Start line:  
End line:  

Snippet Preview

Snippet HTML Code

Stack Overflow Questions
   /*
    * Copyright 2010-2015 Amazon.com, Inc. or its affiliates. All Rights Reserved.
    * 
    * Licensed under the Apache License, Version 2.0 (the "License").
    * You may not use this file except in compliance with the License.
    * A copy of the License is located at
    * 
    *  http://aws.amazon.com/apache2.0
    * 
   * or in the "license" file accompanying this file. This file is distributed
   * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
   * express or implied. See the License for the specific language governing
   * permissions and limitations under the License.
   */
  package com.amazonaws.services.identitymanagement;
  
  import org.w3c.dom.*;
  
  import java.net.*;
  import java.util.*;
  
  import com.amazonaws.*;
  
Client for accessing AmazonIdentityManagement. All service calls made using this client are blocking, and will not return until the service call completes.

AWS Identity and Access Management

AWS Identity and Access Management (IAM) is a web service that you can use to manage users and user permissions under your AWS account. This guide provides descriptions of IAM actions that you can call programmatically. For general information about IAM, see AWS Identity and Access Management (IAM) . For the user guide for IAM, see Using IAM .

NOTE:AWS provides SDKs that consist of libraries and sample code for various programming languages and platforms (Java, Ruby, .NET, iOS, Android, etc.). The SDKs provide a convenient way to create programmatic access to IAM and AWS. For example, the SDKs take care of tasks such as cryptographically signing requests (see below), managing errors, and retrying requests automatically. For information about the AWS SDKs, including how to download and install them, see the Tools for Amazon Web Services page.

We recommend that you use the AWS SDKs to make programmatic API calls to IAM. However, you can also use the IAM Query API to make direct calls to the IAM web service. To learn more about the IAM Query API, see Making Query Requests in the Using IAM guide. IAM supports GET and POST requests for all actions. That is, the API does not require you to use GET for some actions and POST for others. However, GET requests are subject to the limitation size of a URL. Therefore, for operations that require larger sizes, use a POST request.

Signing Requests

Requests must be signed using an access key ID and a secret access key. We strongly recommend that you do not use your AWS account access key ID and secret access key for everyday work with IAM. You can use the access key ID and secret access key for an IAM user or you can use the AWS Security Token Service to generate temporary security credentials and use those to sign requests.

To sign requests, we recommend that you use Signature Version 4 . If you have an existing application that uses Signature Version 2, you do not have to update it to use Signature Version 4. However, some operations now require Signature Version 4. The documentation for operations that require version 4 indicate this requirement.

Additional Resources

For more information, see the following:

  • AWS Security Credentials . This topic provides general information about the types of credentials used for accessing AWS.
  • IAM Best Practices . This topic presents a list of suggestions for using the IAM service to help secure your AWS resources.
  • AWS Security Token Service . This guide describes how to create and use temporary security credentials.
  • Signing AWS API Requests . This set of topics walk you through the process of signing a request using an access key ID and secret access key.
 
 public class AmazonIdentityManagementClient extends AmazonWebServiceClient implements AmazonIdentityManagement {

    
Provider for AWS credentials.
 
List of exception unmarshallers for all AmazonIdentityManagement exceptions.
 
             = new ArrayList<Unmarshaller<AmazonServiceExceptionNode>>();

    
Constructs a new client to invoke service methods on AmazonIdentityManagement. A credentials provider chain will be used that searches for credentials in this order:
  • Environment Variables - AWS_ACCESS_KEY_ID and AWS_SECRET_KEY
  • Java System Properties - aws.accessKeyId and aws.secretKey
  • Instance profile credentials delivered through the Amazon EC2 metadata service

All service calls made using this new client object are blocking, and will not return until the service call completes.

 
     public AmazonIdentityManagementClient() {
         this(new DefaultAWSCredentialsProviderChain(), new ClientConfiguration());
     }

    
Constructs a new client to invoke service methods on AmazonIdentityManagement. A credentials provider chain will be used that searches for credentials in this order:
  • Environment Variables - AWS_ACCESS_KEY_ID and AWS_SECRET_KEY
  • Java System Properties - aws.accessKeyId and aws.secretKey
  • Instance profile credentials delivered through the Amazon EC2 metadata service

All service calls made using this new client object are blocking, and will not return until the service call completes.

Parameters:
clientConfiguration The client configuration options controlling how this client connects to AmazonIdentityManagement (ex: proxy settings, retry counts, etc.).
See also:
com.amazonaws.auth.DefaultAWSCredentialsProviderChain
 
     public AmazonIdentityManagementClient(ClientConfiguration clientConfiguration) {
         this(new DefaultAWSCredentialsProviderChain(), clientConfiguration);
     }

    
Constructs a new client to invoke service methods on AmazonIdentityManagement using the specified AWS account credentials.

All service calls made using this new client object are blocking, and will not return until the service call completes.

Parameters:
awsCredentials The AWS credentials (access key ID and secret key) to use when authenticating with AWS services.
 
     public AmazonIdentityManagementClient(AWSCredentials awsCredentials) {
         this(awsCredentialsnew ClientConfiguration());
     }

    
Constructs a new client to invoke service methods on AmazonIdentityManagement using the specified AWS account credentials and client configuration options.

All service calls made using this new client object are blocking, and will not return until the service call completes.

Parameters:
awsCredentials The AWS credentials (access key ID and secret key) to use when authenticating with AWS services.
clientConfiguration The client configuration options controlling how this client connects to AmazonIdentityManagement (ex: proxy settings, retry counts, etc.).
 
     public AmazonIdentityManagementClient(AWSCredentials awsCredentialsClientConfiguration clientConfiguration) {
         super(clientConfiguration);
         this. = new StaticCredentialsProvider(awsCredentials);
         init();
     }

    
Constructs a new client to invoke service methods on AmazonIdentityManagement using the specified AWS account credentials provider.

All service calls made using this new client object are blocking, and will not return until the service call completes.

Parameters:
awsCredentialsProvider The AWS credentials provider which will provide credentials to authenticate requests with AWS services.
 
     public AmazonIdentityManagementClient(AWSCredentialsProvider awsCredentialsProvider) {
         this(awsCredentialsProvidernew ClientConfiguration());
     }

    
Constructs a new client to invoke service methods on AmazonIdentityManagement using the specified AWS account credentials provider and client configuration options.

All service calls made using this new client object are blocking, and will not return until the service call completes.

Parameters:
awsCredentialsProvider The AWS credentials provider which will provide credentials to authenticate requests with AWS services.
clientConfiguration The client configuration options controlling how this client connects to AmazonIdentityManagement (ex: proxy settings, retry counts, etc.).
 
     public AmazonIdentityManagementClient(AWSCredentialsProvider awsCredentialsProviderClientConfiguration clientConfiguration) {
         this(awsCredentialsProviderclientConfigurationnull);
     }

    
Constructs a new client to invoke service methods on AmazonIdentityManagement using the specified AWS account credentials provider, client configuration options, and request metric collector.

All service calls made using this new client object are blocking, and will not return until the service call completes.

Parameters:
awsCredentialsProvider The AWS credentials provider which will provide credentials to authenticate requests with AWS services.
clientConfiguration The client configuration options controlling how this client connects to AmazonIdentityManagement (ex: proxy settings, retry counts, etc.).
requestMetricCollector optional request metric collector
 
     public AmazonIdentityManagementClient(AWSCredentialsProvider awsCredentialsProvider,
             ClientConfiguration clientConfiguration,
             RequestMetricCollector requestMetricCollector) {
         super(clientConfigurationrequestMetricCollector);
         this. = awsCredentialsProvider;
         init();
     }
 
     private void init() {
         
         
         // calling this.setEndPoint(...) will also modify the signer accordingly
         this.setEndpoint("iam.amazonaws.com");
         
         HandlerChainFactory chainFactory = new HandlerChainFactory();
         .addAll(chainFactory.newRequestHandlerChain(
                 "/com/amazonaws/services/identitymanagement/request.handlers"));
         .addAll(chainFactory.newRequestHandler2Chain(
                 "/com/amazonaws/services/identitymanagement/request.handler2s"));
     }

    

Deletes the specified AWS account alias. For information about using an AWS account alias, see Using an Alias for Your AWS Account ID in the Using IAM guide.

Parameters:
deleteAccountAliasRequest Container for the necessary parameters to execute the DeleteAccountAlias service method on AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.services.identitymanagement.model.LimitExceededException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
 
     public void deleteAccountAlias(DeleteAccountAliasRequest deleteAccountAliasRequest) {
         ExecutionContext executionContext = createExecutionContext(deleteAccountAliasRequest);
         AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
         Request<DeleteAccountAliasRequestrequest = null;
         awsRequestMetrics.startEvent(.);
         
         try {
             awsRequestMetrics.startEvent(.);
             try {
                 request = new DeleteAccountAliasRequestMarshaller().marshall(super.beforeMarshalling(deleteAccountAliasRequest));
                 // Binds the request metrics to the current request.
                 request.setAWSRequestMetrics(awsRequestMetrics);
             } finally {
                 awsRequestMetrics.endEvent(.);
             }
 
             invoke(requestnullexecutionContext);
 
         } finally {
             
             endClientExecution(awsRequestMetricsrequestnull);
         }
     }
    
    

Lists the groups that have the specified path prefix.

You can paginate the results using the MaxItems and Marker parameters.

Parameters:
listGroupsRequest Container for the necessary parameters to execute the ListGroups service method on AmazonIdentityManagement.
Returns:
The response from the ListGroups service method, as returned by AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
 
     public ListGroupsResult listGroups(ListGroupsRequest listGroupsRequest) {
         ExecutionContext executionContext = createExecutionContext(listGroupsRequest);
         AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
         awsRequestMetrics.startEvent(.);
         Request<ListGroupsRequestrequest = null;
         Response<ListGroupsResultresponse = null;
         
         try {
             awsRequestMetrics.startEvent(.);
             try {
                 request = new ListGroupsRequestMarshaller().marshall(super.beforeMarshalling(listGroupsRequest));
                 // Binds the request metrics to the current request.
                 request.setAWSRequestMetrics(awsRequestMetrics);
             } finally {
                 awsRequestMetrics.endEvent(.);
             }
 
             response = invoke(requestnew ListGroupsResultStaxUnmarshaller(), executionContext);
             return response.getAwsResponse();
 
         } finally {
             
             endClientExecution(awsRequestMetricsrequestresponse);
         }
     }
    
    

Deletes a virtual MFA device.

NOTE: You must deactivate a user's virtual MFA device before you can delete it. For information about deactivating MFA devices, see DeactivateMFADevice.

Parameters:
deleteVirtualMFADeviceRequest Container for the necessary parameters to execute the DeleteVirtualMFADevice service method on AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.services.identitymanagement.model.DeleteConflictException
com.amazonaws.services.identitymanagement.model.LimitExceededException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
 
     public void deleteVirtualMFADevice(DeleteVirtualMFADeviceRequest deleteVirtualMFADeviceRequest) {
         ExecutionContext executionContext = createExecutionContext(deleteVirtualMFADeviceRequest);
         AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
         Request<DeleteVirtualMFADeviceRequestrequest = null;
         awsRequestMetrics.startEvent(.);
         
         try {
             awsRequestMetrics.startEvent(.);
             try {
                 request = new DeleteVirtualMFADeviceRequestMarshaller().marshall(super.beforeMarshalling(deleteVirtualMFADeviceRequest));
                 // Binds the request metrics to the current request.
                 request.setAWSRequestMetrics(awsRequestMetrics);
             } finally {
                 awsRequestMetrics.endEvent(.);
             }
 
             invoke(requestnullexecutionContext);
 
         } finally {
             
             endClientExecution(awsRequestMetricsrequestnull);
         }
     }
    
    

Adds (or updates) an inline policy document that is embedded in the specified user.

A user can also have a managed policy attached to it. To attach a managed policy to a user, use AttachUserPolicy. To create a new managed policy, use CreatePolicy. For information about policies, refer to Managed Policies and Inline Policies in the Using IAM guide.

For information about limits on the number of inline policies that you can embed in a user, see Limitations on IAM Entities in the Using IAM guide.

NOTE:Because policy documents can be large, you should use POST rather than GET when calling PutUserPolicy. For general information about using the Query API with IAM, go to Making Query Requests in the Using IAM guide.

Parameters:
putUserPolicyRequest Container for the necessary parameters to execute the PutUserPolicy service method on AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.MalformedPolicyDocumentException
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.services.identitymanagement.model.LimitExceededException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
 
     public void putUserPolicy(PutUserPolicyRequest putUserPolicyRequest) {
         ExecutionContext executionContext = createExecutionContext(putUserPolicyRequest);
         AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
         Request<PutUserPolicyRequestrequest = null;
         awsRequestMetrics.startEvent(.);
         
         try {
             awsRequestMetrics.startEvent(.);
             try {
                 request = new PutUserPolicyRequestMarshaller().marshall(super.beforeMarshalling(putUserPolicyRequest));
                 // Binds the request metrics to the current request.
                 request.setAWSRequestMetrics(awsRequestMetrics);
             } finally {
                 awsRequestMetrics.endEvent(.);
             }
 
             invoke(requestnullexecutionContext);
 
         } finally {
             
             endClientExecution(awsRequestMetricsrequestnull);
         }
     }
    
    

Lists the SAML providers in the account.

NOTE: This operation requires Signature Version 4.

Parameters:
listSAMLProvidersRequest Container for the necessary parameters to execute the ListSAMLProviders service method on AmazonIdentityManagement.
Returns:
The response from the ListSAMLProviders service method, as returned by AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
 
     public ListSAMLProvidersResult listSAMLProviders(ListSAMLProvidersRequest listSAMLProvidersRequest) {
         ExecutionContext executionContext = createExecutionContext(listSAMLProvidersRequest);
         AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
         awsRequestMetrics.startEvent(.);
         Request<ListSAMLProvidersRequestrequest = null;
         Response<ListSAMLProvidersResultresponse = null;
         
         try {
             awsRequestMetrics.startEvent(.);
             try {
                 request = new ListSAMLProvidersRequestMarshaller().marshall(super.beforeMarshalling(listSAMLProvidersRequest));
                 // Binds the request metrics to the current request.
                 request.setAWSRequestMetrics(awsRequestMetrics);
             } finally {
                 awsRequestMetrics.endEvent(.);
             }
 
             response = invoke(requestnew ListSAMLProvidersResultStaxUnmarshaller(), executionContext);
             return response.getAwsResponse();
 
         } finally {
             
             endClientExecution(awsRequestMetricsrequestresponse);
         }
     }
    
    

Retrieves the specified inline policy document that is embedded in the specified user.

A user can also have managed policies attached to it. To retrieve a managed policy document that is attached to a user, use GetPolicy to determine the policy's default version, then use GetPolicyVersion to retrieve the policy document.

For more information about policies, refer to Managed Policies and Inline Policies in the Using IAM guide.

Parameters:
getUserPolicyRequest Container for the necessary parameters to execute the GetUserPolicy service method on AmazonIdentityManagement.
Returns:
The response from the GetUserPolicy service method, as returned by AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
 
     public GetUserPolicyResult getUserPolicy(GetUserPolicyRequest getUserPolicyRequest) {
         ExecutionContext executionContext = createExecutionContext(getUserPolicyRequest);
         AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
         awsRequestMetrics.startEvent(.);
         Request<GetUserPolicyRequestrequest = null;
         Response<GetUserPolicyResultresponse = null;
         
         try {
             awsRequestMetrics.startEvent(.);
             try {
                 request = new GetUserPolicyRequestMarshaller().marshall(super.beforeMarshalling(getUserPolicyRequest));
                 // Binds the request metrics to the current request.
                 request.setAWSRequestMetrics(awsRequestMetrics);
             } finally {
                 awsRequestMetrics.endEvent(.);
             }
 
             response = invoke(requestnew GetUserPolicyResultStaxUnmarshaller(), executionContext);
             return response.getAwsResponse();
 
         } finally {
             
             endClientExecution(awsRequestMetricsrequestresponse);
         }
     }
    
    

Deletes an IAM OpenID Connect identity provider.

Deleting an OIDC provider does not update any roles that reference the provider as a principal in their trust policies. Any attempt to assume a role that references a provider that has been deleted will fail.

This action is idempotent; it does not fail or return an error if you call the action for a provider that was already deleted.

Parameters:
deleteOpenIDConnectProviderRequest Container for the necessary parameters to execute the DeleteOpenIDConnectProvider service method on AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.InvalidInputException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
 
     public void deleteOpenIDConnectProvider(DeleteOpenIDConnectProviderRequest deleteOpenIDConnectProviderRequest) {
         ExecutionContext executionContext = createExecutionContext(deleteOpenIDConnectProviderRequest);
         AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
         Request<DeleteOpenIDConnectProviderRequestrequest = null;
         awsRequestMetrics.startEvent(.);
         
         try {
             awsRequestMetrics.startEvent(.);
             try {
                 request = new DeleteOpenIDConnectProviderRequestMarshaller().marshall(super.beforeMarshalling(deleteOpenIDConnectProviderRequest));
                 // Binds the request metrics to the current request.
                 request.setAWSRequestMetrics(awsRequestMetrics);
             } finally {
                 awsRequestMetrics.endEvent(.);
             }
 
             invoke(requestnullexecutionContext);
 
         } finally {
             
             endClientExecution(awsRequestMetricsrequestnull);
         }
     }
    
    

Changes the status of the specified signing certificate from active to disabled, or vice versa. This action can be used to disable a user's signing certificate as part of a certificate rotation work flow.

If the UserName field is not specified, the UserName is determined implicitly based on the AWS access key ID used to sign the request. Because this action works for access keys under the AWS account, you can use this action to manage root credentials even if the AWS account has no associated users.

Parameters:
updateSigningCertificateRequest Container for the necessary parameters to execute the UpdateSigningCertificate service method on AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.services.identitymanagement.model.LimitExceededException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
 
     public void updateSigningCertificate(UpdateSigningCertificateRequest updateSigningCertificateRequest) {
         ExecutionContext executionContext = createExecutionContext(updateSigningCertificateRequest);
         AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
         Request<UpdateSigningCertificateRequestrequest = null;
         awsRequestMetrics.startEvent(.);
         
         try {
             awsRequestMetrics.startEvent(.);
             try {
                 request = new UpdateSigningCertificateRequestMarshaller().marshall(super.beforeMarshalling(updateSigningCertificateRequest));
                 // Binds the request metrics to the current request.
                 request.setAWSRequestMetrics(awsRequestMetrics);
             } finally {
                 awsRequestMetrics.endEvent(.);
             }
 
             invoke(requestnullexecutionContext);
 
         } finally {
             
             endClientExecution(awsRequestMetricsrequestnull);
         }
     }
    
    

Lists the IAM users that have the specified path prefix. If no path prefix is specified, the action returns all users in the AWS account. If there are none, the action returns an empty list.

You can paginate the results using the MaxItems and Marker parameters.

Parameters:
listUsersRequest Container for the necessary parameters to execute the ListUsers service method on AmazonIdentityManagement.
Returns:
The response from the ListUsers service method, as returned by AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
 
     public ListUsersResult listUsers(ListUsersRequest listUsersRequest) {
         ExecutionContext executionContext = createExecutionContext(listUsersRequest);
         AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
         awsRequestMetrics.startEvent(.);
         Request<ListUsersRequestrequest = null;
         Response<ListUsersResultresponse = null;
         
         try {
             awsRequestMetrics.startEvent(.);
             try {
                 request = new ListUsersRequestMarshaller().marshall(super.beforeMarshalling(listUsersRequest));
                 // Binds the request metrics to the current request.
                 request.setAWSRequestMetrics(awsRequestMetrics);
             } finally {
                 awsRequestMetrics.endEvent(.);
             }
 
             response = invoke(requestnew ListUsersResultStaxUnmarshaller(), executionContext);
             return response.getAwsResponse();
 
         } finally {
             
             endClientExecution(awsRequestMetricsrequestresponse);
         }
     }
    
    

Attaches the specified managed policy to the specified role.

When you attach a managed policy to a role, the managed policy is used as the role's access (permissions) policy. You cannot use a managed policy as the role's trust policy. The role's trust policy is created at the same time as the role, using CreateRole. You can update a role's trust policy using UpdateAssumeRolePolicy.

Use this API to attach a managed policy to a role. To embed an inline policy in a role, use PutRolePolicy. For more information about policies, refer to Managed Policies and Inline Policies in the Using IAM guide.

Parameters:
attachRolePolicyRequest Container for the necessary parameters to execute the AttachRolePolicy service method on AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.InvalidInputException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.services.identitymanagement.model.LimitExceededException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
 
     public void attachRolePolicy(AttachRolePolicyRequest attachRolePolicyRequest) {
         ExecutionContext executionContext = createExecutionContext(attachRolePolicyRequest);
         AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
         Request<AttachRolePolicyRequestrequest = null;
         awsRequestMetrics.startEvent(.);
         
         try {
             awsRequestMetrics.startEvent(.);
             try {
                 request = new AttachRolePolicyRequestMarshaller().marshall(super.beforeMarshalling(attachRolePolicyRequest));
                 // Binds the request metrics to the current request.
                 request.setAWSRequestMetrics(awsRequestMetrics);
             } finally {
                 awsRequestMetrics.endEvent(.);
             }
 
             invoke(requestnullexecutionContext);
 
         } finally {
             
             endClientExecution(awsRequestMetricsrequestnull);
         }
     }
    
    

Retrieves a credential report for the AWS account. For more information about the credential report, see Getting Credential Reports in the Using IAM guide.

Parameters:
getCredentialReportRequest Container for the necessary parameters to execute the GetCredentialReport service method on AmazonIdentityManagement.
Returns:
The response from the GetCredentialReport service method, as returned by AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.CredentialReportNotPresentException
com.amazonaws.services.identitymanagement.model.CredentialReportNotReadyException
com.amazonaws.services.identitymanagement.model.CredentialReportExpiredException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
 
     public GetCredentialReportResult getCredentialReport(GetCredentialReportRequest getCredentialReportRequest) {
         ExecutionContext executionContext = createExecutionContext(getCredentialReportRequest);
         AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
         awsRequestMetrics.startEvent(.);
         Request<GetCredentialReportRequestrequest = null;
         Response<GetCredentialReportResultresponse = null;
         
         try {
             awsRequestMetrics.startEvent(.);
             try {
                 request = new GetCredentialReportRequestMarshaller().marshall(super.beforeMarshalling(getCredentialReportRequest));
                 // Binds the request metrics to the current request.
                 request.setAWSRequestMetrics(awsRequestMetrics);
             } finally {
                 awsRequestMetrics.endEvent(.);
             }
 
             response = invoke(requestnew GetCredentialReportResultStaxUnmarshaller(), executionContext);
             return response.getAwsResponse();
 
         } finally {
             
             endClientExecution(awsRequestMetricsrequestresponse);
         }
     }
    
    

Enables the specified MFA device and associates it with the specified user name. When enabled, the MFA device is required for every subsequent login by the user name associated with the device.

Parameters:
enableMFADeviceRequest Container for the necessary parameters to execute the EnableMFADevice service method on AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.EntityTemporarilyUnmodifiableException
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.services.identitymanagement.model.InvalidAuthenticationCodeException
com.amazonaws.services.identitymanagement.model.LimitExceededException
com.amazonaws.services.identitymanagement.model.EntityAlreadyExistsException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
 
     public void enableMFADevice(EnableMFADeviceRequest enableMFADeviceRequest) {
         ExecutionContext executionContext = createExecutionContext(enableMFADeviceRequest);
         AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
         Request<EnableMFADeviceRequestrequest = null;
         awsRequestMetrics.startEvent(.);
         
         try {
             awsRequestMetrics.startEvent(.);
             try {
                 request = new EnableMFADeviceRequestMarshaller().marshall(super.beforeMarshalling(enableMFADeviceRequest));
                 // Binds the request metrics to the current request.
                 request.setAWSRequestMetrics(awsRequestMetrics);
             } finally {
                 awsRequestMetrics.endEvent(.);
             }
 
             invoke(requestnullexecutionContext);
 
         } finally {
             
             endClientExecution(awsRequestMetricsrequestnull);
         }
     }
    
    

Deletes the password policy for the AWS account.

Parameters:
deleteAccountPasswordPolicyRequest Container for the necessary parameters to execute the DeleteAccountPasswordPolicy service method on AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.services.identitymanagement.model.LimitExceededException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
 
     public void deleteAccountPasswordPolicy(DeleteAccountPasswordPolicyRequest deleteAccountPasswordPolicyRequest) {
         ExecutionContext executionContext = createExecutionContext(deleteAccountPasswordPolicyRequest);
         AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
         Request<DeleteAccountPasswordPolicyRequestrequest = null;
         awsRequestMetrics.startEvent(.);
         
         try {
             awsRequestMetrics.startEvent(.);
             try {
                 request = new DeleteAccountPasswordPolicyRequestMarshaller().marshall(super.beforeMarshalling(deleteAccountPasswordPolicyRequest));
                 // Binds the request metrics to the current request.
                 request.setAWSRequestMetrics(awsRequestMetrics);
             } finally {
                 awsRequestMetrics.endEvent(.);
             }
            invoke(requestnullexecutionContext);
        } finally {
            
            endClientExecution(awsRequestMetricsrequestnull);
        }
    }
    
    

Retrieves the user name and password-creation date for the specified user. If the user has not been assigned a password, the action returns a 404 ( NoSuchEntity ) error.

Parameters:
getLoginProfileRequest Container for the necessary parameters to execute the GetLoginProfile service method on AmazonIdentityManagement.
Returns:
The response from the GetLoginProfile service method, as returned by AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
    public GetLoginProfileResult getLoginProfile(GetLoginProfileRequest getLoginProfileRequest) {
        ExecutionContext executionContext = createExecutionContext(getLoginProfileRequest);
        AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
        awsRequestMetrics.startEvent(.);
        Request<GetLoginProfileRequestrequest = null;
        Response<GetLoginProfileResultresponse = null;
        
        try {
            awsRequestMetrics.startEvent(.);
            try {
                request = new GetLoginProfileRequestMarshaller().marshall(super.beforeMarshalling(getLoginProfileRequest));
                // Binds the request metrics to the current request.
                request.setAWSRequestMetrics(awsRequestMetrics);
            } finally {
                awsRequestMetrics.endEvent(.);
            }
            response = invoke(requestnew GetLoginProfileResultStaxUnmarshaller(), executionContext);
            return response.getAwsResponse();
        } finally {
            
            endClientExecution(awsRequestMetricsrequestresponse);
        }
    }
    
    

Updates the metadata document for an existing SAML provider.

NOTE:This operation requires Signature Version 4.

Parameters:
updateSAMLProviderRequest Container for the necessary parameters to execute the UpdateSAMLProvider service method on AmazonIdentityManagement.
Returns:
The response from the UpdateSAMLProvider service method, as returned by AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.InvalidInputException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.services.identitymanagement.model.LimitExceededException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
    public UpdateSAMLProviderResult updateSAMLProvider(UpdateSAMLProviderRequest updateSAMLProviderRequest) {
        ExecutionContext executionContext = createExecutionContext(updateSAMLProviderRequest);
        AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
        awsRequestMetrics.startEvent(.);
        Request<UpdateSAMLProviderRequestrequest = null;
        Response<UpdateSAMLProviderResultresponse = null;
        
        try {
            awsRequestMetrics.startEvent(.);
            try {
                request = new UpdateSAMLProviderRequestMarshaller().marshall(super.beforeMarshalling(updateSAMLProviderRequest));
                // Binds the request metrics to the current request.
                request.setAWSRequestMetrics(awsRequestMetrics);
            } finally {
                awsRequestMetrics.endEvent(.);
            }
            response = invoke(requestnew UpdateSAMLProviderResultStaxUnmarshaller(), executionContext);
            return response.getAwsResponse();
        } finally {
            
            endClientExecution(awsRequestMetricsrequestresponse);
        }
    }
    
    

Uploads a server certificate entity for the AWS account. The server certificate entity includes a public key certificate, a private key, and an optional certificate chain, which should all be PEM-encoded.

For information about the number of server certificates you can upload, see Limitations on IAM Entities in the Using IAM guide.

NOTE:Because the body of the public key certificate, private key, and the certificate chain can be large, you should use POST rather than GET when calling UploadServerCertificate. For information about setting up signatures and authorization through the API, go to Signing AWS API Requests in the AWS General Reference. For general information about using the Query API with IAM, go to Making Query Requests in the Using IAM guide.

Parameters:
uploadServerCertificateRequest Container for the necessary parameters to execute the UploadServerCertificate service method on AmazonIdentityManagement.
Returns:
The response from the UploadServerCertificate service method, as returned by AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.KeyPairMismatchException
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.MalformedCertificateException
com.amazonaws.services.identitymanagement.model.LimitExceededException
com.amazonaws.services.identitymanagement.model.EntityAlreadyExistsException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
        ExecutionContext executionContext = createExecutionContext(uploadServerCertificateRequest);
        AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
        awsRequestMetrics.startEvent(.);
        Request<UploadServerCertificateRequestrequest = null;
        Response<UploadServerCertificateResultresponse = null;
        
        try {
            awsRequestMetrics.startEvent(.);
            try {
                request = new UploadServerCertificateRequestMarshaller().marshall(super.beforeMarshalling(uploadServerCertificateRequest));
                // Binds the request metrics to the current request.
                request.setAWSRequestMetrics(awsRequestMetrics);
            } finally {
                awsRequestMetrics.endEvent(.);
            }
            response = invoke(requestnew UploadServerCertificateResultStaxUnmarshaller(), executionContext);
            return response.getAwsResponse();
        } finally {
            
            endClientExecution(awsRequestMetricsrequestresponse);
        }
    }
    
    

Creates an alias for your AWS account. For information about using an AWS account alias, see Using an Alias for Your AWS Account ID in the Using IAM guide.

Parameters:
createAccountAliasRequest Container for the necessary parameters to execute the CreateAccountAlias service method on AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.LimitExceededException
com.amazonaws.services.identitymanagement.model.EntityAlreadyExistsException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
    public void createAccountAlias(CreateAccountAliasRequest createAccountAliasRequest) {
        ExecutionContext executionContext = createExecutionContext(createAccountAliasRequest);
        AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
        Request<CreateAccountAliasRequestrequest = null;
        awsRequestMetrics.startEvent(.);
        
        try {
            awsRequestMetrics.startEvent(.);
            try {
                request = new CreateAccountAliasRequestMarshaller().marshall(super.beforeMarshalling(createAccountAliasRequest));
                // Binds the request metrics to the current request.
                request.setAWSRequestMetrics(awsRequestMetrics);
            } finally {
                awsRequestMetrics.endEvent(.);
            }
            invoke(requestnullexecutionContext);
        } finally {
            
            endClientExecution(awsRequestMetricsrequestnull);
        }
    }
    
    

Lists all managed policies that are attached to the specified user.

A user can also have inline policies embedded with it. To list the inline policies for a user, use the ListUserPolicies API. For information about policies, refer to Managed Policies and Inline Policies in the Using IAM guide.

You can paginate the results using the MaxItems and Marker parameters. You can use the PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. If there are no policies attached to the specified group (or none that match the specified path prefix), the action returns an empty list.

Parameters:
listAttachedUserPoliciesRequest Container for the necessary parameters to execute the ListAttachedUserPolicies service method on AmazonIdentityManagement.
Returns:
The response from the ListAttachedUserPolicies service method, as returned by AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.InvalidInputException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
        ExecutionContext executionContext = createExecutionContext(listAttachedUserPoliciesRequest);
        AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
        awsRequestMetrics.startEvent(.);
        Request<ListAttachedUserPoliciesRequestrequest = null;
        Response<ListAttachedUserPoliciesResultresponse = null;
        
        try {
            awsRequestMetrics.startEvent(.);
            try {
                request = new ListAttachedUserPoliciesRequestMarshaller().marshall(super.beforeMarshalling(listAttachedUserPoliciesRequest));
                // Binds the request metrics to the current request.
                request.setAWSRequestMetrics(awsRequestMetrics);
            } finally {
                awsRequestMetrics.endEvent(.);
            }
            response = invoke(requestnew ListAttachedUserPoliciesResultStaxUnmarshaller(), executionContext);
            return response.getAwsResponse();
        } finally {
            
            endClientExecution(awsRequestMetricsrequestresponse);
        }
    }
    
    

Deletes the specified managed policy.

Before you can delete a managed policy, you must detach the policy from all users, groups, and roles that it is attached to, and you must delete all of the policy's versions. The following steps describe the process for deleting a managed policy:

  1. Detach the policy from all users, groups, and roles that the policy is attached to, using the DetachUserPolicy, DetachGroupPolicy, or DetachRolePolicy APIs. To list all the users, groups, and roles that a policy is attached to, use ListEntitiesForPolicy.
  2. Delete all versions of the policy using DeletePolicyVersion. To list the policy's versions, use ListPolicyVersions. You cannot use DeletePolicyVersion to delete the version that is marked as the default version. You delete the policy's default version in the next step of the process.
  3. Delete the policy (this automatically deletes the policy's default version) using this API.

For information about managed policies, refer to Managed Policies and Inline Policies in the Using IAM guide.

Parameters:
deletePolicyRequest Container for the necessary parameters to execute the DeletePolicy service method on AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.InvalidInputException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.services.identitymanagement.model.DeleteConflictException
com.amazonaws.services.identitymanagement.model.LimitExceededException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
    public void deletePolicy(DeletePolicyRequest deletePolicyRequest) {
        ExecutionContext executionContext = createExecutionContext(deletePolicyRequest);
        AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
        Request<DeletePolicyRequestrequest = null;
        awsRequestMetrics.startEvent(.);
        
        try {
            awsRequestMetrics.startEvent(.);
            try {
                request = new DeletePolicyRequestMarshaller().marshall(super.beforeMarshalling(deletePolicyRequest));
                // Binds the request metrics to the current request.
                request.setAWSRequestMetrics(awsRequestMetrics);
            } finally {
                awsRequestMetrics.endEvent(.);
            }
            invoke(requestnullexecutionContext);
        } finally {
            
            endClientExecution(awsRequestMetricsrequestnull);
        }
    }
    
    

Deletes the specified role. The role must not have any policies attached. For more information about roles, go to Working with Roles .

IMPORTANT:Make sure you do not have any Amazon EC2 instances running with the role you are about to delete. Deleting a role or instance profile that is associated with a running instance will break any applications running on the instance.

Parameters:
deleteRoleRequest Container for the necessary parameters to execute the DeleteRole service method on AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.services.identitymanagement.model.DeleteConflictException
com.amazonaws.services.identitymanagement.model.LimitExceededException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
    public void deleteRole(DeleteRoleRequest deleteRoleRequest) {
        ExecutionContext executionContext = createExecutionContext(deleteRoleRequest);
        AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
        Request<DeleteRoleRequestrequest = null;
        awsRequestMetrics.startEvent(.);
        
        try {
            awsRequestMetrics.startEvent(.);
            try {
                request = new DeleteRoleRequestMarshaller().marshall(super.beforeMarshalling(deleteRoleRequest));
                // Binds the request metrics to the current request.
                request.setAWSRequestMetrics(awsRequestMetrics);
            } finally {
                awsRequestMetrics.endEvent(.);
            }
            invoke(requestnullexecutionContext);
        } finally {
            
            endClientExecution(awsRequestMetricsrequestnull);
        }
    }
    
    

Creates a new AWS secret access key and corresponding AWS access key ID for the specified user. The default status for new keys is Active .

If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing the request. Because this action works for access keys under the AWS account, you can use this action to manage root credentials even if the AWS account has no associated users.

For information about limits on the number of keys you can create, see Limitations on IAM Entities in the Using IAM guide.

IMPORTANT: To ensure the security of your AWS account, the secret access key is accessible only during key and user creation. You must save the key (for example, in a text file) if you want to be able to access it again. If a secret key is lost, you can delete the access keys for the associated user and then create new keys.

Parameters:
createAccessKeyRequest Container for the necessary parameters to execute the CreateAccessKey service method on AmazonIdentityManagement.
Returns:
The response from the CreateAccessKey service method, as returned by AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.services.identitymanagement.model.LimitExceededException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
    public CreateAccessKeyResult createAccessKey(CreateAccessKeyRequest createAccessKeyRequest) {
        ExecutionContext executionContext = createExecutionContext(createAccessKeyRequest);
        AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
        awsRequestMetrics.startEvent(.);
        Request<CreateAccessKeyRequestrequest = null;
        Response<CreateAccessKeyResultresponse = null;
        
        try {
            awsRequestMetrics.startEvent(.);
            try {
                request = new CreateAccessKeyRequestMarshaller().marshall(super.beforeMarshalling(createAccessKeyRequest));
                // Binds the request metrics to the current request.
                request.setAWSRequestMetrics(awsRequestMetrics);
            } finally {
                awsRequestMetrics.endEvent(.);
            }
            response = invoke(requestnew CreateAccessKeyResultStaxUnmarshaller(), executionContext);
            return response.getAwsResponse();
        } finally {
            
            endClientExecution(awsRequestMetricsrequestresponse);
        }
    }
    
    

Retrieves information about the specified user, including the user's creation date, path, unique ID, and ARN.

If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID used to sign the request.

Parameters:
getUserRequest Container for the necessary parameters to execute the GetUser service method on AmazonIdentityManagement.
Returns:
The response from the GetUser service method, as returned by AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
    public GetUserResult getUser(GetUserRequest getUserRequest) {
        ExecutionContext executionContext = createExecutionContext(getUserRequest);
        AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
        awsRequestMetrics.startEvent(.);
        Request<GetUserRequestrequest = null;
        Response<GetUserResultresponse = null;
        
        try {
            awsRequestMetrics.startEvent(.);
            try {
                request = new GetUserRequestMarshaller().marshall(super.beforeMarshalling(getUserRequest));
                // Binds the request metrics to the current request.
                request.setAWSRequestMetrics(awsRequestMetrics);
            } finally {
                awsRequestMetrics.endEvent(.);
            }
            response = invoke(requestnew GetUserResultStaxUnmarshaller(), executionContext);
            return response.getAwsResponse();
        } finally {
            
            endClientExecution(awsRequestMetricsrequestresponse);
        }
    }
    
    

Lists all managed policies that are attached to the specified group.

A group can also have inline policies embedded with it. To list the inline policies for a group, use the ListGroupPolicies API. For information about policies, refer to Managed Policies and Inline Policies in the Using IAM guide.

You can paginate the results using the MaxItems and Marker parameters. You can use the PathPrefix parameter to limit the list of policies to only those matching the specified path prefix. If there are no policies attached to the specified group (or none that match the specified path prefix), the action returns an empty list.

Parameters:
listAttachedGroupPoliciesRequest Container for the necessary parameters to execute the ListAttachedGroupPolicies service method on AmazonIdentityManagement.
Returns:
The response from the ListAttachedGroupPolicies service method, as returned by AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.InvalidInputException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
        ExecutionContext executionContext = createExecutionContext(listAttachedGroupPoliciesRequest);
        AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
        awsRequestMetrics.startEvent(.);
        Request<ListAttachedGroupPoliciesRequestrequest = null;
        Response<ListAttachedGroupPoliciesResultresponse = null;
        
        try {
            awsRequestMetrics.startEvent(.);
            try {
                request = new ListAttachedGroupPoliciesRequestMarshaller().marshall(super.beforeMarshalling(listAttachedGroupPoliciesRequest));
                // Binds the request metrics to the current request.
                request.setAWSRequestMetrics(awsRequestMetrics);
            } finally {
                awsRequestMetrics.endEvent(.);
            }
            response = invoke(requestnew ListAttachedGroupPoliciesResultStaxUnmarshaller(), executionContext);
            return response.getAwsResponse();
        } finally {
            
            endClientExecution(awsRequestMetricsrequestresponse);
        }
    }
    
    

Lists the MFA devices. If the request includes the user name, then this action lists all the MFA devices associated with the specified user name. If you do not specify a user name, IAM determines the user name implicitly based on the AWS access key ID signing the request.

You can paginate the results using the MaxItems and Marker parameters.

Parameters:
listMFADevicesRequest Container for the necessary parameters to execute the ListMFADevices service method on AmazonIdentityManagement.
Returns:
The response from the ListMFADevices service method, as returned by AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
    public ListMFADevicesResult listMFADevices(ListMFADevicesRequest listMFADevicesRequest) {
        ExecutionContext executionContext = createExecutionContext(listMFADevicesRequest);
        AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
        awsRequestMetrics.startEvent(.);
        Request<ListMFADevicesRequestrequest = null;
        Response<ListMFADevicesResultresponse = null;
        
        try {
            awsRequestMetrics.startEvent(.);
            try {
                request = new ListMFADevicesRequestMarshaller().marshall(super.beforeMarshalling(listMFADevicesRequest));
                // Binds the request metrics to the current request.
                request.setAWSRequestMetrics(awsRequestMetrics);
            } finally {
                awsRequestMetrics.endEvent(.);
            }
            response = invoke(requestnew ListMFADevicesResultStaxUnmarshaller(), executionContext);
            return response.getAwsResponse();
        } finally {
            
            endClientExecution(awsRequestMetricsrequestresponse);
        }
    }
    
    

Synchronizes the specified MFA device with AWS servers.

For more information about creating and working with virtual MFA devices, go to Using a Virtual MFA Device in the Using IAM guide.

Parameters:
resyncMFADeviceRequest Container for the necessary parameters to execute the ResyncMFADevice service method on AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.services.identitymanagement.model.InvalidAuthenticationCodeException
com.amazonaws.services.identitymanagement.model.LimitExceededException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
    public void resyncMFADevice(ResyncMFADeviceRequest resyncMFADeviceRequest) {
        ExecutionContext executionContext = createExecutionContext(resyncMFADeviceRequest);
        AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
        Request<ResyncMFADeviceRequestrequest = null;
        awsRequestMetrics.startEvent(.);
        
        try {
            awsRequestMetrics.startEvent(.);
            try {
                request = new ResyncMFADeviceRequestMarshaller().marshall(super.beforeMarshalling(resyncMFADeviceRequest));
                // Binds the request metrics to the current request.
                request.setAWSRequestMetrics(awsRequestMetrics);
            } finally {
                awsRequestMetrics.endEvent(.);
            }
            invoke(requestnullexecutionContext);
        } finally {
            
            endClientExecution(awsRequestMetricsrequestnull);
        }
    }
    
    

Creates a new virtual MFA device for the AWS account. After creating the virtual MFA, use EnableMFADevice to attach the MFA device to an IAM user. For more information about creating and working with virtual MFA devices, go to Using a Virtual MFA Device in the Using IAM guide.

For information about limits on the number of MFA devices you can create, see Limitations on Entities in the Using IAM guide.

IMPORTANT:The seed information contained in the QR code and the Base32 string should be treated like any other secret access information, such as your AWS access keys or your passwords. After you provision your virtual device, you should ensure that the information is destroyed following secure procedures.

Parameters:
createVirtualMFADeviceRequest Container for the necessary parameters to execute the CreateVirtualMFADevice service method on AmazonIdentityManagement.
Returns:
The response from the CreateVirtualMFADevice service method, as returned by AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.LimitExceededException
com.amazonaws.services.identitymanagement.model.EntityAlreadyExistsException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
        ExecutionContext executionContext = createExecutionContext(createVirtualMFADeviceRequest);
        AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
        awsRequestMetrics.startEvent(.);
        Request<CreateVirtualMFADeviceRequestrequest = null;
        Response<CreateVirtualMFADeviceResultresponse = null;
        
        try {
            awsRequestMetrics.startEvent(.);
            try {
                request = new CreateVirtualMFADeviceRequestMarshaller().marshall(super.beforeMarshalling(createVirtualMFADeviceRequest));
                // Binds the request metrics to the current request.
                request.setAWSRequestMetrics(awsRequestMetrics);
            } finally {
                awsRequestMetrics.endEvent(.);
            }
            response = invoke(requestnew CreateVirtualMFADeviceResultStaxUnmarshaller(), executionContext);
            return response.getAwsResponse();
        } finally {
            
            endClientExecution(awsRequestMetricsrequestresponse);
        }
    }
    
    

Deletes the specified version of the specified managed policy.

You cannot delete the default version of a policy using this API. To delete the default version of a policy, use DeletePolicy. To find out which version of a policy is marked as the default version, use ListPolicyVersions.

For information about versions for managed policies, refer to Versioning for Managed Policies in the Using IAM guide.

Parameters:
deletePolicyVersionRequest Container for the necessary parameters to execute the DeletePolicyVersion service method on AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.services.identitymanagement.model.InvalidInputException
com.amazonaws.services.identitymanagement.model.NoSuchEntityException
com.amazonaws.services.identitymanagement.model.DeleteConflictException
com.amazonaws.services.identitymanagement.model.LimitExceededException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
    public void deletePolicyVersion(DeletePolicyVersionRequest deletePolicyVersionRequest) {
        ExecutionContext executionContext = createExecutionContext(deletePolicyVersionRequest);
        AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
        Request<DeletePolicyVersionRequestrequest = null;
        awsRequestMetrics.startEvent(.);
        
        try {
            awsRequestMetrics.startEvent(.);
            try {
                request = new DeletePolicyVersionRequestMarshaller().marshall(super.beforeMarshalling(deletePolicyVersionRequest));
                // Binds the request metrics to the current request.
                request.setAWSRequestMetrics(awsRequestMetrics);
            } finally {
                awsRequestMetrics.endEvent(.);
            }
            invoke(requestnullexecutionContext);
        } finally {
            
            endClientExecution(awsRequestMetricsrequestnull);
        }
    }
    
    

Lists the account aliases associated with the account. For information about using an AWS account alias, see Using an Alias for Your AWS Account ID in the Using IAM guide.

You can paginate the results using the MaxItems and Marker parameters.

Parameters:
listAccountAliasesRequest Container for the necessary parameters to execute the ListAccountAliases service method on AmazonIdentityManagement.
Returns:
The response from the ListAccountAliases service method, as returned by AmazonIdentityManagement.
Throws:
com.amazonaws.services.identitymanagement.model.ServiceFailureException
com.amazonaws.AmazonClientException If any internal errors are encountered inside the client while attempting to make the request or handle the response. For example if a network connection is not available.
com.amazonaws.AmazonServiceException If an error response is returned by AmazonIdentityManagement indicating either a problem with the data in the request, or a server side issue.
    public ListAccountAliasesResult listAccountAliases(ListAccountAliasesRequest listAccountAliasesRequest) {
        ExecutionContext executionContext = createExecutionContext(listAccountAliasesRequest);
        AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
        awsRequestMetrics.startEvent(.);
        Request<ListAccountAliasesRequestrequest = null;
        Response<ListAccountAliasesResultresponse = null;
        
        try {
            awsRequestMetrics.startEvent(.);
            try {
                request = new ListAccountAliasesRequestMarshaller().marshall(super.beforeMarshalling(listAccountAliasesRequest));
                // Binds the request metrics to the current request.
                request.setAWSRequestMetrics(awsRequestMetrics);
            } finally {
                awsRequestMetrics.endEvent(.);
            }