use the JobId parameter in the * GetOrganizationsAccessReport operation and test the JobStatus response * parameter. When the job is complete, you can retrieve the report. *

*

* To generate a service last accessed data report for entities, specify an entity path without specifying the * optional AWS Organizations policy ID. The type of entity that you specify determines the data returned in the * report. *

*
    *
  • *

    * Root – When you specify the organizations root as the entity, the resulting report lists all of the * services allowed by SCPs that are attached to your root. For each service, the report includes data for all * accounts in your organization except the master account, because the master account is not limited by SCPs. *

    *
  • *
  • *

    * OU – When you specify an organizational unit (OU) as the entity, the resulting report lists all of the * services allowed by SCPs that are attached to the OU and its parents. For each service, the report includes data * for all accounts in the OU or its children. This data excludes the master account, because the master account is * not limited by SCPs. *

    *
  • *
  • *

    * Master account – When you specify the master account, the resulting report lists all AWS services, because * the master account is not limited by SCPs. For each service, the report includes data for only the master * account. *

    *
  • *
  • *

    * Account – When you specify another account as the entity, the resulting report lists all of the services * allowed by SCPs that are attached to the account and its parents. For each service, the report includes data for * only the specified account. *

    *
  • *
*

* To generate a service last accessed data report for policies, specify an entity path and the optional AWS * Organizations policy ID. The type of entity that you specify determines the data returned for each service. *

*
    *
  • *

    * Root – When you specify the root entity and a policy ID, the resulting report lists all of the services * that are allowed by the specified SCP. For each service, the report includes data for all accounts in your * organization to which the SCP applies. This data excludes the master account, because the master account is not * limited by SCPs. If the SCP is not attached to any entities in the organization, then the report will return a * list of services with no data. *

    *
  • *
  • *

    * OU – When you specify an OU entity and a policy ID, the resulting report lists all of the services that * are allowed by the specified SCP. For each service, the report includes data for all accounts in the OU or its * children to which the SCP applies. This means that other accounts outside the OU that are affected by the SCP * might not be included in the data. This data excludes the master account, because the master account is not * limited by SCPs. If the SCP is not attached to the OU or one of its children, the report will return a list of * services with no data. *

    *
  • *
  • *

    * Master account – When you specify the master account, the resulting report lists all AWS services, because * the master account is not limited by SCPs. If you specify a policy ID in the CLI or API, the policy is ignored. * For each service, the report includes data for only the master account. *

    *
  • *
  • *

    * Account – When you specify another account entity and a policy ID, the resulting report lists all of the * services that are allowed by the specified SCP. For each service, the report includes data for only the specified * account. This means that other accounts in the organization that are affected by the SCP might not be included in * the data. If the SCP is not attached to the account, the report will return a list of services with no data. *

    *
  • *
* *

* Service last accessed data does not use other policy types when determining whether a principal could access a * service. These other policy types include identity-based policies, resource-based policies, access control lists, * IAM permissions boundaries, and STS assume role policies. It only applies SCP logic. For more about the * evaluation of policy types, see Evaluating Policies in the IAM User Guide. *

*
*

* For more information about service last accessed data, see Reducing Policy Scope * by Viewing User Activity in the IAM User Guide. *

* * @param generateOrganizationsAccessReportRequest * @return Result of the GenerateOrganizationsAccessReport operation returned by the service. * @throws ReportGenerationLimitExceededException * The request failed because the maximum number of concurrent requests for this account are already * running. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GenerateOrganizationsAccessReport * @see AWS API Documentation */ @Override public GenerateOrganizationsAccessReportResponse generateOrganizationsAccessReport( GenerateOrganizationsAccessReportRequest generateOrganizationsAccessReportRequest) throws ReportGenerationLimitExceededException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GenerateOrganizationsAccessReportResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("GenerateOrganizationsAccessReport").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(generateOrganizationsAccessReportRequest) .withMarshaller(new GenerateOrganizationsAccessReportRequestMarshaller(protocolFactory))); } /** *

* Generates a report that includes details about when an IAM resource (user, group, role, or policy) was last used * in an attempt to access AWS services. Recent activity usually appears within four hours. IAM reports activity for * the last 365 days, or less if your Region began supporting this feature within the last year. For more * information, see Regions Where Data Is Tracked. *

* *

* The service last accessed data includes all attempts to access an AWS API, not just the successful ones. This * includes all attempts that were made using the AWS Management Console, the AWS API through any of the SDKs, or * any of the command line tools. An unexpected entry in the service last accessed data does not mean that your * account has been compromised, because the request might have been denied. Refer to your CloudTrail logs as the * authoritative source for information about all API calls and whether they were successful or denied access. For * more information, see Logging IAM Events with * CloudTrail in the IAM User Guide. *

*
*

* The GenerateServiceLastAccessedDetails operation returns a JobId. Use this parameter in * the following operations to retrieve the following details from your report: *

*
    *
  • *

    * GetServiceLastAccessedDetails – Use this operation for users, groups, roles, or policies to list every AWS * service that the resource could access using permissions policies. For each service, the response includes * information about the most recent access attempt. *

    *

    * The JobId returned by GenerateServiceLastAccessedDetail must be used by the same role * within a session, or by the same user when used to call GetServiceLastAccessedDetail. *

    *
  • *
  • *

    * GetServiceLastAccessedDetailsWithEntities – Use this operation for groups and policies to list information * about the associated entities (users or roles) that attempted to access a specific AWS service. *

    *
  • *
*

* To check the status of the GenerateServiceLastAccessedDetails request, use the JobId * parameter in the same operations and test the JobStatus response parameter. *

*

* For additional information about the permissions policies that allow an identity (user, group, or role) to access * specific services, use the ListPoliciesGrantingServiceAccess operation. *

* *

* Service last accessed data does not use other policy types when determining whether a resource could access a * service. These other policy types include resource-based policies, access control lists, AWS Organizations * policies, IAM permissions boundaries, and AWS STS assume role policies. It only applies permissions policy logic. * For more about the evaluation of policy types, see Evaluating Policies in the IAM User Guide. *

*
*

* For more information about service and action last accessed data, see Reducing Permissions * Using Service Last Accessed Data in the IAM User Guide. *

* * @param generateServiceLastAccessedDetailsRequest * @return Result of the GenerateServiceLastAccessedDetails operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GenerateServiceLastAccessedDetails * @see AWS API Documentation */ @Override public GenerateServiceLastAccessedDetailsResponse generateServiceLastAccessedDetails( GenerateServiceLastAccessedDetailsRequest generateServiceLastAccessedDetailsRequest) throws NoSuchEntityException, InvalidInputException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GenerateServiceLastAccessedDetailsResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("GenerateServiceLastAccessedDetails").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(generateServiceLastAccessedDetailsRequest) .withMarshaller(new GenerateServiceLastAccessedDetailsRequestMarshaller(protocolFactory))); } /** *

* Retrieves information about when the specified access key was last used. The information includes the date and * time of last use, along with the AWS service and Region that were specified in the last request made with that * key. *

* * @param getAccessKeyLastUsedRequest * @return Result of the GetAccessKeyLastUsed operation returned by the service. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetAccessKeyLastUsed * @see AWS API * Documentation */ @Override public GetAccessKeyLastUsedResponse getAccessKeyLastUsed(GetAccessKeyLastUsedRequest getAccessKeyLastUsedRequest) throws AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetAccessKeyLastUsedResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("GetAccessKeyLastUsed").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getAccessKeyLastUsedRequest) .withMarshaller(new GetAccessKeyLastUsedRequestMarshaller(protocolFactory))); } /** *

* Retrieves information about all IAM users, groups, roles, and policies in your AWS account, including their * relationships to one another. Use this API to obtain a snapshot of the configuration of IAM permissions (users, * groups, roles, and policies) in your account. *

* *

* Policies returned by this API are URL-encoded compliant with RFC * 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you * use Java, you can use the decode method of the java.net.URLDecoder utility class in the * Java SDK. Other languages and SDKs provide similar functionality. *

*
*

* You can optionally filter the results using the Filter parameter. You can paginate the results using * the MaxItems and Marker parameters. *

* * @param getAccountAuthorizationDetailsRequest * @return Result of the GetAccountAuthorizationDetails operation returned by the service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetAccountAuthorizationDetails * @see AWS API Documentation */ @Override public GetAccountAuthorizationDetailsResponse getAccountAuthorizationDetails( GetAccountAuthorizationDetailsRequest getAccountAuthorizationDetailsRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetAccountAuthorizationDetailsResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("GetAccountAuthorizationDetails").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getAccountAuthorizationDetailsRequest) .withMarshaller(new GetAccountAuthorizationDetailsRequestMarshaller(protocolFactory))); } /** *

* Retrieves information about all IAM users, groups, roles, and policies in your AWS account, including their * relationships to one another. Use this API to obtain a snapshot of the configuration of IAM permissions (users, * groups, roles, and policies) in your account. *

* *

* Policies returned by this API are URL-encoded compliant with RFC * 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you * use Java, you can use the decode method of the java.net.URLDecoder utility class in the * Java SDK. Other languages and SDKs provide similar functionality. *

*
*

* You can optionally filter the results using the Filter parameter. You can paginate the results using * the MaxItems and Marker parameters. *

*
*

* This is a variant of * {@link #getAccountAuthorizationDetails(software.amazon.awssdk.services.iam.model.GetAccountAuthorizationDetailsRequest)} * operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will * internally handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.GetAccountAuthorizationDetailsIterable responses = client.getAccountAuthorizationDetailsPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.GetAccountAuthorizationDetailsIterable responses = client
     *             .getAccountAuthorizationDetailsPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.GetAccountAuthorizationDetailsResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.GetAccountAuthorizationDetailsIterable responses = client.getAccountAuthorizationDetailsPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #getAccountAuthorizationDetails(software.amazon.awssdk.services.iam.model.GetAccountAuthorizationDetailsRequest)} * operation. *

* * @param getAccountAuthorizationDetailsRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetAccountAuthorizationDetails * @see AWS API Documentation */ @Override public GetAccountAuthorizationDetailsIterable getAccountAuthorizationDetailsPaginator( GetAccountAuthorizationDetailsRequest getAccountAuthorizationDetailsRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new GetAccountAuthorizationDetailsIterable(this, applyPaginatorUserAgent(getAccountAuthorizationDetailsRequest)); } /** *

* Retrieves the password policy for the AWS account. For more information about using a password policy, go to Managing an IAM * Password Policy. *

* * @param getAccountPasswordPolicyRequest * @return Result of the GetAccountPasswordPolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetAccountPasswordPolicy * @see AWS * API Documentation */ @Override public GetAccountPasswordPolicyResponse getAccountPasswordPolicy( GetAccountPasswordPolicyRequest getAccountPasswordPolicyRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetAccountPasswordPolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("GetAccountPasswordPolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getAccountPasswordPolicyRequest) .withMarshaller(new GetAccountPasswordPolicyRequestMarshaller(protocolFactory))); } /** *

* Retrieves information about IAM entity usage and IAM quotas in the AWS account. *

*

* For information about limitations on IAM entities, see Limitations on IAM * Entities in the IAM User Guide. *

* * @param getAccountSummaryRequest * @return Result of the GetAccountSummary operation returned by the service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetAccountSummary * @see AWS API * Documentation */ @Override public GetAccountSummaryResponse getAccountSummary(GetAccountSummaryRequest getAccountSummaryRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetAccountSummaryResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("GetAccountSummary").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getAccountSummaryRequest) .withMarshaller(new GetAccountSummaryRequestMarshaller(protocolFactory))); } /** *

* Gets a list of all of the context keys referenced in the input policies. The policies are supplied as a list of * one or more strings. To get the context keys from policies associated with an IAM user, group, or role, use * GetContextKeysForPrincipalPolicy. *

*

* Context keys are variables maintained by AWS and its services that provide details about the context of an API * query request. Context keys can be evaluated by testing against a value specified in an IAM policy. Use * GetContextKeysForCustomPolicy to understand what key names and values you must supply when you call * SimulateCustomPolicy. Note that all parameters are shown in unencoded form here for clarity but must be * URL encoded to be included as a part of a real HTML request. *

* * @param getContextKeysForCustomPolicyRequest * @return Result of the GetContextKeysForCustomPolicy operation returned by the service. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetContextKeysForCustomPolicy * @see AWS API Documentation */ @Override public GetContextKeysForCustomPolicyResponse getContextKeysForCustomPolicy( GetContextKeysForCustomPolicyRequest getContextKeysForCustomPolicyRequest) throws InvalidInputException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetContextKeysForCustomPolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("GetContextKeysForCustomPolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getContextKeysForCustomPolicyRequest) .withMarshaller(new GetContextKeysForCustomPolicyRequestMarshaller(protocolFactory))); } /** *

* Gets a list of all of the context keys referenced in all the IAM policies that are attached to the specified IAM * entity. The entity can be an IAM user, group, or role. If you specify a user, then the request also includes all * of the policies attached to groups that the user is a member of. *

*

* You can optionally include a list of one or more additional policies, specified as strings. If you want to * include only a list of policies by string, use GetContextKeysForCustomPolicy instead. *

*

* Note: This API discloses information about the permissions granted to other users. If you do not want * users to see other user's permissions, then consider allowing them to use GetContextKeysForCustomPolicy * instead. *

*

* Context keys are variables maintained by AWS and its services that provide details about the context of an API * query request. Context keys can be evaluated by testing against a value in an IAM policy. Use * GetContextKeysForPrincipalPolicy to understand what key names and values you must supply when you call * SimulatePrincipalPolicy. *

* * @param getContextKeysForPrincipalPolicyRequest * @return Result of the GetContextKeysForPrincipalPolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetContextKeysForPrincipalPolicy * @see AWS API Documentation */ @Override public GetContextKeysForPrincipalPolicyResponse getContextKeysForPrincipalPolicy( GetContextKeysForPrincipalPolicyRequest getContextKeysForPrincipalPolicyRequest) throws NoSuchEntityException, InvalidInputException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetContextKeysForPrincipalPolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("GetContextKeysForPrincipalPolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getContextKeysForPrincipalPolicyRequest) .withMarshaller(new GetContextKeysForPrincipalPolicyRequestMarshaller(protocolFactory))); } /** *

* Retrieves a credential report for the AWS account. For more information about the credential report, see Getting Credential Reports in * the IAM User Guide. *

* * @param getCredentialReportRequest * @return Result of the GetCredentialReport operation returned by the service. * @throws CredentialReportNotPresentException * The request was rejected because the credential report does not exist. To generate a credential report, * use GenerateCredentialReport. * @throws CredentialReportExpiredException * The request was rejected because the most recent credential report has expired. To generate a new * credential report, use GenerateCredentialReport. For more information about credential report * expiration, see Getting Credential * Reports in the IAM User Guide. * @throws CredentialReportNotReadyException * The request was rejected because the credential report is still being generated. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetCredentialReport * @see AWS API * Documentation */ @Override public GetCredentialReportResponse getCredentialReport(GetCredentialReportRequest getCredentialReportRequest) throws CredentialReportNotPresentException, CredentialReportExpiredException, CredentialReportNotReadyException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetCredentialReportResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("GetCredentialReport").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getCredentialReportRequest) .withMarshaller(new GetCredentialReportRequestMarshaller(protocolFactory))); } /** *

* Returns a list of IAM users that are in the specified IAM group. You can paginate the results using the * MaxItems and Marker parameters. *

* * @param getGroupRequest * @return Result of the GetGroup operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetGroup * @see AWS API * Documentation */ @Override public GetGroupResponse getGroup(GetGroupRequest getGroupRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(GetGroupResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams().withOperationName("GetGroup") .withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler).withInput(getGroupRequest) .withMarshaller(new GetGroupRequestMarshaller(protocolFactory))); } /** *

* Returns a list of IAM users that are in the specified IAM group. You can paginate the results using the * MaxItems and Marker parameters. *

*
*

* This is a variant of {@link #getGroup(software.amazon.awssdk.services.iam.model.GetGroupRequest)} operation. The * return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle * making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.GetGroupIterable responses = client.getGroupPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.GetGroupIterable responses = client.getGroupPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.GetGroupResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.GetGroupIterable responses = client.getGroupPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #getGroup(software.amazon.awssdk.services.iam.model.GetGroupRequest)} operation. *

* * @param getGroupRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetGroup * @see AWS API * Documentation */ @Override public GetGroupIterable getGroupPaginator(GetGroupRequest getGroupRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new GetGroupIterable(this, applyPaginatorUserAgent(getGroupRequest)); } /** *

* Retrieves the specified inline policy document that is embedded in the specified IAM group. *

* *

* Policies returned by this API are URL-encoded compliant with RFC * 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you * use Java, you can use the decode method of the java.net.URLDecoder utility class in the * Java SDK. Other languages and SDKs provide similar functionality. *

*
*

* An IAM group can also have managed policies attached to it. To retrieve a managed policy document that is * attached to a group, use GetPolicy to determine the policy's default version, then use * GetPolicyVersion to retrieve the policy document. *

*

* For more information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

* * @param getGroupPolicyRequest * @return Result of the GetGroupPolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetGroupPolicy * @see AWS API * Documentation */ @Override public GetGroupPolicyResponse getGroupPolicy(GetGroupPolicyRequest getGroupPolicyRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetGroupPolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("GetGroupPolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getGroupPolicyRequest) .withMarshaller(new GetGroupPolicyRequestMarshaller(protocolFactory))); } /** *

* Retrieves information about the specified instance profile, including the instance profile's path, GUID, ARN, and * role. For more information about instance profiles, see About Instance Profiles in * the IAM User Guide. *

* * @param getInstanceProfileRequest * @return Result of the GetInstanceProfile operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetInstanceProfile * @see AWS API * Documentation */ @Override public GetInstanceProfileResponse getInstanceProfile(GetInstanceProfileRequest getInstanceProfileRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetInstanceProfileResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("GetInstanceProfile").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getInstanceProfileRequest) .withMarshaller(new GetInstanceProfileRequestMarshaller(protocolFactory))); } /** *

* Retrieves the user name and password-creation date for the specified IAM user. If the user has not been assigned * a password, the operation returns a 404 (NoSuchEntity) error. *

* * @param getLoginProfileRequest * @return Result of the GetLoginProfile operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetLoginProfile * @see AWS API * Documentation */ @Override public GetLoginProfileResponse getLoginProfile(GetLoginProfileRequest getLoginProfileRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetLoginProfileResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("GetLoginProfile").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getLoginProfileRequest) .withMarshaller(new GetLoginProfileRequestMarshaller(protocolFactory))); } /** *

* Returns information about the specified OpenID Connect (OIDC) provider resource object in IAM. *

* * @param getOpenIdConnectProviderRequest * @return Result of the GetOpenIDConnectProvider operation returned by the service. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetOpenIDConnectProvider * @see AWS * API Documentation */ @Override public GetOpenIdConnectProviderResponse getOpenIDConnectProvider( GetOpenIdConnectProviderRequest getOpenIdConnectProviderRequest) throws InvalidInputException, NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetOpenIdConnectProviderResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("GetOpenIDConnectProvider").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getOpenIdConnectProviderRequest) .withMarshaller(new GetOpenIdConnectProviderRequestMarshaller(protocolFactory))); } /** *

* Retrieves the service last accessed data report for AWS Organizations that was previously generated using the * GenerateOrganizationsAccessReport operation. This operation retrieves the status of your * report job and the report contents. *

*

* Depending on the parameters that you passed when you generated the report, the data returned could include * different information. For details, see GenerateOrganizationsAccessReport. *

*

* To call this operation, you must be signed in to the master account in your organization. SCPs must be enabled * for your organization root. You must have permissions to perform this operation. For more information, see Refining Permissions * Using Service Last Accessed Data in the IAM User Guide. *

*

* For each service that principals in an account (root users, IAM users, or IAM roles) could access using SCPs, the * operation returns details about the most recent access attempt. If there was no attempt, the service is listed * without details about the most recent attempt to access the service. If the operation fails, it returns the * reason that it failed. *

*

* By default, the list is sorted by service namespace. *

* * @param getOrganizationsAccessReportRequest * @return Result of the GetOrganizationsAccessReport operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetOrganizationsAccessReport * @see AWS API Documentation */ @Override public GetOrganizationsAccessReportResponse getOrganizationsAccessReport( GetOrganizationsAccessReportRequest getOrganizationsAccessReportRequest) throws NoSuchEntityException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetOrganizationsAccessReportResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("GetOrganizationsAccessReport").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getOrganizationsAccessReportRequest) .withMarshaller(new GetOrganizationsAccessReportRequestMarshaller(protocolFactory))); } /** *

* Retrieves information about the specified managed policy, including the policy's default version and the total * number of IAM users, groups, and roles to which the policy is attached. To retrieve the list of the specific * users, groups, and roles that the policy is attached to, use the ListEntitiesForPolicy API. This API * returns metadata about the policy. To retrieve the actual policy document for a specific version of the policy, * use GetPolicyVersion. *

*

* This API retrieves information about managed policies. To retrieve information about an inline policy that is * embedded with an IAM user, group, or role, use the GetUserPolicy, GetGroupPolicy, or * GetRolePolicy API. *

*

* For more information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

* * @param getPolicyRequest * @return Result of the GetPolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetPolicy * @see AWS API * Documentation */ @Override public GetPolicyResponse getPolicy(GetPolicyRequest getPolicyRequest) throws NoSuchEntityException, InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetPolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("GetPolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getPolicyRequest) .withMarshaller(new GetPolicyRequestMarshaller(protocolFactory))); } /** *

* Retrieves information about the specified version of the specified managed policy, including the policy document. *

* *

* Policies returned by this API are URL-encoded compliant with RFC * 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you * use Java, you can use the decode method of the java.net.URLDecoder utility class in the * Java SDK. Other languages and SDKs provide similar functionality. *

*
*

* To list the available versions for a policy, use ListPolicyVersions. *

*

* This API retrieves information about managed policies. To retrieve information about an inline policy that is * embedded in a user, group, or role, use the GetUserPolicy, GetGroupPolicy, or GetRolePolicy * API. *

*

* For more information about the types of policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

*

* For more information about managed policy versions, see Versioning for Managed * Policies in the IAM User Guide. *

* * @param getPolicyVersionRequest * @return Result of the GetPolicyVersion operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetPolicyVersion * @see AWS API * Documentation */ @Override public GetPolicyVersionResponse getPolicyVersion(GetPolicyVersionRequest getPolicyVersionRequest) throws NoSuchEntityException, InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetPolicyVersionResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("GetPolicyVersion").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getPolicyVersionRequest) .withMarshaller(new GetPolicyVersionRequestMarshaller(protocolFactory))); } /** *

* Retrieves information about the specified role, including the role's path, GUID, ARN, and the role's trust policy * that grants permission to assume the role. For more information about roles, see Working with Roles. *

* *

* Policies returned by this API are URL-encoded compliant with RFC * 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you * use Java, you can use the decode method of the java.net.URLDecoder utility class in the * Java SDK. Other languages and SDKs provide similar functionality. *

*
* * @param getRoleRequest * @return Result of the GetRole operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetRole * @see AWS API * Documentation */ @Override public GetRoleResponse getRole(GetRoleRequest getRoleRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(GetRoleResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams().withOperationName("GetRole") .withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler).withInput(getRoleRequest) .withMarshaller(new GetRoleRequestMarshaller(protocolFactory))); } /** *

* Retrieves the specified inline policy document that is embedded with the specified IAM role. *

* *

* Policies returned by this API are URL-encoded compliant with RFC * 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you * use Java, you can use the decode method of the java.net.URLDecoder utility class in the * Java SDK. Other languages and SDKs provide similar functionality. *

*
*

* An IAM role can also have managed policies attached to it. To retrieve a managed policy document that is attached * to a role, use GetPolicy to determine the policy's default version, then use GetPolicyVersion to * retrieve the policy document. *

*

* For more information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

*

* For more information about roles, see Using Roles to Delegate Permissions * and Federate Identities. *

* * @param getRolePolicyRequest * @return Result of the GetRolePolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetRolePolicy * @see AWS API * Documentation */ @Override public GetRolePolicyResponse getRolePolicy(GetRolePolicyRequest getRolePolicyRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetRolePolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("GetRolePolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getRolePolicyRequest) .withMarshaller(new GetRolePolicyRequestMarshaller(protocolFactory))); } /** *

* Returns the SAML provider metadocument that was uploaded when the IAM SAML provider resource object was created * or updated. *

* *

* This operation requires Signature Version 4. *

*
* * @param getSamlProviderRequest * @return Result of the GetSAMLProvider operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetSAMLProvider * @see AWS API * Documentation */ @Override public GetSamlProviderResponse getSAMLProvider(GetSamlProviderRequest getSamlProviderRequest) throws NoSuchEntityException, InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetSamlProviderResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("GetSAMLProvider").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getSamlProviderRequest) .withMarshaller(new GetSamlProviderRequestMarshaller(protocolFactory))); } /** *

* Retrieves the specified SSH public key, including metadata about the key. *

*

* The SSH public key retrieved by this operation is used only for authenticating the associated IAM user to an AWS * CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, * see Set up AWS * CodeCommit for SSH Connections in the AWS CodeCommit User Guide. *

* * @param getSshPublicKeyRequest * @return Result of the GetSSHPublicKey operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws UnrecognizedPublicKeyEncodingException * The request was rejected because the public key encoding format is unsupported or unrecognized. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetSSHPublicKey * @see AWS API * Documentation */ @Override public GetSshPublicKeyResponse getSSHPublicKey(GetSshPublicKeyRequest getSshPublicKeyRequest) throws NoSuchEntityException, UnrecognizedPublicKeyEncodingException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetSshPublicKeyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("GetSSHPublicKey").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getSshPublicKeyRequest) .withMarshaller(new GetSshPublicKeyRequestMarshaller(protocolFactory))); } /** *

* Retrieves information about the specified server certificate stored in IAM. *

*

* For more information about working with server certificates, see Working with Server * Certificates in the IAM User Guide. This topic includes a list of AWS services that can use the server * certificates that you manage with IAM. *

* * @param getServerCertificateRequest * @return Result of the GetServerCertificate operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetServerCertificate * @see AWS API * Documentation */ @Override public GetServerCertificateResponse getServerCertificate(GetServerCertificateRequest getServerCertificateRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetServerCertificateResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("GetServerCertificate").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getServerCertificateRequest) .withMarshaller(new GetServerCertificateRequestMarshaller(protocolFactory))); } /** *

* Retrieves a service last accessed report that was created using the * GenerateServiceLastAccessedDetails operation. You can use the JobId parameter in * GetServiceLastAccessedDetails to retrieve the status of your report job. When the report is * complete, you can retrieve the generated report. The report includes a list of AWS services that the resource * (user, group, role, or managed policy) can access. *

* *

* Service last accessed data does not use other policy types when determining whether a resource could access a * service. These other policy types include resource-based policies, access control lists, AWS Organizations * policies, IAM permissions boundaries, and AWS STS assume role policies. It only applies permissions policy logic. * For more about the evaluation of policy types, see Evaluating Policies in the IAM User Guide. *

*
*

* For each service that the resource could access using permissions policies, the operation returns details about * the most recent access attempt. If there was no attempt, the service is listed without details about the most * recent attempt to access the service. If the operation fails, the GetServiceLastAccessedDetails * operation returns the reason that it failed. *

*

* The GetServiceLastAccessedDetails operation returns a list of services. This list includes the * number of entities that have attempted to access the service and the date and time of the last attempt. It also * returns the ARN of the following entity, depending on the resource ARN that you used to generate the report: *

*
    *
  • *

    * User – Returns the user ARN that you used to generate the report *

    *
  • *
  • *

    * Group – Returns the ARN of the group member (user) that last attempted to access the service *

    *
  • *
  • *

    * Role – Returns the role ARN that you used to generate the report *

    *
  • *
  • *

    * Policy – Returns the ARN of the user or role that last used the policy to attempt to access the service *

    *
  • *
*

* By default, the list is sorted by service namespace. *

*

* If you specified ACTION_LEVEL granularity when you generated the report, this operation returns * service and action last accessed data. This includes the most recent access attempt for each tracked action * within a service. Otherwise, this operation returns only service data. *

*

* For more information about service and action last accessed data, see Reducing Permissions * Using Service Last Accessed Data in the IAM User Guide. *

* * @param getServiceLastAccessedDetailsRequest * @return Result of the GetServiceLastAccessedDetails operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetServiceLastAccessedDetails * @see AWS API Documentation */ @Override public GetServiceLastAccessedDetailsResponse getServiceLastAccessedDetails( GetServiceLastAccessedDetailsRequest getServiceLastAccessedDetailsRequest) throws NoSuchEntityException, InvalidInputException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetServiceLastAccessedDetailsResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("GetServiceLastAccessedDetails").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getServiceLastAccessedDetailsRequest) .withMarshaller(new GetServiceLastAccessedDetailsRequestMarshaller(protocolFactory))); } /** *

* After you generate a group or policy report using the GenerateServiceLastAccessedDetails operation, * you can use the JobId parameter in GetServiceLastAccessedDetailsWithEntities. This * operation retrieves the status of your report job and a list of entities that could have used group or policy * permissions to access the specified service. *

*
    *
  • *

    * Group – For a group report, this operation returns a list of users in the group that could have used the * group’s policies in an attempt to access the service. *

    *
  • *
  • *

    * Policy – For a policy report, this operation returns a list of entities (users or roles) that could have * used the policy in an attempt to access the service. *

    *
  • *
*

* You can also use this operation for user or role reports to retrieve details about those entities. *

*

* If the operation fails, the GetServiceLastAccessedDetailsWithEntities operation returns the reason * that it failed. *

*

* By default, the list of associated entities is sorted by date, with the most recent access listed first. *

* * @param getServiceLastAccessedDetailsWithEntitiesRequest * @return Result of the GetServiceLastAccessedDetailsWithEntities operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetServiceLastAccessedDetailsWithEntities * @see AWS API Documentation */ @Override public GetServiceLastAccessedDetailsWithEntitiesResponse getServiceLastAccessedDetailsWithEntities( GetServiceLastAccessedDetailsWithEntitiesRequest getServiceLastAccessedDetailsWithEntitiesRequest) throws NoSuchEntityException, InvalidInputException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetServiceLastAccessedDetailsWithEntitiesResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("GetServiceLastAccessedDetailsWithEntities").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler) .withInput(getServiceLastAccessedDetailsWithEntitiesRequest) .withMarshaller(new GetServiceLastAccessedDetailsWithEntitiesRequestMarshaller(protocolFactory))); } /** *

* Retrieves the status of your service-linked role deletion. After you use the DeleteServiceLinkedRole API * operation to submit a service-linked role for deletion, you can use the DeletionTaskId parameter in * GetServiceLinkedRoleDeletionStatus to check the status of the deletion. If the deletion fails, this * operation returns the reason that it failed, if that information is returned by the service. *

* * @param getServiceLinkedRoleDeletionStatusRequest * @return Result of the GetServiceLinkedRoleDeletionStatus operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetServiceLinkedRoleDeletionStatus * @see AWS API Documentation */ @Override public GetServiceLinkedRoleDeletionStatusResponse getServiceLinkedRoleDeletionStatus( GetServiceLinkedRoleDeletionStatusRequest getServiceLinkedRoleDeletionStatusRequest) throws NoSuchEntityException, InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetServiceLinkedRoleDeletionStatusResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("GetServiceLinkedRoleDeletionStatus").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getServiceLinkedRoleDeletionStatusRequest) .withMarshaller(new GetServiceLinkedRoleDeletionStatusRequestMarshaller(protocolFactory))); } /** *

* Retrieves information about the specified IAM user, including the user's creation date, path, unique ID, and ARN. *

*

* If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID used to * sign the request to this API. *

* * @param getUserRequest * @return Result of the GetUser operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetUser * @see AWS API * Documentation */ @Override public GetUserResponse getUser(GetUserRequest getUserRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(GetUserResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams().withOperationName("GetUser") .withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler).withInput(getUserRequest) .withMarshaller(new GetUserRequestMarshaller(protocolFactory))); } /** *

* Retrieves the specified inline policy document that is embedded in the specified IAM user. *

* *

* Policies returned by this API are URL-encoded compliant with RFC * 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you * use Java, you can use the decode method of the java.net.URLDecoder utility class in the * Java SDK. Other languages and SDKs provide similar functionality. *

*
*

* An IAM user can also have managed policies attached to it. To retrieve a managed policy document that is attached * to a user, use GetPolicy to determine the policy's default version. Then use GetPolicyVersion to * retrieve the policy document. *

*

* For more information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

* * @param getUserPolicyRequest * @return Result of the GetUserPolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.GetUserPolicy * @see AWS API * Documentation */ @Override public GetUserPolicyResponse getUserPolicy(GetUserPolicyRequest getUserPolicyRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(GetUserPolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("GetUserPolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(getUserPolicyRequest) .withMarshaller(new GetUserPolicyRequestMarshaller(protocolFactory))); } /** *

* Returns information about the access key IDs associated with the specified IAM user. If there is none, the * operation returns an empty list. *

*

* Although each user is limited to a small number of keys, you can still paginate the results using the * MaxItems and Marker parameters. *

*

* If the UserName field is not specified, the user name is determined implicitly based on the AWS * access key ID used to sign the request. This operation works for access keys under the AWS account. Consequently, * you can use this operation to manage AWS account root user credentials even if the AWS account has no associated * users. *

* *

* To ensure the security of your AWS account, the secret access key is accessible only during key and user * creation. *

*
* * @param listAccessKeysRequest * @return Result of the ListAccessKeys operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListAccessKeys * @see AWS API * Documentation */ @Override public ListAccessKeysResponse listAccessKeys(ListAccessKeysRequest listAccessKeysRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListAccessKeysResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListAccessKeys").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listAccessKeysRequest) .withMarshaller(new ListAccessKeysRequestMarshaller(protocolFactory))); } /** *

* Returns information about the access key IDs associated with the specified IAM user. If there is none, the * operation returns an empty list. *

*

* Although each user is limited to a small number of keys, you can still paginate the results using the * MaxItems and Marker parameters. *

*

* If the UserName field is not specified, the user name is determined implicitly based on the AWS * access key ID used to sign the request. This operation works for access keys under the AWS account. Consequently, * you can use this operation to manage AWS account root user credentials even if the AWS account has no associated * users. *

* *

* To ensure the security of your AWS account, the secret access key is accessible only during key and user * creation. *

*

*

* This is a variant of {@link #listAccessKeys(software.amazon.awssdk.services.iam.model.ListAccessKeysRequest)} * operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will * internally handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListAccessKeysIterable responses = client.listAccessKeysPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListAccessKeysIterable responses = client.listAccessKeysPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListAccessKeysResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListAccessKeysIterable responses = client.listAccessKeysPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listAccessKeys(software.amazon.awssdk.services.iam.model.ListAccessKeysRequest)} operation. *

* * @param listAccessKeysRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListAccessKeys * @see AWS API * Documentation */ @Override public ListAccessKeysIterable listAccessKeysPaginator(ListAccessKeysRequest listAccessKeysRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListAccessKeysIterable(this, applyPaginatorUserAgent(listAccessKeysRequest)); } /** *

* Lists the account alias associated with the AWS account (Note: you can have only one). For information about * using an AWS account alias, see Using an Alias for Your AWS Account * ID in the IAM User Guide. *

* * @param listAccountAliasesRequest * @return Result of the ListAccountAliases operation returned by the service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListAccountAliases * @see AWS API * Documentation */ @Override public ListAccountAliasesResponse listAccountAliases(ListAccountAliasesRequest listAccountAliasesRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListAccountAliasesResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListAccountAliases").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listAccountAliasesRequest) .withMarshaller(new ListAccountAliasesRequestMarshaller(protocolFactory))); } /** *

* Lists the account alias associated with the AWS account (Note: you can have only one). For information about * using an AWS account alias, see Using an Alias for Your AWS Account * ID in the IAM User Guide. *

*
*

* This is a variant of * {@link #listAccountAliases(software.amazon.awssdk.services.iam.model.ListAccountAliasesRequest)} operation. The * return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle * making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListAccountAliasesIterable responses = client.listAccountAliasesPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListAccountAliasesIterable responses = client
     *             .listAccountAliasesPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListAccountAliasesResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListAccountAliasesIterable responses = client.listAccountAliasesPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listAccountAliases(software.amazon.awssdk.services.iam.model.ListAccountAliasesRequest)} operation. *

* * @param listAccountAliasesRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListAccountAliases * @see AWS API * Documentation */ @Override public ListAccountAliasesIterable listAccountAliasesPaginator(ListAccountAliasesRequest listAccountAliasesRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListAccountAliasesIterable(this, applyPaginatorUserAgent(listAccountAliasesRequest)); } /** *

* Lists all managed policies that are attached to the specified IAM group. *

*

* An IAM group can also have inline policies embedded with it. To list the inline policies for a group, use the * ListGroupPolicies API. For information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

*

* You can paginate the results using the MaxItems and Marker parameters. You can use the * PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. * If there are no policies attached to the specified group (or none that match the specified path prefix), the * operation returns an empty list. *

* * @param listAttachedGroupPoliciesRequest * @return Result of the ListAttachedGroupPolicies operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListAttachedGroupPolicies * @see AWS * API Documentation */ @Override public ListAttachedGroupPoliciesResponse listAttachedGroupPolicies( ListAttachedGroupPoliciesRequest listAttachedGroupPoliciesRequest) throws NoSuchEntityException, InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListAttachedGroupPoliciesResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("ListAttachedGroupPolicies").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listAttachedGroupPoliciesRequest) .withMarshaller(new ListAttachedGroupPoliciesRequestMarshaller(protocolFactory))); } /** *

* Lists all managed policies that are attached to the specified IAM group. *

*

* An IAM group can also have inline policies embedded with it. To list the inline policies for a group, use the * ListGroupPolicies API. For information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

*

* You can paginate the results using the MaxItems and Marker parameters. You can use the * PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. * If there are no policies attached to the specified group (or none that match the specified path prefix), the * operation returns an empty list. *

*
*

* This is a variant of * {@link #listAttachedGroupPolicies(software.amazon.awssdk.services.iam.model.ListAttachedGroupPoliciesRequest)} * operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will * internally handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListAttachedGroupPoliciesIterable responses = client.listAttachedGroupPoliciesPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListAttachedGroupPoliciesIterable responses = client
     *             .listAttachedGroupPoliciesPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListAttachedGroupPoliciesResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListAttachedGroupPoliciesIterable responses = client.listAttachedGroupPoliciesPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listAttachedGroupPolicies(software.amazon.awssdk.services.iam.model.ListAttachedGroupPoliciesRequest)} * operation. *

* * @param listAttachedGroupPoliciesRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListAttachedGroupPolicies * @see AWS * API Documentation */ @Override public ListAttachedGroupPoliciesIterable listAttachedGroupPoliciesPaginator( ListAttachedGroupPoliciesRequest listAttachedGroupPoliciesRequest) throws NoSuchEntityException, InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListAttachedGroupPoliciesIterable(this, applyPaginatorUserAgent(listAttachedGroupPoliciesRequest)); } /** *

* Lists all managed policies that are attached to the specified IAM role. *

*

* An IAM role can also have inline policies embedded with it. To list the inline policies for a role, use the * ListRolePolicies API. For information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

*

* You can paginate the results using the MaxItems and Marker parameters. You can use the * PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. * If there are no policies attached to the specified role (or none that match the specified path prefix), the * operation returns an empty list. *

* * @param listAttachedRolePoliciesRequest * @return Result of the ListAttachedRolePolicies operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListAttachedRolePolicies * @see AWS * API Documentation */ @Override public ListAttachedRolePoliciesResponse listAttachedRolePolicies( ListAttachedRolePoliciesRequest listAttachedRolePoliciesRequest) throws NoSuchEntityException, InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListAttachedRolePoliciesResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("ListAttachedRolePolicies").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listAttachedRolePoliciesRequest) .withMarshaller(new ListAttachedRolePoliciesRequestMarshaller(protocolFactory))); } /** *

* Lists all managed policies that are attached to the specified IAM role. *

*

* An IAM role can also have inline policies embedded with it. To list the inline policies for a role, use the * ListRolePolicies API. For information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

*

* You can paginate the results using the MaxItems and Marker parameters. You can use the * PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. * If there are no policies attached to the specified role (or none that match the specified path prefix), the * operation returns an empty list. *

*
*

* This is a variant of * {@link #listAttachedRolePolicies(software.amazon.awssdk.services.iam.model.ListAttachedRolePoliciesRequest)} * operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will * internally handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListAttachedRolePoliciesIterable responses = client.listAttachedRolePoliciesPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListAttachedRolePoliciesIterable responses = client
     *             .listAttachedRolePoliciesPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListAttachedRolePoliciesResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListAttachedRolePoliciesIterable responses = client.listAttachedRolePoliciesPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listAttachedRolePolicies(software.amazon.awssdk.services.iam.model.ListAttachedRolePoliciesRequest)} * operation. *

* * @param listAttachedRolePoliciesRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListAttachedRolePolicies * @see AWS * API Documentation */ @Override public ListAttachedRolePoliciesIterable listAttachedRolePoliciesPaginator( ListAttachedRolePoliciesRequest listAttachedRolePoliciesRequest) throws NoSuchEntityException, InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListAttachedRolePoliciesIterable(this, applyPaginatorUserAgent(listAttachedRolePoliciesRequest)); } /** *

* Lists all managed policies that are attached to the specified IAM user. *

*

* An IAM user can also have inline policies embedded with it. To list the inline policies for a user, use the * ListUserPolicies API. For information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

*

* You can paginate the results using the MaxItems and Marker parameters. You can use the * PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. * If there are no policies attached to the specified group (or none that match the specified path prefix), the * operation returns an empty list. *

* * @param listAttachedUserPoliciesRequest * @return Result of the ListAttachedUserPolicies operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListAttachedUserPolicies * @see AWS * API Documentation */ @Override public ListAttachedUserPoliciesResponse listAttachedUserPolicies( ListAttachedUserPoliciesRequest listAttachedUserPoliciesRequest) throws NoSuchEntityException, InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListAttachedUserPoliciesResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("ListAttachedUserPolicies").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listAttachedUserPoliciesRequest) .withMarshaller(new ListAttachedUserPoliciesRequestMarshaller(protocolFactory))); } /** *

* Lists all managed policies that are attached to the specified IAM user. *

*

* An IAM user can also have inline policies embedded with it. To list the inline policies for a user, use the * ListUserPolicies API. For information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

*

* You can paginate the results using the MaxItems and Marker parameters. You can use the * PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. * If there are no policies attached to the specified group (or none that match the specified path prefix), the * operation returns an empty list. *

*
*

* This is a variant of * {@link #listAttachedUserPolicies(software.amazon.awssdk.services.iam.model.ListAttachedUserPoliciesRequest)} * operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will * internally handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListAttachedUserPoliciesIterable responses = client.listAttachedUserPoliciesPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListAttachedUserPoliciesIterable responses = client
     *             .listAttachedUserPoliciesPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListAttachedUserPoliciesResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListAttachedUserPoliciesIterable responses = client.listAttachedUserPoliciesPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listAttachedUserPolicies(software.amazon.awssdk.services.iam.model.ListAttachedUserPoliciesRequest)} * operation. *

* * @param listAttachedUserPoliciesRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListAttachedUserPolicies * @see AWS * API Documentation */ @Override public ListAttachedUserPoliciesIterable listAttachedUserPoliciesPaginator( ListAttachedUserPoliciesRequest listAttachedUserPoliciesRequest) throws NoSuchEntityException, InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListAttachedUserPoliciesIterable(this, applyPaginatorUserAgent(listAttachedUserPoliciesRequest)); } /** *

* Lists all IAM users, groups, and roles that the specified managed policy is attached to. *

*

* You can use the optional EntityFilter parameter to limit the results to a particular type of entity * (users, groups, or roles). For example, to list only the roles that are attached to the specified policy, set * EntityFilter to Role. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

* * @param listEntitiesForPolicyRequest * @return Result of the ListEntitiesForPolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListEntitiesForPolicy * @see AWS API * Documentation */ @Override public ListEntitiesForPolicyResponse listEntitiesForPolicy(ListEntitiesForPolicyRequest listEntitiesForPolicyRequest) throws NoSuchEntityException, InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListEntitiesForPolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListEntitiesForPolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listEntitiesForPolicyRequest) .withMarshaller(new ListEntitiesForPolicyRequestMarshaller(protocolFactory))); } /** *

* Lists all IAM users, groups, and roles that the specified managed policy is attached to. *

*

* You can use the optional EntityFilter parameter to limit the results to a particular type of entity * (users, groups, or roles). For example, to list only the roles that are attached to the specified policy, set * EntityFilter to Role. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

*
*

* This is a variant of * {@link #listEntitiesForPolicy(software.amazon.awssdk.services.iam.model.ListEntitiesForPolicyRequest)} operation. * The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally * handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListEntitiesForPolicyIterable responses = client.listEntitiesForPolicyPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListEntitiesForPolicyIterable responses = client
     *             .listEntitiesForPolicyPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListEntitiesForPolicyResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListEntitiesForPolicyIterable responses = client.listEntitiesForPolicyPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listEntitiesForPolicy(software.amazon.awssdk.services.iam.model.ListEntitiesForPolicyRequest)} * operation. *

* * @param listEntitiesForPolicyRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListEntitiesForPolicy * @see AWS API * Documentation */ @Override public ListEntitiesForPolicyIterable listEntitiesForPolicyPaginator(ListEntitiesForPolicyRequest listEntitiesForPolicyRequest) throws NoSuchEntityException, InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListEntitiesForPolicyIterable(this, applyPaginatorUserAgent(listEntitiesForPolicyRequest)); } /** *

* Lists the names of the inline policies that are embedded in the specified IAM group. *

*

* An IAM group can also have managed policies attached to it. To list the managed policies that are attached to a * group, use ListAttachedGroupPolicies. For more information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

*

* You can paginate the results using the MaxItems and Marker parameters. If there are no * inline policies embedded with the specified group, the operation returns an empty list. *

* * @param listGroupPoliciesRequest * @return Result of the ListGroupPolicies operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListGroupPolicies * @see AWS API * Documentation */ @Override public ListGroupPoliciesResponse listGroupPolicies(ListGroupPoliciesRequest listGroupPoliciesRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListGroupPoliciesResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListGroupPolicies").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listGroupPoliciesRequest) .withMarshaller(new ListGroupPoliciesRequestMarshaller(protocolFactory))); } /** *

* Lists the names of the inline policies that are embedded in the specified IAM group. *

*

* An IAM group can also have managed policies attached to it. To list the managed policies that are attached to a * group, use ListAttachedGroupPolicies. For more information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

*

* You can paginate the results using the MaxItems and Marker parameters. If there are no * inline policies embedded with the specified group, the operation returns an empty list. *

*
*

* This is a variant of * {@link #listGroupPolicies(software.amazon.awssdk.services.iam.model.ListGroupPoliciesRequest)} operation. The * return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle * making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListGroupPoliciesIterable responses = client.listGroupPoliciesPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListGroupPoliciesIterable responses = client
     *             .listGroupPoliciesPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListGroupPoliciesResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListGroupPoliciesIterable responses = client.listGroupPoliciesPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listGroupPolicies(software.amazon.awssdk.services.iam.model.ListGroupPoliciesRequest)} operation. *

* * @param listGroupPoliciesRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListGroupPolicies * @see AWS API * Documentation */ @Override public ListGroupPoliciesIterable listGroupPoliciesPaginator(ListGroupPoliciesRequest listGroupPoliciesRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListGroupPoliciesIterable(this, applyPaginatorUserAgent(listGroupPoliciesRequest)); } /** *

* Lists the IAM groups that have the specified path prefix. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

* * @param listGroupsRequest * @return Result of the ListGroups operation returned by the service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListGroups * @see AWS API * Documentation */ @Override public ListGroupsResponse listGroups(ListGroupsRequest listGroupsRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListGroupsResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListGroups").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listGroupsRequest) .withMarshaller(new ListGroupsRequestMarshaller(protocolFactory))); } /** *

* Lists the IAM groups that have the specified path prefix. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

*
*

* This is a variant of {@link #listGroups(software.amazon.awssdk.services.iam.model.ListGroupsRequest)} operation. * The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally * handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListGroupsIterable responses = client.listGroupsPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListGroupsIterable responses = client.listGroupsPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListGroupsResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListGroupsIterable responses = client.listGroupsPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listGroups(software.amazon.awssdk.services.iam.model.ListGroupsRequest)} operation. *

* * @param listGroupsRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListGroups * @see AWS API * Documentation */ @Override public ListGroupsIterable listGroupsPaginator(ListGroupsRequest listGroupsRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListGroupsIterable(this, applyPaginatorUserAgent(listGroupsRequest)); } /** *

* Lists the IAM groups that the specified IAM user belongs to. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

* * @param listGroupsForUserRequest * @return Result of the ListGroupsForUser operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListGroupsForUser * @see AWS API * Documentation */ @Override public ListGroupsForUserResponse listGroupsForUser(ListGroupsForUserRequest listGroupsForUserRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListGroupsForUserResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListGroupsForUser").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listGroupsForUserRequest) .withMarshaller(new ListGroupsForUserRequestMarshaller(protocolFactory))); } /** *

* Lists the IAM groups that the specified IAM user belongs to. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

*
*

* This is a variant of * {@link #listGroupsForUser(software.amazon.awssdk.services.iam.model.ListGroupsForUserRequest)} operation. The * return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle * making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListGroupsForUserIterable responses = client.listGroupsForUserPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListGroupsForUserIterable responses = client
     *             .listGroupsForUserPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListGroupsForUserResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListGroupsForUserIterable responses = client.listGroupsForUserPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listGroupsForUser(software.amazon.awssdk.services.iam.model.ListGroupsForUserRequest)} operation. *

* * @param listGroupsForUserRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListGroupsForUser * @see AWS API * Documentation */ @Override public ListGroupsForUserIterable listGroupsForUserPaginator(ListGroupsForUserRequest listGroupsForUserRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListGroupsForUserIterable(this, applyPaginatorUserAgent(listGroupsForUserRequest)); } /** *

* Lists the instance profiles that have the specified path prefix. If there are none, the operation returns an * empty list. For more information about instance profiles, go to About Instance Profiles. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

* * @param listInstanceProfilesRequest * @return Result of the ListInstanceProfiles operation returned by the service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListInstanceProfiles * @see AWS API * Documentation */ @Override public ListInstanceProfilesResponse listInstanceProfiles(ListInstanceProfilesRequest listInstanceProfilesRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListInstanceProfilesResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListInstanceProfiles").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listInstanceProfilesRequest) .withMarshaller(new ListInstanceProfilesRequestMarshaller(protocolFactory))); } /** *

* Lists the instance profiles that have the specified path prefix. If there are none, the operation returns an * empty list. For more information about instance profiles, go to About Instance Profiles. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

*
*

* This is a variant of * {@link #listInstanceProfiles(software.amazon.awssdk.services.iam.model.ListInstanceProfilesRequest)} operation. * The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally * handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListInstanceProfilesIterable responses = client.listInstanceProfilesPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListInstanceProfilesIterable responses = client
     *             .listInstanceProfilesPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListInstanceProfilesResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListInstanceProfilesIterable responses = client.listInstanceProfilesPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listInstanceProfiles(software.amazon.awssdk.services.iam.model.ListInstanceProfilesRequest)} * operation. *

* * @param listInstanceProfilesRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListInstanceProfiles * @see AWS API * Documentation */ @Override public ListInstanceProfilesIterable listInstanceProfilesPaginator(ListInstanceProfilesRequest listInstanceProfilesRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListInstanceProfilesIterable(this, applyPaginatorUserAgent(listInstanceProfilesRequest)); } /** *

* Lists the instance profiles that have the specified associated IAM role. If there are none, the operation returns * an empty list. For more information about instance profiles, go to About Instance Profiles. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

* * @param listInstanceProfilesForRoleRequest * @return Result of the ListInstanceProfilesForRole operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListInstanceProfilesForRole * @see AWS API Documentation */ @Override public ListInstanceProfilesForRoleResponse listInstanceProfilesForRole( ListInstanceProfilesForRoleRequest listInstanceProfilesForRoleRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListInstanceProfilesForRoleResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("ListInstanceProfilesForRole").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listInstanceProfilesForRoleRequest) .withMarshaller(new ListInstanceProfilesForRoleRequestMarshaller(protocolFactory))); } /** *

* Lists the instance profiles that have the specified associated IAM role. If there are none, the operation returns * an empty list. For more information about instance profiles, go to About Instance Profiles. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

*
*

* This is a variant of * {@link #listInstanceProfilesForRole(software.amazon.awssdk.services.iam.model.ListInstanceProfilesForRoleRequest)} * operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will * internally handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListInstanceProfilesForRoleIterable responses = client.listInstanceProfilesForRolePaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListInstanceProfilesForRoleIterable responses = client
     *             .listInstanceProfilesForRolePaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListInstanceProfilesForRoleResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListInstanceProfilesForRoleIterable responses = client.listInstanceProfilesForRolePaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listInstanceProfilesForRole(software.amazon.awssdk.services.iam.model.ListInstanceProfilesForRoleRequest)} * operation. *

* * @param listInstanceProfilesForRoleRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListInstanceProfilesForRole * @see AWS API Documentation */ @Override public ListInstanceProfilesForRoleIterable listInstanceProfilesForRolePaginator( ListInstanceProfilesForRoleRequest listInstanceProfilesForRoleRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListInstanceProfilesForRoleIterable(this, applyPaginatorUserAgent(listInstanceProfilesForRoleRequest)); } /** *

* Lists the MFA devices for an IAM user. If the request includes a IAM user name, then this operation lists all the * MFA devices associated with the specified user. If you do not specify a user name, IAM determines the user name * implicitly based on the AWS access key ID signing the request for this API. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

* * @param listMfaDevicesRequest * @return Result of the ListMFADevices operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListMFADevices * @see AWS API * Documentation */ @Override public ListMfaDevicesResponse listMFADevices(ListMfaDevicesRequest listMfaDevicesRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListMfaDevicesResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListMFADevices").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listMfaDevicesRequest) .withMarshaller(new ListMfaDevicesRequestMarshaller(protocolFactory))); } /** *

* Lists the MFA devices for an IAM user. If the request includes a IAM user name, then this operation lists all the * MFA devices associated with the specified user. If you do not specify a user name, IAM determines the user name * implicitly based on the AWS access key ID signing the request for this API. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

*
*

* This is a variant of {@link #listMFADevices(software.amazon.awssdk.services.iam.model.ListMfaDevicesRequest)} * operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will * internally handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListMFADevicesIterable responses = client.listMFADevicesPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListMFADevicesIterable responses = client.listMFADevicesPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListMfaDevicesResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListMFADevicesIterable responses = client.listMFADevicesPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listMFADevices(software.amazon.awssdk.services.iam.model.ListMfaDevicesRequest)} operation. *

* * @param listMfaDevicesRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListMFADevices * @see AWS API * Documentation */ @Override public ListMFADevicesIterable listMFADevicesPaginator(ListMfaDevicesRequest listMfaDevicesRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListMFADevicesIterable(this, applyPaginatorUserAgent(listMfaDevicesRequest)); } /** *

* Lists information about the IAM OpenID Connect (OIDC) provider resource objects defined in the AWS account. *

* * @param listOpenIdConnectProvidersRequest * @return Result of the ListOpenIDConnectProviders operation returned by the service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListOpenIDConnectProviders * @see AWS * API Documentation */ @Override public ListOpenIdConnectProvidersResponse listOpenIDConnectProviders( ListOpenIdConnectProvidersRequest listOpenIdConnectProvidersRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListOpenIdConnectProvidersResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("ListOpenIDConnectProviders").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listOpenIdConnectProvidersRequest) .withMarshaller(new ListOpenIdConnectProvidersRequestMarshaller(protocolFactory))); } /** *

* Lists all the managed policies that are available in your AWS account, including your own customer-defined * managed policies and all AWS managed policies. *

*

* You can filter the list of policies that is returned using the optional OnlyAttached, * Scope, and PathPrefix parameters. For example, to list only the customer managed * policies in your AWS account, set Scope to Local. To list only AWS managed policies, * set Scope to AWS. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

*

* For more information about managed policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

* * @param listPoliciesRequest * @return Result of the ListPolicies operation returned by the service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListPolicies * @see AWS API * Documentation */ @Override public ListPoliciesResponse listPolicies(ListPoliciesRequest listPoliciesRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListPoliciesResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListPolicies").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listPoliciesRequest) .withMarshaller(new ListPoliciesRequestMarshaller(protocolFactory))); } /** *

* Lists all the managed policies that are available in your AWS account, including your own customer-defined * managed policies and all AWS managed policies. *

*

* You can filter the list of policies that is returned using the optional OnlyAttached, * Scope, and PathPrefix parameters. For example, to list only the customer managed * policies in your AWS account, set Scope to Local. To list only AWS managed policies, * set Scope to AWS. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

*

* For more information about managed policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

*
*

* This is a variant of {@link #listPolicies(software.amazon.awssdk.services.iam.model.ListPoliciesRequest)} * operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will * internally handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListPoliciesIterable responses = client.listPoliciesPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListPoliciesIterable responses = client.listPoliciesPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListPoliciesResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListPoliciesIterable responses = client.listPoliciesPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listPolicies(software.amazon.awssdk.services.iam.model.ListPoliciesRequest)} operation. *

* * @param listPoliciesRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListPolicies * @see AWS API * Documentation */ @Override public ListPoliciesIterable listPoliciesPaginator(ListPoliciesRequest listPoliciesRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListPoliciesIterable(this, applyPaginatorUserAgent(listPoliciesRequest)); } /** *

* Retrieves a list of policies that the IAM identity (user, group, or role) can use to access each specified * service. *

* *

* This operation does not use other policy types when determining whether a resource could access a service. These * other policy types include resource-based policies, access control lists, AWS Organizations policies, IAM * permissions boundaries, and AWS STS assume role policies. It only applies permissions policy logic. For more * about the evaluation of policy types, see Evaluating Policies in the IAM User Guide. *

*
*

* The list of policies returned by the operation depends on the ARN of the identity that you provide. *

*
    *
  • *

    * User – The list of policies includes the managed and inline policies that are attached to the user * directly. The list also includes any additional managed and inline policies that are attached to the group to * which the user belongs. *

    *
  • *
  • *

    * Group – The list of policies includes only the managed and inline policies that are attached to the group * directly. Policies that are attached to the group’s user are not included. *

    *
  • *
  • *

    * Role – The list of policies includes only the managed and inline policies that are attached to the role. *

    *
  • *
*

* For each managed policy, this operation returns the ARN and policy name. For each inline policy, it returns the * policy name and the entity to which it is attached. Inline policies do not have an ARN. For more information * about these policy types, see Managed Policies * and Inline Policies in the IAM User Guide. *

*

* Policies that are attached to users and roles as permissions boundaries are not returned. To view which managed * policy is currently used to set the permissions boundary for a user or role, use the GetUser or * GetRole operations. *

* * @param listPoliciesGrantingServiceAccessRequest * @return Result of the ListPoliciesGrantingServiceAccess operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListPoliciesGrantingServiceAccess * @see AWS API Documentation */ @Override public ListPoliciesGrantingServiceAccessResponse listPoliciesGrantingServiceAccess( ListPoliciesGrantingServiceAccessRequest listPoliciesGrantingServiceAccessRequest) throws NoSuchEntityException, InvalidInputException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListPoliciesGrantingServiceAccessResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("ListPoliciesGrantingServiceAccess").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listPoliciesGrantingServiceAccessRequest) .withMarshaller(new ListPoliciesGrantingServiceAccessRequestMarshaller(protocolFactory))); } /** *

* Lists information about the versions of the specified managed policy, including the version that is currently set * as the policy's default version. *

*

* For more information about managed policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

* * @param listPolicyVersionsRequest * @return Result of the ListPolicyVersions operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListPolicyVersions * @see AWS API * Documentation */ @Override public ListPolicyVersionsResponse listPolicyVersions(ListPolicyVersionsRequest listPolicyVersionsRequest) throws NoSuchEntityException, InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListPolicyVersionsResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListPolicyVersions").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listPolicyVersionsRequest) .withMarshaller(new ListPolicyVersionsRequestMarshaller(protocolFactory))); } /** *

* Lists information about the versions of the specified managed policy, including the version that is currently set * as the policy's default version. *

*

* For more information about managed policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

*
*

* This is a variant of * {@link #listPolicyVersions(software.amazon.awssdk.services.iam.model.ListPolicyVersionsRequest)} operation. The * return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle * making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListPolicyVersionsIterable responses = client.listPolicyVersionsPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListPolicyVersionsIterable responses = client
     *             .listPolicyVersionsPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListPolicyVersionsResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListPolicyVersionsIterable responses = client.listPolicyVersionsPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listPolicyVersions(software.amazon.awssdk.services.iam.model.ListPolicyVersionsRequest)} operation. *

* * @param listPolicyVersionsRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListPolicyVersions * @see AWS API * Documentation */ @Override public ListPolicyVersionsIterable listPolicyVersionsPaginator(ListPolicyVersionsRequest listPolicyVersionsRequest) throws NoSuchEntityException, InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListPolicyVersionsIterable(this, applyPaginatorUserAgent(listPolicyVersionsRequest)); } /** *

* Lists the names of the inline policies that are embedded in the specified IAM role. *

*

* An IAM role can also have managed policies attached to it. To list the managed policies that are attached to a * role, use ListAttachedRolePolicies. For more information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

*

* You can paginate the results using the MaxItems and Marker parameters. If there are no * inline policies embedded with the specified role, the operation returns an empty list. *

* * @param listRolePoliciesRequest * @return Result of the ListRolePolicies operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListRolePolicies * @see AWS API * Documentation */ @Override public ListRolePoliciesResponse listRolePolicies(ListRolePoliciesRequest listRolePoliciesRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListRolePoliciesResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListRolePolicies").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listRolePoliciesRequest) .withMarshaller(new ListRolePoliciesRequestMarshaller(protocolFactory))); } /** *

* Lists the names of the inline policies that are embedded in the specified IAM role. *

*

* An IAM role can also have managed policies attached to it. To list the managed policies that are attached to a * role, use ListAttachedRolePolicies. For more information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

*

* You can paginate the results using the MaxItems and Marker parameters. If there are no * inline policies embedded with the specified role, the operation returns an empty list. *

*
*

* This is a variant of {@link #listRolePolicies(software.amazon.awssdk.services.iam.model.ListRolePoliciesRequest)} * operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will * internally handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListRolePoliciesIterable responses = client.listRolePoliciesPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListRolePoliciesIterable responses = client.listRolePoliciesPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListRolePoliciesResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListRolePoliciesIterable responses = client.listRolePoliciesPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listRolePolicies(software.amazon.awssdk.services.iam.model.ListRolePoliciesRequest)} operation. *

* * @param listRolePoliciesRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListRolePolicies * @see AWS API * Documentation */ @Override public ListRolePoliciesIterable listRolePoliciesPaginator(ListRolePoliciesRequest listRolePoliciesRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListRolePoliciesIterable(this, applyPaginatorUserAgent(listRolePoliciesRequest)); } /** *

* Lists the tags that are attached to the specified role. The returned list of tags is sorted by tag key. For more * information about tagging, see Tagging * IAM Identities in the IAM User Guide. *

* * @param listRoleTagsRequest * @return Result of the ListRoleTags operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListRoleTags * @see AWS API * Documentation */ @Override public ListRoleTagsResponse listRoleTags(ListRoleTagsRequest listRoleTagsRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListRoleTagsResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListRoleTags").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listRoleTagsRequest) .withMarshaller(new ListRoleTagsRequestMarshaller(protocolFactory))); } /** *

* Lists the IAM roles that have the specified path prefix. If there are none, the operation returns an empty list. * For more information about roles, go to Working with Roles. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

* * @param listRolesRequest * @return Result of the ListRoles operation returned by the service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListRoles * @see AWS API * Documentation */ @Override public ListRolesResponse listRoles(ListRolesRequest listRolesRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListRolesResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListRoles").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listRolesRequest) .withMarshaller(new ListRolesRequestMarshaller(protocolFactory))); } /** *

* Lists the IAM roles that have the specified path prefix. If there are none, the operation returns an empty list. * For more information about roles, go to Working with Roles. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

*
*

* This is a variant of {@link #listRoles(software.amazon.awssdk.services.iam.model.ListRolesRequest)} operation. * The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally * handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListRolesIterable responses = client.listRolesPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListRolesIterable responses = client.listRolesPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListRolesResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListRolesIterable responses = client.listRolesPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listRoles(software.amazon.awssdk.services.iam.model.ListRolesRequest)} operation. *

* * @param listRolesRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListRoles * @see AWS API * Documentation */ @Override public ListRolesIterable listRolesPaginator(ListRolesRequest listRolesRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListRolesIterable(this, applyPaginatorUserAgent(listRolesRequest)); } /** *

* Lists the SAML provider resource objects defined in IAM in the account. *

* *

* This operation requires Signature Version 4. *

*
* * @param listSamlProvidersRequest * @return Result of the ListSAMLProviders operation returned by the service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListSAMLProviders * @see AWS API * Documentation */ @Override public ListSamlProvidersResponse listSAMLProviders(ListSamlProvidersRequest listSamlProvidersRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListSamlProvidersResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListSAMLProviders").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listSamlProvidersRequest) .withMarshaller(new ListSamlProvidersRequestMarshaller(protocolFactory))); } /** *

* Returns information about the SSH public keys associated with the specified IAM user. If none exists, the * operation returns an empty list. *

*

* The SSH public keys returned by this operation are used only for authenticating the IAM user to an AWS CodeCommit * repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS * CodeCommit for SSH Connections in the AWS CodeCommit User Guide. *

*

* Although each user is limited to a small number of keys, you can still paginate the results using the * MaxItems and Marker parameters. *

* * @param listSshPublicKeysRequest * @return Result of the ListSSHPublicKeys operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListSSHPublicKeys * @see AWS API * Documentation */ @Override public ListSshPublicKeysResponse listSSHPublicKeys(ListSshPublicKeysRequest listSshPublicKeysRequest) throws NoSuchEntityException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListSshPublicKeysResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListSSHPublicKeys").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listSshPublicKeysRequest) .withMarshaller(new ListSshPublicKeysRequestMarshaller(protocolFactory))); } /** *

* Returns information about the SSH public keys associated with the specified IAM user. If none exists, the * operation returns an empty list. *

*

* The SSH public keys returned by this operation are used only for authenticating the IAM user to an AWS CodeCommit * repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, see Set up AWS * CodeCommit for SSH Connections in the AWS CodeCommit User Guide. *

*

* Although each user is limited to a small number of keys, you can still paginate the results using the * MaxItems and Marker parameters. *

*
*

* This is a variant of * {@link #listSSHPublicKeys(software.amazon.awssdk.services.iam.model.ListSshPublicKeysRequest)} operation. The * return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle * making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListSSHPublicKeysIterable responses = client.listSSHPublicKeysPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListSSHPublicKeysIterable responses = client
     *             .listSSHPublicKeysPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListSshPublicKeysResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListSSHPublicKeysIterable responses = client.listSSHPublicKeysPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listSSHPublicKeys(software.amazon.awssdk.services.iam.model.ListSshPublicKeysRequest)} operation. *

* * @param listSshPublicKeysRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListSSHPublicKeys * @see AWS API * Documentation */ @Override public ListSSHPublicKeysIterable listSSHPublicKeysPaginator(ListSshPublicKeysRequest listSshPublicKeysRequest) throws NoSuchEntityException, AwsServiceException, SdkClientException, IamException { return new ListSSHPublicKeysIterable(this, applyPaginatorUserAgent(listSshPublicKeysRequest)); } /** *

* Lists the server certificates stored in IAM that have the specified path prefix. If none exist, the operation * returns an empty list. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

*

* For more information about working with server certificates, see Working with Server * Certificates in the IAM User Guide. This topic also includes a list of AWS services that can use the * server certificates that you manage with IAM. *

* * @param listServerCertificatesRequest * @return Result of the ListServerCertificates operation returned by the service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListServerCertificates * @see AWS API * Documentation */ @Override public ListServerCertificatesResponse listServerCertificates(ListServerCertificatesRequest listServerCertificatesRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListServerCertificatesResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListServerCertificates").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listServerCertificatesRequest) .withMarshaller(new ListServerCertificatesRequestMarshaller(protocolFactory))); } /** *

* Lists the server certificates stored in IAM that have the specified path prefix. If none exist, the operation * returns an empty list. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

*

* For more information about working with server certificates, see Working with Server * Certificates in the IAM User Guide. This topic also includes a list of AWS services that can use the * server certificates that you manage with IAM. *

*
*

* This is a variant of * {@link #listServerCertificates(software.amazon.awssdk.services.iam.model.ListServerCertificatesRequest)} * operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will * internally handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListServerCertificatesIterable responses = client.listServerCertificatesPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListServerCertificatesIterable responses = client
     *             .listServerCertificatesPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListServerCertificatesResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListServerCertificatesIterable responses = client.listServerCertificatesPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listServerCertificates(software.amazon.awssdk.services.iam.model.ListServerCertificatesRequest)} * operation. *

* * @param listServerCertificatesRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListServerCertificates * @see AWS API * Documentation */ @Override public ListServerCertificatesIterable listServerCertificatesPaginator( ListServerCertificatesRequest listServerCertificatesRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListServerCertificatesIterable(this, applyPaginatorUserAgent(listServerCertificatesRequest)); } /** *

* Returns information about the service-specific credentials associated with the specified IAM user. If none * exists, the operation returns an empty list. The service-specific credentials returned by this operation are used * only for authenticating the IAM user to a specific service. For more information about using service-specific * credentials to authenticate to an AWS service, see Set Up service-specific * credentials in the AWS CodeCommit User Guide. *

* * @param listServiceSpecificCredentialsRequest * @return Result of the ListServiceSpecificCredentials operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceNotSupportedException * The specified service does not support service-specific credentials. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListServiceSpecificCredentials * @see AWS API Documentation */ @Override public ListServiceSpecificCredentialsResponse listServiceSpecificCredentials( ListServiceSpecificCredentialsRequest listServiceSpecificCredentialsRequest) throws NoSuchEntityException, ServiceNotSupportedException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListServiceSpecificCredentialsResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("ListServiceSpecificCredentials").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listServiceSpecificCredentialsRequest) .withMarshaller(new ListServiceSpecificCredentialsRequestMarshaller(protocolFactory))); } /** *

* Returns information about the signing certificates associated with the specified IAM user. If none exists, the * operation returns an empty list. *

*

* Although each user is limited to a small number of signing certificates, you can still paginate the results using * the MaxItems and Marker parameters. *

*

* If the UserName field is not specified, the user name is determined implicitly based on the AWS * access key ID used to sign the request for this API. This operation works for access keys under the AWS account. * Consequently, you can use this operation to manage AWS account root user credentials even if the AWS account has * no associated users. *

* * @param listSigningCertificatesRequest * @return Result of the ListSigningCertificates operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListSigningCertificates * @see AWS * API Documentation */ @Override public ListSigningCertificatesResponse listSigningCertificates(ListSigningCertificatesRequest listSigningCertificatesRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListSigningCertificatesResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListSigningCertificates").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listSigningCertificatesRequest) .withMarshaller(new ListSigningCertificatesRequestMarshaller(protocolFactory))); } /** *

* Returns information about the signing certificates associated with the specified IAM user. If none exists, the * operation returns an empty list. *

*

* Although each user is limited to a small number of signing certificates, you can still paginate the results using * the MaxItems and Marker parameters. *

*

* If the UserName field is not specified, the user name is determined implicitly based on the AWS * access key ID used to sign the request for this API. This operation works for access keys under the AWS account. * Consequently, you can use this operation to manage AWS account root user credentials even if the AWS account has * no associated users. *

*
*

* This is a variant of * {@link #listSigningCertificates(software.amazon.awssdk.services.iam.model.ListSigningCertificatesRequest)} * operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will * internally handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListSigningCertificatesIterable responses = client.listSigningCertificatesPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListSigningCertificatesIterable responses = client
     *             .listSigningCertificatesPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListSigningCertificatesResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListSigningCertificatesIterable responses = client.listSigningCertificatesPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listSigningCertificates(software.amazon.awssdk.services.iam.model.ListSigningCertificatesRequest)} * operation. *

* * @param listSigningCertificatesRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListSigningCertificates * @see AWS * API Documentation */ @Override public ListSigningCertificatesIterable listSigningCertificatesPaginator( ListSigningCertificatesRequest listSigningCertificatesRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListSigningCertificatesIterable(this, applyPaginatorUserAgent(listSigningCertificatesRequest)); } /** *

* Lists the names of the inline policies embedded in the specified IAM user. *

*

* An IAM user can also have managed policies attached to it. To list the managed policies that are attached to a * user, use ListAttachedUserPolicies. For more information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

*

* You can paginate the results using the MaxItems and Marker parameters. If there are no * inline policies embedded with the specified user, the operation returns an empty list. *

* * @param listUserPoliciesRequest * @return Result of the ListUserPolicies operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListUserPolicies * @see AWS API * Documentation */ @Override public ListUserPoliciesResponse listUserPolicies(ListUserPoliciesRequest listUserPoliciesRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListUserPoliciesResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListUserPolicies").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listUserPoliciesRequest) .withMarshaller(new ListUserPoliciesRequestMarshaller(protocolFactory))); } /** *

* Lists the names of the inline policies embedded in the specified IAM user. *

*

* An IAM user can also have managed policies attached to it. To list the managed policies that are attached to a * user, use ListAttachedUserPolicies. For more information about policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

*

* You can paginate the results using the MaxItems and Marker parameters. If there are no * inline policies embedded with the specified user, the operation returns an empty list. *

*
*

* This is a variant of {@link #listUserPolicies(software.amazon.awssdk.services.iam.model.ListUserPoliciesRequest)} * operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will * internally handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListUserPoliciesIterable responses = client.listUserPoliciesPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListUserPoliciesIterable responses = client.listUserPoliciesPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListUserPoliciesResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListUserPoliciesIterable responses = client.listUserPoliciesPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listUserPolicies(software.amazon.awssdk.services.iam.model.ListUserPoliciesRequest)} operation. *

* * @param listUserPoliciesRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListUserPolicies * @see AWS API * Documentation */ @Override public ListUserPoliciesIterable listUserPoliciesPaginator(ListUserPoliciesRequest listUserPoliciesRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListUserPoliciesIterable(this, applyPaginatorUserAgent(listUserPoliciesRequest)); } /** *

* Lists the tags that are attached to the specified user. The returned list of tags is sorted by tag key. For more * information about tagging, see Tagging * IAM Identities in the IAM User Guide. *

* * @param listUserTagsRequest * @return Result of the ListUserTags operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListUserTags * @see AWS API * Documentation */ @Override public ListUserTagsResponse listUserTags(ListUserTagsRequest listUserTagsRequest) throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListUserTagsResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListUserTags").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listUserTagsRequest) .withMarshaller(new ListUserTagsRequestMarshaller(protocolFactory))); } /** *

* Lists the IAM users that have the specified path prefix. If no path prefix is specified, the operation returns * all users in the AWS account. If there are none, the operation returns an empty list. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

* * @param listUsersRequest * @return Result of the ListUsers operation returned by the service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListUsers * @see AWS API * Documentation */ @Override public ListUsersResponse listUsers(ListUsersRequest listUsersRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListUsersResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListUsers").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listUsersRequest) .withMarshaller(new ListUsersRequestMarshaller(protocolFactory))); } /** *

* Lists the IAM users that have the specified path prefix. If no path prefix is specified, the operation returns * all users in the AWS account. If there are none, the operation returns an empty list. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

*
*

* This is a variant of {@link #listUsers(software.amazon.awssdk.services.iam.model.ListUsersRequest)} operation. * The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally * handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListUsersIterable responses = client.listUsersPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListUsersIterable responses = client.listUsersPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListUsersResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListUsersIterable responses = client.listUsersPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listUsers(software.amazon.awssdk.services.iam.model.ListUsersRequest)} operation. *

* * @param listUsersRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListUsers * @see AWS API * Documentation */ @Override public ListUsersIterable listUsersPaginator(ListUsersRequest listUsersRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { return new ListUsersIterable(this, applyPaginatorUserAgent(listUsersRequest)); } /** *

* Lists the virtual MFA devices defined in the AWS account by assignment status. If you do not specify an * assignment status, the operation returns a list of all virtual MFA devices. Assignment status can be * Assigned, Unassigned, or Any. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

* * @param listVirtualMfaDevicesRequest * @return Result of the ListVirtualMFADevices operation returned by the service. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListVirtualMFADevices * @see AWS API * Documentation */ @Override public ListVirtualMfaDevicesResponse listVirtualMFADevices(ListVirtualMfaDevicesRequest listVirtualMfaDevicesRequest) throws AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ListVirtualMfaDevicesResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ListVirtualMFADevices").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(listVirtualMfaDevicesRequest) .withMarshaller(new ListVirtualMfaDevicesRequestMarshaller(protocolFactory))); } /** *

* Lists the virtual MFA devices defined in the AWS account by assignment status. If you do not specify an * assignment status, the operation returns a list of all virtual MFA devices. Assignment status can be * Assigned, Unassigned, or Any. *

*

* You can paginate the results using the MaxItems and Marker parameters. *

*
*

* This is a variant of * {@link #listVirtualMFADevices(software.amazon.awssdk.services.iam.model.ListVirtualMfaDevicesRequest)} operation. * The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally * handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListVirtualMFADevicesIterable responses = client.listVirtualMFADevicesPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.ListVirtualMFADevicesIterable responses = client
     *             .listVirtualMFADevicesPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.ListVirtualMfaDevicesResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.ListVirtualMFADevicesIterable responses = client.listVirtualMFADevicesPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #listVirtualMFADevices(software.amazon.awssdk.services.iam.model.ListVirtualMfaDevicesRequest)} * operation. *

* * @param listVirtualMfaDevicesRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ListVirtualMFADevices * @see AWS API * Documentation */ @Override public ListVirtualMFADevicesIterable listVirtualMFADevicesPaginator(ListVirtualMfaDevicesRequest listVirtualMfaDevicesRequest) throws AwsServiceException, SdkClientException, IamException { return new ListVirtualMFADevicesIterable(this, applyPaginatorUserAgent(listVirtualMfaDevicesRequest)); } /** *

* Adds or updates an inline policy document that is embedded in the specified IAM group. *

*

* A user can also have managed policies attached to it. To attach a managed policy to a group, use * AttachGroupPolicy. To create a new managed policy, use CreatePolicy. For information about * policies, see Managed * Policies and Inline Policies in the IAM User Guide. *

*

* For information about limits on the number of inline policies that you can embed in a group, see Limitations on IAM * Entities in the IAM User Guide. *

* *

* Because policy documents can be large, you should use POST rather than GET when calling * PutGroupPolicy. For general information about using the Query API with IAM, go to Making Query Requests in the * IAM User Guide. *

*
* * @param putGroupPolicyRequest * @return Result of the PutGroupPolicy operation returned by the service. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws MalformedPolicyDocumentException * The request was rejected because the policy document was malformed. The error message describes the * specific error. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.PutGroupPolicy * @see AWS API * Documentation */ @Override public PutGroupPolicyResponse putGroupPolicy(PutGroupPolicyRequest putGroupPolicyRequest) throws LimitExceededException, MalformedPolicyDocumentException, NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(PutGroupPolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("PutGroupPolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(putGroupPolicyRequest) .withMarshaller(new PutGroupPolicyRequestMarshaller(protocolFactory))); } /** *

* Adds or updates the policy that is specified as the IAM role's permissions boundary. You can use an AWS managed * policy or a customer managed policy to set the boundary for a role. Use the boundary to control the maximum * permissions that the role can have. Setting a permissions boundary is an advanced feature that can affect the * permissions for the role. *

*

* You cannot set the boundary for a service-linked role. *

* *

* Policies used as permissions boundaries do not provide permissions. You must also attach a permissions policy to * the role. To learn how the effective permissions for a role are evaluated, see IAM JSON Policy * Evaluation Logic in the IAM User Guide. *

*
* * @param putRolePermissionsBoundaryRequest * @return Result of the PutRolePermissionsBoundary operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws UnmodifiableEntityException * The request was rejected because only the service that depends on the service-linked role can modify or * delete the role on your behalf. The error message includes the name of the service that depends on this * service-linked role. You must request the change through that service. * @throws PolicyNotAttachableException * The request failed because AWS service role policies can only be attached to the service-linked role for * that service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.PutRolePermissionsBoundary * @see AWS * API Documentation */ @Override public PutRolePermissionsBoundaryResponse putRolePermissionsBoundary( PutRolePermissionsBoundaryRequest putRolePermissionsBoundaryRequest) throws NoSuchEntityException, InvalidInputException, UnmodifiableEntityException, PolicyNotAttachableException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(PutRolePermissionsBoundaryResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("PutRolePermissionsBoundary").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(putRolePermissionsBoundaryRequest) .withMarshaller(new PutRolePermissionsBoundaryRequestMarshaller(protocolFactory))); } /** *

* Adds or updates an inline policy document that is embedded in the specified IAM role. *

*

* When you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) * policy. The role's trust policy is created at the same time as the role, using CreateRole. You can update * a role's trust policy using UpdateAssumeRolePolicy. For more information about IAM roles, go to Using Roles to Delegate Permissions * and Federate Identities. *

*

* A role can also have a managed policy attached to it. To attach a managed policy to a role, use * AttachRolePolicy. To create a new managed policy, use CreatePolicy. For information about policies, * see Managed Policies * and Inline Policies in the IAM User Guide. *

*

* For information about limits on the number of inline policies that you can embed with a role, see Limitations on IAM * Entities in the IAM User Guide. *

* *

* Because policy documents can be large, you should use POST rather than GET when calling * PutRolePolicy. For general information about using the Query API with IAM, go to Making Query Requests in the * IAM User Guide. *

*
* * @param putRolePolicyRequest * @return Result of the PutRolePolicy operation returned by the service. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws MalformedPolicyDocumentException * The request was rejected because the policy document was malformed. The error message describes the * specific error. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws UnmodifiableEntityException * The request was rejected because only the service that depends on the service-linked role can modify or * delete the role on your behalf. The error message includes the name of the service that depends on this * service-linked role. You must request the change through that service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.PutRolePolicy * @see AWS API * Documentation */ @Override public PutRolePolicyResponse putRolePolicy(PutRolePolicyRequest putRolePolicyRequest) throws LimitExceededException, MalformedPolicyDocumentException, NoSuchEntityException, UnmodifiableEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(PutRolePolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("PutRolePolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(putRolePolicyRequest) .withMarshaller(new PutRolePolicyRequestMarshaller(protocolFactory))); } /** *

* Adds or updates the policy that is specified as the IAM user's permissions boundary. You can use an AWS managed * policy or a customer managed policy to set the boundary for a user. Use the boundary to control the maximum * permissions that the user can have. Setting a permissions boundary is an advanced feature that can affect the * permissions for the user. *

* *

* Policies that are used as permissions boundaries do not provide permissions. You must also attach a permissions * policy to the user. To learn how the effective permissions for a user are evaluated, see IAM JSON Policy * Evaluation Logic in the IAM User Guide. *

*
* * @param putUserPermissionsBoundaryRequest * @return Result of the PutUserPermissionsBoundary operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws PolicyNotAttachableException * The request failed because AWS service role policies can only be attached to the service-linked role for * that service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.PutUserPermissionsBoundary * @see AWS * API Documentation */ @Override public PutUserPermissionsBoundaryResponse putUserPermissionsBoundary( PutUserPermissionsBoundaryRequest putUserPermissionsBoundaryRequest) throws NoSuchEntityException, InvalidInputException, PolicyNotAttachableException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(PutUserPermissionsBoundaryResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("PutUserPermissionsBoundary").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(putUserPermissionsBoundaryRequest) .withMarshaller(new PutUserPermissionsBoundaryRequestMarshaller(protocolFactory))); } /** *

* Adds or updates an inline policy document that is embedded in the specified IAM user. *

*

* An IAM user can also have a managed policy attached to it. To attach a managed policy to a user, use * AttachUserPolicy. To create a new managed policy, use CreatePolicy. For information about policies, * see Managed Policies * and Inline Policies in the IAM User Guide. *

*

* For information about limits on the number of inline policies that you can embed in a user, see Limitations on IAM * Entities in the IAM User Guide. *

* *

* Because policy documents can be large, you should use POST rather than GET when calling * PutUserPolicy. For general information about using the Query API with IAM, go to Making Query Requests in the * IAM User Guide. *

*
* * @param putUserPolicyRequest * @return Result of the PutUserPolicy operation returned by the service. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws MalformedPolicyDocumentException * The request was rejected because the policy document was malformed. The error message describes the * specific error. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.PutUserPolicy * @see AWS API * Documentation */ @Override public PutUserPolicyResponse putUserPolicy(PutUserPolicyRequest putUserPolicyRequest) throws LimitExceededException, MalformedPolicyDocumentException, NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(PutUserPolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("PutUserPolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(putUserPolicyRequest) .withMarshaller(new PutUserPolicyRequestMarshaller(protocolFactory))); } /** *

* Removes the specified client ID (also known as audience) from the list of client IDs registered for the specified * IAM OpenID Connect (OIDC) provider resource object. *

*

* This operation is idempotent; it does not fail or return an error if you try to remove a client ID that does not * exist. *

* * @param removeClientIdFromOpenIdConnectProviderRequest * @return Result of the RemoveClientIDFromOpenIDConnectProvider operation returned by the service. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.RemoveClientIDFromOpenIDConnectProvider * @see AWS API Documentation */ @Override public RemoveClientIdFromOpenIdConnectProviderResponse removeClientIDFromOpenIDConnectProvider( RemoveClientIdFromOpenIdConnectProviderRequest removeClientIdFromOpenIdConnectProviderRequest) throws InvalidInputException, NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(RemoveClientIdFromOpenIdConnectProviderResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("RemoveClientIDFromOpenIDConnectProvider").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(removeClientIdFromOpenIdConnectProviderRequest) .withMarshaller(new RemoveClientIdFromOpenIdConnectProviderRequestMarshaller(protocolFactory))); } /** *

* Removes the specified IAM role from the specified EC2 instance profile. *

* *

* Make sure that you do not have any Amazon EC2 instances running with the role you are about to remove from the * instance profile. Removing a role from an instance profile that is associated with a running instance might break * any applications running on the instance. *

*
*

* For more information about IAM roles, go to Working with Roles. For more * information about instance profiles, go to About Instance Profiles. *

* * @param removeRoleFromInstanceProfileRequest * @return Result of the RemoveRoleFromInstanceProfile operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws UnmodifiableEntityException * The request was rejected because only the service that depends on the service-linked role can modify or * delete the role on your behalf. The error message includes the name of the service that depends on this * service-linked role. You must request the change through that service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.RemoveRoleFromInstanceProfile * @see AWS API Documentation */ @Override public RemoveRoleFromInstanceProfileResponse removeRoleFromInstanceProfile( RemoveRoleFromInstanceProfileRequest removeRoleFromInstanceProfileRequest) throws NoSuchEntityException, LimitExceededException, UnmodifiableEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(RemoveRoleFromInstanceProfileResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("RemoveRoleFromInstanceProfile").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(removeRoleFromInstanceProfileRequest) .withMarshaller(new RemoveRoleFromInstanceProfileRequestMarshaller(protocolFactory))); } /** *

* Removes the specified user from the specified group. *

* * @param removeUserFromGroupRequest * @return Result of the RemoveUserFromGroup operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.RemoveUserFromGroup * @see AWS API * Documentation */ @Override public RemoveUserFromGroupResponse removeUserFromGroup(RemoveUserFromGroupRequest removeUserFromGroupRequest) throws NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(RemoveUserFromGroupResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("RemoveUserFromGroup").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(removeUserFromGroupRequest) .withMarshaller(new RemoveUserFromGroupRequestMarshaller(protocolFactory))); } /** *

* Resets the password for a service-specific credential. The new password is AWS generated and cryptographically * strong. It cannot be configured by the user. Resetting the password immediately invalidates the previous password * associated with this user. *

* * @param resetServiceSpecificCredentialRequest * @return Result of the ResetServiceSpecificCredential operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ResetServiceSpecificCredential * @see AWS API Documentation */ @Override public ResetServiceSpecificCredentialResponse resetServiceSpecificCredential( ResetServiceSpecificCredentialRequest resetServiceSpecificCredentialRequest) throws NoSuchEntityException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ResetServiceSpecificCredentialResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("ResetServiceSpecificCredential").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(resetServiceSpecificCredentialRequest) .withMarshaller(new ResetServiceSpecificCredentialRequestMarshaller(protocolFactory))); } /** *

* Synchronizes the specified MFA device with its IAM resource object on the AWS servers. *

*

* For more information about creating and working with virtual MFA devices, go to Using a Virtual MFA Device in * the IAM User Guide. *

* * @param resyncMfaDeviceRequest * @return Result of the ResyncMFADevice operation returned by the service. * @throws InvalidAuthenticationCodeException * The request was rejected because the authentication code was not recognized. The error message describes * the specific error. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.ResyncMFADevice * @see AWS API * Documentation */ @Override public ResyncMfaDeviceResponse resyncMFADevice(ResyncMfaDeviceRequest resyncMfaDeviceRequest) throws InvalidAuthenticationCodeException, NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(ResyncMfaDeviceResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("ResyncMFADevice").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(resyncMfaDeviceRequest) .withMarshaller(new ResyncMfaDeviceRequestMarshaller(protocolFactory))); } /** *

* Sets the specified version of the specified policy as the policy's default (operative) version. *

*

* This operation affects all users, groups, and roles that the policy is attached to. To list the users, groups, * and roles that the policy is attached to, use the ListEntitiesForPolicy API. *

*

* For information about managed policies, see Managed Policies and * Inline Policies in the IAM User Guide. *

* * @param setDefaultPolicyVersionRequest * @return Result of the SetDefaultPolicyVersion operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.SetDefaultPolicyVersion * @see AWS * API Documentation */ @Override public SetDefaultPolicyVersionResponse setDefaultPolicyVersion(SetDefaultPolicyVersionRequest setDefaultPolicyVersionRequest) throws NoSuchEntityException, InvalidInputException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(SetDefaultPolicyVersionResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("SetDefaultPolicyVersion").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(setDefaultPolicyVersionRequest) .withMarshaller(new SetDefaultPolicyVersionRequestMarshaller(protocolFactory))); } /** *

* Sets the specified version of the global endpoint token as the token version used for the AWS account. *

*

* By default, AWS Security Token Service (STS) is available as a global service, and all STS requests go to a * single endpoint at https://sts.amazonaws.com. AWS recommends using Regional STS endpoints to reduce * latency, build in redundancy, and increase session token availability. For information about Regional endpoints * for STS, see AWS Regions and * Endpoints in the AWS General Reference. *

*

* If you make an STS call to the global endpoint, the resulting session tokens might be valid in some Regions but * not others. It depends on the version that is set in this operation. Version 1 tokens are valid only in AWS * Regions that are available by default. These tokens do not work in manually enabled Regions, such as Asia Pacific * (Hong Kong). Version 2 tokens are valid in all Regions. However, version 2 tokens are longer and might affect * systems where you temporarily store tokens. For information, see Activating and * Deactivating STS in an AWS Region in the IAM User Guide. *

*

* To view the current session token version, see the GlobalEndpointTokenVersion entry in the response * of the GetAccountSummary operation. *

* * @param setSecurityTokenServicePreferencesRequest * @return Result of the SetSecurityTokenServicePreferences operation returned by the service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.SetSecurityTokenServicePreferences * @see AWS API Documentation */ @Override public SetSecurityTokenServicePreferencesResponse setSecurityTokenServicePreferences( SetSecurityTokenServicePreferencesRequest setSecurityTokenServicePreferencesRequest) throws ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(SetSecurityTokenServicePreferencesResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("SetSecurityTokenServicePreferences").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(setSecurityTokenServicePreferencesRequest) .withMarshaller(new SetSecurityTokenServicePreferencesRequestMarshaller(protocolFactory))); } /** *

* Simulate how a set of IAM policies and optionally a resource-based policy works with a list of API operations and * AWS resources to determine the policies' effective permissions. The policies are provided as strings. *

*

* The simulation does not perform the API operations; it only checks the authorization to determine if the * simulated policies allow or deny the operations. *

*

* If you want to simulate existing policies that are attached to an IAM user, group, or role, use * SimulatePrincipalPolicy instead. *

*

* Context keys are variables that are maintained by AWS and its services and which provide details about the * context of an API query request. You can use the Condition element of an IAM policy to evaluate * context keys. To get the list of context keys that the policies require for correct simulation, use * GetContextKeysForCustomPolicy. *

*

* If the output is long, you can use MaxItems and Marker parameters to paginate the * results. *

* * @param simulateCustomPolicyRequest * @return Result of the SimulateCustomPolicy operation returned by the service. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws PolicyEvaluationException * The request failed because a provided policy could not be successfully evaluated. An additional detailed * message indicates the source of the failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.SimulateCustomPolicy * @see AWS API * Documentation */ @Override public SimulateCustomPolicyResponse simulateCustomPolicy(SimulateCustomPolicyRequest simulateCustomPolicyRequest) throws InvalidInputException, PolicyEvaluationException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(SimulateCustomPolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("SimulateCustomPolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(simulateCustomPolicyRequest) .withMarshaller(new SimulateCustomPolicyRequestMarshaller(protocolFactory))); } /** *

* Simulate how a set of IAM policies and optionally a resource-based policy works with a list of API operations and * AWS resources to determine the policies' effective permissions. The policies are provided as strings. *

*

* The simulation does not perform the API operations; it only checks the authorization to determine if the * simulated policies allow or deny the operations. *

*

* If you want to simulate existing policies that are attached to an IAM user, group, or role, use * SimulatePrincipalPolicy instead. *

*

* Context keys are variables that are maintained by AWS and its services and which provide details about the * context of an API query request. You can use the Condition element of an IAM policy to evaluate * context keys. To get the list of context keys that the policies require for correct simulation, use * GetContextKeysForCustomPolicy. *

*

* If the output is long, you can use MaxItems and Marker parameters to paginate the * results. *

*
*

* This is a variant of * {@link #simulateCustomPolicy(software.amazon.awssdk.services.iam.model.SimulateCustomPolicyRequest)} operation. * The return type is a custom iterable that can be used to iterate through all the pages. SDK will internally * handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.SimulateCustomPolicyIterable responses = client.simulateCustomPolicyPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.SimulateCustomPolicyIterable responses = client
     *             .simulateCustomPolicyPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.SimulateCustomPolicyResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.SimulateCustomPolicyIterable responses = client.simulateCustomPolicyPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #simulateCustomPolicy(software.amazon.awssdk.services.iam.model.SimulateCustomPolicyRequest)} * operation. *

* * @param simulateCustomPolicyRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws PolicyEvaluationException * The request failed because a provided policy could not be successfully evaluated. An additional detailed * message indicates the source of the failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.SimulateCustomPolicy * @see AWS API * Documentation */ @Override public SimulateCustomPolicyIterable simulateCustomPolicyPaginator(SimulateCustomPolicyRequest simulateCustomPolicyRequest) throws InvalidInputException, PolicyEvaluationException, AwsServiceException, SdkClientException, IamException { return new SimulateCustomPolicyIterable(this, applyPaginatorUserAgent(simulateCustomPolicyRequest)); } /** *

* Simulate how a set of IAM policies attached to an IAM entity works with a list of API operations and AWS * resources to determine the policies' effective permissions. The entity can be an IAM user, group, or role. If you * specify a user, then the simulation also includes all of the policies that are attached to groups that the user * belongs to. *

*

* You can optionally include a list of one or more additional policies specified as strings to include in the * simulation. If you want to simulate only policies specified as strings, use SimulateCustomPolicy instead. *

*

* You can also optionally include one resource-based policy to be evaluated with each of the resources included in * the simulation. *

*

* The simulation does not perform the API operations; it only checks the authorization to determine if the * simulated policies allow or deny the operations. *

*

* Note: This API discloses information about the permissions granted to other users. If you do not want * users to see other user's permissions, then consider allowing them to use SimulateCustomPolicy instead. *

*

* Context keys are variables maintained by AWS and its services that provide details about the context of an API * query request. You can use the Condition element of an IAM policy to evaluate context keys. To get * the list of context keys that the policies require for correct simulation, use * GetContextKeysForPrincipalPolicy. *

*

* If the output is long, you can use the MaxItems and Marker parameters to paginate the * results. *

* * @param simulatePrincipalPolicyRequest * @return Result of the SimulatePrincipalPolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws PolicyEvaluationException * The request failed because a provided policy could not be successfully evaluated. An additional detailed * message indicates the source of the failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.SimulatePrincipalPolicy * @see AWS * API Documentation */ @Override public SimulatePrincipalPolicyResponse simulatePrincipalPolicy(SimulatePrincipalPolicyRequest simulatePrincipalPolicyRequest) throws NoSuchEntityException, InvalidInputException, PolicyEvaluationException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(SimulatePrincipalPolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("SimulatePrincipalPolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(simulatePrincipalPolicyRequest) .withMarshaller(new SimulatePrincipalPolicyRequestMarshaller(protocolFactory))); } /** *

* Simulate how a set of IAM policies attached to an IAM entity works with a list of API operations and AWS * resources to determine the policies' effective permissions. The entity can be an IAM user, group, or role. If you * specify a user, then the simulation also includes all of the policies that are attached to groups that the user * belongs to. *

*

* You can optionally include a list of one or more additional policies specified as strings to include in the * simulation. If you want to simulate only policies specified as strings, use SimulateCustomPolicy instead. *

*

* You can also optionally include one resource-based policy to be evaluated with each of the resources included in * the simulation. *

*

* The simulation does not perform the API operations; it only checks the authorization to determine if the * simulated policies allow or deny the operations. *

*

* Note: This API discloses information about the permissions granted to other users. If you do not want * users to see other user's permissions, then consider allowing them to use SimulateCustomPolicy instead. *

*

* Context keys are variables maintained by AWS and its services that provide details about the context of an API * query request. You can use the Condition element of an IAM policy to evaluate context keys. To get * the list of context keys that the policies require for correct simulation, use * GetContextKeysForPrincipalPolicy. *

*

* If the output is long, you can use the MaxItems and Marker parameters to paginate the * results. *

*
*

* This is a variant of * {@link #simulatePrincipalPolicy(software.amazon.awssdk.services.iam.model.SimulatePrincipalPolicyRequest)} * operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will * internally handle making service calls for you. *

*

* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no * guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response * pages by making service calls until there are no pages left or your iteration stops. If there are errors in your * request, you will see the failures only after you start iterating through the iterable. *

* *

* The following are few ways to iterate through the response pages: *

* 1) Using a Stream * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.SimulatePrincipalPolicyIterable responses = client.simulatePrincipalPolicyPaginator(request);
     * responses.stream().forEach(....);
     * }
     * 
* * 2) Using For loop * *
     * {
     *     @code
     *     software.amazon.awssdk.services.iam.paginators.SimulatePrincipalPolicyIterable responses = client
     *             .simulatePrincipalPolicyPaginator(request);
     *     for (software.amazon.awssdk.services.iam.model.SimulatePrincipalPolicyResponse response : responses) {
     *         // do something;
     *     }
     * }
     * 
* * 3) Use iterator directly * *
     * {@code
     * software.amazon.awssdk.services.iam.paginators.SimulatePrincipalPolicyIterable responses = client.simulatePrincipalPolicyPaginator(request);
     * responses.iterator().forEachRemaining(....);
     * }
     * 
*

* Please notice that the configuration of MaxItems won't limit the number of results you get with the paginator. * It only limits the number of results in each page. *

*

* Note: If you prefer to have control on service calls, use the * {@link #simulatePrincipalPolicy(software.amazon.awssdk.services.iam.model.SimulatePrincipalPolicyRequest)} * operation. *

* * @param simulatePrincipalPolicyRequest * @return A custom iterable that can be used to iterate through all the response pages. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws PolicyEvaluationException * The request failed because a provided policy could not be successfully evaluated. An additional detailed * message indicates the source of the failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.SimulatePrincipalPolicy * @see AWS * API Documentation */ @Override public SimulatePrincipalPolicyIterable simulatePrincipalPolicyPaginator( SimulatePrincipalPolicyRequest simulatePrincipalPolicyRequest) throws NoSuchEntityException, InvalidInputException, PolicyEvaluationException, AwsServiceException, SdkClientException, IamException { return new SimulatePrincipalPolicyIterable(this, applyPaginatorUserAgent(simulatePrincipalPolicyRequest)); } /** *

* Adds one or more tags to an IAM role. The role can be a regular role or a service-linked role. If a tag with the * same key name already exists, then that tag is overwritten with the new value. *

*

* A tag consists of a key name and an associated value. By assigning tags to your resources, you can do the * following: *

*
    *
  • *

    * Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For * example, you could search for all resources with the key name Project and the value * MyImportantProject. Or search for all resources with the key name Cost Center and the value * 41200. *

    *
  • *
  • *

    * Access control - Reference tags in IAM user-based and resource-based policies. You can use tags to * restrict access to only an IAM user or role that has a specified tag attached. You can also restrict access to * only those resources that have a certain tag attached. For examples of policies that show how to use tags to * control access, see Control Access * Using IAM Tags in the IAM User Guide. *

    *
  • *
  • *

    * Cost allocation - Use tags to help track which individuals and teams are using which AWS resources. *

    *
  • *
* *
    *
  • *

    * Make sure that you have no invalid tags and that you do not exceed the allowed number of tags per role. In either * case, the entire request fails and no tags are added to the role. *

    *
  • *
  • *

    * AWS always interprets the tag Value as a single string. If you need to store an array, you can store * comma-separated values in the string. However, you must interpret the value in your code. *

    *
  • *
*
*

* For more information about tagging, see Tagging IAM Identities in the IAM * User Guide. *

* * @param tagRoleRequest * @return Result of the TagRole operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws ConcurrentModificationException * The request was rejected because multiple requests to change this object were submitted simultaneously. * Wait a few minutes and submit your request again. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.TagRole * @see AWS API * Documentation */ @Override public TagRoleResponse tagRole(TagRoleRequest tagRoleRequest) throws NoSuchEntityException, LimitExceededException, InvalidInputException, ConcurrentModificationException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(TagRoleResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams().withOperationName("TagRole") .withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler).withInput(tagRoleRequest) .withMarshaller(new TagRoleRequestMarshaller(protocolFactory))); } /** *

* Adds one or more tags to an IAM user. If a tag with the same key name already exists, then that tag is * overwritten with the new value. *

*

* A tag consists of a key name and an associated value. By assigning tags to your resources, you can do the * following: *

*
    *
  • *

    * Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For * example, you could search for all resources with the key name Project and the value * MyImportantProject. Or search for all resources with the key name Cost Center and the value * 41200. *

    *
  • *
  • *

    * Access control - Reference tags in IAM user-based and resource-based policies. You can use tags to * restrict access to only an IAM requesting user or to a role that has a specified tag attached. You can also * restrict access to only those resources that have a certain tag attached. For examples of policies that show how * to use tags to control access, see Control Access Using IAM Tags in the * IAM User Guide. *

    *
  • *
  • *

    * Cost allocation - Use tags to help track which individuals and teams are using which AWS resources. *

    *
  • *
* *
    *
  • *

    * Make sure that you have no invalid tags and that you do not exceed the allowed number of tags per role. In either * case, the entire request fails and no tags are added to the role. *

    *
  • *
  • *

    * AWS always interprets the tag Value as a single string. If you need to store an array, you can store * comma-separated values in the string. However, you must interpret the value in your code. *

    *
  • *
*
*

* For more information about tagging, see Tagging IAM Identities in the IAM * User Guide. *

* * @param tagUserRequest * @return Result of the TagUser operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws ConcurrentModificationException * The request was rejected because multiple requests to change this object were submitted simultaneously. * Wait a few minutes and submit your request again. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.TagUser * @see AWS API * Documentation */ @Override public TagUserResponse tagUser(TagUserRequest tagUserRequest) throws NoSuchEntityException, LimitExceededException, InvalidInputException, ConcurrentModificationException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(TagUserResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams().withOperationName("TagUser") .withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler).withInput(tagUserRequest) .withMarshaller(new TagUserRequestMarshaller(protocolFactory))); } /** *

* Removes the specified tags from the role. For more information about tagging, see Tagging IAM Identities in the IAM * User Guide. *

* * @param untagRoleRequest * @return Result of the UntagRole operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ConcurrentModificationException * The request was rejected because multiple requests to change this object were submitted simultaneously. * Wait a few minutes and submit your request again. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.UntagRole * @see AWS API * Documentation */ @Override public UntagRoleResponse untagRole(UntagRoleRequest untagRoleRequest) throws NoSuchEntityException, ConcurrentModificationException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(UntagRoleResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("UntagRole").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(untagRoleRequest) .withMarshaller(new UntagRoleRequestMarshaller(protocolFactory))); } /** *

* Removes the specified tags from the user. For more information about tagging, see Tagging IAM Identities in the IAM * User Guide. *

* * @param untagUserRequest * @return Result of the UntagUser operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ConcurrentModificationException * The request was rejected because multiple requests to change this object were submitted simultaneously. * Wait a few minutes and submit your request again. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.UntagUser * @see AWS API * Documentation */ @Override public UntagUserResponse untagUser(UntagUserRequest untagUserRequest) throws NoSuchEntityException, ConcurrentModificationException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(UntagUserResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("UntagUser").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(untagUserRequest) .withMarshaller(new UntagUserRequestMarshaller(protocolFactory))); } /** *

* Changes the status of the specified access key from Active to Inactive, or vice versa. This operation can be used * to disable a user's key as part of a key rotation workflow. *

*

* If the UserName is not specified, the user name is determined implicitly based on the AWS access key * ID used to sign the request. This operation works for access keys under the AWS account. Consequently, you can * use this operation to manage AWS account root user credentials even if the AWS account has no associated users. *

*

* For information about rotating keys, see Managing Keys and * Certificates in the IAM User Guide. *

* * @param updateAccessKeyRequest * @return Result of the UpdateAccessKey operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.UpdateAccessKey * @see AWS API * Documentation */ @Override public UpdateAccessKeyResponse updateAccessKey(UpdateAccessKeyRequest updateAccessKeyRequest) throws NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(UpdateAccessKeyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("UpdateAccessKey").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(updateAccessKeyRequest) .withMarshaller(new UpdateAccessKeyRequestMarshaller(protocolFactory))); } /** *

* Updates the password policy settings for the AWS account. *

* *
    *
  • *

    * This operation does not support partial updates. No parameters are required, but if you do not specify a * parameter, that parameter's value reverts to its default value. See the Request Parameters section for * each parameter's default value. Also note that some parameters do not allow the default parameter to be * explicitly set. Instead, to invoke the default value, do not include that parameter when you invoke the * operation. *

    *
  • *
*
*

* For more information about using a password policy, see Managing an IAM * Password Policy in the IAM User Guide. *

* * @param updateAccountPasswordPolicyRequest * @return Result of the UpdateAccountPasswordPolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws MalformedPolicyDocumentException * The request was rejected because the policy document was malformed. The error message describes the * specific error. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.UpdateAccountPasswordPolicy * @see AWS API Documentation */ @Override public UpdateAccountPasswordPolicyResponse updateAccountPasswordPolicy( UpdateAccountPasswordPolicyRequest updateAccountPasswordPolicyRequest) throws NoSuchEntityException, MalformedPolicyDocumentException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(UpdateAccountPasswordPolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("UpdateAccountPasswordPolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(updateAccountPasswordPolicyRequest) .withMarshaller(new UpdateAccountPasswordPolicyRequestMarshaller(protocolFactory))); } /** *

* Updates the policy that grants an IAM entity permission to assume a role. This is typically referred to as the * "role trust policy". For more information about roles, go to Using Roles to Delegate Permissions * and Federate Identities. *

* * @param updateAssumeRolePolicyRequest * @return Result of the UpdateAssumeRolePolicy operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws MalformedPolicyDocumentException * The request was rejected because the policy document was malformed. The error message describes the * specific error. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws UnmodifiableEntityException * The request was rejected because only the service that depends on the service-linked role can modify or * delete the role on your behalf. The error message includes the name of the service that depends on this * service-linked role. You must request the change through that service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.UpdateAssumeRolePolicy * @see AWS API * Documentation */ @Override public UpdateAssumeRolePolicyResponse updateAssumeRolePolicy(UpdateAssumeRolePolicyRequest updateAssumeRolePolicyRequest) throws NoSuchEntityException, MalformedPolicyDocumentException, LimitExceededException, UnmodifiableEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(UpdateAssumeRolePolicyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("UpdateAssumeRolePolicy").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(updateAssumeRolePolicyRequest) .withMarshaller(new UpdateAssumeRolePolicyRequestMarshaller(protocolFactory))); } /** *

* Updates the name and/or the path of the specified IAM group. *

* *

* You should understand the implications of changing a group's path or name. For more information, see Renaming Users and * Groups in the IAM User Guide. *

*
*

* The person making the request (the principal), must have permission to change the role group with the old name * and the new name. For example, to change the group named Managers to MGRs, the * principal must have a policy that allows them to update both groups. If the principal has permission to update * the Managers group, but not the MGRs group, then the update fails. For more information * about permissions, see Access * Management. *

*
* * @param updateGroupRequest * @return Result of the UpdateGroup operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws EntityAlreadyExistsException * The request was rejected because it attempted to create a resource that already exists. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.UpdateGroup * @see AWS API * Documentation */ @Override public UpdateGroupResponse updateGroup(UpdateGroupRequest updateGroupRequest) throws NoSuchEntityException, EntityAlreadyExistsException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(UpdateGroupResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("UpdateGroup").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(updateGroupRequest) .withMarshaller(new UpdateGroupRequestMarshaller(protocolFactory))); } /** *

* Changes the password for the specified IAM user. *

*

* IAM users can change their own passwords by calling ChangePassword. For more information about modifying * passwords, see Managing * Passwords in the IAM User Guide. *

* * @param updateLoginProfileRequest * @return Result of the UpdateLoginProfile operation returned by the service. * @throws EntityTemporarilyUnmodifiableException * The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user * name that was deleted and then recreated. The error indicates that the request is likely to succeed if * you try again after waiting several minutes. The error message describes the entity. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws PasswordPolicyViolationException * The request was rejected because the provided password did not meet the requirements imposed by the * account password policy. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.UpdateLoginProfile * @see AWS API * Documentation */ @Override public UpdateLoginProfileResponse updateLoginProfile(UpdateLoginProfileRequest updateLoginProfileRequest) throws EntityTemporarilyUnmodifiableException, NoSuchEntityException, PasswordPolicyViolationException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(UpdateLoginProfileResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("UpdateLoginProfile").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(updateLoginProfileRequest) .withMarshaller(new UpdateLoginProfileRequestMarshaller(protocolFactory))); } /** *

* Replaces the existing list of server certificate thumbprints associated with an OpenID Connect (OIDC) provider * resource object with a new list of thumbprints. *

*

* The list that you pass with this operation completely replaces the existing list of thumbprints. (The lists are * not merged.) *

*

* Typically, you need to update a thumbprint only when the identity provider's certificate changes, which occurs * rarely. However, if the provider's certificate does change, any attempt to assume an IAM role that * specifies the OIDC provider as a principal fails until the certificate thumbprint is updated. *

* *

* Trust for the OIDC provider is derived from the provider's certificate and is validated by the thumbprint. * Therefore, it is best to limit access to the UpdateOpenIDConnectProviderThumbprint operation to * highly privileged users. *

*
* * @param updateOpenIdConnectProviderThumbprintRequest * @return Result of the UpdateOpenIDConnectProviderThumbprint operation returned by the service. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.UpdateOpenIDConnectProviderThumbprint * @see AWS API Documentation */ @Override public UpdateOpenIdConnectProviderThumbprintResponse updateOpenIDConnectProviderThumbprint( UpdateOpenIdConnectProviderThumbprintRequest updateOpenIdConnectProviderThumbprintRequest) throws InvalidInputException, NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(UpdateOpenIdConnectProviderThumbprintResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("UpdateOpenIDConnectProviderThumbprint").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(updateOpenIdConnectProviderThumbprintRequest) .withMarshaller(new UpdateOpenIdConnectProviderThumbprintRequestMarshaller(protocolFactory))); } /** *

* Updates the description or maximum session duration setting of a role. *

* * @param updateRoleRequest * @return Result of the UpdateRole operation returned by the service. * @throws UnmodifiableEntityException * The request was rejected because only the service that depends on the service-linked role can modify or * delete the role on your behalf. The error message includes the name of the service that depends on this * service-linked role. You must request the change through that service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.UpdateRole * @see AWS API * Documentation */ @Override public UpdateRoleResponse updateRole(UpdateRoleRequest updateRoleRequest) throws UnmodifiableEntityException, NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(UpdateRoleResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("UpdateRole").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(updateRoleRequest) .withMarshaller(new UpdateRoleRequestMarshaller(protocolFactory))); } /** *

* Use UpdateRole instead. *

*

* Modifies only the description of a role. This operation performs the same function as the * Description parameter in the UpdateRole operation. *

* * @param updateRoleDescriptionRequest * @return Result of the UpdateRoleDescription operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws UnmodifiableEntityException * The request was rejected because only the service that depends on the service-linked role can modify or * delete the role on your behalf. The error message includes the name of the service that depends on this * service-linked role. You must request the change through that service. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.UpdateRoleDescription * @see AWS API * Documentation */ @Override public UpdateRoleDescriptionResponse updateRoleDescription(UpdateRoleDescriptionRequest updateRoleDescriptionRequest) throws NoSuchEntityException, UnmodifiableEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(UpdateRoleDescriptionResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("UpdateRoleDescription").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(updateRoleDescriptionRequest) .withMarshaller(new UpdateRoleDescriptionRequestMarshaller(protocolFactory))); } /** *

* Updates the metadata document for an existing SAML provider resource object. *

* *

* This operation requires Signature Version 4. *

*
* * @param updateSamlProviderRequest * @return Result of the UpdateSAMLProvider operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidInputException * The request was rejected because an invalid or out-of-range value was supplied for an input parameter. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.UpdateSAMLProvider * @see AWS API * Documentation */ @Override public UpdateSamlProviderResponse updateSAMLProvider(UpdateSamlProviderRequest updateSamlProviderRequest) throws NoSuchEntityException, InvalidInputException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(UpdateSamlProviderResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("UpdateSAMLProvider").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(updateSamlProviderRequest) .withMarshaller(new UpdateSamlProviderRequestMarshaller(protocolFactory))); } /** *

* Sets the status of an IAM user's SSH public key to active or inactive. SSH public keys that are inactive cannot * be used for authentication. This operation can be used to disable a user's SSH public key as part of a key * rotation work flow. *

*

* The SSH public key affected by this operation is used only for authenticating the associated IAM user to an AWS * CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository, * see Set up AWS * CodeCommit for SSH Connections in the AWS CodeCommit User Guide. *

* * @param updateSshPublicKeyRequest * @return Result of the UpdateSSHPublicKey operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.UpdateSSHPublicKey * @see AWS API * Documentation */ @Override public UpdateSshPublicKeyResponse updateSSHPublicKey(UpdateSshPublicKeyRequest updateSshPublicKeyRequest) throws NoSuchEntityException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(UpdateSshPublicKeyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("UpdateSSHPublicKey").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(updateSshPublicKeyRequest) .withMarshaller(new UpdateSshPublicKeyRequestMarshaller(protocolFactory))); } /** *

* Updates the name and/or the path of the specified server certificate stored in IAM. *

*

* For more information about working with server certificates, see Working with Server * Certificates in the IAM User Guide. This topic also includes a list of AWS services that can use the * server certificates that you manage with IAM. *

* *

* You should understand the implications of changing a server certificate's path or name. For more information, see * Renaming a Server Certificate in the IAM User Guide. *

*
*

* The person making the request (the principal), must have permission to change the server certificate with the old * name and the new name. For example, to change the certificate named ProductionCert to * ProdCert, the principal must have a policy that allows them to update both certificates. If the * principal has permission to update the ProductionCert group, but not the ProdCert * certificate, then the update fails. For more information about permissions, see Access Management in the IAM User * Guide. *

*
* * @param updateServerCertificateRequest * @return Result of the UpdateServerCertificate operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws EntityAlreadyExistsException * The request was rejected because it attempted to create a resource that already exists. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.UpdateServerCertificate * @see AWS * API Documentation */ @Override public UpdateServerCertificateResponse updateServerCertificate(UpdateServerCertificateRequest updateServerCertificateRequest) throws NoSuchEntityException, EntityAlreadyExistsException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(UpdateServerCertificateResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("UpdateServerCertificate").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(updateServerCertificateRequest) .withMarshaller(new UpdateServerCertificateRequestMarshaller(protocolFactory))); } /** *

* Sets the status of a service-specific credential to Active or Inactive. * Service-specific credentials that are inactive cannot be used for authentication to the service. This operation * can be used to disable a user's service-specific credential as part of a credential rotation work flow. *

* * @param updateServiceSpecificCredentialRequest * @return Result of the UpdateServiceSpecificCredential operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.UpdateServiceSpecificCredential * @see AWS API Documentation */ @Override public UpdateServiceSpecificCredentialResponse updateServiceSpecificCredential( UpdateServiceSpecificCredentialRequest updateServiceSpecificCredentialRequest) throws NoSuchEntityException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(UpdateServiceSpecificCredentialResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("UpdateServiceSpecificCredential").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(updateServiceSpecificCredentialRequest) .withMarshaller(new UpdateServiceSpecificCredentialRequestMarshaller(protocolFactory))); } /** *

* Changes the status of the specified user signing certificate from active to disabled, or vice versa. This * operation can be used to disable an IAM user's signing certificate as part of a certificate rotation work flow. *

*

* If the UserName field is not specified, the user name is determined implicitly based on the AWS * access key ID used to sign the request. This operation works for access keys under the AWS account. Consequently, * you can use this operation to manage AWS account root user credentials even if the AWS account has no associated * users. *

* * @param updateSigningCertificateRequest * @return Result of the UpdateSigningCertificate operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.UpdateSigningCertificate * @see AWS * API Documentation */ @Override public UpdateSigningCertificateResponse updateSigningCertificate( UpdateSigningCertificateRequest updateSigningCertificateRequest) throws NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(UpdateSigningCertificateResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("UpdateSigningCertificate").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(updateSigningCertificateRequest) .withMarshaller(new UpdateSigningCertificateRequestMarshaller(protocolFactory))); } /** *

* Updates the name and/or the path of the specified IAM user. *

* *

* You should understand the implications of changing an IAM user's path or name. For more information, see Renaming an IAM * User and Renaming an * IAM Group in the IAM User Guide. *

*
*

* To change a user name, the requester must have appropriate permissions on both the source object and the target * object. For example, to change Bob to Robert, the entity making the request must have permission on Bob and * Robert, or must have permission on all (*). For more information about permissions, see Permissions and Policies. *

*
* * @param updateUserRequest * @return Result of the UpdateUser operation returned by the service. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws EntityAlreadyExistsException * The request was rejected because it attempted to create a resource that already exists. * @throws EntityTemporarilyUnmodifiableException * The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user * name that was deleted and then recreated. The error indicates that the request is likely to succeed if * you try again after waiting several minutes. The error message describes the entity. * @throws ConcurrentModificationException * The request was rejected because multiple requests to change this object were submitted simultaneously. * Wait a few minutes and submit your request again. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.UpdateUser * @see AWS API * Documentation */ @Override public UpdateUserResponse updateUser(UpdateUserRequest updateUserRequest) throws NoSuchEntityException, LimitExceededException, EntityAlreadyExistsException, EntityTemporarilyUnmodifiableException, ConcurrentModificationException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(UpdateUserResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("UpdateUser").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(updateUserRequest) .withMarshaller(new UpdateUserRequestMarshaller(protocolFactory))); } /** *

* Uploads an SSH public key and associates it with the specified IAM user. *

*

* The SSH public key uploaded by this operation can be used only for authenticating the associated IAM user to an * AWS CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit * repository, see Set up AWS * CodeCommit for SSH Connections in the AWS CodeCommit User Guide. *

* * @param uploadSshPublicKeyRequest * @return Result of the UploadSSHPublicKey operation returned by the service. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws InvalidPublicKeyException * The request was rejected because the public key is malformed or otherwise invalid. * @throws DuplicateSshPublicKeyException * The request was rejected because the SSH public key is already associated with the specified IAM user. * @throws UnrecognizedPublicKeyEncodingException * The request was rejected because the public key encoding format is unsupported or unrecognized. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.UploadSSHPublicKey * @see AWS API * Documentation */ @Override public UploadSshPublicKeyResponse uploadSSHPublicKey(UploadSshPublicKeyRequest uploadSshPublicKeyRequest) throws LimitExceededException, NoSuchEntityException, InvalidPublicKeyException, DuplicateSshPublicKeyException, UnrecognizedPublicKeyEncodingException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(UploadSshPublicKeyResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("UploadSSHPublicKey").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(uploadSshPublicKeyRequest) .withMarshaller(new UploadSshPublicKeyRequestMarshaller(protocolFactory))); } /** *

* Uploads a server certificate entity for the AWS account. The server certificate entity includes a public key * certificate, a private key, and an optional certificate chain, which should all be PEM-encoded. *

*

* We recommend that you use AWS Certificate Manager to provision, * manage, and deploy your server certificates. With ACM you can request a certificate, deploy it to AWS resources, * and let ACM handle certificate renewals for you. Certificates provided by ACM are free. For more information * about using ACM, see the AWS Certificate Manager User * Guide. *

*

* For more information about working with server certificates, see Working with Server * Certificates in the IAM User Guide. This topic includes a list of AWS services that can use the server * certificates that you manage with IAM. *

*

* For information about the number of server certificates you can upload, see Limitations on IAM Entities and * Objects in the IAM User Guide. *

* *

* Because the body of the public key certificate, private key, and the certificate chain can be large, you should * use POST rather than GET when calling UploadServerCertificate. For information about setting up * signatures and authorization through the API, go to Signing AWS API Requests * in the AWS General Reference. For general information about using the Query API with IAM, go to Calling the API by Making HTTP Query * Requests in the IAM User Guide. *

*
* * @param uploadServerCertificateRequest * @return Result of the UploadServerCertificate operation returned by the service. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws EntityAlreadyExistsException * The request was rejected because it attempted to create a resource that already exists. * @throws MalformedCertificateException * The request was rejected because the certificate was malformed or expired. The error message describes * the specific error. * @throws KeyPairMismatchException * The request was rejected because the public key certificate and the private key do not match. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.UploadServerCertificate * @see AWS * API Documentation */ @Override public UploadServerCertificateResponse uploadServerCertificate(UploadServerCertificateRequest uploadServerCertificateRequest) throws LimitExceededException, EntityAlreadyExistsException, MalformedCertificateException, KeyPairMismatchException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(UploadServerCertificateResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler.execute(new ClientExecutionParams() .withOperationName("UploadServerCertificate").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(uploadServerCertificateRequest) .withMarshaller(new UploadServerCertificateRequestMarshaller(protocolFactory))); } /** *

* Uploads an X.509 signing certificate and associates it with the specified IAM user. Some AWS services use X.509 * signing certificates to validate requests that are signed with a corresponding private key. When you upload the * certificate, its default status is Active. *

*

* If the UserName is not specified, the IAM user name is determined implicitly based on the AWS access * key ID used to sign the request. This operation works for access keys under the AWS account. Consequently, you * can use this operation to manage AWS account root user credentials even if the AWS account has no associated * users. *

* *

* Because the body of an X.509 certificate can be large, you should use POST rather than GET when calling * UploadSigningCertificate. For information about setting up signatures and authorization through the * API, go to Signing AWS API * Requests in the AWS General Reference. For general information about using the Query API with IAM, go * to Making Query Requests in * the IAM User Guide. *

*
* * @param uploadSigningCertificateRequest * @return Result of the UploadSigningCertificate operation returned by the service. * @throws LimitExceededException * The request was rejected because it attempted to create resources beyond the current AWS account limits. * The error message describes the limit exceeded. * @throws EntityAlreadyExistsException * The request was rejected because it attempted to create a resource that already exists. * @throws MalformedCertificateException * The request was rejected because the certificate was malformed or expired. The error message describes * the specific error. * @throws InvalidCertificateException * The request was rejected because the certificate is invalid. * @throws DuplicateCertificateException * The request was rejected because the same certificate is associated with an IAM user in the account. * @throws NoSuchEntityException * The request was rejected because it referenced a resource entity that does not exist. The error message * describes the resource. * @throws ServiceFailureException * The request processing has failed because of an unknown error, exception or failure. * @throws SdkException * Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for * catch all scenarios. * @throws SdkClientException * If any client side error occurs such as an IO related failure, failure to get credentials, etc. * @throws IamException * Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type. * @sample IamClient.UploadSigningCertificate * @see AWS * API Documentation */ @Override public UploadSigningCertificateResponse uploadSigningCertificate( UploadSigningCertificateRequest uploadSigningCertificateRequest) throws LimitExceededException, EntityAlreadyExistsException, MalformedCertificateException, InvalidCertificateException, DuplicateCertificateException, NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException { HttpResponseHandler responseHandler = protocolFactory .createResponseHandler(UploadSigningCertificateResponse::builder); HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(); return clientHandler .execute(new ClientExecutionParams() .withOperationName("UploadSigningCertificate").withResponseHandler(responseHandler) .withErrorResponseHandler(errorResponseHandler).withInput(uploadSigningCertificateRequest) .withMarshaller(new UploadSigningCertificateRequestMarshaller(protocolFactory))); } private AwsQueryProtocolFactory init() { return AwsQueryProtocolFactory .builder() .registerModeledException( ExceptionMetadata.builder().errorCode("ConcurrentModification") .exceptionBuilderSupplier(ConcurrentModificationException::builder).httpStatusCode(409).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("MalformedPolicyDocument") .exceptionBuilderSupplier(MalformedPolicyDocumentException::builder).httpStatusCode(400).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("UnmodifiableEntity") .exceptionBuilderSupplier(UnmodifiableEntityException::builder).httpStatusCode(400).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("DeleteConflict") .exceptionBuilderSupplier(DeleteConflictException::builder).httpStatusCode(409).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("InvalidCertificate") .exceptionBuilderSupplier(InvalidCertificateException::builder).httpStatusCode(400).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("PasswordPolicyViolation") .exceptionBuilderSupplier(PasswordPolicyViolationException::builder).httpStatusCode(400).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("ReportExpired") .exceptionBuilderSupplier(CredentialReportExpiredException::builder).httpStatusCode(410).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("LimitExceeded") .exceptionBuilderSupplier(LimitExceededException::builder).httpStatusCode(409).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("InvalidUserType") .exceptionBuilderSupplier(InvalidUserTypeException::builder).httpStatusCode(400).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("NoSuchEntity") .exceptionBuilderSupplier(NoSuchEntityException::builder).httpStatusCode(404).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("EntityTemporarilyUnmodifiable") .exceptionBuilderSupplier(EntityTemporarilyUnmodifiableException::builder).httpStatusCode(409) .build()) .registerModeledException( ExceptionMetadata.builder().errorCode("NotSupportedService") .exceptionBuilderSupplier(ServiceNotSupportedException::builder).httpStatusCode(404).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("DuplicateCertificate") .exceptionBuilderSupplier(DuplicateCertificateException::builder).httpStatusCode(409).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("KeyPairMismatch") .exceptionBuilderSupplier(KeyPairMismatchException::builder).httpStatusCode(400).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("ReportInProgress") .exceptionBuilderSupplier(CredentialReportNotReadyException::builder).httpStatusCode(404).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("EntityAlreadyExists") .exceptionBuilderSupplier(EntityAlreadyExistsException::builder).httpStatusCode(409).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("ServiceFailure") .exceptionBuilderSupplier(ServiceFailureException::builder).httpStatusCode(500).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("InvalidPublicKey") .exceptionBuilderSupplier(InvalidPublicKeyException::builder).httpStatusCode(400).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("DuplicateSSHPublicKey") .exceptionBuilderSupplier(DuplicateSshPublicKeyException::builder).httpStatusCode(400).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("PolicyEvaluation") .exceptionBuilderSupplier(PolicyEvaluationException::builder).httpStatusCode(500).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("InvalidAuthenticationCode") .exceptionBuilderSupplier(InvalidAuthenticationCodeException::builder).httpStatusCode(403) .build()) .registerModeledException( ExceptionMetadata.builder().errorCode("InvalidInput") .exceptionBuilderSupplier(InvalidInputException::builder).httpStatusCode(400).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("ReportNotPresent") .exceptionBuilderSupplier(CredentialReportNotPresentException::builder).httpStatusCode(410) .build()) .registerModeledException( ExceptionMetadata.builder().errorCode("UnrecognizedPublicKeyEncoding") .exceptionBuilderSupplier(UnrecognizedPublicKeyEncodingException::builder).httpStatusCode(400) .build()) .registerModeledException( ExceptionMetadata.builder().errorCode("ReportGenerationLimitExceeded") .exceptionBuilderSupplier(ReportGenerationLimitExceededException::builder).httpStatusCode(409) .build()) .registerModeledException( ExceptionMetadata.builder().errorCode("PolicyNotAttachable") .exceptionBuilderSupplier(PolicyNotAttachableException::builder).httpStatusCode(400).build()) .registerModeledException( ExceptionMetadata.builder().errorCode("MalformedCertificate") .exceptionBuilderSupplier(MalformedCertificateException::builder).httpStatusCode(400).build()) .clientConfiguration(clientConfiguration).defaultServiceExceptionSupplier(IamException::builder).build(); } @Override public void close() { clientHandler.close(); } private T applyPaginatorUserAgent(T request) { Consumer userAgentApplier = b -> b.addApiName(ApiName.builder() .version(VersionInfo.SDK_VERSION).name("PAGINATED").build()); AwsRequestOverrideConfiguration overrideConfiguration = request.overrideConfiguration() .map(c -> c.toBuilder().applyMutation(userAgentApplier).build()) .orElse((AwsRequestOverrideConfiguration.builder().applyMutation(userAgentApplier).build())); return (T) request.toBuilder().overrideConfiguration(overrideConfiguration).build(); } }




© 2015 - 2025 Weber Informatics LLC | Privacy Policy