software.amazon.awssdk.services.iam.DefaultIamClient Maven / Gradle / Ivy
Show all versions of iam Show documentation
/*
* Copyright 2014-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package software.amazon.awssdk.services.iam;
import java.util.function.Consumer;
import software.amazon.awssdk.annotations.Generated;
import software.amazon.awssdk.annotations.SdkInternalApi;
import software.amazon.awssdk.awscore.AwsRequestOverrideConfiguration;
import software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler;
import software.amazon.awssdk.awscore.exception.AwsServiceException;
import software.amazon.awssdk.core.ApiName;
import software.amazon.awssdk.core.client.config.SdkClientConfiguration;
import software.amazon.awssdk.core.client.handler.ClientExecutionParams;
import software.amazon.awssdk.core.client.handler.SyncClientHandler;
import software.amazon.awssdk.core.exception.SdkClientException;
import software.amazon.awssdk.core.http.HttpResponseHandler;
import software.amazon.awssdk.core.util.VersionInfo;
import software.amazon.awssdk.protocols.core.ExceptionMetadata;
import software.amazon.awssdk.protocols.query.AwsQueryProtocolFactory;
import software.amazon.awssdk.services.iam.model.AddClientIDToOpenIDConnectProviderResponse;
import software.amazon.awssdk.services.iam.model.AddClientIdToOpenIdConnectProviderRequest;
import software.amazon.awssdk.services.iam.model.AddRoleToInstanceProfileRequest;
import software.amazon.awssdk.services.iam.model.AddRoleToInstanceProfileResponse;
import software.amazon.awssdk.services.iam.model.AddUserToGroupRequest;
import software.amazon.awssdk.services.iam.model.AddUserToGroupResponse;
import software.amazon.awssdk.services.iam.model.AttachGroupPolicyRequest;
import software.amazon.awssdk.services.iam.model.AttachGroupPolicyResponse;
import software.amazon.awssdk.services.iam.model.AttachRolePolicyRequest;
import software.amazon.awssdk.services.iam.model.AttachRolePolicyResponse;
import software.amazon.awssdk.services.iam.model.AttachUserPolicyRequest;
import software.amazon.awssdk.services.iam.model.AttachUserPolicyResponse;
import software.amazon.awssdk.services.iam.model.ChangePasswordRequest;
import software.amazon.awssdk.services.iam.model.ChangePasswordResponse;
import software.amazon.awssdk.services.iam.model.ConcurrentModificationException;
import software.amazon.awssdk.services.iam.model.CreateAccessKeyRequest;
import software.amazon.awssdk.services.iam.model.CreateAccessKeyResponse;
import software.amazon.awssdk.services.iam.model.CreateAccountAliasRequest;
import software.amazon.awssdk.services.iam.model.CreateAccountAliasResponse;
import software.amazon.awssdk.services.iam.model.CreateGroupRequest;
import software.amazon.awssdk.services.iam.model.CreateGroupResponse;
import software.amazon.awssdk.services.iam.model.CreateInstanceProfileRequest;
import software.amazon.awssdk.services.iam.model.CreateInstanceProfileResponse;
import software.amazon.awssdk.services.iam.model.CreateLoginProfileRequest;
import software.amazon.awssdk.services.iam.model.CreateLoginProfileResponse;
import software.amazon.awssdk.services.iam.model.CreateOpenIdConnectProviderRequest;
import software.amazon.awssdk.services.iam.model.CreateOpenIdConnectProviderResponse;
import software.amazon.awssdk.services.iam.model.CreatePolicyRequest;
import software.amazon.awssdk.services.iam.model.CreatePolicyResponse;
import software.amazon.awssdk.services.iam.model.CreatePolicyVersionRequest;
import software.amazon.awssdk.services.iam.model.CreatePolicyVersionResponse;
import software.amazon.awssdk.services.iam.model.CreateRoleRequest;
import software.amazon.awssdk.services.iam.model.CreateRoleResponse;
import software.amazon.awssdk.services.iam.model.CreateSamlProviderRequest;
import software.amazon.awssdk.services.iam.model.CreateSamlProviderResponse;
import software.amazon.awssdk.services.iam.model.CreateServiceLinkedRoleRequest;
import software.amazon.awssdk.services.iam.model.CreateServiceLinkedRoleResponse;
import software.amazon.awssdk.services.iam.model.CreateServiceSpecificCredentialRequest;
import software.amazon.awssdk.services.iam.model.CreateServiceSpecificCredentialResponse;
import software.amazon.awssdk.services.iam.model.CreateUserRequest;
import software.amazon.awssdk.services.iam.model.CreateUserResponse;
import software.amazon.awssdk.services.iam.model.CreateVirtualMfaDeviceRequest;
import software.amazon.awssdk.services.iam.model.CreateVirtualMfaDeviceResponse;
import software.amazon.awssdk.services.iam.model.CredentialReportExpiredException;
import software.amazon.awssdk.services.iam.model.CredentialReportNotPresentException;
import software.amazon.awssdk.services.iam.model.CredentialReportNotReadyException;
import software.amazon.awssdk.services.iam.model.DeactivateMFADeviceResponse;
import software.amazon.awssdk.services.iam.model.DeactivateMfaDeviceRequest;
import software.amazon.awssdk.services.iam.model.DeleteAccessKeyRequest;
import software.amazon.awssdk.services.iam.model.DeleteAccessKeyResponse;
import software.amazon.awssdk.services.iam.model.DeleteAccountAliasRequest;
import software.amazon.awssdk.services.iam.model.DeleteAccountAliasResponse;
import software.amazon.awssdk.services.iam.model.DeleteAccountPasswordPolicyRequest;
import software.amazon.awssdk.services.iam.model.DeleteAccountPasswordPolicyResponse;
import software.amazon.awssdk.services.iam.model.DeleteConflictException;
import software.amazon.awssdk.services.iam.model.DeleteGroupPolicyRequest;
import software.amazon.awssdk.services.iam.model.DeleteGroupPolicyResponse;
import software.amazon.awssdk.services.iam.model.DeleteGroupRequest;
import software.amazon.awssdk.services.iam.model.DeleteGroupResponse;
import software.amazon.awssdk.services.iam.model.DeleteInstanceProfileRequest;
import software.amazon.awssdk.services.iam.model.DeleteInstanceProfileResponse;
import software.amazon.awssdk.services.iam.model.DeleteLoginProfileRequest;
import software.amazon.awssdk.services.iam.model.DeleteLoginProfileResponse;
import software.amazon.awssdk.services.iam.model.DeleteOpenIDConnectProviderResponse;
import software.amazon.awssdk.services.iam.model.DeleteOpenIdConnectProviderRequest;
import software.amazon.awssdk.services.iam.model.DeletePolicyRequest;
import software.amazon.awssdk.services.iam.model.DeletePolicyResponse;
import software.amazon.awssdk.services.iam.model.DeletePolicyVersionRequest;
import software.amazon.awssdk.services.iam.model.DeletePolicyVersionResponse;
import software.amazon.awssdk.services.iam.model.DeleteRolePermissionsBoundaryRequest;
import software.amazon.awssdk.services.iam.model.DeleteRolePermissionsBoundaryResponse;
import software.amazon.awssdk.services.iam.model.DeleteRolePolicyRequest;
import software.amazon.awssdk.services.iam.model.DeleteRolePolicyResponse;
import software.amazon.awssdk.services.iam.model.DeleteRoleRequest;
import software.amazon.awssdk.services.iam.model.DeleteRoleResponse;
import software.amazon.awssdk.services.iam.model.DeleteSAMLProviderResponse;
import software.amazon.awssdk.services.iam.model.DeleteSSHPublicKeyResponse;
import software.amazon.awssdk.services.iam.model.DeleteSamlProviderRequest;
import software.amazon.awssdk.services.iam.model.DeleteServerCertificateRequest;
import software.amazon.awssdk.services.iam.model.DeleteServerCertificateResponse;
import software.amazon.awssdk.services.iam.model.DeleteServiceLinkedRoleRequest;
import software.amazon.awssdk.services.iam.model.DeleteServiceLinkedRoleResponse;
import software.amazon.awssdk.services.iam.model.DeleteServiceSpecificCredentialRequest;
import software.amazon.awssdk.services.iam.model.DeleteServiceSpecificCredentialResponse;
import software.amazon.awssdk.services.iam.model.DeleteSigningCertificateRequest;
import software.amazon.awssdk.services.iam.model.DeleteSigningCertificateResponse;
import software.amazon.awssdk.services.iam.model.DeleteSshPublicKeyRequest;
import software.amazon.awssdk.services.iam.model.DeleteUserPermissionsBoundaryRequest;
import software.amazon.awssdk.services.iam.model.DeleteUserPermissionsBoundaryResponse;
import software.amazon.awssdk.services.iam.model.DeleteUserPolicyRequest;
import software.amazon.awssdk.services.iam.model.DeleteUserPolicyResponse;
import software.amazon.awssdk.services.iam.model.DeleteUserRequest;
import software.amazon.awssdk.services.iam.model.DeleteUserResponse;
import software.amazon.awssdk.services.iam.model.DeleteVirtualMFADeviceResponse;
import software.amazon.awssdk.services.iam.model.DeleteVirtualMfaDeviceRequest;
import software.amazon.awssdk.services.iam.model.DetachGroupPolicyRequest;
import software.amazon.awssdk.services.iam.model.DetachGroupPolicyResponse;
import software.amazon.awssdk.services.iam.model.DetachRolePolicyRequest;
import software.amazon.awssdk.services.iam.model.DetachRolePolicyResponse;
import software.amazon.awssdk.services.iam.model.DetachUserPolicyRequest;
import software.amazon.awssdk.services.iam.model.DetachUserPolicyResponse;
import software.amazon.awssdk.services.iam.model.DuplicateCertificateException;
import software.amazon.awssdk.services.iam.model.DuplicateSshPublicKeyException;
import software.amazon.awssdk.services.iam.model.EnableMFADeviceResponse;
import software.amazon.awssdk.services.iam.model.EnableMfaDeviceRequest;
import software.amazon.awssdk.services.iam.model.EntityAlreadyExistsException;
import software.amazon.awssdk.services.iam.model.EntityTemporarilyUnmodifiableException;
import software.amazon.awssdk.services.iam.model.GenerateCredentialReportRequest;
import software.amazon.awssdk.services.iam.model.GenerateCredentialReportResponse;
import software.amazon.awssdk.services.iam.model.GenerateOrganizationsAccessReportRequest;
import software.amazon.awssdk.services.iam.model.GenerateOrganizationsAccessReportResponse;
import software.amazon.awssdk.services.iam.model.GenerateServiceLastAccessedDetailsRequest;
import software.amazon.awssdk.services.iam.model.GenerateServiceLastAccessedDetailsResponse;
import software.amazon.awssdk.services.iam.model.GetAccessKeyLastUsedRequest;
import software.amazon.awssdk.services.iam.model.GetAccessKeyLastUsedResponse;
import software.amazon.awssdk.services.iam.model.GetAccountAuthorizationDetailsRequest;
import software.amazon.awssdk.services.iam.model.GetAccountAuthorizationDetailsResponse;
import software.amazon.awssdk.services.iam.model.GetAccountPasswordPolicyRequest;
import software.amazon.awssdk.services.iam.model.GetAccountPasswordPolicyResponse;
import software.amazon.awssdk.services.iam.model.GetAccountSummaryRequest;
import software.amazon.awssdk.services.iam.model.GetAccountSummaryResponse;
import software.amazon.awssdk.services.iam.model.GetContextKeysForCustomPolicyRequest;
import software.amazon.awssdk.services.iam.model.GetContextKeysForCustomPolicyResponse;
import software.amazon.awssdk.services.iam.model.GetContextKeysForPrincipalPolicyRequest;
import software.amazon.awssdk.services.iam.model.GetContextKeysForPrincipalPolicyResponse;
import software.amazon.awssdk.services.iam.model.GetCredentialReportRequest;
import software.amazon.awssdk.services.iam.model.GetCredentialReportResponse;
import software.amazon.awssdk.services.iam.model.GetGroupPolicyRequest;
import software.amazon.awssdk.services.iam.model.GetGroupPolicyResponse;
import software.amazon.awssdk.services.iam.model.GetGroupRequest;
import software.amazon.awssdk.services.iam.model.GetGroupResponse;
import software.amazon.awssdk.services.iam.model.GetInstanceProfileRequest;
import software.amazon.awssdk.services.iam.model.GetInstanceProfileResponse;
import software.amazon.awssdk.services.iam.model.GetLoginProfileRequest;
import software.amazon.awssdk.services.iam.model.GetLoginProfileResponse;
import software.amazon.awssdk.services.iam.model.GetOpenIdConnectProviderRequest;
import software.amazon.awssdk.services.iam.model.GetOpenIdConnectProviderResponse;
import software.amazon.awssdk.services.iam.model.GetOrganizationsAccessReportRequest;
import software.amazon.awssdk.services.iam.model.GetOrganizationsAccessReportResponse;
import software.amazon.awssdk.services.iam.model.GetPolicyRequest;
import software.amazon.awssdk.services.iam.model.GetPolicyResponse;
import software.amazon.awssdk.services.iam.model.GetPolicyVersionRequest;
import software.amazon.awssdk.services.iam.model.GetPolicyVersionResponse;
import software.amazon.awssdk.services.iam.model.GetRolePolicyRequest;
import software.amazon.awssdk.services.iam.model.GetRolePolicyResponse;
import software.amazon.awssdk.services.iam.model.GetRoleRequest;
import software.amazon.awssdk.services.iam.model.GetRoleResponse;
import software.amazon.awssdk.services.iam.model.GetSamlProviderRequest;
import software.amazon.awssdk.services.iam.model.GetSamlProviderResponse;
import software.amazon.awssdk.services.iam.model.GetServerCertificateRequest;
import software.amazon.awssdk.services.iam.model.GetServerCertificateResponse;
import software.amazon.awssdk.services.iam.model.GetServiceLastAccessedDetailsRequest;
import software.amazon.awssdk.services.iam.model.GetServiceLastAccessedDetailsResponse;
import software.amazon.awssdk.services.iam.model.GetServiceLastAccessedDetailsWithEntitiesRequest;
import software.amazon.awssdk.services.iam.model.GetServiceLastAccessedDetailsWithEntitiesResponse;
import software.amazon.awssdk.services.iam.model.GetServiceLinkedRoleDeletionStatusRequest;
import software.amazon.awssdk.services.iam.model.GetServiceLinkedRoleDeletionStatusResponse;
import software.amazon.awssdk.services.iam.model.GetSshPublicKeyRequest;
import software.amazon.awssdk.services.iam.model.GetSshPublicKeyResponse;
import software.amazon.awssdk.services.iam.model.GetUserPolicyRequest;
import software.amazon.awssdk.services.iam.model.GetUserPolicyResponse;
import software.amazon.awssdk.services.iam.model.GetUserRequest;
import software.amazon.awssdk.services.iam.model.GetUserResponse;
import software.amazon.awssdk.services.iam.model.IamException;
import software.amazon.awssdk.services.iam.model.IamRequest;
import software.amazon.awssdk.services.iam.model.InvalidAuthenticationCodeException;
import software.amazon.awssdk.services.iam.model.InvalidCertificateException;
import software.amazon.awssdk.services.iam.model.InvalidInputException;
import software.amazon.awssdk.services.iam.model.InvalidPublicKeyException;
import software.amazon.awssdk.services.iam.model.InvalidUserTypeException;
import software.amazon.awssdk.services.iam.model.KeyPairMismatchException;
import software.amazon.awssdk.services.iam.model.LimitExceededException;
import software.amazon.awssdk.services.iam.model.ListAccessKeysRequest;
import software.amazon.awssdk.services.iam.model.ListAccessKeysResponse;
import software.amazon.awssdk.services.iam.model.ListAccountAliasesRequest;
import software.amazon.awssdk.services.iam.model.ListAccountAliasesResponse;
import software.amazon.awssdk.services.iam.model.ListAttachedGroupPoliciesRequest;
import software.amazon.awssdk.services.iam.model.ListAttachedGroupPoliciesResponse;
import software.amazon.awssdk.services.iam.model.ListAttachedRolePoliciesRequest;
import software.amazon.awssdk.services.iam.model.ListAttachedRolePoliciesResponse;
import software.amazon.awssdk.services.iam.model.ListAttachedUserPoliciesRequest;
import software.amazon.awssdk.services.iam.model.ListAttachedUserPoliciesResponse;
import software.amazon.awssdk.services.iam.model.ListEntitiesForPolicyRequest;
import software.amazon.awssdk.services.iam.model.ListEntitiesForPolicyResponse;
import software.amazon.awssdk.services.iam.model.ListGroupPoliciesRequest;
import software.amazon.awssdk.services.iam.model.ListGroupPoliciesResponse;
import software.amazon.awssdk.services.iam.model.ListGroupsForUserRequest;
import software.amazon.awssdk.services.iam.model.ListGroupsForUserResponse;
import software.amazon.awssdk.services.iam.model.ListGroupsRequest;
import software.amazon.awssdk.services.iam.model.ListGroupsResponse;
import software.amazon.awssdk.services.iam.model.ListInstanceProfilesForRoleRequest;
import software.amazon.awssdk.services.iam.model.ListInstanceProfilesForRoleResponse;
import software.amazon.awssdk.services.iam.model.ListInstanceProfilesRequest;
import software.amazon.awssdk.services.iam.model.ListInstanceProfilesResponse;
import software.amazon.awssdk.services.iam.model.ListMfaDevicesRequest;
import software.amazon.awssdk.services.iam.model.ListMfaDevicesResponse;
import software.amazon.awssdk.services.iam.model.ListOpenIdConnectProvidersRequest;
import software.amazon.awssdk.services.iam.model.ListOpenIdConnectProvidersResponse;
import software.amazon.awssdk.services.iam.model.ListPoliciesGrantingServiceAccessRequest;
import software.amazon.awssdk.services.iam.model.ListPoliciesGrantingServiceAccessResponse;
import software.amazon.awssdk.services.iam.model.ListPoliciesRequest;
import software.amazon.awssdk.services.iam.model.ListPoliciesResponse;
import software.amazon.awssdk.services.iam.model.ListPolicyVersionsRequest;
import software.amazon.awssdk.services.iam.model.ListPolicyVersionsResponse;
import software.amazon.awssdk.services.iam.model.ListRolePoliciesRequest;
import software.amazon.awssdk.services.iam.model.ListRolePoliciesResponse;
import software.amazon.awssdk.services.iam.model.ListRoleTagsRequest;
import software.amazon.awssdk.services.iam.model.ListRoleTagsResponse;
import software.amazon.awssdk.services.iam.model.ListRolesRequest;
import software.amazon.awssdk.services.iam.model.ListRolesResponse;
import software.amazon.awssdk.services.iam.model.ListSamlProvidersRequest;
import software.amazon.awssdk.services.iam.model.ListSamlProvidersResponse;
import software.amazon.awssdk.services.iam.model.ListServerCertificatesRequest;
import software.amazon.awssdk.services.iam.model.ListServerCertificatesResponse;
import software.amazon.awssdk.services.iam.model.ListServiceSpecificCredentialsRequest;
import software.amazon.awssdk.services.iam.model.ListServiceSpecificCredentialsResponse;
import software.amazon.awssdk.services.iam.model.ListSigningCertificatesRequest;
import software.amazon.awssdk.services.iam.model.ListSigningCertificatesResponse;
import software.amazon.awssdk.services.iam.model.ListSshPublicKeysRequest;
import software.amazon.awssdk.services.iam.model.ListSshPublicKeysResponse;
import software.amazon.awssdk.services.iam.model.ListUserPoliciesRequest;
import software.amazon.awssdk.services.iam.model.ListUserPoliciesResponse;
import software.amazon.awssdk.services.iam.model.ListUserTagsRequest;
import software.amazon.awssdk.services.iam.model.ListUserTagsResponse;
import software.amazon.awssdk.services.iam.model.ListUsersRequest;
import software.amazon.awssdk.services.iam.model.ListUsersResponse;
import software.amazon.awssdk.services.iam.model.ListVirtualMfaDevicesRequest;
import software.amazon.awssdk.services.iam.model.ListVirtualMfaDevicesResponse;
import software.amazon.awssdk.services.iam.model.MalformedCertificateException;
import software.amazon.awssdk.services.iam.model.MalformedPolicyDocumentException;
import software.amazon.awssdk.services.iam.model.NoSuchEntityException;
import software.amazon.awssdk.services.iam.model.PasswordPolicyViolationException;
import software.amazon.awssdk.services.iam.model.PolicyEvaluationException;
import software.amazon.awssdk.services.iam.model.PolicyNotAttachableException;
import software.amazon.awssdk.services.iam.model.PutGroupPolicyRequest;
import software.amazon.awssdk.services.iam.model.PutGroupPolicyResponse;
import software.amazon.awssdk.services.iam.model.PutRolePermissionsBoundaryRequest;
import software.amazon.awssdk.services.iam.model.PutRolePermissionsBoundaryResponse;
import software.amazon.awssdk.services.iam.model.PutRolePolicyRequest;
import software.amazon.awssdk.services.iam.model.PutRolePolicyResponse;
import software.amazon.awssdk.services.iam.model.PutUserPermissionsBoundaryRequest;
import software.amazon.awssdk.services.iam.model.PutUserPermissionsBoundaryResponse;
import software.amazon.awssdk.services.iam.model.PutUserPolicyRequest;
import software.amazon.awssdk.services.iam.model.PutUserPolicyResponse;
import software.amazon.awssdk.services.iam.model.RemoveClientIDFromOpenIDConnectProviderResponse;
import software.amazon.awssdk.services.iam.model.RemoveClientIdFromOpenIdConnectProviderRequest;
import software.amazon.awssdk.services.iam.model.RemoveRoleFromInstanceProfileRequest;
import software.amazon.awssdk.services.iam.model.RemoveRoleFromInstanceProfileResponse;
import software.amazon.awssdk.services.iam.model.RemoveUserFromGroupRequest;
import software.amazon.awssdk.services.iam.model.RemoveUserFromGroupResponse;
import software.amazon.awssdk.services.iam.model.ReportGenerationLimitExceededException;
import software.amazon.awssdk.services.iam.model.ResetServiceSpecificCredentialRequest;
import software.amazon.awssdk.services.iam.model.ResetServiceSpecificCredentialResponse;
import software.amazon.awssdk.services.iam.model.ResyncMFADeviceResponse;
import software.amazon.awssdk.services.iam.model.ResyncMfaDeviceRequest;
import software.amazon.awssdk.services.iam.model.ServiceFailureException;
import software.amazon.awssdk.services.iam.model.ServiceNotSupportedException;
import software.amazon.awssdk.services.iam.model.SetDefaultPolicyVersionRequest;
import software.amazon.awssdk.services.iam.model.SetDefaultPolicyVersionResponse;
import software.amazon.awssdk.services.iam.model.SetSecurityTokenServicePreferencesRequest;
import software.amazon.awssdk.services.iam.model.SetSecurityTokenServicePreferencesResponse;
import software.amazon.awssdk.services.iam.model.SimulateCustomPolicyRequest;
import software.amazon.awssdk.services.iam.model.SimulateCustomPolicyResponse;
import software.amazon.awssdk.services.iam.model.SimulatePrincipalPolicyRequest;
import software.amazon.awssdk.services.iam.model.SimulatePrincipalPolicyResponse;
import software.amazon.awssdk.services.iam.model.TagRoleRequest;
import software.amazon.awssdk.services.iam.model.TagRoleResponse;
import software.amazon.awssdk.services.iam.model.TagUserRequest;
import software.amazon.awssdk.services.iam.model.TagUserResponse;
import software.amazon.awssdk.services.iam.model.UnmodifiableEntityException;
import software.amazon.awssdk.services.iam.model.UnrecognizedPublicKeyEncodingException;
import software.amazon.awssdk.services.iam.model.UntagRoleRequest;
import software.amazon.awssdk.services.iam.model.UntagRoleResponse;
import software.amazon.awssdk.services.iam.model.UntagUserRequest;
import software.amazon.awssdk.services.iam.model.UntagUserResponse;
import software.amazon.awssdk.services.iam.model.UpdateAccessKeyRequest;
import software.amazon.awssdk.services.iam.model.UpdateAccessKeyResponse;
import software.amazon.awssdk.services.iam.model.UpdateAccountPasswordPolicyRequest;
import software.amazon.awssdk.services.iam.model.UpdateAccountPasswordPolicyResponse;
import software.amazon.awssdk.services.iam.model.UpdateAssumeRolePolicyRequest;
import software.amazon.awssdk.services.iam.model.UpdateAssumeRolePolicyResponse;
import software.amazon.awssdk.services.iam.model.UpdateGroupRequest;
import software.amazon.awssdk.services.iam.model.UpdateGroupResponse;
import software.amazon.awssdk.services.iam.model.UpdateLoginProfileRequest;
import software.amazon.awssdk.services.iam.model.UpdateLoginProfileResponse;
import software.amazon.awssdk.services.iam.model.UpdateOpenIDConnectProviderThumbprintResponse;
import software.amazon.awssdk.services.iam.model.UpdateOpenIdConnectProviderThumbprintRequest;
import software.amazon.awssdk.services.iam.model.UpdateRoleDescriptionRequest;
import software.amazon.awssdk.services.iam.model.UpdateRoleDescriptionResponse;
import software.amazon.awssdk.services.iam.model.UpdateRoleRequest;
import software.amazon.awssdk.services.iam.model.UpdateRoleResponse;
import software.amazon.awssdk.services.iam.model.UpdateSSHPublicKeyResponse;
import software.amazon.awssdk.services.iam.model.UpdateSamlProviderRequest;
import software.amazon.awssdk.services.iam.model.UpdateSamlProviderResponse;
import software.amazon.awssdk.services.iam.model.UpdateServerCertificateRequest;
import software.amazon.awssdk.services.iam.model.UpdateServerCertificateResponse;
import software.amazon.awssdk.services.iam.model.UpdateServiceSpecificCredentialRequest;
import software.amazon.awssdk.services.iam.model.UpdateServiceSpecificCredentialResponse;
import software.amazon.awssdk.services.iam.model.UpdateSigningCertificateRequest;
import software.amazon.awssdk.services.iam.model.UpdateSigningCertificateResponse;
import software.amazon.awssdk.services.iam.model.UpdateSshPublicKeyRequest;
import software.amazon.awssdk.services.iam.model.UpdateUserRequest;
import software.amazon.awssdk.services.iam.model.UpdateUserResponse;
import software.amazon.awssdk.services.iam.model.UploadServerCertificateRequest;
import software.amazon.awssdk.services.iam.model.UploadServerCertificateResponse;
import software.amazon.awssdk.services.iam.model.UploadSigningCertificateRequest;
import software.amazon.awssdk.services.iam.model.UploadSigningCertificateResponse;
import software.amazon.awssdk.services.iam.model.UploadSshPublicKeyRequest;
import software.amazon.awssdk.services.iam.model.UploadSshPublicKeyResponse;
import software.amazon.awssdk.services.iam.paginators.GetAccountAuthorizationDetailsIterable;
import software.amazon.awssdk.services.iam.paginators.GetGroupIterable;
import software.amazon.awssdk.services.iam.paginators.ListAccessKeysIterable;
import software.amazon.awssdk.services.iam.paginators.ListAccountAliasesIterable;
import software.amazon.awssdk.services.iam.paginators.ListAttachedGroupPoliciesIterable;
import software.amazon.awssdk.services.iam.paginators.ListAttachedRolePoliciesIterable;
import software.amazon.awssdk.services.iam.paginators.ListAttachedUserPoliciesIterable;
import software.amazon.awssdk.services.iam.paginators.ListEntitiesForPolicyIterable;
import software.amazon.awssdk.services.iam.paginators.ListGroupPoliciesIterable;
import software.amazon.awssdk.services.iam.paginators.ListGroupsForUserIterable;
import software.amazon.awssdk.services.iam.paginators.ListGroupsIterable;
import software.amazon.awssdk.services.iam.paginators.ListInstanceProfilesForRoleIterable;
import software.amazon.awssdk.services.iam.paginators.ListInstanceProfilesIterable;
import software.amazon.awssdk.services.iam.paginators.ListMFADevicesIterable;
import software.amazon.awssdk.services.iam.paginators.ListPoliciesIterable;
import software.amazon.awssdk.services.iam.paginators.ListPolicyVersionsIterable;
import software.amazon.awssdk.services.iam.paginators.ListRolePoliciesIterable;
import software.amazon.awssdk.services.iam.paginators.ListRolesIterable;
import software.amazon.awssdk.services.iam.paginators.ListSSHPublicKeysIterable;
import software.amazon.awssdk.services.iam.paginators.ListServerCertificatesIterable;
import software.amazon.awssdk.services.iam.paginators.ListSigningCertificatesIterable;
import software.amazon.awssdk.services.iam.paginators.ListUserPoliciesIterable;
import software.amazon.awssdk.services.iam.paginators.ListUsersIterable;
import software.amazon.awssdk.services.iam.paginators.ListVirtualMFADevicesIterable;
import software.amazon.awssdk.services.iam.paginators.SimulateCustomPolicyIterable;
import software.amazon.awssdk.services.iam.paginators.SimulatePrincipalPolicyIterable;
import software.amazon.awssdk.services.iam.transform.AddClientIdToOpenIdConnectProviderRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.AddRoleToInstanceProfileRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.AddUserToGroupRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.AttachGroupPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.AttachRolePolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.AttachUserPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ChangePasswordRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateAccessKeyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateAccountAliasRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateGroupRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateInstanceProfileRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateLoginProfileRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateOpenIdConnectProviderRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreatePolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreatePolicyVersionRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateRoleRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateSamlProviderRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateServiceLinkedRoleRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateServiceSpecificCredentialRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateUserRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.CreateVirtualMfaDeviceRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeactivateMfaDeviceRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteAccessKeyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteAccountAliasRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteAccountPasswordPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteGroupPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteGroupRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteInstanceProfileRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteLoginProfileRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteOpenIdConnectProviderRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeletePolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeletePolicyVersionRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteRolePermissionsBoundaryRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteRolePolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteRoleRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteSamlProviderRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteServerCertificateRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteServiceLinkedRoleRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteServiceSpecificCredentialRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteSigningCertificateRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteSshPublicKeyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteUserPermissionsBoundaryRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteUserPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteUserRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DeleteVirtualMfaDeviceRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DetachGroupPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DetachRolePolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.DetachUserPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.EnableMfaDeviceRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GenerateCredentialReportRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GenerateOrganizationsAccessReportRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GenerateServiceLastAccessedDetailsRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetAccessKeyLastUsedRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetAccountAuthorizationDetailsRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetAccountPasswordPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetAccountSummaryRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetContextKeysForCustomPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetContextKeysForPrincipalPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetCredentialReportRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetGroupPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetGroupRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetInstanceProfileRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetLoginProfileRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetOpenIdConnectProviderRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetOrganizationsAccessReportRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetPolicyVersionRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetRolePolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetRoleRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetSamlProviderRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetServerCertificateRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetServiceLastAccessedDetailsRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetServiceLastAccessedDetailsWithEntitiesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetServiceLinkedRoleDeletionStatusRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetSshPublicKeyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetUserPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.GetUserRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListAccessKeysRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListAccountAliasesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListAttachedGroupPoliciesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListAttachedRolePoliciesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListAttachedUserPoliciesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListEntitiesForPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListGroupPoliciesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListGroupsForUserRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListGroupsRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListInstanceProfilesForRoleRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListInstanceProfilesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListMfaDevicesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListOpenIdConnectProvidersRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListPoliciesGrantingServiceAccessRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListPoliciesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListPolicyVersionsRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListRolePoliciesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListRoleTagsRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListRolesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListSamlProvidersRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListServerCertificatesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListServiceSpecificCredentialsRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListSigningCertificatesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListSshPublicKeysRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListUserPoliciesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListUserTagsRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListUsersRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ListVirtualMfaDevicesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.PutGroupPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.PutRolePermissionsBoundaryRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.PutRolePolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.PutUserPermissionsBoundaryRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.PutUserPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.RemoveClientIdFromOpenIdConnectProviderRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.RemoveRoleFromInstanceProfileRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.RemoveUserFromGroupRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ResetServiceSpecificCredentialRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.ResyncMfaDeviceRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.SetDefaultPolicyVersionRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.SetSecurityTokenServicePreferencesRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.SimulateCustomPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.SimulatePrincipalPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.TagRoleRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.TagUserRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UntagRoleRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UntagUserRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateAccessKeyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateAccountPasswordPolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateAssumeRolePolicyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateGroupRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateLoginProfileRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateOpenIdConnectProviderThumbprintRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateRoleDescriptionRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateRoleRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateSamlProviderRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateServerCertificateRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateServiceSpecificCredentialRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateSigningCertificateRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateSshPublicKeyRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UpdateUserRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UploadServerCertificateRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UploadSigningCertificateRequestMarshaller;
import software.amazon.awssdk.services.iam.transform.UploadSshPublicKeyRequestMarshaller;
/**
* Internal implementation of {@link IamClient}.
*
* @see IamClient#builder()
*/
@Generated("software.amazon.awssdk:codegen")
@SdkInternalApi
final class DefaultIamClient implements IamClient {
private final SyncClientHandler clientHandler;
private final AwsQueryProtocolFactory protocolFactory;
private final SdkClientConfiguration clientConfiguration;
protected DefaultIamClient(SdkClientConfiguration clientConfiguration) {
this.clientHandler = new AwsSyncClientHandler(clientConfiguration);
this.clientConfiguration = clientConfiguration;
this.protocolFactory = init();
}
@Override
public final String serviceName() {
return SERVICE_NAME;
}
/**
*
* Adds a new client ID (also known as audience) to the list of client IDs already registered for the specified IAM
* OpenID Connect (OIDC) provider resource.
*
*
* This operation is idempotent; it does not fail or return an error if you add an existing client ID to the
* provider.
*
*
* @param addClientIdToOpenIdConnectProviderRequest
* @return Result of the AddClientIDToOpenIDConnectProvider operation returned by the service.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.AddClientIDToOpenIDConnectProvider
* @see AWS API Documentation
*/
@Override
public AddClientIDToOpenIDConnectProviderResponse addClientIDToOpenIDConnectProvider(
AddClientIdToOpenIdConnectProviderRequest addClientIdToOpenIdConnectProviderRequest) throws InvalidInputException,
NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException,
IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(AddClientIDToOpenIDConnectProviderResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("AddClientIDToOpenIDConnectProvider").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(addClientIdToOpenIdConnectProviderRequest)
.withMarshaller(new AddClientIdToOpenIdConnectProviderRequestMarshaller(protocolFactory)));
}
/**
*
* Adds the specified IAM role to the specified instance profile. An instance profile can contain only one role, and
* this limit cannot be increased. You can remove the existing role and then add a different role to an instance
* profile. You must then wait for the change to appear across all of AWS because of eventual consistency. To force the change, you must
*
* disassociate the instance profile and then associate the
* instance profile, or you can stop your instance and then restart it.
*
*
*
* The caller of this API must be granted the PassRole permission on the IAM role by a permissions
* policy.
*
*
*
* For more information about roles, go to Working with Roles. For more
* information about instance profiles, go to About Instance Profiles.
*
*
* @param addRoleToInstanceProfileRequest
* @return Result of the AddRoleToInstanceProfile operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws UnmodifiableEntityException
* The request was rejected because only the service that depends on the service-linked role can modify or
* delete the role on your behalf. The error message includes the name of the service that depends on this
* service-linked role. You must request the change through that service.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.AddRoleToInstanceProfile
* @see AWS
* API Documentation
*/
@Override
public AddRoleToInstanceProfileResponse addRoleToInstanceProfile(
AddRoleToInstanceProfileRequest addRoleToInstanceProfileRequest) throws NoSuchEntityException,
EntityAlreadyExistsException, LimitExceededException, UnmodifiableEntityException, ServiceFailureException,
AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(AddRoleToInstanceProfileResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("AddRoleToInstanceProfile").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(addRoleToInstanceProfileRequest)
.withMarshaller(new AddRoleToInstanceProfileRequestMarshaller(protocolFactory)));
}
/**
*
* Adds the specified user to the specified group.
*
*
* @param addUserToGroupRequest
* @return Result of the AddUserToGroup operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.AddUserToGroup
* @see AWS API
* Documentation
*/
@Override
public AddUserToGroupResponse addUserToGroup(AddUserToGroupRequest addUserToGroupRequest) throws NoSuchEntityException,
LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(AddUserToGroupResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("AddUserToGroup").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(addUserToGroupRequest)
.withMarshaller(new AddUserToGroupRequestMarshaller(protocolFactory)));
}
/**
*
* Attaches the specified managed policy to the specified IAM group.
*
*
* You use this API to attach a managed policy to a group. To embed an inline policy in a group, use
* PutGroupPolicy.
*
*
* For more information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param attachGroupPolicyRequest
* @return Result of the AttachGroupPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws PolicyNotAttachableException
* The request failed because AWS service role policies can only be attached to the service-linked role for
* that service.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.AttachGroupPolicy
* @see AWS API
* Documentation
*/
@Override
public AttachGroupPolicyResponse attachGroupPolicy(AttachGroupPolicyRequest attachGroupPolicyRequest)
throws NoSuchEntityException, LimitExceededException, InvalidInputException, PolicyNotAttachableException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(AttachGroupPolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("AttachGroupPolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(attachGroupPolicyRequest)
.withMarshaller(new AttachGroupPolicyRequestMarshaller(protocolFactory)));
}
/**
*
* Attaches the specified managed policy to the specified IAM role. When you attach a managed policy to a role, the
* managed policy becomes part of the role's permission (access) policy.
*
*
*
* You cannot use a managed policy as the role's trust policy. The role's trust policy is created at the same time
* as the role, using CreateRole. You can update a role's trust policy using UpdateAssumeRolePolicy.
*
*
*
* Use this API to attach a managed policy to a role. To embed an inline policy in a role, use
* PutRolePolicy. For more information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param attachRolePolicyRequest
* @return Result of the AttachRolePolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws UnmodifiableEntityException
* The request was rejected because only the service that depends on the service-linked role can modify or
* delete the role on your behalf. The error message includes the name of the service that depends on this
* service-linked role. You must request the change through that service.
* @throws PolicyNotAttachableException
* The request failed because AWS service role policies can only be attached to the service-linked role for
* that service.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.AttachRolePolicy
* @see AWS API
* Documentation
*/
@Override
public AttachRolePolicyResponse attachRolePolicy(AttachRolePolicyRequest attachRolePolicyRequest)
throws NoSuchEntityException, LimitExceededException, InvalidInputException, UnmodifiableEntityException,
PolicyNotAttachableException, ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(AttachRolePolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("AttachRolePolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(attachRolePolicyRequest)
.withMarshaller(new AttachRolePolicyRequestMarshaller(protocolFactory)));
}
/**
*
* Attaches the specified managed policy to the specified user.
*
*
* You use this API to attach a managed policy to a user. To embed an inline policy in a user, use
* PutUserPolicy.
*
*
* For more information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param attachUserPolicyRequest
* @return Result of the AttachUserPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws PolicyNotAttachableException
* The request failed because AWS service role policies can only be attached to the service-linked role for
* that service.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.AttachUserPolicy
* @see AWS API
* Documentation
*/
@Override
public AttachUserPolicyResponse attachUserPolicy(AttachUserPolicyRequest attachUserPolicyRequest)
throws NoSuchEntityException, LimitExceededException, InvalidInputException, PolicyNotAttachableException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(AttachUserPolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("AttachUserPolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(attachUserPolicyRequest)
.withMarshaller(new AttachUserPolicyRequestMarshaller(protocolFactory)));
}
/**
*
* Changes the password of the IAM user who is calling this operation. The AWS account root user password is not
* affected by this operation.
*
*
* To change the password for a different user, see UpdateLoginProfile. For more information about modifying
* passwords, see Managing
* Passwords in the IAM User Guide.
*
*
* @param changePasswordRequest
* @return Result of the ChangePassword operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws InvalidUserTypeException
* The request was rejected because the type of user for the transaction was incorrect.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws EntityTemporarilyUnmodifiableException
* The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user
* name that was deleted and then recreated. The error indicates that the request is likely to succeed if
* you try again after waiting several minutes. The error message describes the entity.
* @throws PasswordPolicyViolationException
* The request was rejected because the provided password did not meet the requirements imposed by the
* account password policy.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.ChangePassword
* @see AWS API
* Documentation
*/
@Override
public ChangePasswordResponse changePassword(ChangePasswordRequest changePasswordRequest) throws NoSuchEntityException,
InvalidUserTypeException, LimitExceededException, EntityTemporarilyUnmodifiableException,
PasswordPolicyViolationException, ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(ChangePasswordResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("ChangePassword").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(changePasswordRequest)
.withMarshaller(new ChangePasswordRequestMarshaller(protocolFactory)));
}
/**
*
* Creates a new AWS secret access key and corresponding AWS access key ID for the specified user. The default
* status for new keys is Active.
*
*
* If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing
* the request. This operation works for access keys under the AWS account. Consequently, you can use this operation
* to manage AWS account root user credentials. This is true even if the AWS account has no associated users.
*
*
* For information about limits on the number of keys you can create, see Limitations on IAM
* Entities in the IAM User Guide.
*
*
*
* To ensure the security of your AWS account, the secret access key is accessible only during key and user
* creation. You must save the key (for example, in a text file) if you want to be able to access it again. If a
* secret key is lost, you can delete the access keys for the associated user and then create new keys.
*
*
*
* @param createAccessKeyRequest
* @return Result of the CreateAccessKey operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.CreateAccessKey
* @see AWS API
* Documentation
*/
@Override
public CreateAccessKeyResponse createAccessKey(CreateAccessKeyRequest createAccessKeyRequest) throws NoSuchEntityException,
LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(CreateAccessKeyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("CreateAccessKey").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(createAccessKeyRequest)
.withMarshaller(new CreateAccessKeyRequestMarshaller(protocolFactory)));
}
/**
*
* Creates an alias for your AWS account. For information about using an AWS account alias, see Using an Alias for Your AWS Account
* ID in the IAM User Guide.
*
*
* @param createAccountAliasRequest
* @return Result of the CreateAccountAlias operation returned by the service.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.CreateAccountAlias
* @see AWS API
* Documentation
*/
@Override
public CreateAccountAliasResponse createAccountAlias(CreateAccountAliasRequest createAccountAliasRequest)
throws EntityAlreadyExistsException, LimitExceededException, ServiceFailureException, AwsServiceException,
SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(CreateAccountAliasResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("CreateAccountAlias").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(createAccountAliasRequest)
.withMarshaller(new CreateAccountAliasRequestMarshaller(protocolFactory)));
}
/**
*
* Creates a new group.
*
*
* For information about the number of groups you can create, see Limitations on IAM
* Entities in the IAM User Guide.
*
*
* @param createGroupRequest
* @return Result of the CreateGroup operation returned by the service.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.CreateGroup
* @see AWS API
* Documentation
*/
@Override
public CreateGroupResponse createGroup(CreateGroupRequest createGroupRequest) throws LimitExceededException,
EntityAlreadyExistsException, NoSuchEntityException, ServiceFailureException, AwsServiceException,
SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(CreateGroupResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("CreateGroup").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(createGroupRequest)
.withMarshaller(new CreateGroupRequestMarshaller(protocolFactory)));
}
/**
*
* Creates a new instance profile. For information about instance profiles, go to About Instance Profiles.
*
*
* For information about the number of instance profiles you can create, see Limitations on IAM
* Entities in the IAM User Guide.
*
*
* @param createInstanceProfileRequest
* @return Result of the CreateInstanceProfile operation returned by the service.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.CreateInstanceProfile
* @see AWS API
* Documentation
*/
@Override
public CreateInstanceProfileResponse createInstanceProfile(CreateInstanceProfileRequest createInstanceProfileRequest)
throws EntityAlreadyExistsException, LimitExceededException, ServiceFailureException, AwsServiceException,
SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(CreateInstanceProfileResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("CreateInstanceProfile").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(createInstanceProfileRequest)
.withMarshaller(new CreateInstanceProfileRequestMarshaller(protocolFactory)));
}
/**
*
* Creates a password for the specified user, giving the user the ability to access AWS services through the AWS
* Management Console. For more information about managing passwords, see Managing Passwords in the
* IAM User Guide.
*
*
* @param createLoginProfileRequest
* @return Result of the CreateLoginProfile operation returned by the service.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws PasswordPolicyViolationException
* The request was rejected because the provided password did not meet the requirements imposed by the
* account password policy.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.CreateLoginProfile
* @see AWS API
* Documentation
*/
@Override
public CreateLoginProfileResponse createLoginProfile(CreateLoginProfileRequest createLoginProfileRequest)
throws EntityAlreadyExistsException, NoSuchEntityException, PasswordPolicyViolationException, LimitExceededException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(CreateLoginProfileResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("CreateLoginProfile").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(createLoginProfileRequest)
.withMarshaller(new CreateLoginProfileRequestMarshaller(protocolFactory)));
}
/**
*
* Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC).
*
*
* The OIDC provider that you create with this operation can be used as a principal in a role's trust policy. Such a
* policy establishes a trust relationship between AWS and the OIDC provider.
*
*
* When you create the IAM OIDC provider, you specify the following:
*
*
* -
*
* The URL of the OIDC identity provider (IdP) to trust
*
*
* -
*
* A list of client IDs (also known as audiences) that identify the application or applications that are allowed to
* authenticate using the OIDC provider
*
*
* -
*
* A list of thumbprints of the server certificate(s) that the IdP uses
*
*
*
*
* You get all of this information from the OIDC IdP that you want to use to access AWS.
*
*
*
* The trust for the OIDC provider is derived from the IAM provider that this operation creates. Therefore, it is
* best to limit access to the CreateOpenIDConnectProvider operation to highly privileged users.
*
*
*
* @param createOpenIdConnectProviderRequest
* @return Result of the CreateOpenIDConnectProvider operation returned by the service.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.CreateOpenIDConnectProvider
* @see AWS API Documentation
*/
@Override
public CreateOpenIdConnectProviderResponse createOpenIDConnectProvider(
CreateOpenIdConnectProviderRequest createOpenIdConnectProviderRequest) throws InvalidInputException,
EntityAlreadyExistsException, LimitExceededException, ServiceFailureException, AwsServiceException,
SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(CreateOpenIdConnectProviderResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("CreateOpenIDConnectProvider").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(createOpenIdConnectProviderRequest)
.withMarshaller(new CreateOpenIdConnectProviderRequestMarshaller(protocolFactory)));
}
/**
*
* Creates a new managed policy for your AWS account.
*
*
* This operation creates a policy version with a version identifier of v1 and sets v1 as the policy's
* default version. For more information about policy versions, see Versioning for Managed
* Policies in the IAM User Guide.
*
*
* For more information about managed policies in general, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param createPolicyRequest
* @return Result of the CreatePolicy operation returned by the service.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws MalformedPolicyDocumentException
* The request was rejected because the policy document was malformed. The error message describes the
* specific error.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.CreatePolicy
* @see AWS API
* Documentation
*/
@Override
public CreatePolicyResponse createPolicy(CreatePolicyRequest createPolicyRequest) throws InvalidInputException,
LimitExceededException, EntityAlreadyExistsException, MalformedPolicyDocumentException, ServiceFailureException,
AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(CreatePolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("CreatePolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(createPolicyRequest)
.withMarshaller(new CreatePolicyRequestMarshaller(protocolFactory)));
}
/**
*
* Creates a new version of the specified managed policy. To update a managed policy, you create a new policy
* version. A managed policy can have up to five versions. If the policy has five versions, you must delete an
* existing version using DeletePolicyVersion before you create a new version.
*
*
* Optionally, you can set the new version as the policy's default version. The default version is the version that
* is in effect for the IAM users, groups, and roles to which the policy is attached.
*
*
* For more information about managed policy versions, see Versioning for Managed
* Policies in the IAM User Guide.
*
*
* @param createPolicyVersionRequest
* @return Result of the CreatePolicyVersion operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws MalformedPolicyDocumentException
* The request was rejected because the policy document was malformed. The error message describes the
* specific error.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.CreatePolicyVersion
* @see AWS API
* Documentation
*/
@Override
public CreatePolicyVersionResponse createPolicyVersion(CreatePolicyVersionRequest createPolicyVersionRequest)
throws NoSuchEntityException, MalformedPolicyDocumentException, InvalidInputException, LimitExceededException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(CreatePolicyVersionResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("CreatePolicyVersion").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(createPolicyVersionRequest)
.withMarshaller(new CreatePolicyVersionRequestMarshaller(protocolFactory)));
}
/**
*
* Creates a new role for your AWS account. For more information about roles, go to IAM Roles. For information
* about limitations on role names and the number of roles you can create, go to Limitations on IAM
* Entities in the IAM User Guide.
*
*
* @param createRoleRequest
* @return Result of the CreateRole operation returned by the service.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws MalformedPolicyDocumentException
* The request was rejected because the policy document was malformed. The error message describes the
* specific error.
* @throws ConcurrentModificationException
* The request was rejected because multiple requests to change this object were submitted simultaneously.
* Wait a few minutes and submit your request again.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.CreateRole
* @see AWS API
* Documentation
*/
@Override
public CreateRoleResponse createRole(CreateRoleRequest createRoleRequest) throws LimitExceededException,
InvalidInputException, EntityAlreadyExistsException, MalformedPolicyDocumentException,
ConcurrentModificationException, ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(CreateRoleResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("CreateRole").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(createRoleRequest)
.withMarshaller(new CreateRoleRequestMarshaller(protocolFactory)));
}
/**
*
* Creates an IAM resource that describes an identity provider (IdP) that supports SAML 2.0.
*
*
* The SAML provider resource that you create with this operation can be used as a principal in an IAM role's trust
* policy. Such a policy can enable federated users who sign in using the SAML IdP to assume the role. You can
* create an IAM role that supports Web-based single sign-on (SSO) to the AWS Management Console or one that
* supports API access to AWS.
*
*
* When you create the SAML provider resource, you upload a SAML metadata document that you get from your IdP. That
* document includes the issuer's name, expiration information, and keys that can be used to validate the SAML
* authentication response (assertions) that the IdP sends. You must generate the metadata document using the
* identity management software that is used as your organization's IdP.
*
*
*
* This operation requires Signature Version 4.
*
*
*
* For more information, see Enabling SAML
* 2.0 Federated Users to Access the AWS Management Console and About SAML 2.0-based
* Federation in the IAM User Guide.
*
*
* @param createSamlProviderRequest
* @return Result of the CreateSAMLProvider operation returned by the service.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.CreateSAMLProvider
* @see AWS API
* Documentation
*/
@Override
public CreateSamlProviderResponse createSAMLProvider(CreateSamlProviderRequest createSamlProviderRequest)
throws InvalidInputException, EntityAlreadyExistsException, LimitExceededException, ServiceFailureException,
AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(CreateSamlProviderResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("CreateSAMLProvider").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(createSamlProviderRequest)
.withMarshaller(new CreateSamlProviderRequestMarshaller(protocolFactory)));
}
/**
*
* Creates an IAM role that is linked to a specific AWS service. The service controls the attached policies and when
* the role can be deleted. This helps ensure that the service is not broken by an unexpectedly changed or deleted
* role, which could put your AWS resources into an unknown state. Allowing the service to control the role helps
* improve service stability and proper cleanup when a service and its role are no longer needed. For more
* information, see Using
* Service-Linked Roles in the IAM User Guide.
*
*
* To attach a policy to this service-linked role, you must make the request using the AWS service that depends on
* this role.
*
*
* @param createServiceLinkedRoleRequest
* @return Result of the CreateServiceLinkedRole operation returned by the service.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.CreateServiceLinkedRole
* @see AWS
* API Documentation
*/
@Override
public CreateServiceLinkedRoleResponse createServiceLinkedRole(CreateServiceLinkedRoleRequest createServiceLinkedRoleRequest)
throws InvalidInputException, LimitExceededException, NoSuchEntityException, ServiceFailureException,
AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(CreateServiceLinkedRoleResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("CreateServiceLinkedRole").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(createServiceLinkedRoleRequest)
.withMarshaller(new CreateServiceLinkedRoleRequestMarshaller(protocolFactory)));
}
/**
*
* Generates a set of credentials consisting of a user name and password that can be used to access the service
* specified in the request. These credentials are generated by IAM, and can be used only for the specified service.
*
*
* You can have a maximum of two sets of service-specific credentials for each supported service per user.
*
*
* The only supported service at this time is AWS CodeCommit.
*
*
* You can reset the password to a new service-generated value by calling ResetServiceSpecificCredential.
*
*
* For more information about service-specific credentials, see Using IAM with AWS
* CodeCommit: Git Credentials, SSH Keys, and AWS Access Keys in the IAM User Guide.
*
*
* @param createServiceSpecificCredentialRequest
* @return Result of the CreateServiceSpecificCredential operation returned by the service.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceNotSupportedException
* The specified service does not support service-specific credentials.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.CreateServiceSpecificCredential
* @see AWS API Documentation
*/
@Override
public CreateServiceSpecificCredentialResponse createServiceSpecificCredential(
CreateServiceSpecificCredentialRequest createServiceSpecificCredentialRequest) throws LimitExceededException,
NoSuchEntityException, ServiceNotSupportedException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(CreateServiceSpecificCredentialResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("CreateServiceSpecificCredential").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(createServiceSpecificCredentialRequest)
.withMarshaller(new CreateServiceSpecificCredentialRequestMarshaller(protocolFactory)));
}
/**
*
* Creates a new IAM user for your AWS account.
*
*
* For information about limitations on the number of IAM users you can create, see Limitations on IAM
* Entities in the IAM User Guide.
*
*
* @param createUserRequest
* @return Result of the CreateUser operation returned by the service.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ConcurrentModificationException
* The request was rejected because multiple requests to change this object were submitted simultaneously.
* Wait a few minutes and submit your request again.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.CreateUser
* @see AWS API
* Documentation
*/
@Override
public CreateUserResponse createUser(CreateUserRequest createUserRequest) throws LimitExceededException,
EntityAlreadyExistsException, NoSuchEntityException, InvalidInputException, ConcurrentModificationException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(CreateUserResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("CreateUser").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(createUserRequest)
.withMarshaller(new CreateUserRequestMarshaller(protocolFactory)));
}
/**
*
* Creates a new virtual MFA device for the AWS account. After creating the virtual MFA, use EnableMFADevice
* to attach the MFA device to an IAM user. For more information about creating and working with virtual MFA
* devices, go to Using a Virtual
* MFA Device in the IAM User Guide.
*
*
* For information about limits on the number of MFA devices you can create, see Limitations on Entities in
* the IAM User Guide.
*
*
*
* The seed information contained in the QR code and the Base32 string should be treated like any other secret
* access information. In other words, protect the seed information as you would your AWS access keys or your
* passwords. After you provision your virtual device, you should ensure that the information is destroyed following
* secure procedures.
*
*
*
* @param createVirtualMfaDeviceRequest
* @return Result of the CreateVirtualMFADevice operation returned by the service.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.CreateVirtualMFADevice
* @see AWS API
* Documentation
*/
@Override
public CreateVirtualMfaDeviceResponse createVirtualMFADevice(CreateVirtualMfaDeviceRequest createVirtualMfaDeviceRequest)
throws LimitExceededException, EntityAlreadyExistsException, ServiceFailureException, AwsServiceException,
SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(CreateVirtualMfaDeviceResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("CreateVirtualMFADevice").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(createVirtualMfaDeviceRequest)
.withMarshaller(new CreateVirtualMfaDeviceRequestMarshaller(protocolFactory)));
}
/**
*
* Deactivates the specified MFA device and removes it from association with the user name for which it was
* originally enabled.
*
*
* For more information about creating and working with virtual MFA devices, go to Enabling a Virtual Multi-factor
* Authentication (MFA) Device in the IAM User Guide.
*
*
* @param deactivateMfaDeviceRequest
* @return Result of the DeactivateMFADevice operation returned by the service.
* @throws EntityTemporarilyUnmodifiableException
* The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user
* name that was deleted and then recreated. The error indicates that the request is likely to succeed if
* you try again after waiting several minutes. The error message describes the entity.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeactivateMFADevice
* @see AWS API
* Documentation
*/
@Override
public DeactivateMFADeviceResponse deactivateMFADevice(DeactivateMfaDeviceRequest deactivateMfaDeviceRequest)
throws EntityTemporarilyUnmodifiableException, NoSuchEntityException, LimitExceededException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeactivateMFADeviceResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeactivateMFADevice").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deactivateMfaDeviceRequest)
.withMarshaller(new DeactivateMfaDeviceRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes the access key pair associated with the specified IAM user.
*
*
* If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing
* the request. This operation works for access keys under the AWS account. Consequently, you can use this operation
* to manage AWS account root user credentials even if the AWS account has no associated users.
*
*
* @param deleteAccessKeyRequest
* @return Result of the DeleteAccessKey operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteAccessKey
* @see AWS API
* Documentation
*/
@Override
public DeleteAccessKeyResponse deleteAccessKey(DeleteAccessKeyRequest deleteAccessKeyRequest) throws NoSuchEntityException,
LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteAccessKeyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeleteAccessKey").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteAccessKeyRequest)
.withMarshaller(new DeleteAccessKeyRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes the specified AWS account alias. For information about using an AWS account alias, see Using an Alias for Your AWS Account
* ID in the IAM User Guide.
*
*
* @param deleteAccountAliasRequest
* @return Result of the DeleteAccountAlias operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteAccountAlias
* @see AWS API
* Documentation
*/
@Override
public DeleteAccountAliasResponse deleteAccountAlias(DeleteAccountAliasRequest deleteAccountAliasRequest)
throws NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException,
SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteAccountAliasResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeleteAccountAlias").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteAccountAliasRequest)
.withMarshaller(new DeleteAccountAliasRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes the password policy for the AWS account. There are no parameters.
*
*
* @param deleteAccountPasswordPolicyRequest
* @return Result of the DeleteAccountPasswordPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteAccountPasswordPolicy
* @see AWS API Documentation
*/
@Override
public DeleteAccountPasswordPolicyResponse deleteAccountPasswordPolicy(
DeleteAccountPasswordPolicyRequest deleteAccountPasswordPolicyRequest) throws NoSuchEntityException,
LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteAccountPasswordPolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("DeleteAccountPasswordPolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteAccountPasswordPolicyRequest)
.withMarshaller(new DeleteAccountPasswordPolicyRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes the specified IAM group. The group must not contain any users or have any attached policies.
*
*
* @param deleteGroupRequest
* @return Result of the DeleteGroup operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws DeleteConflictException
* The request was rejected because it attempted to delete a resource that has attached subordinate
* entities. The error message describes these entities.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteGroup
* @see AWS API
* Documentation
*/
@Override
public DeleteGroupResponse deleteGroup(DeleteGroupRequest deleteGroupRequest) throws NoSuchEntityException,
DeleteConflictException, LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException,
IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteGroupResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeleteGroup").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteGroupRequest)
.withMarshaller(new DeleteGroupRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes the specified inline policy that is embedded in the specified IAM group.
*
*
* A group can also have managed policies attached to it. To detach a managed policy from a group, use
* DetachGroupPolicy. For more information about policies, refer to Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param deleteGroupPolicyRequest
* @return Result of the DeleteGroupPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteGroupPolicy
* @see AWS API
* Documentation
*/
@Override
public DeleteGroupPolicyResponse deleteGroupPolicy(DeleteGroupPolicyRequest deleteGroupPolicyRequest)
throws NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException,
SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteGroupPolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeleteGroupPolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteGroupPolicyRequest)
.withMarshaller(new DeleteGroupPolicyRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes the specified instance profile. The instance profile must not have an associated role.
*
*
*
* Make sure that you do not have any Amazon EC2 instances running with the instance profile you are about to
* delete. Deleting a role or instance profile that is associated with a running instance will break any
* applications running on the instance.
*
*
*
* For more information about instance profiles, go to About Instance Profiles.
*
*
* @param deleteInstanceProfileRequest
* @return Result of the DeleteInstanceProfile operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws DeleteConflictException
* The request was rejected because it attempted to delete a resource that has attached subordinate
* entities. The error message describes these entities.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteInstanceProfile
* @see AWS API
* Documentation
*/
@Override
public DeleteInstanceProfileResponse deleteInstanceProfile(DeleteInstanceProfileRequest deleteInstanceProfileRequest)
throws NoSuchEntityException, DeleteConflictException, LimitExceededException, ServiceFailureException,
AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteInstanceProfileResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeleteInstanceProfile").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteInstanceProfileRequest)
.withMarshaller(new DeleteInstanceProfileRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes the password for the specified IAM user, which terminates the user's ability to access AWS services
* through the AWS Management Console.
*
*
*
* Deleting a user's password does not prevent a user from accessing AWS through the command line interface or the
* API. To prevent all user access, you must also either make any access keys inactive or delete them. For more
* information about making keys inactive or deleting them, see UpdateAccessKey and DeleteAccessKey.
*
*
*
* @param deleteLoginProfileRequest
* @return Result of the DeleteLoginProfile operation returned by the service.
* @throws EntityTemporarilyUnmodifiableException
* The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user
* name that was deleted and then recreated. The error indicates that the request is likely to succeed if
* you try again after waiting several minutes. The error message describes the entity.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteLoginProfile
* @see AWS API
* Documentation
*/
@Override
public DeleteLoginProfileResponse deleteLoginProfile(DeleteLoginProfileRequest deleteLoginProfileRequest)
throws EntityTemporarilyUnmodifiableException, NoSuchEntityException, LimitExceededException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteLoginProfileResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeleteLoginProfile").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteLoginProfileRequest)
.withMarshaller(new DeleteLoginProfileRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes an OpenID Connect identity provider (IdP) resource object in IAM.
*
*
* Deleting an IAM OIDC provider resource does not update any roles that reference the provider as a principal in
* their trust policies. Any attempt to assume a role that references a deleted provider fails.
*
*
* This operation is idempotent; it does not fail or return an error if you call the operation for a provider that
* does not exist.
*
*
* @param deleteOpenIdConnectProviderRequest
* @return Result of the DeleteOpenIDConnectProvider operation returned by the service.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteOpenIDConnectProvider
* @see AWS API Documentation
*/
@Override
public DeleteOpenIDConnectProviderResponse deleteOpenIDConnectProvider(
DeleteOpenIdConnectProviderRequest deleteOpenIdConnectProviderRequest) throws InvalidInputException,
NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteOpenIDConnectProviderResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("DeleteOpenIDConnectProvider").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteOpenIdConnectProviderRequest)
.withMarshaller(new DeleteOpenIdConnectProviderRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes the specified managed policy.
*
*
* Before you can delete a managed policy, you must first detach the policy from all users, groups, and roles that
* it is attached to. In addition, you must delete all the policy's versions. The following steps describe the
* process for deleting a managed policy:
*
*
* -
*
* Detach the policy from all users, groups, and roles that the policy is attached to, using the
* DetachUserPolicy, DetachGroupPolicy, or DetachRolePolicy API operations. To list all the
* users, groups, and roles that a policy is attached to, use ListEntitiesForPolicy.
*
*
* -
*
* Delete all versions of the policy using DeletePolicyVersion. To list the policy's versions, use
* ListPolicyVersions. You cannot use DeletePolicyVersion to delete the version that is marked as the
* default version. You delete the policy's default version in the next step of the process.
*
*
* -
*
* Delete the policy (this automatically deletes the policy's default version) using this API.
*
*
*
*
* For information about managed policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param deletePolicyRequest
* @return Result of the DeletePolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws DeleteConflictException
* The request was rejected because it attempted to delete a resource that has attached subordinate
* entities. The error message describes these entities.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeletePolicy
* @see AWS API
* Documentation
*/
@Override
public DeletePolicyResponse deletePolicy(DeletePolicyRequest deletePolicyRequest) throws NoSuchEntityException,
LimitExceededException, InvalidInputException, DeleteConflictException, ServiceFailureException, AwsServiceException,
SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeletePolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeletePolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deletePolicyRequest)
.withMarshaller(new DeletePolicyRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes the specified version from the specified managed policy.
*
*
* You cannot delete the default version from a policy using this API. To delete the default version from a policy,
* use DeletePolicy. To find out which version of a policy is marked as the default version, use
* ListPolicyVersions.
*
*
* For information about versions for managed policies, see Versioning for Managed
* Policies in the IAM User Guide.
*
*
* @param deletePolicyVersionRequest
* @return Result of the DeletePolicyVersion operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws DeleteConflictException
* The request was rejected because it attempted to delete a resource that has attached subordinate
* entities. The error message describes these entities.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeletePolicyVersion
* @see AWS API
* Documentation
*/
@Override
public DeletePolicyVersionResponse deletePolicyVersion(DeletePolicyVersionRequest deletePolicyVersionRequest)
throws NoSuchEntityException, LimitExceededException, InvalidInputException, DeleteConflictException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeletePolicyVersionResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeletePolicyVersion").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deletePolicyVersionRequest)
.withMarshaller(new DeletePolicyVersionRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes the specified role. The role must not have any policies attached. For more information about roles, go to
* Working with Roles.
*
*
*
* Make sure that you do not have any Amazon EC2 instances running with the role you are about to delete. Deleting a
* role or instance profile that is associated with a running instance will break any applications running on the
* instance.
*
*
*
* @param deleteRoleRequest
* @return Result of the DeleteRole operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws DeleteConflictException
* The request was rejected because it attempted to delete a resource that has attached subordinate
* entities. The error message describes these entities.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws UnmodifiableEntityException
* The request was rejected because only the service that depends on the service-linked role can modify or
* delete the role on your behalf. The error message includes the name of the service that depends on this
* service-linked role. You must request the change through that service.
* @throws ConcurrentModificationException
* The request was rejected because multiple requests to change this object were submitted simultaneously.
* Wait a few minutes and submit your request again.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteRole
* @see AWS API
* Documentation
*/
@Override
public DeleteRoleResponse deleteRole(DeleteRoleRequest deleteRoleRequest) throws NoSuchEntityException,
DeleteConflictException, LimitExceededException, UnmodifiableEntityException, ConcurrentModificationException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteRoleResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeleteRole").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteRoleRequest)
.withMarshaller(new DeleteRoleRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes the permissions boundary for the specified IAM role.
*
*
*
* Deleting the permissions boundary for a role might increase its permissions. For example, it might allow anyone
* who assumes the role to perform all the actions granted in its permissions policies.
*
*
*
* @param deleteRolePermissionsBoundaryRequest
* @return Result of the DeleteRolePermissionsBoundary operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws UnmodifiableEntityException
* The request was rejected because only the service that depends on the service-linked role can modify or
* delete the role on your behalf. The error message includes the name of the service that depends on this
* service-linked role. You must request the change through that service.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteRolePermissionsBoundary
* @see AWS API Documentation
*/
@Override
public DeleteRolePermissionsBoundaryResponse deleteRolePermissionsBoundary(
DeleteRolePermissionsBoundaryRequest deleteRolePermissionsBoundaryRequest) throws NoSuchEntityException,
UnmodifiableEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteRolePermissionsBoundaryResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("DeleteRolePermissionsBoundary").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteRolePermissionsBoundaryRequest)
.withMarshaller(new DeleteRolePermissionsBoundaryRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes the specified inline policy that is embedded in the specified IAM role.
*
*
* A role can also have managed policies attached to it. To detach a managed policy from a role, use
* DetachRolePolicy. For more information about policies, refer to Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param deleteRolePolicyRequest
* @return Result of the DeleteRolePolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws UnmodifiableEntityException
* The request was rejected because only the service that depends on the service-linked role can modify or
* delete the role on your behalf. The error message includes the name of the service that depends on this
* service-linked role. You must request the change through that service.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteRolePolicy
* @see AWS API
* Documentation
*/
@Override
public DeleteRolePolicyResponse deleteRolePolicy(DeleteRolePolicyRequest deleteRolePolicyRequest)
throws NoSuchEntityException, LimitExceededException, UnmodifiableEntityException, ServiceFailureException,
AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteRolePolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeleteRolePolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteRolePolicyRequest)
.withMarshaller(new DeleteRolePolicyRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes a SAML provider resource in IAM.
*
*
* Deleting the provider resource from IAM does not update any roles that reference the SAML provider resource's ARN
* as a principal in their trust policies. Any attempt to assume a role that references a non-existent provider
* resource ARN fails.
*
*
*
* This operation requires Signature Version 4.
*
*
*
* @param deleteSamlProviderRequest
* @return Result of the DeleteSAMLProvider operation returned by the service.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteSAMLProvider
* @see AWS API
* Documentation
*/
@Override
public DeleteSAMLProviderResponse deleteSAMLProvider(DeleteSamlProviderRequest deleteSamlProviderRequest)
throws InvalidInputException, LimitExceededException, NoSuchEntityException, ServiceFailureException,
AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteSAMLProviderResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeleteSAMLProvider").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteSamlProviderRequest)
.withMarshaller(new DeleteSamlProviderRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes the specified SSH public key.
*
*
* The SSH public key deleted by this operation is used only for authenticating the associated IAM user to an AWS
* CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository,
* see Set up AWS
* CodeCommit for SSH Connections in the AWS CodeCommit User Guide.
*
*
* @param deleteSshPublicKeyRequest
* @return Result of the DeleteSSHPublicKey operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteSSHPublicKey
* @see AWS API
* Documentation
*/
@Override
public DeleteSSHPublicKeyResponse deleteSSHPublicKey(DeleteSshPublicKeyRequest deleteSshPublicKeyRequest)
throws NoSuchEntityException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteSSHPublicKeyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeleteSSHPublicKey").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteSshPublicKeyRequest)
.withMarshaller(new DeleteSshPublicKeyRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes the specified server certificate.
*
*
* For more information about working with server certificates, see Working with Server
* Certificates in the IAM User Guide. This topic also includes a list of AWS services that can use the
* server certificates that you manage with IAM.
*
*
*
* If you are using a server certificate with Elastic Load Balancing, deleting the certificate could have
* implications for your application. If Elastic Load Balancing doesn't detect the deletion of bound certificates,
* it may continue to use the certificates. This could cause Elastic Load Balancing to stop accepting traffic. We
* recommend that you remove the reference to the certificate from Elastic Load Balancing before using this command
* to delete the certificate. For more information, go to DeleteLoadBalancerListeners in the Elastic Load Balancing API Reference.
*
*
*
* @param deleteServerCertificateRequest
* @return Result of the DeleteServerCertificate operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws DeleteConflictException
* The request was rejected because it attempted to delete a resource that has attached subordinate
* entities. The error message describes these entities.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteServerCertificate
* @see AWS
* API Documentation
*/
@Override
public DeleteServerCertificateResponse deleteServerCertificate(DeleteServerCertificateRequest deleteServerCertificateRequest)
throws NoSuchEntityException, DeleteConflictException, LimitExceededException, ServiceFailureException,
AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteServerCertificateResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeleteServerCertificate").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteServerCertificateRequest)
.withMarshaller(new DeleteServerCertificateRequestMarshaller(protocolFactory)));
}
/**
*
* Submits a service-linked role deletion request and returns a DeletionTaskId, which you can use to
* check the status of the deletion. Before you call this operation, confirm that the role has no active sessions
* and that any resources used by the role in the linked service are deleted. If you call this operation more than
* once for the same service-linked role and an earlier deletion task is not complete, then the
* DeletionTaskId of the earlier request is returned.
*
*
* If you submit a deletion request for a service-linked role whose linked service is still accessing a resource,
* then the deletion task fails. If it fails, the GetServiceLinkedRoleDeletionStatus API operation returns
* the reason for the failure, usually including the resources that must be deleted. To delete the service-linked
* role, you must first remove those resources from the linked service and then submit the deletion request again.
* Resources are specific to the service that is linked to the role. For more information about removing resources
* from a service, see the AWS documentation for your service.
*
*
* For more information about service-linked roles, see Roles Terms and Concepts: AWS Service-Linked Role in the IAM User Guide.
*
*
* @param deleteServiceLinkedRoleRequest
* @return Result of the DeleteServiceLinkedRole operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteServiceLinkedRole
* @see AWS
* API Documentation
*/
@Override
public DeleteServiceLinkedRoleResponse deleteServiceLinkedRole(DeleteServiceLinkedRoleRequest deleteServiceLinkedRoleRequest)
throws NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException,
SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteServiceLinkedRoleResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeleteServiceLinkedRole").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteServiceLinkedRoleRequest)
.withMarshaller(new DeleteServiceLinkedRoleRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes the specified service-specific credential.
*
*
* @param deleteServiceSpecificCredentialRequest
* @return Result of the DeleteServiceSpecificCredential operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteServiceSpecificCredential
* @see AWS API Documentation
*/
@Override
public DeleteServiceSpecificCredentialResponse deleteServiceSpecificCredential(
DeleteServiceSpecificCredentialRequest deleteServiceSpecificCredentialRequest) throws NoSuchEntityException,
AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteServiceSpecificCredentialResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("DeleteServiceSpecificCredential").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteServiceSpecificCredentialRequest)
.withMarshaller(new DeleteServiceSpecificCredentialRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes a signing certificate associated with the specified IAM user.
*
*
* If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing
* the request. This operation works for access keys under the AWS account. Consequently, you can use this operation
* to manage AWS account root user credentials even if the AWS account has no associated IAM users.
*
*
* @param deleteSigningCertificateRequest
* @return Result of the DeleteSigningCertificate operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteSigningCertificate
* @see AWS
* API Documentation
*/
@Override
public DeleteSigningCertificateResponse deleteSigningCertificate(
DeleteSigningCertificateRequest deleteSigningCertificateRequest) throws NoSuchEntityException,
LimitExceededException, ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteSigningCertificateResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("DeleteSigningCertificate").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteSigningCertificateRequest)
.withMarshaller(new DeleteSigningCertificateRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes the specified IAM user. Unlike the AWS Management Console, when you delete a user programmatically, you
* must delete the items attached to the user manually, or the deletion fails. For more information, see Deleting an
* IAM User. Before attempting to delete a user, remove the following items:
*
*
* -
*
* Password (DeleteLoginProfile)
*
*
* -
*
* Access keys (DeleteAccessKey)
*
*
* -
*
* Signing certificate (DeleteSigningCertificate)
*
*
* -
*
* SSH public key (DeleteSSHPublicKey)
*
*
* -
*
* Git credentials (DeleteServiceSpecificCredential)
*
*
* -
*
* Multi-factor authentication (MFA) device (DeactivateMFADevice, DeleteVirtualMFADevice)
*
*
* -
*
* Inline policies (DeleteUserPolicy)
*
*
* -
*
* Attached managed policies (DetachUserPolicy)
*
*
* -
*
* Group memberships (RemoveUserFromGroup)
*
*
*
*
* @param deleteUserRequest
* @return Result of the DeleteUser operation returned by the service.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws DeleteConflictException
* The request was rejected because it attempted to delete a resource that has attached subordinate
* entities. The error message describes these entities.
* @throws ConcurrentModificationException
* The request was rejected because multiple requests to change this object were submitted simultaneously.
* Wait a few minutes and submit your request again.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteUser
* @see AWS API
* Documentation
*/
@Override
public DeleteUserResponse deleteUser(DeleteUserRequest deleteUserRequest) throws LimitExceededException,
NoSuchEntityException, DeleteConflictException, ConcurrentModificationException, ServiceFailureException,
AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteUserResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeleteUser").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteUserRequest)
.withMarshaller(new DeleteUserRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes the permissions boundary for the specified IAM user.
*
*
*
* Deleting the permissions boundary for a user might increase its permissions by allowing the user to perform all
* the actions granted in its permissions policies.
*
*
*
* @param deleteUserPermissionsBoundaryRequest
* @return Result of the DeleteUserPermissionsBoundary operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteUserPermissionsBoundary
* @see AWS API Documentation
*/
@Override
public DeleteUserPermissionsBoundaryResponse deleteUserPermissionsBoundary(
DeleteUserPermissionsBoundaryRequest deleteUserPermissionsBoundaryRequest) throws NoSuchEntityException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteUserPermissionsBoundaryResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("DeleteUserPermissionsBoundary").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteUserPermissionsBoundaryRequest)
.withMarshaller(new DeleteUserPermissionsBoundaryRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes the specified inline policy that is embedded in the specified IAM user.
*
*
* A user can also have managed policies attached to it. To detach a managed policy from a user, use
* DetachUserPolicy. For more information about policies, refer to Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param deleteUserPolicyRequest
* @return Result of the DeleteUserPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteUserPolicy
* @see AWS API
* Documentation
*/
@Override
public DeleteUserPolicyResponse deleteUserPolicy(DeleteUserPolicyRequest deleteUserPolicyRequest)
throws NoSuchEntityException, LimitExceededException, ServiceFailureException, AwsServiceException,
SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteUserPolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeleteUserPolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteUserPolicyRequest)
.withMarshaller(new DeleteUserPolicyRequestMarshaller(protocolFactory)));
}
/**
*
* Deletes a virtual MFA device.
*
*
*
* You must deactivate a user's virtual MFA device before you can delete it. For information about deactivating MFA
* devices, see DeactivateMFADevice.
*
*
*
* @param deleteVirtualMfaDeviceRequest
* @return Result of the DeleteVirtualMFADevice operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws DeleteConflictException
* The request was rejected because it attempted to delete a resource that has attached subordinate
* entities. The error message describes these entities.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DeleteVirtualMFADevice
* @see AWS API
* Documentation
*/
@Override
public DeleteVirtualMFADeviceResponse deleteVirtualMFADevice(DeleteVirtualMfaDeviceRequest deleteVirtualMfaDeviceRequest)
throws NoSuchEntityException, DeleteConflictException, LimitExceededException, ServiceFailureException,
AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DeleteVirtualMFADeviceResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeleteVirtualMFADevice").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(deleteVirtualMfaDeviceRequest)
.withMarshaller(new DeleteVirtualMfaDeviceRequestMarshaller(protocolFactory)));
}
/**
*
* Removes the specified managed policy from the specified IAM group.
*
*
* A group can also have inline policies embedded with it. To delete an inline policy, use the
* DeleteGroupPolicy API. For information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param detachGroupPolicyRequest
* @return Result of the DetachGroupPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DetachGroupPolicy
* @see AWS API
* Documentation
*/
@Override
public DetachGroupPolicyResponse detachGroupPolicy(DetachGroupPolicyRequest detachGroupPolicyRequest)
throws NoSuchEntityException, LimitExceededException, InvalidInputException, ServiceFailureException,
AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DetachGroupPolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DetachGroupPolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(detachGroupPolicyRequest)
.withMarshaller(new DetachGroupPolicyRequestMarshaller(protocolFactory)));
}
/**
*
* Removes the specified managed policy from the specified role.
*
*
* A role can also have inline policies embedded with it. To delete an inline policy, use the
* DeleteRolePolicy API. For information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param detachRolePolicyRequest
* @return Result of the DetachRolePolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws UnmodifiableEntityException
* The request was rejected because only the service that depends on the service-linked role can modify or
* delete the role on your behalf. The error message includes the name of the service that depends on this
* service-linked role. You must request the change through that service.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DetachRolePolicy
* @see AWS API
* Documentation
*/
@Override
public DetachRolePolicyResponse detachRolePolicy(DetachRolePolicyRequest detachRolePolicyRequest)
throws NoSuchEntityException, LimitExceededException, InvalidInputException, UnmodifiableEntityException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DetachRolePolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DetachRolePolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(detachRolePolicyRequest)
.withMarshaller(new DetachRolePolicyRequestMarshaller(protocolFactory)));
}
/**
*
* Removes the specified managed policy from the specified user.
*
*
* A user can also have inline policies embedded with it. To delete an inline policy, use the
* DeleteUserPolicy API. For information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param detachUserPolicyRequest
* @return Result of the DetachUserPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.DetachUserPolicy
* @see AWS API
* Documentation
*/
@Override
public DetachUserPolicyResponse detachUserPolicy(DetachUserPolicyRequest detachUserPolicyRequest)
throws NoSuchEntityException, LimitExceededException, InvalidInputException, ServiceFailureException,
AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(DetachUserPolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DetachUserPolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(detachUserPolicyRequest)
.withMarshaller(new DetachUserPolicyRequestMarshaller(protocolFactory)));
}
/**
*
* Enables the specified MFA device and associates it with the specified IAM user. When enabled, the MFA device is
* required for every subsequent login by the IAM user associated with the device.
*
*
* @param enableMfaDeviceRequest
* @return Result of the EnableMFADevice operation returned by the service.
* @throws EntityAlreadyExistsException
* The request was rejected because it attempted to create a resource that already exists.
* @throws EntityTemporarilyUnmodifiableException
* The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user
* name that was deleted and then recreated. The error indicates that the request is likely to succeed if
* you try again after waiting several minutes. The error message describes the entity.
* @throws InvalidAuthenticationCodeException
* The request was rejected because the authentication code was not recognized. The error message describes
* the specific error.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.EnableMFADevice
* @see AWS API
* Documentation
*/
@Override
public EnableMFADeviceResponse enableMFADevice(EnableMfaDeviceRequest enableMfaDeviceRequest)
throws EntityAlreadyExistsException, EntityTemporarilyUnmodifiableException, InvalidAuthenticationCodeException,
LimitExceededException, NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException,
IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(EnableMFADeviceResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("EnableMFADevice").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(enableMfaDeviceRequest)
.withMarshaller(new EnableMfaDeviceRequestMarshaller(protocolFactory)));
}
/**
*
* Generates a credential report for the AWS account. For more information about the credential report, see Getting Credential Reports in
* the IAM User Guide.
*
*
* @param generateCredentialReportRequest
* @return Result of the GenerateCredentialReport operation returned by the service.
* @throws LimitExceededException
* The request was rejected because it attempted to create resources beyond the current AWS account limits.
* The error message describes the limit exceeded.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GenerateCredentialReport
* @see AWS
* API Documentation
*/
@Override
public GenerateCredentialReportResponse generateCredentialReport(
GenerateCredentialReportRequest generateCredentialReportRequest) throws LimitExceededException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GenerateCredentialReportResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("GenerateCredentialReport").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(generateCredentialReportRequest)
.withMarshaller(new GenerateCredentialReportRequestMarshaller(protocolFactory)));
}
/**
*
* Generates a report for service last accessed data for AWS Organizations. You can generate a report for any
* entities (organization root, organizational unit, or account) or policies in your organization.
*
*
* To call this operation, you must be signed in using your AWS Organizations master account credentials. You can
* use your long-term IAM user or root user credentials, or temporary credentials from assuming an IAM role. SCPs
* must be enabled for your organization root. You must have the required IAM and AWS Organizations permissions. For
* more information, see Refining Permissions
* Using Service Last Accessed Data in the IAM User Guide.
*
*
* You can generate a service last accessed data report for entities by specifying only the entity's path. This data
* includes a list of services that are allowed by any service control policies (SCPs) that apply to the entity.
*
*
* You can generate a service last accessed data report for a policy by specifying an entity's path and an optional
* AWS Organizations policy ID. This data includes a list of services that are allowed by the specified SCP.
*
*
* For each service in both report types, the data includes the most recent account activity that the policy allows
* to account principals in the entity or the entity's children. For important information about the data, reporting
* period, permissions required, troubleshooting, and supported Regions see Reducing Permissions
* Using Service Last Accessed Data in the IAM User Guide.
*
*
*
* The data includes all attempts to access AWS, not just the successful ones. This includes all attempts that were
* made using the AWS Management Console, the AWS API through any of the SDKs, or any of the command line tools. An
* unexpected entry in the service last accessed data does not mean that an account has been compromised, because
* the request might have been denied. Refer to your CloudTrail logs as the authoritative source for information
* about all API calls and whether they were successful or denied access. For more information, see Logging IAM Events with
* CloudTrail in the IAM User Guide.
*
*
*
* This operation returns a JobId. Use this parameter in the
* GetOrganizationsAccessReport operation to check the status of the report generation. To
* check the status of this request, use the JobId parameter in the
* GetOrganizationsAccessReport operation and test the JobStatus response
* parameter. When the job is complete, you can retrieve the report.
*
*
* To generate a service last accessed data report for entities, specify an entity path without specifying the
* optional AWS Organizations policy ID. The type of entity that you specify determines the data returned in the
* report.
*
*
* -
*
* Root – When you specify the organizations root as the entity, the resulting report lists all of the
* services allowed by SCPs that are attached to your root. For each service, the report includes data for all
* accounts in your organization except the master account, because the master account is not limited by SCPs.
*
*
* -
*
* OU – When you specify an organizational unit (OU) as the entity, the resulting report lists all of the
* services allowed by SCPs that are attached to the OU and its parents. For each service, the report includes data
* for all accounts in the OU or its children. This data excludes the master account, because the master account is
* not limited by SCPs.
*
*
* -
*
* Master account – When you specify the master account, the resulting report lists all AWS services, because
* the master account is not limited by SCPs. For each service, the report includes data for only the master
* account.
*
*
* -
*
* Account – When you specify another account as the entity, the resulting report lists all of the services
* allowed by SCPs that are attached to the account and its parents. For each service, the report includes data for
* only the specified account.
*
*
*
*
* To generate a service last accessed data report for policies, specify an entity path and the optional AWS
* Organizations policy ID. The type of entity that you specify determines the data returned for each service.
*
*
* -
*
* Root – When you specify the root entity and a policy ID, the resulting report lists all of the services
* that are allowed by the specified SCP. For each service, the report includes data for all accounts in your
* organization to which the SCP applies. This data excludes the master account, because the master account is not
* limited by SCPs. If the SCP is not attached to any entities in the organization, then the report will return a
* list of services with no data.
*
*
* -
*
* OU – When you specify an OU entity and a policy ID, the resulting report lists all of the services that
* are allowed by the specified SCP. For each service, the report includes data for all accounts in the OU or its
* children to which the SCP applies. This means that other accounts outside the OU that are affected by the SCP
* might not be included in the data. This data excludes the master account, because the master account is not
* limited by SCPs. If the SCP is not attached to the OU or one of its children, the report will return a list of
* services with no data.
*
*
* -
*
* Master account – When you specify the master account, the resulting report lists all AWS services, because
* the master account is not limited by SCPs. If you specify a policy ID in the CLI or API, the policy is ignored.
* For each service, the report includes data for only the master account.
*
*
* -
*
* Account – When you specify another account entity and a policy ID, the resulting report lists all of the
* services that are allowed by the specified SCP. For each service, the report includes data for only the specified
* account. This means that other accounts in the organization that are affected by the SCP might not be included in
* the data. If the SCP is not attached to the account, the report will return a list of services with no data.
*
*
*
*
*
* Service last accessed data does not use other policy types when determining whether a principal could access a
* service. These other policy types include identity-based policies, resource-based policies, access control lists,
* IAM permissions boundaries, and STS assume role policies. It only applies SCP logic. For more about the
* evaluation of policy types, see Evaluating Policies in the IAM User Guide.
*
*
*
* For more information about service last accessed data, see Reducing Policy Scope
* by Viewing User Activity in the IAM User Guide.
*
*
* @param generateOrganizationsAccessReportRequest
* @return Result of the GenerateOrganizationsAccessReport operation returned by the service.
* @throws ReportGenerationLimitExceededException
* The request failed because the maximum number of concurrent requests for this account are already
* running.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GenerateOrganizationsAccessReport
* @see AWS API Documentation
*/
@Override
public GenerateOrganizationsAccessReportResponse generateOrganizationsAccessReport(
GenerateOrganizationsAccessReportRequest generateOrganizationsAccessReportRequest)
throws ReportGenerationLimitExceededException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GenerateOrganizationsAccessReportResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("GenerateOrganizationsAccessReport").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(generateOrganizationsAccessReportRequest)
.withMarshaller(new GenerateOrganizationsAccessReportRequestMarshaller(protocolFactory)));
}
/**
*
* Generates a report that includes details about when an IAM resource (user, group, role, or policy) was last used
* in an attempt to access AWS services. Recent activity usually appears within four hours. IAM reports activity for
* the last 365 days, or less if your Region began supporting this feature within the last year. For more
* information, see Regions Where Data Is Tracked.
*
*
*
* The service last accessed data includes all attempts to access an AWS API, not just the successful ones. This
* includes all attempts that were made using the AWS Management Console, the AWS API through any of the SDKs, or
* any of the command line tools. An unexpected entry in the service last accessed data does not mean that your
* account has been compromised, because the request might have been denied. Refer to your CloudTrail logs as the
* authoritative source for information about all API calls and whether they were successful or denied access. For
* more information, see Logging IAM Events with
* CloudTrail in the IAM User Guide.
*
*
*
* The GenerateServiceLastAccessedDetails operation returns a JobId. Use this parameter in
* the following operations to retrieve the following details from your report:
*
*
* -
*
* GetServiceLastAccessedDetails – Use this operation for users, groups, roles, or policies to list every AWS
* service that the resource could access using permissions policies. For each service, the response includes
* information about the most recent access attempt.
*
*
* -
*
* GetServiceLastAccessedDetailsWithEntities – Use this operation for groups and policies to list information
* about the associated entities (users or roles) that attempted to access a specific AWS service.
*
*
*
*
* To check the status of the GenerateServiceLastAccessedDetails request, use the JobId
* parameter in the same operations and test the JobStatus response parameter.
*
*
* For additional information about the permissions policies that allow an identity (user, group, or role) to access
* specific services, use the ListPoliciesGrantingServiceAccess operation.
*
*
*
* Service last accessed data does not use other policy types when determining whether a resource could access a
* service. These other policy types include resource-based policies, access control lists, AWS Organizations
* policies, IAM permissions boundaries, and AWS STS assume role policies. It only applies permissions policy logic.
* For more about the evaluation of policy types, see Evaluating Policies in the IAM User Guide.
*
*
*
* For more information about service last accessed data, see Reducing Policy Scope
* by Viewing User Activity in the IAM User Guide.
*
*
* @param generateServiceLastAccessedDetailsRequest
* @return Result of the GenerateServiceLastAccessedDetails operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GenerateServiceLastAccessedDetails
* @see AWS API Documentation
*/
@Override
public GenerateServiceLastAccessedDetailsResponse generateServiceLastAccessedDetails(
GenerateServiceLastAccessedDetailsRequest generateServiceLastAccessedDetailsRequest) throws NoSuchEntityException,
InvalidInputException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GenerateServiceLastAccessedDetailsResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("GenerateServiceLastAccessedDetails").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(generateServiceLastAccessedDetailsRequest)
.withMarshaller(new GenerateServiceLastAccessedDetailsRequestMarshaller(protocolFactory)));
}
/**
*
* Retrieves information about when the specified access key was last used. The information includes the date and
* time of last use, along with the AWS service and Region that were specified in the last request made with that
* key.
*
*
* @param getAccessKeyLastUsedRequest
* @return Result of the GetAccessKeyLastUsed operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetAccessKeyLastUsed
* @see AWS API
* Documentation
*/
@Override
public GetAccessKeyLastUsedResponse getAccessKeyLastUsed(GetAccessKeyLastUsedRequest getAccessKeyLastUsedRequest)
throws NoSuchEntityException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetAccessKeyLastUsedResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("GetAccessKeyLastUsed").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getAccessKeyLastUsedRequest)
.withMarshaller(new GetAccessKeyLastUsedRequestMarshaller(protocolFactory)));
}
/**
*
* Retrieves information about all IAM users, groups, roles, and policies in your AWS account, including their
* relationships to one another. Use this API to obtain a snapshot of the configuration of IAM permissions (users,
* groups, roles, and policies) in your account.
*
*
*
* Policies returned by this API are URL-encoded compliant with RFC
* 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you
* use Java, you can use the decode method of the java.net.URLDecoder utility class in the
* Java SDK. Other languages and SDKs provide similar functionality.
*
*
*
* You can optionally filter the results using the Filter parameter. You can paginate the results using
* the MaxItems and Marker parameters.
*
*
* @param getAccountAuthorizationDetailsRequest
* @return Result of the GetAccountAuthorizationDetails operation returned by the service.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetAccountAuthorizationDetails
* @see AWS API Documentation
*/
@Override
public GetAccountAuthorizationDetailsResponse getAccountAuthorizationDetails(
GetAccountAuthorizationDetailsRequest getAccountAuthorizationDetailsRequest) throws ServiceFailureException,
AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetAccountAuthorizationDetailsResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("GetAccountAuthorizationDetails").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getAccountAuthorizationDetailsRequest)
.withMarshaller(new GetAccountAuthorizationDetailsRequestMarshaller(protocolFactory)));
}
/**
*
* Retrieves information about all IAM users, groups, roles, and policies in your AWS account, including their
* relationships to one another. Use this API to obtain a snapshot of the configuration of IAM permissions (users,
* groups, roles, and policies) in your account.
*
*
*
* Policies returned by this API are URL-encoded compliant with RFC
* 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you
* use Java, you can use the decode method of the java.net.URLDecoder utility class in the
* Java SDK. Other languages and SDKs provide similar functionality.
*
*
*
* You can optionally filter the results using the Filter parameter. You can paginate the results using
* the MaxItems and Marker parameters.
*
*
*
* This is a variant of
* {@link #getAccountAuthorizationDetails(software.amazon.awssdk.services.iam.model.GetAccountAuthorizationDetailsRequest)}
* operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will
* internally handle making service calls for you.
*
*
* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no
* guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response
* pages by making service calls until there are no pages left or your iteration stops. If there are errors in your
* request, you will see the failures only after you start iterating through the iterable.
*
*
*
* The following are few ways to iterate through the response pages:
*
* 1) Using a Stream
*
*
* {@code
* software.amazon.awssdk.services.iam.paginators.GetAccountAuthorizationDetailsIterable responses = client.getAccountAuthorizationDetailsPaginator(request);
* responses.stream().forEach(....);
* }
*
*
* 2) Using For loop
*
*
* {
* @code
* software.amazon.awssdk.services.iam.paginators.GetAccountAuthorizationDetailsIterable responses = client
* .getAccountAuthorizationDetailsPaginator(request);
* for (software.amazon.awssdk.services.iam.model.GetAccountAuthorizationDetailsResponse response : responses) {
* // do something;
* }
* }
*
*
* 3) Use iterator directly
*
*
* {@code
* software.amazon.awssdk.services.iam.paginators.GetAccountAuthorizationDetailsIterable responses = client.getAccountAuthorizationDetailsPaginator(request);
* responses.iterator().forEachRemaining(....);
* }
*
*
* Note: If you prefer to have control on service calls, use the
* {@link #getAccountAuthorizationDetails(software.amazon.awssdk.services.iam.model.GetAccountAuthorizationDetailsRequest)}
* operation.
*
*
* @param getAccountAuthorizationDetailsRequest
* @return A custom iterable that can be used to iterate through all the response pages.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetAccountAuthorizationDetails
* @see AWS API Documentation
*/
@Override
public GetAccountAuthorizationDetailsIterable getAccountAuthorizationDetailsPaginator(
GetAccountAuthorizationDetailsRequest getAccountAuthorizationDetailsRequest) throws ServiceFailureException,
AwsServiceException, SdkClientException, IamException {
return new GetAccountAuthorizationDetailsIterable(this, applyPaginatorUserAgent(getAccountAuthorizationDetailsRequest));
}
/**
*
* Retrieves the password policy for the AWS account. For more information about using a password policy, go to Managing an IAM
* Password Policy.
*
*
* @param getAccountPasswordPolicyRequest
* @return Result of the GetAccountPasswordPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetAccountPasswordPolicy
* @see AWS
* API Documentation
*/
@Override
public GetAccountPasswordPolicyResponse getAccountPasswordPolicy(
GetAccountPasswordPolicyRequest getAccountPasswordPolicyRequest) throws NoSuchEntityException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetAccountPasswordPolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("GetAccountPasswordPolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getAccountPasswordPolicyRequest)
.withMarshaller(new GetAccountPasswordPolicyRequestMarshaller(protocolFactory)));
}
/**
*
* Retrieves information about IAM entity usage and IAM quotas in the AWS account.
*
*
* For information about limitations on IAM entities, see Limitations on IAM
* Entities in the IAM User Guide.
*
*
* @param getAccountSummaryRequest
* @return Result of the GetAccountSummary operation returned by the service.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetAccountSummary
* @see AWS API
* Documentation
*/
@Override
public GetAccountSummaryResponse getAccountSummary(GetAccountSummaryRequest getAccountSummaryRequest)
throws ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetAccountSummaryResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("GetAccountSummary").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getAccountSummaryRequest)
.withMarshaller(new GetAccountSummaryRequestMarshaller(protocolFactory)));
}
/**
*
* Gets a list of all of the context keys referenced in the input policies. The policies are supplied as a list of
* one or more strings. To get the context keys from policies associated with an IAM user, group, or role, use
* GetContextKeysForPrincipalPolicy.
*
*
* Context keys are variables maintained by AWS and its services that provide details about the context of an API
* query request. Context keys can be evaluated by testing against a value specified in an IAM policy. Use
* GetContextKeysForCustomPolicy to understand what key names and values you must supply when you call
* SimulateCustomPolicy. Note that all parameters are shown in unencoded form here for clarity but must be
* URL encoded to be included as a part of a real HTML request.
*
*
* @param getContextKeysForCustomPolicyRequest
* @return Result of the GetContextKeysForCustomPolicy operation returned by the service.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetContextKeysForCustomPolicy
* @see AWS API Documentation
*/
@Override
public GetContextKeysForCustomPolicyResponse getContextKeysForCustomPolicy(
GetContextKeysForCustomPolicyRequest getContextKeysForCustomPolicyRequest) throws InvalidInputException,
AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetContextKeysForCustomPolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("GetContextKeysForCustomPolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getContextKeysForCustomPolicyRequest)
.withMarshaller(new GetContextKeysForCustomPolicyRequestMarshaller(protocolFactory)));
}
/**
*
* Gets a list of all of the context keys referenced in all the IAM policies that are attached to the specified IAM
* entity. The entity can be an IAM user, group, or role. If you specify a user, then the request also includes all
* of the policies attached to groups that the user is a member of.
*
*
* You can optionally include a list of one or more additional policies, specified as strings. If you want to
* include only a list of policies by string, use GetContextKeysForCustomPolicy instead.
*
*
* Note: This API discloses information about the permissions granted to other users. If you do not want
* users to see other user's permissions, then consider allowing them to use GetContextKeysForCustomPolicy
* instead.
*
*
* Context keys are variables maintained by AWS and its services that provide details about the context of an API
* query request. Context keys can be evaluated by testing against a value in an IAM policy. Use
* GetContextKeysForPrincipalPolicy to understand what key names and values you must supply when you call
* SimulatePrincipalPolicy.
*
*
* @param getContextKeysForPrincipalPolicyRequest
* @return Result of the GetContextKeysForPrincipalPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetContextKeysForPrincipalPolicy
* @see AWS API Documentation
*/
@Override
public GetContextKeysForPrincipalPolicyResponse getContextKeysForPrincipalPolicy(
GetContextKeysForPrincipalPolicyRequest getContextKeysForPrincipalPolicyRequest) throws NoSuchEntityException,
InvalidInputException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetContextKeysForPrincipalPolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("GetContextKeysForPrincipalPolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getContextKeysForPrincipalPolicyRequest)
.withMarshaller(new GetContextKeysForPrincipalPolicyRequestMarshaller(protocolFactory)));
}
/**
*
* Retrieves a credential report for the AWS account. For more information about the credential report, see Getting Credential Reports in
* the IAM User Guide.
*
*
* @param getCredentialReportRequest
* @return Result of the GetCredentialReport operation returned by the service.
* @throws CredentialReportNotPresentException
* The request was rejected because the credential report does not exist. To generate a credential report,
* use GenerateCredentialReport.
* @throws CredentialReportExpiredException
* The request was rejected because the most recent credential report has expired. To generate a new
* credential report, use GenerateCredentialReport. For more information about credential report
* expiration, see Getting Credential
* Reports in the IAM User Guide.
* @throws CredentialReportNotReadyException
* The request was rejected because the credential report is still being generated.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetCredentialReport
* @see AWS API
* Documentation
*/
@Override
public GetCredentialReportResponse getCredentialReport(GetCredentialReportRequest getCredentialReportRequest)
throws CredentialReportNotPresentException, CredentialReportExpiredException, CredentialReportNotReadyException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetCredentialReportResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("GetCredentialReport").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getCredentialReportRequest)
.withMarshaller(new GetCredentialReportRequestMarshaller(protocolFactory)));
}
/**
*
* Returns a list of IAM users that are in the specified IAM group. You can paginate the results using the
* MaxItems and Marker parameters.
*
*
* @param getGroupRequest
* @return Result of the GetGroup operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetGroup
* @see AWS API
* Documentation
*/
@Override
public GetGroupResponse getGroup(GetGroupRequest getGroupRequest) throws NoSuchEntityException, ServiceFailureException,
AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(GetGroupResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams().withOperationName("GetGroup")
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler).withInput(getGroupRequest)
.withMarshaller(new GetGroupRequestMarshaller(protocolFactory)));
}
/**
*
* Returns a list of IAM users that are in the specified IAM group. You can paginate the results using the
* MaxItems and Marker parameters.
*
*
*
* This is a variant of {@link #getGroup(software.amazon.awssdk.services.iam.model.GetGroupRequest)} operation. The
* return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle
* making service calls for you.
*
*
* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no
* guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response
* pages by making service calls until there are no pages left or your iteration stops. If there are errors in your
* request, you will see the failures only after you start iterating through the iterable.
*
*
*
* The following are few ways to iterate through the response pages:
*
* 1) Using a Stream
*
*
* {@code
* software.amazon.awssdk.services.iam.paginators.GetGroupIterable responses = client.getGroupPaginator(request);
* responses.stream().forEach(....);
* }
*
*
* 2) Using For loop
*
*
* {
* @code
* software.amazon.awssdk.services.iam.paginators.GetGroupIterable responses = client.getGroupPaginator(request);
* for (software.amazon.awssdk.services.iam.model.GetGroupResponse response : responses) {
* // do something;
* }
* }
*
*
* 3) Use iterator directly
*
*
* {@code
* software.amazon.awssdk.services.iam.paginators.GetGroupIterable responses = client.getGroupPaginator(request);
* responses.iterator().forEachRemaining(....);
* }
*
*
* Note: If you prefer to have control on service calls, use the
* {@link #getGroup(software.amazon.awssdk.services.iam.model.GetGroupRequest)} operation.
*
*
* @param getGroupRequest
* @return A custom iterable that can be used to iterate through all the response pages.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetGroup
* @see AWS API
* Documentation
*/
@Override
public GetGroupIterable getGroupPaginator(GetGroupRequest getGroupRequest) throws NoSuchEntityException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
return new GetGroupIterable(this, applyPaginatorUserAgent(getGroupRequest));
}
/**
*
* Retrieves the specified inline policy document that is embedded in the specified IAM group.
*
*
*
* Policies returned by this API are URL-encoded compliant with RFC
* 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you
* use Java, you can use the decode method of the java.net.URLDecoder utility class in the
* Java SDK. Other languages and SDKs provide similar functionality.
*
*
*
* An IAM group can also have managed policies attached to it. To retrieve a managed policy document that is
* attached to a group, use GetPolicy to determine the policy's default version, then use
* GetPolicyVersion to retrieve the policy document.
*
*
* For more information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param getGroupPolicyRequest
* @return Result of the GetGroupPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetGroupPolicy
* @see AWS API
* Documentation
*/
@Override
public GetGroupPolicyResponse getGroupPolicy(GetGroupPolicyRequest getGroupPolicyRequest) throws NoSuchEntityException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetGroupPolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("GetGroupPolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getGroupPolicyRequest)
.withMarshaller(new GetGroupPolicyRequestMarshaller(protocolFactory)));
}
/**
*
* Retrieves information about the specified instance profile, including the instance profile's path, GUID, ARN, and
* role. For more information about instance profiles, see About Instance Profiles in
* the IAM User Guide.
*
*
* @param getInstanceProfileRequest
* @return Result of the GetInstanceProfile operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetInstanceProfile
* @see AWS API
* Documentation
*/
@Override
public GetInstanceProfileResponse getInstanceProfile(GetInstanceProfileRequest getInstanceProfileRequest)
throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetInstanceProfileResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("GetInstanceProfile").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getInstanceProfileRequest)
.withMarshaller(new GetInstanceProfileRequestMarshaller(protocolFactory)));
}
/**
*
* Retrieves the user name and password-creation date for the specified IAM user. If the user has not been assigned
* a password, the operation returns a 404 (NoSuchEntity) error.
*
*
* @param getLoginProfileRequest
* @return Result of the GetLoginProfile operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetLoginProfile
* @see AWS API
* Documentation
*/
@Override
public GetLoginProfileResponse getLoginProfile(GetLoginProfileRequest getLoginProfileRequest) throws NoSuchEntityException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetLoginProfileResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("GetLoginProfile").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getLoginProfileRequest)
.withMarshaller(new GetLoginProfileRequestMarshaller(protocolFactory)));
}
/**
*
* Returns information about the specified OpenID Connect (OIDC) provider resource object in IAM.
*
*
* @param getOpenIdConnectProviderRequest
* @return Result of the GetOpenIDConnectProvider operation returned by the service.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetOpenIDConnectProvider
* @see AWS
* API Documentation
*/
@Override
public GetOpenIdConnectProviderResponse getOpenIDConnectProvider(
GetOpenIdConnectProviderRequest getOpenIdConnectProviderRequest) throws InvalidInputException, NoSuchEntityException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetOpenIdConnectProviderResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("GetOpenIDConnectProvider").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getOpenIdConnectProviderRequest)
.withMarshaller(new GetOpenIdConnectProviderRequestMarshaller(protocolFactory)));
}
/**
*
* Retrieves the service last accessed data report for AWS Organizations that was previously generated using the
* GenerateOrganizationsAccessReport operation. This operation retrieves the status of your
* report job and the report contents.
*
*
* Depending on the parameters that you passed when you generated the report, the data returned could include
* different information. For details, see GenerateOrganizationsAccessReport.
*
*
* To call this operation, you must be signed in to the master account in your organization. SCPs must be enabled
* for your organization root. You must have permissions to perform this operation. For more information, see Refining Permissions
* Using Service Last Accessed Data in the IAM User Guide.
*
*
* For each service that principals in an account (root users, IAM users, or IAM roles) could access using SCPs, the
* operation returns details about the most recent access attempt. If there was no attempt, the service is listed
* without details about the most recent attempt to access the service. If the operation fails, it returns the
* reason that it failed.
*
*
* By default, the list is sorted by service namespace.
*
*
* @param getOrganizationsAccessReportRequest
* @return Result of the GetOrganizationsAccessReport operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetOrganizationsAccessReport
* @see AWS API Documentation
*/
@Override
public GetOrganizationsAccessReportResponse getOrganizationsAccessReport(
GetOrganizationsAccessReportRequest getOrganizationsAccessReportRequest) throws NoSuchEntityException,
AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetOrganizationsAccessReportResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("GetOrganizationsAccessReport").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getOrganizationsAccessReportRequest)
.withMarshaller(new GetOrganizationsAccessReportRequestMarshaller(protocolFactory)));
}
/**
*
* Retrieves information about the specified managed policy, including the policy's default version and the total
* number of IAM users, groups, and roles to which the policy is attached. To retrieve the list of the specific
* users, groups, and roles that the policy is attached to, use the ListEntitiesForPolicy API. This API
* returns metadata about the policy. To retrieve the actual policy document for a specific version of the policy,
* use GetPolicyVersion.
*
*
* This API retrieves information about managed policies. To retrieve information about an inline policy that is
* embedded with an IAM user, group, or role, use the GetUserPolicy, GetGroupPolicy, or
* GetRolePolicy API.
*
*
* For more information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param getPolicyRequest
* @return Result of the GetPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetPolicy
* @see AWS API
* Documentation
*/
@Override
public GetPolicyResponse getPolicy(GetPolicyRequest getPolicyRequest) throws NoSuchEntityException, InvalidInputException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetPolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("GetPolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getPolicyRequest)
.withMarshaller(new GetPolicyRequestMarshaller(protocolFactory)));
}
/**
*
* Retrieves information about the specified version of the specified managed policy, including the policy document.
*
*
*
* Policies returned by this API are URL-encoded compliant with RFC
* 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you
* use Java, you can use the decode method of the java.net.URLDecoder utility class in the
* Java SDK. Other languages and SDKs provide similar functionality.
*
*
*
* To list the available versions for a policy, use ListPolicyVersions.
*
*
* This API retrieves information about managed policies. To retrieve information about an inline policy that is
* embedded in a user, group, or role, use the GetUserPolicy, GetGroupPolicy, or GetRolePolicy
* API.
*
*
* For more information about the types of policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* For more information about managed policy versions, see Versioning for Managed
* Policies in the IAM User Guide.
*
*
* @param getPolicyVersionRequest
* @return Result of the GetPolicyVersion operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetPolicyVersion
* @see AWS API
* Documentation
*/
@Override
public GetPolicyVersionResponse getPolicyVersion(GetPolicyVersionRequest getPolicyVersionRequest)
throws NoSuchEntityException, InvalidInputException, ServiceFailureException, AwsServiceException,
SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetPolicyVersionResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("GetPolicyVersion").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getPolicyVersionRequest)
.withMarshaller(new GetPolicyVersionRequestMarshaller(protocolFactory)));
}
/**
*
* Retrieves information about the specified role, including the role's path, GUID, ARN, and the role's trust policy
* that grants permission to assume the role. For more information about roles, see Working with Roles.
*
*
*
* Policies returned by this API are URL-encoded compliant with RFC
* 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you
* use Java, you can use the decode method of the java.net.URLDecoder utility class in the
* Java SDK. Other languages and SDKs provide similar functionality.
*
*
*
* @param getRoleRequest
* @return Result of the GetRole operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetRole
* @see AWS API
* Documentation
*/
@Override
public GetRoleResponse getRole(GetRoleRequest getRoleRequest) throws NoSuchEntityException, ServiceFailureException,
AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(GetRoleResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams().withOperationName("GetRole")
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler).withInput(getRoleRequest)
.withMarshaller(new GetRoleRequestMarshaller(protocolFactory)));
}
/**
*
* Retrieves the specified inline policy document that is embedded with the specified IAM role.
*
*
*
* Policies returned by this API are URL-encoded compliant with RFC
* 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you
* use Java, you can use the decode method of the java.net.URLDecoder utility class in the
* Java SDK. Other languages and SDKs provide similar functionality.
*
*
*
* An IAM role can also have managed policies attached to it. To retrieve a managed policy document that is attached
* to a role, use GetPolicy to determine the policy's default version, then use GetPolicyVersion to
* retrieve the policy document.
*
*
* For more information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* For more information about roles, see Using Roles to Delegate Permissions
* and Federate Identities.
*
*
* @param getRolePolicyRequest
* @return Result of the GetRolePolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetRolePolicy
* @see AWS API
* Documentation
*/
@Override
public GetRolePolicyResponse getRolePolicy(GetRolePolicyRequest getRolePolicyRequest) throws NoSuchEntityException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetRolePolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("GetRolePolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getRolePolicyRequest)
.withMarshaller(new GetRolePolicyRequestMarshaller(protocolFactory)));
}
/**
*
* Returns the SAML provider metadocument that was uploaded when the IAM SAML provider resource object was created
* or updated.
*
*
*
* This operation requires Signature Version 4.
*
*
*
* @param getSamlProviderRequest
* @return Result of the GetSAMLProvider operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetSAMLProvider
* @see AWS API
* Documentation
*/
@Override
public GetSamlProviderResponse getSAMLProvider(GetSamlProviderRequest getSamlProviderRequest) throws NoSuchEntityException,
InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetSamlProviderResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("GetSAMLProvider").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getSamlProviderRequest)
.withMarshaller(new GetSamlProviderRequestMarshaller(protocolFactory)));
}
/**
*
* Retrieves the specified SSH public key, including metadata about the key.
*
*
* The SSH public key retrieved by this operation is used only for authenticating the associated IAM user to an AWS
* CodeCommit repository. For more information about using SSH keys to authenticate to an AWS CodeCommit repository,
* see Set up AWS
* CodeCommit for SSH Connections in the AWS CodeCommit User Guide.
*
*
* @param getSshPublicKeyRequest
* @return Result of the GetSSHPublicKey operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws UnrecognizedPublicKeyEncodingException
* The request was rejected because the public key encoding format is unsupported or unrecognized.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetSSHPublicKey
* @see AWS API
* Documentation
*/
@Override
public GetSshPublicKeyResponse getSSHPublicKey(GetSshPublicKeyRequest getSshPublicKeyRequest) throws NoSuchEntityException,
UnrecognizedPublicKeyEncodingException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetSshPublicKeyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("GetSSHPublicKey").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getSshPublicKeyRequest)
.withMarshaller(new GetSshPublicKeyRequestMarshaller(protocolFactory)));
}
/**
*
* Retrieves information about the specified server certificate stored in IAM.
*
*
* For more information about working with server certificates, see Working with Server
* Certificates in the IAM User Guide. This topic includes a list of AWS services that can use the server
* certificates that you manage with IAM.
*
*
* @param getServerCertificateRequest
* @return Result of the GetServerCertificate operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetServerCertificate
* @see AWS API
* Documentation
*/
@Override
public GetServerCertificateResponse getServerCertificate(GetServerCertificateRequest getServerCertificateRequest)
throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetServerCertificateResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("GetServerCertificate").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getServerCertificateRequest)
.withMarshaller(new GetServerCertificateRequestMarshaller(protocolFactory)));
}
/**
*
* Retrieves a service last accessed report that was created using the
* GenerateServiceLastAccessedDetails operation. You can use the JobId parameter in
* GetServiceLastAccessedDetails to retrieve the status of your report job. When the report is
* complete, you can retrieve the generated report. The report includes a list of AWS services that the resource
* (user, group, role, or managed policy) can access.
*
*
*
* Service last accessed data does not use other policy types when determining whether a resource could access a
* service. These other policy types include resource-based policies, access control lists, AWS Organizations
* policies, IAM permissions boundaries, and AWS STS assume role policies. It only applies permissions policy logic.
* For more about the evaluation of policy types, see Evaluating Policies in the IAM User Guide.
*
*
*
* For each service that the resource could access using permissions policies, the operation returns details about
* the most recent access attempt. If there was no attempt, the service is listed without details about the most
* recent attempt to access the service. If the operation fails, the GetServiceLastAccessedDetails
* operation returns the reason that it failed.
*
*
* The GetServiceLastAccessedDetails operation returns a list of services. This list includes the
* number of entities that have attempted to access the service and the date and time of the last attempt. It also
* returns the ARN of the following entity, depending on the resource ARN that you used to generate the report:
*
*
* -
*
* User – Returns the user ARN that you used to generate the report
*
*
* -
*
* Group – Returns the ARN of the group member (user) that last attempted to access the service
*
*
* -
*
* Role – Returns the role ARN that you used to generate the report
*
*
* -
*
* Policy – Returns the ARN of the user or role that last used the policy to attempt to access the service
*
*
*
*
* By default, the list is sorted by service namespace.
*
*
* @param getServiceLastAccessedDetailsRequest
* @return Result of the GetServiceLastAccessedDetails operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetServiceLastAccessedDetails
* @see AWS API Documentation
*/
@Override
public GetServiceLastAccessedDetailsResponse getServiceLastAccessedDetails(
GetServiceLastAccessedDetailsRequest getServiceLastAccessedDetailsRequest) throws NoSuchEntityException,
InvalidInputException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetServiceLastAccessedDetailsResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("GetServiceLastAccessedDetails").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getServiceLastAccessedDetailsRequest)
.withMarshaller(new GetServiceLastAccessedDetailsRequestMarshaller(protocolFactory)));
}
/**
*
* After you generate a group or policy report using the GenerateServiceLastAccessedDetails operation,
* you can use the JobId parameter in GetServiceLastAccessedDetailsWithEntities. This
* operation retrieves the status of your report job and a list of entities that could have used group or policy
* permissions to access the specified service.
*
*
* -
*
* Group – For a group report, this operation returns a list of users in the group that could have used the
* group’s policies in an attempt to access the service.
*
*
* -
*
* Policy – For a policy report, this operation returns a list of entities (users or roles) that could have
* used the policy in an attempt to access the service.
*
*
*
*
* You can also use this operation for user or role reports to retrieve details about those entities.
*
*
* If the operation fails, the GetServiceLastAccessedDetailsWithEntities operation returns the reason
* that it failed.
*
*
* By default, the list of associated entities is sorted by date, with the most recent access listed first.
*
*
* @param getServiceLastAccessedDetailsWithEntitiesRequest
* @return Result of the GetServiceLastAccessedDetailsWithEntities operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetServiceLastAccessedDetailsWithEntities
* @see AWS API Documentation
*/
@Override
public GetServiceLastAccessedDetailsWithEntitiesResponse getServiceLastAccessedDetailsWithEntities(
GetServiceLastAccessedDetailsWithEntitiesRequest getServiceLastAccessedDetailsWithEntitiesRequest)
throws NoSuchEntityException, InvalidInputException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetServiceLastAccessedDetailsWithEntitiesResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("GetServiceLastAccessedDetailsWithEntities").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler)
.withInput(getServiceLastAccessedDetailsWithEntitiesRequest)
.withMarshaller(new GetServiceLastAccessedDetailsWithEntitiesRequestMarshaller(protocolFactory)));
}
/**
*
* Retrieves the status of your service-linked role deletion. After you use the DeleteServiceLinkedRole API
* operation to submit a service-linked role for deletion, you can use the DeletionTaskId parameter in
* GetServiceLinkedRoleDeletionStatus to check the status of the deletion. If the deletion fails, this
* operation returns the reason that it failed, if that information is returned by the service.
*
*
* @param getServiceLinkedRoleDeletionStatusRequest
* @return Result of the GetServiceLinkedRoleDeletionStatus operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetServiceLinkedRoleDeletionStatus
* @see AWS API Documentation
*/
@Override
public GetServiceLinkedRoleDeletionStatusResponse getServiceLinkedRoleDeletionStatus(
GetServiceLinkedRoleDeletionStatusRequest getServiceLinkedRoleDeletionStatusRequest) throws NoSuchEntityException,
InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetServiceLinkedRoleDeletionStatusResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("GetServiceLinkedRoleDeletionStatus").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getServiceLinkedRoleDeletionStatusRequest)
.withMarshaller(new GetServiceLinkedRoleDeletionStatusRequestMarshaller(protocolFactory)));
}
/**
*
* Retrieves information about the specified IAM user, including the user's creation date, path, unique ID, and ARN.
*
*
* If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID used to
* sign the request to this API.
*
*
* @param getUserRequest
* @return Result of the GetUser operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetUser
* @see AWS API
* Documentation
*/
@Override
public GetUserResponse getUser(GetUserRequest getUserRequest) throws NoSuchEntityException, ServiceFailureException,
AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(GetUserResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams().withOperationName("GetUser")
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler).withInput(getUserRequest)
.withMarshaller(new GetUserRequestMarshaller(protocolFactory)));
}
/**
*
* Retrieves the specified inline policy document that is embedded in the specified IAM user.
*
*
*
* Policies returned by this API are URL-encoded compliant with RFC
* 3986. You can use a URL decoding method to convert the policy back to plain JSON text. For example, if you
* use Java, you can use the decode method of the java.net.URLDecoder utility class in the
* Java SDK. Other languages and SDKs provide similar functionality.
*
*
*
* An IAM user can also have managed policies attached to it. To retrieve a managed policy document that is attached
* to a user, use GetPolicy to determine the policy's default version. Then use GetPolicyVersion to
* retrieve the policy document.
*
*
* For more information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* @param getUserPolicyRequest
* @return Result of the GetUserPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.GetUserPolicy
* @see AWS API
* Documentation
*/
@Override
public GetUserPolicyResponse getUserPolicy(GetUserPolicyRequest getUserPolicyRequest) throws NoSuchEntityException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(GetUserPolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("GetUserPolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(getUserPolicyRequest)
.withMarshaller(new GetUserPolicyRequestMarshaller(protocolFactory)));
}
/**
*
* Returns information about the access key IDs associated with the specified IAM user. If there is none, the
* operation returns an empty list.
*
*
* Although each user is limited to a small number of keys, you can still paginate the results using the
* MaxItems and Marker parameters.
*
*
* If the UserName field is not specified, the user name is determined implicitly based on the AWS
* access key ID used to sign the request. This operation works for access keys under the AWS account. Consequently,
* you can use this operation to manage AWS account root user credentials even if the AWS account has no associated
* users.
*
*
*
* To ensure the security of your AWS account, the secret access key is accessible only during key and user
* creation.
*
*
*
* @param listAccessKeysRequest
* @return Result of the ListAccessKeys operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.ListAccessKeys
* @see AWS API
* Documentation
*/
@Override
public ListAccessKeysResponse listAccessKeys(ListAccessKeysRequest listAccessKeysRequest) throws NoSuchEntityException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(ListAccessKeysResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("ListAccessKeys").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(listAccessKeysRequest)
.withMarshaller(new ListAccessKeysRequestMarshaller(protocolFactory)));
}
/**
*
* Returns information about the access key IDs associated with the specified IAM user. If there is none, the
* operation returns an empty list.
*
*
* Although each user is limited to a small number of keys, you can still paginate the results using the
* MaxItems and Marker parameters.
*
*
* If the UserName field is not specified, the user name is determined implicitly based on the AWS
* access key ID used to sign the request. This operation works for access keys under the AWS account. Consequently,
* you can use this operation to manage AWS account root user credentials even if the AWS account has no associated
* users.
*
*
*
* To ensure the security of your AWS account, the secret access key is accessible only during key and user
* creation.
*
*
*
* This is a variant of {@link #listAccessKeys(software.amazon.awssdk.services.iam.model.ListAccessKeysRequest)}
* operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will
* internally handle making service calls for you.
*
*
* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no
* guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response
* pages by making service calls until there are no pages left or your iteration stops. If there are errors in your
* request, you will see the failures only after you start iterating through the iterable.
*
*
*
* The following are few ways to iterate through the response pages:
*
* 1) Using a Stream
*
*
* {@code
* software.amazon.awssdk.services.iam.paginators.ListAccessKeysIterable responses = client.listAccessKeysPaginator(request);
* responses.stream().forEach(....);
* }
*
*
* 2) Using For loop
*
*
* {
* @code
* software.amazon.awssdk.services.iam.paginators.ListAccessKeysIterable responses = client.listAccessKeysPaginator(request);
* for (software.amazon.awssdk.services.iam.model.ListAccessKeysResponse response : responses) {
* // do something;
* }
* }
*
*
* 3) Use iterator directly
*
*
* {@code
* software.amazon.awssdk.services.iam.paginators.ListAccessKeysIterable responses = client.listAccessKeysPaginator(request);
* responses.iterator().forEachRemaining(....);
* }
*
*
* Note: If you prefer to have control on service calls, use the
* {@link #listAccessKeys(software.amazon.awssdk.services.iam.model.ListAccessKeysRequest)} operation.
*
*
* @param listAccessKeysRequest
* @return A custom iterable that can be used to iterate through all the response pages.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.ListAccessKeys
* @see AWS API
* Documentation
*/
@Override
public ListAccessKeysIterable listAccessKeysPaginator(ListAccessKeysRequest listAccessKeysRequest)
throws NoSuchEntityException, ServiceFailureException, AwsServiceException, SdkClientException, IamException {
return new ListAccessKeysIterable(this, applyPaginatorUserAgent(listAccessKeysRequest));
}
/**
*
* Lists the account alias associated with the AWS account (Note: you can have only one). For information about
* using an AWS account alias, see Using an Alias for Your AWS Account
* ID in the IAM User Guide.
*
*
* @param listAccountAliasesRequest
* @return Result of the ListAccountAliases operation returned by the service.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.ListAccountAliases
* @see AWS API
* Documentation
*/
@Override
public ListAccountAliasesResponse listAccountAliases(ListAccountAliasesRequest listAccountAliasesRequest)
throws ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(ListAccountAliasesResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("ListAccountAliases").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(listAccountAliasesRequest)
.withMarshaller(new ListAccountAliasesRequestMarshaller(protocolFactory)));
}
/**
*
* Lists the account alias associated with the AWS account (Note: you can have only one). For information about
* using an AWS account alias, see Using an Alias for Your AWS Account
* ID in the IAM User Guide.
*
*
*
* This is a variant of
* {@link #listAccountAliases(software.amazon.awssdk.services.iam.model.ListAccountAliasesRequest)} operation. The
* return type is a custom iterable that can be used to iterate through all the pages. SDK will internally handle
* making service calls for you.
*
*
* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no
* guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response
* pages by making service calls until there are no pages left or your iteration stops. If there are errors in your
* request, you will see the failures only after you start iterating through the iterable.
*
*
*
* The following are few ways to iterate through the response pages:
*
* 1) Using a Stream
*
*
* {@code
* software.amazon.awssdk.services.iam.paginators.ListAccountAliasesIterable responses = client.listAccountAliasesPaginator(request);
* responses.stream().forEach(....);
* }
*
*
* 2) Using For loop
*
*
* {
* @code
* software.amazon.awssdk.services.iam.paginators.ListAccountAliasesIterable responses = client
* .listAccountAliasesPaginator(request);
* for (software.amazon.awssdk.services.iam.model.ListAccountAliasesResponse response : responses) {
* // do something;
* }
* }
*
*
* 3) Use iterator directly
*
*
* {@code
* software.amazon.awssdk.services.iam.paginators.ListAccountAliasesIterable responses = client.listAccountAliasesPaginator(request);
* responses.iterator().forEachRemaining(....);
* }
*
*
* Note: If you prefer to have control on service calls, use the
* {@link #listAccountAliases(software.amazon.awssdk.services.iam.model.ListAccountAliasesRequest)} operation.
*
*
* @param listAccountAliasesRequest
* @return A custom iterable that can be used to iterate through all the response pages.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.ListAccountAliases
* @see AWS API
* Documentation
*/
@Override
public ListAccountAliasesIterable listAccountAliasesPaginator(ListAccountAliasesRequest listAccountAliasesRequest)
throws ServiceFailureException, AwsServiceException, SdkClientException, IamException {
return new ListAccountAliasesIterable(this, applyPaginatorUserAgent(listAccountAliasesRequest));
}
/**
*
* Lists all managed policies that are attached to the specified IAM group.
*
*
* An IAM group can also have inline policies embedded with it. To list the inline policies for a group, use the
* ListGroupPolicies API. For information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* You can paginate the results using the MaxItems and Marker parameters. You can use the
* PathPrefix parameter to limit the list of policies to only those matching the specified path prefix.
* If there are no policies attached to the specified group (or none that match the specified path prefix), the
* operation returns an empty list.
*
*
* @param listAttachedGroupPoliciesRequest
* @return Result of the ListAttachedGroupPolicies operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.ListAttachedGroupPolicies
* @see AWS
* API Documentation
*/
@Override
public ListAttachedGroupPoliciesResponse listAttachedGroupPolicies(
ListAttachedGroupPoliciesRequest listAttachedGroupPoliciesRequest) throws NoSuchEntityException,
InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(ListAttachedGroupPoliciesResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("ListAttachedGroupPolicies").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(listAttachedGroupPoliciesRequest)
.withMarshaller(new ListAttachedGroupPoliciesRequestMarshaller(protocolFactory)));
}
/**
*
* Lists all managed policies that are attached to the specified IAM group.
*
*
* An IAM group can also have inline policies embedded with it. To list the inline policies for a group, use the
* ListGroupPolicies API. For information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* You can paginate the results using the MaxItems and Marker parameters. You can use the
* PathPrefix parameter to limit the list of policies to only those matching the specified path prefix.
* If there are no policies attached to the specified group (or none that match the specified path prefix), the
* operation returns an empty list.
*
*
*
* This is a variant of
* {@link #listAttachedGroupPolicies(software.amazon.awssdk.services.iam.model.ListAttachedGroupPoliciesRequest)}
* operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will
* internally handle making service calls for you.
*
*
* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no
* guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response
* pages by making service calls until there are no pages left or your iteration stops. If there are errors in your
* request, you will see the failures only after you start iterating through the iterable.
*
*
*
* The following are few ways to iterate through the response pages:
*
* 1) Using a Stream
*
*
* {@code
* software.amazon.awssdk.services.iam.paginators.ListAttachedGroupPoliciesIterable responses = client.listAttachedGroupPoliciesPaginator(request);
* responses.stream().forEach(....);
* }
*
*
* 2) Using For loop
*
*
* {
* @code
* software.amazon.awssdk.services.iam.paginators.ListAttachedGroupPoliciesIterable responses = client
* .listAttachedGroupPoliciesPaginator(request);
* for (software.amazon.awssdk.services.iam.model.ListAttachedGroupPoliciesResponse response : responses) {
* // do something;
* }
* }
*
*
* 3) Use iterator directly
*
*
* {@code
* software.amazon.awssdk.services.iam.paginators.ListAttachedGroupPoliciesIterable responses = client.listAttachedGroupPoliciesPaginator(request);
* responses.iterator().forEachRemaining(....);
* }
*
*
* Note: If you prefer to have control on service calls, use the
* {@link #listAttachedGroupPolicies(software.amazon.awssdk.services.iam.model.ListAttachedGroupPoliciesRequest)}
* operation.
*
*
* @param listAttachedGroupPoliciesRequest
* @return A custom iterable that can be used to iterate through all the response pages.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.ListAttachedGroupPolicies
* @see AWS
* API Documentation
*/
@Override
public ListAttachedGroupPoliciesIterable listAttachedGroupPoliciesPaginator(
ListAttachedGroupPoliciesRequest listAttachedGroupPoliciesRequest) throws NoSuchEntityException,
InvalidInputException, ServiceFailureException, AwsServiceException, SdkClientException, IamException {
return new ListAttachedGroupPoliciesIterable(this, applyPaginatorUserAgent(listAttachedGroupPoliciesRequest));
}
/**
*
* Lists all managed policies that are attached to the specified IAM role.
*
*
* An IAM role can also have inline policies embedded with it. To list the inline policies for a role, use the
* ListRolePolicies API. For information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* You can paginate the results using the MaxItems and Marker parameters. You can use the
* PathPrefix parameter to limit the list of policies to only those matching the specified path prefix.
* If there are no policies attached to the specified role (or none that match the specified path prefix), the
* operation returns an empty list.
*
*
* @param listAttachedRolePoliciesRequest
* @return Result of the ListAttachedRolePolicies operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.ListAttachedRolePolicies
* @see AWS
* API Documentation
*/
@Override
public ListAttachedRolePoliciesResponse listAttachedRolePolicies(
ListAttachedRolePoliciesRequest listAttachedRolePoliciesRequest) throws NoSuchEntityException, InvalidInputException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(ListAttachedRolePoliciesResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("ListAttachedRolePolicies").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(listAttachedRolePoliciesRequest)
.withMarshaller(new ListAttachedRolePoliciesRequestMarshaller(protocolFactory)));
}
/**
*
* Lists all managed policies that are attached to the specified IAM role.
*
*
* An IAM role can also have inline policies embedded with it. To list the inline policies for a role, use the
* ListRolePolicies API. For information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* You can paginate the results using the MaxItems and Marker parameters. You can use the
* PathPrefix parameter to limit the list of policies to only those matching the specified path prefix.
* If there are no policies attached to the specified role (or none that match the specified path prefix), the
* operation returns an empty list.
*
*
*
* This is a variant of
* {@link #listAttachedRolePolicies(software.amazon.awssdk.services.iam.model.ListAttachedRolePoliciesRequest)}
* operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will
* internally handle making service calls for you.
*
*
* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no
* guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response
* pages by making service calls until there are no pages left or your iteration stops. If there are errors in your
* request, you will see the failures only after you start iterating through the iterable.
*
*
*
* The following are few ways to iterate through the response pages:
*
* 1) Using a Stream
*
*
* {@code
* software.amazon.awssdk.services.iam.paginators.ListAttachedRolePoliciesIterable responses = client.listAttachedRolePoliciesPaginator(request);
* responses.stream().forEach(....);
* }
*
*
* 2) Using For loop
*
*
* {
* @code
* software.amazon.awssdk.services.iam.paginators.ListAttachedRolePoliciesIterable responses = client
* .listAttachedRolePoliciesPaginator(request);
* for (software.amazon.awssdk.services.iam.model.ListAttachedRolePoliciesResponse response : responses) {
* // do something;
* }
* }
*
*
* 3) Use iterator directly
*
*
* {@code
* software.amazon.awssdk.services.iam.paginators.ListAttachedRolePoliciesIterable responses = client.listAttachedRolePoliciesPaginator(request);
* responses.iterator().forEachRemaining(....);
* }
*
*
* Note: If you prefer to have control on service calls, use the
* {@link #listAttachedRolePolicies(software.amazon.awssdk.services.iam.model.ListAttachedRolePoliciesRequest)}
* operation.
*
*
* @param listAttachedRolePoliciesRequest
* @return A custom iterable that can be used to iterate through all the response pages.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.ListAttachedRolePolicies
* @see AWS
* API Documentation
*/
@Override
public ListAttachedRolePoliciesIterable listAttachedRolePoliciesPaginator(
ListAttachedRolePoliciesRequest listAttachedRolePoliciesRequest) throws NoSuchEntityException, InvalidInputException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
return new ListAttachedRolePoliciesIterable(this, applyPaginatorUserAgent(listAttachedRolePoliciesRequest));
}
/**
*
* Lists all managed policies that are attached to the specified IAM user.
*
*
* An IAM user can also have inline policies embedded with it. To list the inline policies for a user, use the
* ListUserPolicies API. For information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* You can paginate the results using the MaxItems and Marker parameters. You can use the
* PathPrefix parameter to limit the list of policies to only those matching the specified path prefix.
* If there are no policies attached to the specified group (or none that match the specified path prefix), the
* operation returns an empty list.
*
*
* @param listAttachedUserPoliciesRequest
* @return Result of the ListAttachedUserPolicies operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.ListAttachedUserPolicies
* @see AWS
* API Documentation
*/
@Override
public ListAttachedUserPoliciesResponse listAttachedUserPolicies(
ListAttachedUserPoliciesRequest listAttachedUserPoliciesRequest) throws NoSuchEntityException, InvalidInputException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(ListAttachedUserPoliciesResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("ListAttachedUserPolicies").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(listAttachedUserPoliciesRequest)
.withMarshaller(new ListAttachedUserPoliciesRequestMarshaller(protocolFactory)));
}
/**
*
* Lists all managed policies that are attached to the specified IAM user.
*
*
* An IAM user can also have inline policies embedded with it. To list the inline policies for a user, use the
* ListUserPolicies API. For information about policies, see Managed Policies and
* Inline Policies in the IAM User Guide.
*
*
* You can paginate the results using the MaxItems and Marker parameters. You can use the
* PathPrefix parameter to limit the list of policies to only those matching the specified path prefix.
* If there are no policies attached to the specified group (or none that match the specified path prefix), the
* operation returns an empty list.
*
*
*
* This is a variant of
* {@link #listAttachedUserPolicies(software.amazon.awssdk.services.iam.model.ListAttachedUserPoliciesRequest)}
* operation. The return type is a custom iterable that can be used to iterate through all the pages. SDK will
* internally handle making service calls for you.
*
*
* When this operation is called, a custom iterable is returned but no service calls are made yet. So there is no
* guarantee that the request is valid. As you iterate through the iterable, SDK will start lazily loading response
* pages by making service calls until there are no pages left or your iteration stops. If there are errors in your
* request, you will see the failures only after you start iterating through the iterable.
*
*
*
* The following are few ways to iterate through the response pages:
*
* 1) Using a Stream
*
*
* {@code
* software.amazon.awssdk.services.iam.paginators.ListAttachedUserPoliciesIterable responses = client.listAttachedUserPoliciesPaginator(request);
* responses.stream().forEach(....);
* }
*
*
* 2) Using For loop
*
*
* {
* @code
* software.amazon.awssdk.services.iam.paginators.ListAttachedUserPoliciesIterable responses = client
* .listAttachedUserPoliciesPaginator(request);
* for (software.amazon.awssdk.services.iam.model.ListAttachedUserPoliciesResponse response : responses) {
* // do something;
* }
* }
*
*
* 3) Use iterator directly
*
*
* {@code
* software.amazon.awssdk.services.iam.paginators.ListAttachedUserPoliciesIterable responses = client.listAttachedUserPoliciesPaginator(request);
* responses.iterator().forEachRemaining(....);
* }
*
*
* Note: If you prefer to have control on service calls, use the
* {@link #listAttachedUserPolicies(software.amazon.awssdk.services.iam.model.ListAttachedUserPoliciesRequest)}
* operation.
*
*
* @param listAttachedUserPoliciesRequest
* @return A custom iterable that can be used to iterate through all the response pages.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.ListAttachedUserPolicies
* @see AWS
* API Documentation
*/
@Override
public ListAttachedUserPoliciesIterable listAttachedUserPoliciesPaginator(
ListAttachedUserPoliciesRequest listAttachedUserPoliciesRequest) throws NoSuchEntityException, InvalidInputException,
ServiceFailureException, AwsServiceException, SdkClientException, IamException {
return new ListAttachedUserPoliciesIterable(this, applyPaginatorUserAgent(listAttachedUserPoliciesRequest));
}
/**
*
* Lists all IAM users, groups, and roles that the specified managed policy is attached to.
*
*
* You can use the optional EntityFilter parameter to limit the results to a particular type of entity
* (users, groups, or roles). For example, to list only the roles that are attached to the specified policy, set
* EntityFilter to Role.
*
*
* You can paginate the results using the MaxItems and Marker parameters.
*
*
* @param listEntitiesForPolicyRequest
* @return Result of the ListEntitiesForPolicy operation returned by the service.
* @throws NoSuchEntityException
* The request was rejected because it referenced a resource entity that does not exist. The error message
* describes the resource.
* @throws InvalidInputException
* The request was rejected because an invalid or out-of-range value was supplied for an input parameter.
* @throws ServiceFailureException
* The request processing has failed because of an unknown error, exception or failure.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws IamException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample IamClient.ListEntitiesForPolicy
* @see AWS API
* Documentation
*/
@Override
public ListEntitiesForPolicyResponse listEntitiesForPolicy(ListEntitiesForPolicyRequest listEntitiesForPolicyRequest)
throws NoSuchEntityException, InvalidInputException, ServiceFailureException, AwsServiceException,
SdkClientException, IamException {
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(ListEntitiesForPolicyResponse::builder);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler();
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("ListEntitiesForPolicy").withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withInput(listEntitiesForPolicyRequest)
.withMarshaller(new ListEntitiesForPolicyRequestMarshaller(protocolFactory)));
}
/**
*