| Action | Description | Resources | Conditions |
|---|---|---|---|
|
Adds the specified IAM role to the specified instance profile.
|
|
||
|
Adds the specified user to the specified group.
|
|
||
|
Adds a new client ID (also known as audience) to the list of client IDs already registered for the specified IAM OpenID Connect (OIDC) provider resource.
|
|
||
|
Attaches the specified managed policy to the specified IAM group.
|
|
|
|
|
Attaches the specified managed policy to the specified IAM role.
|
|
|
|
|
Attaches the specified managed policy to the specified user.
|
|
|
|
|
Changes the password of the IAM user who is calling this action.
|
|
||
|
Creates a new AWS secret access key and corresponding AWS access key ID for the specified user.
|
|
||
|
Creates an alias for your AWS account.
|
|
||
|
Creates a new group.
|
|
||
|
Creates a new instance profile.
|
|
||
|
Creates a password for the specified user, giving the user the ability to access AWS services through the AWS Management Console.
|
|
||
|
Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC).
|
|
||
|
Creates a new managed policy for your AWS account.
|
|
||
|
Creates a new version of the specified managed policy.
|
|
||
|
Creates a new role for your AWS account.
|
|
||
|
Creates an IAM resource that describes an identity provider (IdP) that supports SAML 2.
|
|
||
|
Creates a new IAM user for your AWS account.
|
|
||
|
Creates a new virtual MFA device for the AWS account.
|
|
||
|
Deactivates the specified MFA device and removes it from association with the user name for which it was originally enabled.
|
|
||
|
Deletes the access key pair associated with the specified IAM user.
|
|
||
|
Deletes the specified AWS account alias.
|
|
||
|
Deletes the password policy for the AWS account.
|
|
||
|
Deletes the specified IAM group.
|
|
||
|
Deletes the specified inline policy that is embedded in the specified IAM group.
|
|
||
|
Deletes the specified instance profile.
|
|
||
|
Deletes the password for the specified IAM user, which terminates the user's ability to access AWS services through the AWS Management Console.
|
|
||
|
Deletes an OpenID Connect identity provider (IdP) resource object in IAM.
|
|
||
|
Deletes the specified managed policy.
|
|
||
|
Deletes the specified version from the specified managed policy.
|
|
||
|
Deletes the specified role.
|
|
||
|
Deletes the specified inline policy that is embedded in the specified IAM role.
|
|
||
|
Deletes a SAML provider resource in IAM.
|
|
||
|
Deletes the specified SSH public key.
|
|
||
|
Deletes the specified server certificate.
|
|
||
|
Deletes a signing certificate associated with the specified IAM user.
|
|
||
|
Deletes the specified IAM user.
|
|
||
|
Deletes the specified inline policy that is embedded in the specified IAM user.
|
|
||
|
Deletes a virtual MFA device.
|
|
||
|
Removes the specified managed policy from the specified IAM group.
|
|
|
|
|
Removes the specified managed policy from the specified role.
|
|
|
|
|
Removes the specified managed policy from the specified user.
|
|
|
|
|
Enables the specified MFA device and associates it with the specified IAM user.
|
|
||
|
Generates a credential report for the AWS account.
|
|
||
|
Retrieves information about when the specified access key was last used.
|
|
||
|
Retrieves information about all IAM users, groups, roles, and policies in your AWS account, including their relationships to one another.
|
|
||
|
Retrieves the password policy for the AWS account.
|
|
||
|
Retrieves information about IAM entity usage and IAM quotas in the AWS account.
|
|
||
|
Gets a list of all of the context keys referenced in the input policies.
|
|
||
|
Gets a list of all of the context keys referenced in all of the IAM policies attached to the specified IAM entity.
|
|
||
|
Retrieves a credential report for the AWS account.
|
|
||
|
Returns a list of IAM users that are in the specified IAM group.
|
|
||
|
Retrieves the specified inline policy document that is embedded in the specified IAM group.
|
|
||
|
Retrieves information about the specified instance profile, including the instance profile's path, GUID, ARN, and role.
|
|
||
|
Retrieves the user name and password-creation date for the specified IAM user.
|
|
||
|
Returns information about the specified OpenID Connect (OIDC) provider resource object in IAM.
|
|
||
|
Retrieves information about the specified managed policy, including the policy's default version and the total number of IAM users, groups, and roles to which the policy is attached.
|
|
||
|
Retrieves information about the specified version of the specified managed policy, including the policy document.
|
|
||
|
Retrieves information about the specified role, including the role's path, GUID, ARN, and the role's trust policy that grants permission to assume the role.
|
|
||
|
Retrieves the specified inline policy document that is embedded with the specified IAM role.
|
|
||
|
Returns the SAML provider metadocument that was uploaded when the IAM SAML provider resource object was created or updated.
|
|
||
|
Retrieves the specified SSH public key, including metadata about the key.
|
|
||
|
Retrieves information about the specified server certificate stored in IAM.
|
|
||
|
View access advisor information, this is an IAM policy permission only, not an API action that can be called.
|
|
||
|
Retrieves information about the specified IAM user, including the user's creation date, path, unique ID, and ARN.
|
|
||
|
Retrieves the specified inline policy document that is embedded in the specified IAM user.
|
|
||
|
Returns information about the access key IDs associated with the specified IAM user.
|
|
||
|
Lists the account alias associated with the AWS account (Note: you can have only one).
|
|
||
|
Lists all managed policies that are attached to the specified IAM group.
|
|
||
|
Lists all managed policies that are attached to the specified IAM role.
|
|
||
|
Lists all managed policies that are attached to the specified IAM user.
|
|
||
|
Lists all IAM users, groups, and roles that the specified managed policy is attached to.
|
|
||
|
Lists the names of the inline policies that are embedded in the specified IAM group.
|
|
||
|
Lists the IAM groups that have the specified path prefix.
|
|
||
|
Lists the IAM groups that the specified IAM user belongs to.
|
|
||
|
Lists the instance profiles that have the specified path prefix.
|
|
||
|
Lists the instance profiles that have the specified associated IAM role.
|
|
||
|
Lists the MFA devices for an IAM user.
|
|
||
|
Lists information about the IAM OpenID Connect (OIDC) provider resource objects defined in the AWS account.
|
|
||
|
Lists all the managed policies that are available in your AWS account, including your own customer-defined managed policies and all AWS managed policies.
|
|
||
|
View access advisor information, this is an IAM policy permission only, not an API action that can be called.
|
|
||
|
Lists information about the versions of the specified managed policy, including the version that is currently set as the policy's default version.
|
|
||
|
Lists the names of the inline policies that are embedded in the specified IAM role.
|
|
||
|
Lists the IAM roles that have the specified path prefix.
|
|
||
|
Lists the SAML provider resource objects defined in IAM in the account.
|
|
||
|
Returns information about the SSH public keys associated with the specified IAM user.
|
|
||
|
Lists the server certificates stored in IAM that have the specified path prefix.
|
|
||
|
Returns information about the signing certificates associated with the specified IAM user.
|
|
||
|
Lists the names of the inline policies embedded in the specified IAM user.
|
|
||
|
Lists the IAM users that have the specified path prefix.
|
|
||
|
Lists the virtual MFA devices defined in the AWS account by assignment status.
|
|
||
|
Adds or updates an inline policy document that is embedded in the specified IAM group.
|
|
||
|
Adds or updates an inline policy document that is embedded in the specified IAM role.
|
|
||
|
Adds or updates an inline policy document that is embedded in the specified IAM user.
|
|
||
|
Removes the specified client ID (also known as audience) from the list of client IDs registered for the specified IAM OpenID Connect (OIDC) provider resource object.
|
|
||
|
Removes the specified IAM role from the specified EC2 instance profile.
|
|
||
|
Removes the specified user from the specified group.
|
|
||
|
Synchronizes the specified MFA device with its IAM resource object on the AWS servers.
|
|
||
|
Sets the specified version of the specified policy as the policy's default (operative) version.
|
|
||
|
Simulate how a set of IAM policies and optionally a resource-based policy works with a list of API actions and AWS resources to determine the policies' effective permissions.
|
|
||
|
Simulate how a set of IAM policies attached to an IAM entity works with a list of API actions and AWS resources to determine the policies' effective permissions.
|
|
||
|
Changes the status of the specified access key from Active to Inactive, or vice versa.
|
|
||
|
Updates the password policy settings for the AWS account.
|
|
||
|
Updates the policy that grants an IAM entity permission to assume a role.
|
|
||
|
Updates the name and/or the path of the specified IAM group.
|
|
||
|
Changes the password for the specified IAM user.
|
|
||
|
Replaces the existing list of server certificate thumbprints associated with an OpenID Connect (OIDC) provider resource object with a new list of thumbprints.
|
|
||
|
Updates the metadata document for an existing SAML provider resource object.
|
|
||
|
Sets the status of an IAM user's SSH public key to active or inactive.
|
|
||
|
Updates the name and/or the path of the specified server certificate stored in IAM.
|
|
||
|
Changes the status of the specified user signing certificate from active to disabled, or vice versa.
|
|
||
|
Updates the name and/or the path of the specified IAM user.
|
|
||
|
Uploads an SSH public key and associates it with the specified IAM user.
|
|
||
|
Uploads a server certificate entity for the AWS account.
|
|
||
|
Uploads an X.509 signing certificate and associates it with the specified IAM user.
|
|
||
|
View access advisor information, this is an IAM policy permission only, not an API action that can be called.
|
|
||
|
View access advisor information, this is an IAM policy permission only, not an API action that can be called.
|
|
||
|
This is an IAM policy permission only, not an API action that can be called.
|
|
||
|
Creates an IAM role that is linked to a specific AWS service.
|
|
|
|
|
Generates a set of credentials consisting of a user name and password that can be used to access the service specified in the request.
|
|
||
|
Submits a service-linked role deletion request.
|
|
|
|
|
Deletes the specified service-specific credential.
|
|
||
|
Retrieves the status of your service-linked role deletion.
|
|
||
|
Returns information about the service-specific credentials associated with the specified IAM user.
|
|
||
|
Resets the password for a service-specific credential.
|
|
||
|
Modifies the description of a role.
|
|
||
|
Sets the status of a service-specific credential to Active or Inactive.
|
|