Learn R Programming

⚠️There's a newer version (0.9.0) of this package.Take me there.

paws.security.identity (version 0.1.8)

Amazon Web Services Security, Identity, & Compliance APIs

Description

Interface to Amazon Web Services security, identity, and compliance APIs, including the 'Identity & Access Management' ('IAM') service for managing access to services and resources, and more .

Copy Link

Version

Install

install.packages('paws.security.identity')

Monthly Downloads

4,174

Version

0.1.8

License

Apache License (>= 2.0)

Maintainer

David Kretch

Last Published

April 26th, 2020

Functions in paws.security.identity (0.1.8)

acmpca_tag_certificate_authority

Adds one or more tags to your private CA
clouddirectory_list_facet_names

Retrieves the names of facets that exist in a schema
acm_resend_validation_email

Resends the email that requests domain ownership validation
cloudhsmv2_list_tags

Gets a list of tags for the specified AWS CloudHSM cluster
acm_import_certificate

Imports a certificate into AWS Certificate Manager (ACM) to use with services that are integrated with ACM
acm_list_certificates

Retrieves a list of certificate ARNs and domain names
cloudhsm_list_available_zones

This is documentation for AWS CLOUDHSM CLASSIC
acm_update_certificate_options

Updates a certificate
acmpca_get_certificate_authority_csr

Retrieves the certificate signing request (CSR) for your private certificate authority (CA)
cloudhsmv2_create_hsm

Creates a new hardware security module (HSM) in the specified AWS CloudHSM cluster
clouddirectory_create_facet

Creates a new Facet in a schema
clouddirectory_create_directory

Creates a Directory by copying the published schema into the directory
acmpca_import_certificate_authority_certificate

Imports a signed private CA certificate into ACM Private CA
clouddirectory_get_object_information

Retrieves metadata about an object
clouddirectory_list_tags_for_resource

Returns tags for a resource
clouddirectory_delete_object

Deletes an object and its associated attributes
clouddirectory_delete_schema

Deletes a given schema
acmpca_untag_certificate_authority

Remove one or more tags from your private CA
clouddirectory_get_schema_as_json

Retrieves a JSON representation of the schema
clouddirectory_upgrade_applied_schema

Upgrades a single directory in-place using the PublishedSchemaArn with schema updates found in MinorVersion
clouddirectory_list_incoming_typed_links

Returns a paginated list of all the incoming TypedLinkSpecifier information for an object
clouddirectory_list_typed_link_facet_attributes

Returns a paginated list of all attribute definitions for a particular TypedLinkFacet
clouddirectory_publish_schema

Publishes a development schema with a major version and a recommended minor version
acm_list_tags_for_certificate

Lists the tags that have been applied to the ACM certificate
clouddirectory_put_schema_from_json

Allows a schema to be updated using JSON upload
cloudhsmv2_initialize_cluster

Claims an AWS CloudHSM cluster by submitting the cluster certificate issued by your issuing certificate authority (CA) and the CA's root certificate
clouddirectory_upgrade_published_schema

Upgrades a published schema under a new minor version revision using the current contents of DevelopmentSchemaArn
cognitoidentityprovider_admin_add_user_to_group

Adds the specified user to the specified group
cloudhsm_list_hapgs

This is documentation for AWS CLOUDHSM CLASSIC
cognitoidentity_get_credentials_for_identity

Returns credentials for the provided identity ID
cloudhsmv2_delete_backup

Deletes a specified AWS CloudHSM backup
cognitoidentity_describe_identity_pool

Gets details about a particular identity pool, including the pool name, ID description, creation date, and current number of users
cognitoidentity_merge_developer_identities

Merges two users having different IdentityIds, existing in the same identity pool, and identified by the same developer provider
cognitoidentityprovider_admin_respond_to_auth_challenge

Responds to an authentication challenge, as an administrator
cognitoidentityprovider_describe_resource_server

Describes a resource server
cognitoidentity_set_identity_pool_roles

Sets the roles for an identity pool
cognitoidentityprovider_list_user_pools

Lists the user pools associated with an AWS account
cognitoidentityprovider_change_password

Changes the password for a specified user in a user pool
acmpca_describe_certificate_authority

Lists information about your private certificate authority (CA)
cognitoidentityprovider_create_identity_provider

Creates an identity provider for a user pool
cognitoidentityprovider_add_custom_attributes

Adds additional user attributes to the user pool schema
clouddirectory_get_link_attributes

Retrieves attributes that are associated with a typed link
cognitoidentityprovider_admin_reset_user_password

Resets the specified user's password in a user pool as an administrator
cloudhsmv2_untag_resource

Removes the specified tag or tags from the specified AWS CloudHSM cluster
acm_remove_tags_from_certificate

Remove one or more tags from an ACM certificate
acmpca_delete_certificate_authority

Deletes a private certificate authority (CA)
cognitoidentityprovider_create_group

Creates a new group in the specified user pool
cognitoidentityprovider_describe_user_pool_client

Client method for returning the configuration information and metadata of the specified user pool app client
acmpca_issue_certificate

Uses your private certificate authority (CA) to issue a client certificate
clouddirectory_create_index

Creates an index object
clouddirectory_create_object

Creates an object in a Directory
acmpca_delete_permission

Revokes permissions that a private CA assigned to a designated AWS service
cognitoidentityprovider_get_user_pool_mfa_config

Gets the user pool multi-factor authentication (MFA) configuration
clouddirectory_attach_object

Attaches an existing object to another object
clouddirectory_delete_directory

Deletes a directory
acmpca_list_certificate_authorities

Lists the private certificate authorities that you created by using the CreateCertificateAuthority action
cognitoidentityprovider_confirm_device

Confirms tracking of the device
directoryservice_create_log_subscription

Creates a subscription to forward real-time Directory Service domain controller security logs to the specified Amazon CloudWatch log group in your AWS account
clouddirectory_attach_policy

Attaches a policy object to a regular object
cognitoidentityprovider_sign_up

Registers the user in the specified user pool and creates a user name, password, and user attributes
directoryservice_unshare_directory

Stops the directory sharing between the directory owner and consumer accounts
cognitoidentityprovider_list_users

Lists the users in the Amazon Cognito user pool
cognitoidentity_describe_identity

Returns metadata related to the given identity, including when the identity was created and any associated linked logins
cognitoidentityprovider_describe_risk_configuration

Describes the risk configuration
clouddirectory_get_object_attributes

Retrieves attributes within a facet that are associated with an object
cognitoidentityprovider_describe_user_pool_domain

Gets information about a domain
cognitoidentityprovider_global_sign_out

Signs out users from all devices
cognitoidentityprovider_start_user_import_job

Starts the user import
cognitoidentityprovider_update_identity_provider

Updates identity provider information for a user pool
cognitosync_update_records

Posts updates to records and adds and deletes records for a dataset and user
directoryservice_reject_shared_directory

Rejects a directory sharing request that was sent from the directory owner account
directoryservice_create_microsoft_ad

Creates a Microsoft AD directory in the AWS Cloud
cognitoidentityprovider_update_resource_server

Updates the name and scopes of resource server
clouddirectory_update_link_attributes

Updates a given typed link<U+00E2><U+20AC><U+2122>s attributes
cloudhsm_modify_luna_client

This is documentation for AWS CLOUDHSM CLASSIC
clouddirectory_delete_facet

Deletes a given Facet
cognitosync_delete_dataset

Deletes the specific dataset
cognitosync_describe_dataset

Gets meta data about a dataset by identity and dataset name
cognitosync_unsubscribe_from_dataset

Unsubscribes from receiving notifications when a dataset is modified by another device
clouddirectory_list_attached_indices

Lists indices attached to the specified object
directoryservice_delete_conditional_forwarder

Deletes a conditional forwarder that has been set up for your AWS directory
directoryservice_update_conditional_forwarder

Updates a conditional forwarder that has been set up for your AWS directory
directoryservice_register_event_topic

Associates a directory with an SNS topic
cloudhsm_list_hsms

This is documentation for AWS CLOUDHSM CLASSIC
directoryservice_describe_snapshots

Obtains information about the directory snapshots that belong to this account
directoryservice_disable_sso

Disables single-sign on for a directory
clouddirectory_list_development_schema_arns

Retrieves each Amazon Resource Name (ARN) of schemas in the development state
directoryservice_describe_trusts

Obtains information about the trust relationships for this account
guardduty_delete_invitations

Deletes invitations sent to the current member account by AWS accounts specified by their account IDs
directoryservice_delete_directory

Deletes an AWS Directory Service directory
clouddirectory_list_typed_link_facet_names

Returns a paginated list of TypedLink facet names for a particular schema
acm

AWS Certificate Manager
clouddirectory_lookup_policy

Lists all policies from the root of the Directory to the object specified
cognitoidentityprovider_admin_list_user_auth_events

Lists a history of user activity and any risks detected as part of Amazon Cognito advanced security
directoryservice_enable_ldaps

Activates the switch for the specific directory to always use LDAP secure calls
clouddirectory_update_object_attributes

Updates a given object's attributes
guardduty_list_filters

Returns a paginated list of the current filters
iam_delete_role

Deletes the specified role
fms_get_policy

Returns information about the specified AWS Firewall Manager policy
fms_get_protection_status

If you created a Shield Advanced policy, returns policy-level attack summary information in the event of a potential DDoS attack
guardduty_create_detector

Creates a single Amazon GuardDuty detector
cloudhsm_create_hapg

This is documentation for AWS CLOUDHSM CLASSIC
guardduty_archive_findings

Archives GuardDuty findings specified by the list of finding IDs
guardduty_delete_filter

Deletes the filter specified by the filter name
guardduty_get_findings_statistics

Lists Amazon GuardDuty findings' statistics for the specified detector ID
guardduty_get_invitations_count

Returns the count of all GuardDuty membership invitations that were sent to the current member account except the currently accepted invitation
iam_delete_access_key

Deletes the access key pair associated with the specified IAM user
cloudhsm_create_hsm

This is documentation for AWS CLOUDHSM CLASSIC
cloudhsm_modify_hsm

This is documentation for AWS CLOUDHSM CLASSIC
guardduty_list_findings

Lists Amazon GuardDuty findings for the specified detector ID
cloudhsm_list_luna_clients

This is documentation for AWS CLOUDHSM CLASSIC
cognitoidentity_list_tags_for_resource

Lists the tags that are assigned to an Amazon Cognito identity pool
iam_generate_organizations_access_report

Generates a report for service last accessed data for AWS Organizations
guardduty_list_tags_for_resource

Lists tags for a resource
clouddirectory_detach_object

Detaches a given object from the parent object
cognitoidentity_delete_identity_pool

Deletes an identity pool
cognitoidentityprovider_admin_enable_user

Enables the specified user as an administrator
cognitoidentity

Amazon Cognito Identity
clouddirectory_delete_typed_link_facet

Deletes a TypedLinkFacet
iam_change_password

Changes the password of the IAM user who is calling this operation
cognitoidentityprovider_admin_forget_device

Forgets the device, as an administrator
guardduty_update_ip_set

Updates the IPSet specified by the IPSet ID
guardduty_update_publishing_destination

Updates information about the publishing destination specified by the destinationId
guardduty_list_threat_intel_sets

Lists the ThreatIntelSets of the GuardDuty service specified by the detector ID
iam_delete_account_alias

Deletes the specified AWS account alias
iam_create_access_key

Creates a new AWS secret access key and corresponding AWS access key ID for the specified user
acmpca_update_certificate_authority

Updates the status or configuration of a private certificate authority (CA)
cognitoidentityprovider_admin_set_user_mfa_preference

Sets the user's multi-factor authentication (MFA) preference, including which MFA options are enabled and if any are preferred
iam_delete_user

Deletes the specified IAM user
cognitoidentityprovider_confirm_forgot_password

Allows a user to enter a confirmation code to reset a forgotten password
iam_delete_role_permissions_boundary

Deletes the permissions boundary for the specified IAM role
acmpca

AWS Certificate Manager Private Certificate Authority
acmpca_create_permission

Assigns permissions from a private CA to a designated AWS service
iam_delete_ssh_public_key

Deletes the specified SSH public key
cognitoidentity_lookup_developer_identity

Retrieves the IdentityID associated with a DeveloperUserIdentifier or the list of DeveloperUserIdentifier values associated with an IdentityId for an existing identity
acm_export_certificate

Exports a private certificate issued by a private certificate authority (CA) for use anywhere
acmpca_create_certificate_authority

Creates a root or subordinate private certificate authority (CA)
clouddirectory_update_facet

Does the following: 1
acm_add_tags_to_certificate

Adds one or more tags to an ACM certificate
cognitoidentityprovider_forget_device

Forgets the specified device
clouddirectory_batch_read

Performs all the read operations in a batch
cloudhsm_describe_hapg

This is documentation for AWS CLOUDHSM CLASSIC
iam_get_credential_report

Retrieves a credential report for the AWS account
clouddirectory_list_object_attributes

Lists all attributes that are associated with an object
cognitoidentityprovider_confirm_sign_up

Confirms registration of a user and handles the existing alias from a previous user
iam_get_service_last_accessed_details_with_entities

After you generate a group or policy report using the GenerateServiceLastAccessedDetails operation, you can use the JobId parameter in GetServiceLastAccessedDetailsWithEntities
directoryservice_disable_radius

Disables multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector or Microsoft AD directory
clouddirectory_add_facet_to_object

Adds a new Facet to an object
clouddirectory

Amazon CloudDirectory
clouddirectory_get_typed_link_facet_information

Returns the identity attribute order for a specific TypedLinkFacet
cognitoidentityprovider_admin_remove_user_from_group

Removes the specified user from the specified group
clouddirectory_update_typed_link_facet

Updates a TypedLinkFacet
acm_delete_certificate

Deletes a certificate and its associated private key
clouddirectory_detach_policy

Detaches a policy from an object
cognitoidentityprovider_delete_user_pool_domain

Deletes a domain for a user pool
iam_get_group

Returns a list of IAM users that are in the specified IAM group
acmpca_describe_certificate_authority_audit_report

Lists information about a specific audit report created by calling the CreateCertificateAuthorityAuditReport action
acmpca_list_permissions

Lists all the permissions, if any, that have been assigned by a private CA
clouddirectory_list_object_children

Returns a paginated list of child objects that are associated with a given object
iam_generate_service_last_accessed_details

Generates a report that includes details about when an IAM resource (user, group, role, or policy) was last used in an attempt to access AWS services
acmpca_create_certificate_authority_audit_report

Creates an audit report that lists every time that your CA private key is used
clouddirectory_update_schema

Updates the schema name with a new name
cognitoidentityprovider_admin_set_user_password

Sets the specified user's password in a user pool as an administrator
cognitoidentity_get_open_id_token

Gets an OpenID token, using a known Cognito ID
clouddirectory_list_policy_attachments

Returns all of the ObjectIdentifiers to which a given policy is attached
cloudhsm_describe_luna_client

This is documentation for AWS CLOUDHSM CLASSIC
cloudhsmv2_restore_backup

Restores a specified AWS CloudHSM backup that is in the PENDING_DELETION state
acm_get_certificate

Retrieves a certificate specified by an ARN and its certificate chain
clouddirectory_list_published_schema_arns

Lists the major version families of each published schema
clouddirectory_batch_write

Performs all the write operations in a batch
clouddirectory_list_applied_schema_arns

Lists schema major versions applied to a directory
directoryservice

AWS Directory Service
cognitoidentityprovider_initiate_auth

Initiates the authentication flow
clouddirectory_attach_to_index

Attaches the specified object to the specified index
cloudhsmv2

AWS CloudHSM V2
clouddirectory_list_outgoing_typed_links

Returns a paginated list of all the outgoing TypedLinkSpecifier information for an object
iam_get_service_linked_role_deletion_status

Retrieves the status of your service-linked role deletion
acmpca_list_tags

Lists the tags, if any, that are associated with your private CA
clouddirectory_create_schema

Creates a new schema in a development state
cognitoidentityprovider_set_risk_configuration

Configures actions on detected risks
acm_request_certificate

Requests an ACM certificate for use with other AWS services
cloudhsm_create_luna_client

This is documentation for AWS CLOUDHSM CLASSIC
clouddirectory_apply_schema

Copies the input published schema, at the specified version, into the Directory with the same name and version as that of the published schema
acmpca_revoke_certificate

Revokes a certificate that was issued inside ACM Private CA
iam_list_signing_certificates

Returns information about the signing certificates associated with the specified IAM user
cloudhsm_delete_hapg

This is documentation for AWS CLOUDHSM CLASSIC
cloudhsmv2_tag_resource

Adds or overwrites one or more tags for the specified AWS CloudHSM cluster
clouddirectory_enable_directory

Enables the specified directory
iam_list_instance_profiles

Lists the instance profiles that have the specified path prefix
cognitoidentityprovider_respond_to_auth_challenge

Responds to the authentication challenge
clouddirectory_attach_typed_link

Attaches a typed link to a specified source and target object
clouddirectory_detach_from_index

Detaches the specified object from the specified index
acm_describe_certificate

Returns detailed metadata about the specified ACM certificate
clouddirectory_get_facet

Gets details of the Facet, such as facet name, attributes, Rules, or ObjectType
acmpca_restore_certificate_authority

Restores a certificate authority (CA) that is in the DELETED state
cognitoidentityprovider_admin_disable_provider_for_user

Disables the user from signing in with the specified external (SAML or social) identity provider
acm_renew_certificate

Renews an eligable ACM certificate
cognitoidentityprovider_describe_identity_provider

Gets information about a specific identity provider
cloudhsm_remove_tags_from_resource

This is documentation for AWS CLOUDHSM CLASSIC
cognitoidentityprovider_set_user_settings

_This action is no longer supported
cloudhsm_get_config

This is documentation for AWS CLOUDHSM CLASSIC
cognitosync_get_bulk_publish_details

Get the status of the last BulkPublish operation for an identity pool
fms_list_compliance_status

Returns an array of PolicyComplianceStatus objects in the response
cognitoidentityprovider_list_devices

Lists the devices
directoryservice_delete_snapshot

Deletes a directory snapshot
cognitoidentityprovider_associate_software_token

Returns a unique generated shared secret key code for the user account
cognitoidentityprovider_forgot_password

Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password
cognitoidentityprovider_set_user_pool_mfa_config

Set the user pool multi-factor authentication (MFA) configuration
cognitoidentity_get_open_id_token_for_developer_identity

Registers (or retrieves) a Cognito IdentityId and an OpenID Connect token for a user authenticated by your backend authentication process
clouddirectory_list_object_policies

Returns policies attached to an object in pagination fashion
clouddirectory_create_typed_link_facet

Creates a TypedLinkFacet
cognitoidentityprovider_verify_software_token

Use this API to register a user's entered TOTP code and mark the user's software token MFA status as "verified" if successful
fms

Firewall Management Service
acmpca_get_certificate_authority_certificate

Retrieves the certificate and certificate chain for your private certificate authority (CA)
acmpca_get_certificate

Retrieves a certificate from your private CA
cognitosync_get_cognito_events

Gets the events and the corresponding Lambda functions associated with an identity pool
cognitoidentityprovider_delete_user_pool

Deletes the specified Amazon Cognito user pool
cognitoidentityprovider_verify_user_attribute

Verifies the specified user attributes in the user pool
clouddirectory_list_object_parent_paths

Retrieves all available parent paths for any object type such as node, leaf node, policy node, and index node objects
cognitoidentityprovider_admin_user_global_sign_out

Signs out users from all devices, as an administrator
iam_list_service_specific_credentials

Returns information about the service-specific credentials associated with the specified IAM user
cognitoidentity_update_identity_pool

Updates an identity pool
clouddirectory_list_managed_schema_arns

Lists the major version families of each managed schema
directoryservice_create_conditional_forwarder

Creates a conditional forwarder associated with your AWS directory
clouddirectory_get_applied_schema_version

Returns current applied schema version ARN, including the minor version in use
directoryservice_create_directory

Creates a Simple AD directory
directoryservice_accept_shared_directory

Accepts a directory sharing request that was sent from the directory owner account
directoryservice_disable_ldaps

Deactivates LDAP secure calls for the specified directory
iam_list_instance_profiles_for_role

Lists the instance profiles that have the specified associated IAM role
directoryservice_delete_log_subscription

Deletes the specified log subscription
iam_get_ssh_public_key

Retrieves the specified SSH public key, including metadata about the key
cognitoidentityprovider_create_resource_server

Creates a new OAuth2
iam_list_users

Lists the IAM users that have the specified path prefix
clouddirectory_list_object_parents

Lists parent objects that are associated with a given object in pagination fashion
clouddirectory_get_directory

Retrieves metadata about a directory
cognitoidentityprovider_admin_confirm_sign_up

Confirms user registration as an admin without using a confirmation code
cognitoidentityprovider

Amazon Cognito Identity Provider
clouddirectory_list_index

Lists objects attached to the specified index
iam_get_user

Retrieves information about the specified IAM user, including the user's creation date, path, unique ID, and ARN
clouddirectory_detach_typed_link

Detaches a typed link from a specified source and target object
directoryservice_get_directory_limits

Obtains directory limit information for the current Region
cloudhsm

Amazon CloudHSM
cloudhsm_delete_hsm

This is documentation for AWS CLOUDHSM CLASSIC
clouddirectory_disable_directory

Disables the specified directory
clouddirectory_remove_facet_from_object

Removes the specified facet from the specified object
clouddirectory_list_directories

Lists directories created within an account
cloudhsmv2_copy_backup_to_region

Copy an AWS CloudHSM cluster backup to a different region
directoryservice_reset_user_password

Resets the password for any user in your AWS Managed Microsoft AD or Simple AD directory
iam_tag_user

Adds one or more tags to an IAM user
clouddirectory_list_facet_attributes

Retrieves attributes attached to the facet
cognitoidentityprovider_create_user_import_job

Creates the user import job
fms_tag_resource

Adds one or more tags to an AWS resource
clouddirectory_untag_resource

An API operation for removing tags from a resource
cognitoidentityprovider_set_user_mfa_preference

Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are enabled and if any are preferred
cloudhsm_modify_hapg

This is documentation for AWS CLOUDHSM CLASSIC
iam_put_user_policy

Adds or updates an inline policy document that is embedded in the specified IAM user
directoryservice_get_snapshot_limits

Obtains the manual snapshot limits for a directory
cognitoidentityprovider_admin_get_device

Gets the device, as an administrator
cloudhsm_list_tags_for_resource

This is documentation for AWS CLOUDHSM CLASSIC
iam_put_user_permissions_boundary

Adds or updates the policy that is specified as the IAM user's permissions boundary
cognitoidentityprovider_admin_create_user

Creates a new user in the specified user pool
cognitoidentity_tag_resource

Assigns a set of tags to an Amazon Cognito identity pool
cognitoidentity_get_id

Generates (or retrieves) a Cognito ID
cognitoidentityprovider_admin_list_devices

Lists devices, as an administrator
directoryservice_restore_from_snapshot

Restores a directory using an existing directory snapshot
fms_associate_admin_account

Sets the AWS Firewall Manager administrator account
cognitoidentityprovider_admin_delete_user_attributes

Deletes the user attributes in a user pool as an administrator
cloudhsmv2_create_cluster

Creates a new AWS CloudHSM cluster
cognitoidentityprovider_admin_list_groups_for_user

Lists the groups that the user belongs to
clouddirectory_tag_resource

An API operation for adding tags to a resource
cloudhsm_delete_luna_client

This is documentation for AWS CLOUDHSM CLASSIC
guardduty_list_detectors

Lists detectorIds of all the existing Amazon GuardDuty detector resources
guardduty_delete_ip_set

Deletes the IPSet specified by the ipSetId
cognitoidentity_list_identities

Lists the identities in an identity pool
cloudhsm_describe_hsm

This is documentation for AWS CLOUDHSM CLASSIC
cloudhsmv2_delete_hsm

Deletes the specified HSM
cloudhsmv2_delete_cluster

Deletes the specified AWS CloudHSM cluster
cognitoidentity_create_identity_pool

Creates a new identity pool
cognitoidentityprovider_list_users_in_group

Lists the users in the specified group
cognitoidentityprovider_admin_delete_user

Deletes a user as an administrator
iam_upload_signing_certificate

Uploads an X
cognitoidentityprovider_admin_get_user

Gets the specified user by user name in a user pool as an administrator
cognitoidentityprovider_get_signing_certificate

This method takes a user pool ID, and returns the signing certificate
cognitoidentityprovider_admin_update_device_status

Updates the device status as an administrator
cloudhsm_add_tags_to_resource

This is documentation for AWS CLOUDHSM CLASSIC
cloudhsmv2_describe_backups

Gets information about backups of AWS CloudHSM clusters
cognitoidentityprovider_admin_disable_user

Disables the specified user
cloudhsmv2_describe_clusters

Gets information about AWS CloudHSM clusters
cognitoidentityprovider_delete_user

Allows a user to delete himself or herself
cognitoidentity_delete_identities

Deletes identities from an identity pool
cognitoidentity_list_identity_pools

Lists all of the Cognito identity pools registered for your account
guardduty_delete_members

Deletes GuardDuty member accounts (to the current GuardDuty master account) specified by the account IDs
cognitosync_subscribe_to_dataset

Subscribes to receive notifications when a dataset is modified by another device
inspector_describe_assessment_targets

Describes the assessment targets that are specified by the ARNs of the assessment targets
iam_add_user_to_group

Adds the specified user to the specified group
fms_list_member_accounts

Returns a MemberAccounts object that lists the member accounts in the administrator's AWS organization
cognitoidentityprovider_get_ui_customization

Gets the UI Customization information for a particular app client's app UI, if there is something set
fms_untag_resource

Removes one or more tags from an AWS resource
cognitoidentityprovider_describe_user_pool

Returns the configuration information and metadata of the specified user pool
cognitoidentityprovider_update_user_pool_domain

Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool
cognitoidentityprovider_get_device

Gets the device
cognitoidentityprovider_get_user_attribute_verification_code

Gets the user attribute verification code for the specified attribute name
cognitoidentity_unlink_developer_identity

Unlinks a DeveloperUserIdentifier from an existing identity
cognitoidentityprovider_delete_identity_provider

Deletes an identity provider for a user pool
guardduty_invite_members

Invites other AWS accounts (created as members of the current AWS account by CreateMembers) to enable GuardDuty and allow the current AWS account to view and manage these accounts' GuardDuty findings on their behalf as the master account
iam_deactivate_mfa_device

Deactivates the specified MFA device and removes it from association with the user name for which it was originally enabled
iam_update_assume_role_policy

Updates the policy that grants an IAM entity permission to assume a role
guardduty_get_filter

Returns the details of the filter specified by the filter name
cognitoidentityprovider_delete_resource_server

Deletes a resource server
iam_untag_role

Removes the specified tags from the role
cognitoidentity_get_identity_pool_roles

Gets the roles for an identity pool
iam_update_account_password_policy

Updates the password policy settings for the AWS account
cognitoidentityprovider_admin_update_user_attributes

Updates the specified user's attributes, including developer attributes, as an administrator
cognitoidentityprovider_delete_group

Deletes a group
cognitoidentityprovider_create_user_pool_domain

Creates a new domain for a user pool
cognitoidentity_unlink_identity

Unlinks a federated identity from an existing account
cognitoidentity_untag_resource

Removes the specified tags from an Amazon Cognito identity pool
directoryservice_describe_domain_controllers

Provides information about any domain controllers in your directory
guardduty_get_findings

Describes Amazon GuardDuty findings specified by finding IDs
cognitoidentityprovider_admin_initiate_auth

Initiates the authentication flow, as an administrator
iam_upload_ssh_public_key

Uploads an SSH public key and associates it with the specified IAM user
guardduty_start_monitoring_members

Turns on GuardDuty monitoring of the specified member accounts
cognitoidentityprovider_describe_user_import_job

Describes the user import job
cognitoidentityprovider_delete_user_pool_client

Allows the developer to delete the user pool client
cognitosync_register_device

Registers a device to receive push sync notifications
cognitoidentityprovider_get_user

Gets the user attributes and metadata for a user
cognitoidentityprovider_update_user_attributes

Allows a user to update a specific attribute (one at a time)
cognitoidentityprovider_resend_confirmation_code

Resends the confirmation (for confirmation of registration) to a specific user in the user pool
cognitoidentityprovider_stop_user_import_job

Stops the user import job
directoryservice_create_trust

AWS Directory Service for Microsoft Active Directory allows you to configure trust relationships
cognitoidentityprovider_update_auth_event_feedback

Provides the feedback for an authentication event whether it was from a valid user or not
cognitoidentityprovider_admin_update_auth_event_feedback

Provides feedback for an authentication event as to whether it was from a valid user
cognitoidentityprovider_admin_set_user_settings

_This action is no longer supported
cognitoidentityprovider_create_user_pool

Creates a new Amazon Cognito user pool and sets the password policy for the pool
cognitoidentityprovider_update_user_pool

Updates the specified user pool with the specified attributes
cognitoidentityprovider_get_csv_header

Gets the header information for the
cognitoidentityprovider_list_user_import_jobs

Lists the user import jobs
cognitosync_describe_identity_usage

Gets usage information for an identity, including number of datasets and data usage
directoryservice_create_computer

Creates a computer account in the specified directory, and joins the computer to the directory
cognitoidentityprovider_delete_user_attributes

Deletes the attributes for a user
iam_attach_group_policy

Attaches the specified managed policy to the specified IAM group
cognitoidentityprovider_admin_link_provider_for_user

Links an existing user account in a user pool (DestinationUser) to an identity from an external identity provider (SourceUser) based on a specified attribute name and value from the external identity provider
cognitosync_list_identity_pool_usage

Gets a list of identity pools registered with Cognito
inspector_get_assessment_report

Produces an assessment report that includes detailed and comprehensive results of a specified assessment run
cognitoidentityprovider_create_user_pool_client

Creates the user pool client
cognitoidentityprovider_update_user_pool_client

Updates the specified user pool app client with the specified attributes
kms_get_parameters_for_import

Returns the items you need to import key material into a symmetric, customer managed customer master key (CMK)
guardduty_stop_monitoring_members

Stops GuardDuty monitoring for the specified member accounnts
cognitoidentityprovider_list_user_pool_clients

Lists the clients that have been created for the specified user pool
cognitoidentityprovider_untag_resource

Removes the specified tags from an Amazon Cognito user pool
cognitosync_list_datasets

Lists datasets for an identity
cognitosync_list_records

Gets paginated records, optionally changed after a particular sync count for a dataset and identity
cognitosync_get_identity_pool_configuration

Gets the configuration settings of an identity pool
iam_delete_login_profile

Deletes the password for the specified IAM user, which terminates the user's ability to access AWS services through the AWS Management Console
iam_delete_user_permissions_boundary

Deletes the permissions boundary for the specified IAM user
directoryservice_create_snapshot

Creates a snapshot of a Simple AD or Microsoft AD directory in the AWS cloud
cognitoidentityprovider_tag_resource

Assigns a set of tags to an Amazon Cognito user pool
cognitoidentityprovider_get_identity_provider_by_identifier

Gets the specified identity provider
directoryservice_update_number_of_domain_controllers

Adds or removes domain controllers to or from the directory
directoryservice_start_schema_extension

Applies a schema extension to a Microsoft AD directory
iam_create_instance_profile

Creates a new instance profile
cognitoidentityprovider_set_ui_customization

Sets the UI customization information for a user pool's built-in app UI
directoryservice_describe_ldaps_settings

Describes the status of LDAP security for the specified directory
cognitosync_describe_identity_pool_usage

Gets usage details (for example, data storage) about a particular identity pool
cognitoidentityprovider_get_group

Gets a group
cognitosync_set_cognito_events

Sets the AWS Lambda function for a given event type for an identity pool
guardduty_create_members

Creates member accounts of the current AWS account by specifying a list of AWS account IDs
cognitoidentityprovider_list_groups

Lists the groups associated with a user pool
directoryservice_update_trust

Updates the trust that has been set up between your AWS Managed Microsoft AD directory and an on-premises Active Directory
directoryservice_cancel_schema_extension

Cancels an in-progress schema extension to a Microsoft AD directory
directoryservice_connect_directory

Creates an AD Connector to connect to an on-premises directory
iam_create_login_profile

Creates a password for the specified user, giving the user the ability to access AWS services through the AWS Management Console
inspector_describe_assessment_templates

Describes the assessment templates that are specified by the ARNs of the assessment templates
directoryservice_delete_trust

Deletes an existing trust relationship between your AWS Managed Microsoft AD directory and an external domain
directoryservice_create_alias

Creates an alias for a directory and assigns the alias to the directory
fms_get_admin_account

Returns the AWS Organizations master account that is associated with AWS Firewall Manager as the AWS Firewall Manager administrator
guardduty_get_members

Retrieves GuardDuty member accounts (to the current GuardDuty master account) specified by the account IDs
cognitoidentityprovider_list_resource_servers

Lists the resource servers for a user pool
directoryservice_deregister_certificate

Deletes from the system the certificate that was registered for a secured LDAP connection
inspector_describe_rules_packages

Describes the rules packages that are specified by the ARNs of the rules packages
directoryservice_list_certificates

For the specified directory, lists all the certificates registered for a secured LDAP connection
inspector_list_tags_for_resource

Lists all tags associated with an assessment template
cognitoidentityprovider_list_identity_providers

Lists information about all identity providers for a user pool
directoryservice_add_ip_routes

If the DNS server for your on-premises domain uses a publicly addressable IP address, you must add a CIDR address block to correctly route traffic to and from your Microsoft AD on Amazon Web Services
iam_delete_user_policy

Deletes the specified inline policy that is embedded in the specified IAM user
directoryservice_list_ip_routes

Lists the address blocks that you have added to a directory
iam_create_virtual_mfa_device

Creates a new virtual MFA device for the AWS account
directoryservice_list_log_subscriptions

Lists the active log subscriptions for the AWS account
directoryservice_describe_shared_directories

Returns the shared directories in your account
cognitoidentityprovider_list_tags_for_resource

Lists the tags that are assigned to an Amazon Cognito user pool
inspector_preview_agents

Previews the agents installed on the EC2 instances that are part of the specified assessment target
directoryservice_share_directory

Shares a specified directory (DirectoryId) in your AWS account (directory owner) with another AWS account (directory consumer)
directoryservice_describe_conditional_forwarders

Obtains information about the conditional forwarders for this account
cognitoidentityprovider_update_device_status

Updates the device status
guardduty_delete_publishing_destination

Deletes the publishing definition with the specified destinationId
directoryservice_verify_trust

AWS Directory Service for Microsoft Active Directory allows you to configure and verify trust relationships
directoryservice_add_tags_to_resource

Adds or overwrites one or more tags for the specified directory
guardduty_decline_invitations

Declines invitations sent to the current member account by AWS account specified by their account IDs
directoryservice_remove_tags_from_resource

Removes tags from a directory
directoryservice_describe_directories

Obtains information about the directories that belong to this account
cognitosync

Amazon Cognito Sync
kms_create_alias

Creates a display name for a customer managed customer master key (CMK)
cognitoidentityprovider_update_group

Updates the specified group with the specified attributes
guardduty_update_filter

Updates the filter specified by the filter name
guardduty_accept_invitation

Accepts the invitation to be monitored by a master GuardDuty account
guardduty_create_filter

Creates a filter using the specified finding criteria
cognitosync_bulk_publish

Initiates a bulk publish of all existing datasets for an Identity Pool to the configured stream
directoryservice_list_schema_extensions

Lists all schema extensions applied to a Microsoft AD Directory
fms_get_compliance_detail

Returns detailed compliance information about the specified member account
guardduty_list_ip_sets

Lists the IPSets of the GuardDuty service specified by the detector ID
fms_disassociate_admin_account

Disassociates the account that has been set as the AWS Firewall Manager administrator account
iam_detach_group_policy

Removes the specified managed policy from the specified IAM group
directoryservice_remove_ip_routes

Removes IP address blocks from a directory
fms_get_notification_channel

Information about the Amazon Simple Notification Service (SNS) topic that is used to record AWS Firewall Manager SNS logs
guardduty_list_members

Lists details about all member accounts for the current GuardDuty master account
kms_disable_key

Sets the state of a customer master key (CMK) to disabled, thereby preventing its use for cryptographic operations
kms_connect_custom_key_store

Connects or reconnects a custom key store to its associated AWS CloudHSM cluster
kms_describe_key

Provides detailed information about a customer master key (CMK)
iam_delete_open_id_connect_provider

Deletes an OpenID Connect identity provider (IdP) resource object in IAM
directoryservice_enable_sso

Enables single sign-on for a directory
cognitosync_set_identity_pool_configuration

Sets the necessary configuration for push sync
kms_enable_key

Sets the key state of a customer master key (CMK) to enabled
directoryservice_describe_event_topics

Obtains information about which SNS topics receive status messages from the specified directory
guardduty_delete_detector

Deletes a Amazon GuardDuty detector specified by the detector ID
directoryservice_update_radius

Updates the Remote Authentication Dial In User Service (RADIUS) server information for an AD Connector or Microsoft AD directory
guardduty_disassociate_from_master_account

Disassociates the current GuardDuty member account from its master account
kms_re_encrypt

Decrypts ciphertext and then reencrypts it entirely within AWS KMS
guardduty

Amazon GuardDuty
kms_enable_key_rotation

Enables automatic rotation of the key material for the specified symmetric customer master key (CMK)
directoryservice_describe_certificate

Displays information about the certificate registered for a secured LDAP connection
kms_get_public_key

Returns the public key of an asymmetric CMK
secretsmanager_put_resource_policy

Attaches the contents of the specified resource-based permission policy to a secret
securityhub_delete_insight

Deletes the insight specified by the InsightArn
directoryservice_deregister_event_topic

Removes the specified directory as a publisher to the specified SNS topic
ram

AWS Resource Access Manager
guardduty_tag_resource

Adds tags to a resource
kms_retire_grant

Retires a grant
ram_associate_resource_share_permission

Associates a permission with a resource share
guardduty_create_ip_set

Creates a new IPSet, called Trusted IP list in the consoler user interface
guardduty_describe_publishing_destination

Returns information about the publishing destination specified by the provided destinationId
fms_put_notification_channel

Designates the IAM role and Amazon Simple Notification Service (SNS) topic that AWS Firewall Manager uses to record SNS logs
macie_update_s3_resources

Updates the classification types for the specified S3 resources
iam_delete_virtual_mfa_device

Deletes a virtual MFA device
guardduty_delete_threat_intel_set

Deletes ThreatIntelSet specified by the ThreatIntelSet ID
guardduty_create_publishing_destination

Creates a publishing destination to send findings to
iam_get_organizations_access_report

Retrieves the service last accessed data report for AWS Organizations that was previously generated using the GenerateOrganizationsAccessReport operation
fms_delete_notification_channel

Deletes an AWS Firewall Manager association with the IAM role and the Amazon Simple Notification Service (SNS) topic that is used to record AWS Firewall Manager SNS logs
iam_delete_server_certificate

Deletes the specified server certificate
iam_attach_role_policy

Attaches the specified managed policy to the specified IAM role
iam_create_saml_provider

Creates an IAM resource that describes an identity provider (IdP) that supports SAML 2
iam_create_service_linked_role

Creates an IAM role that is linked to a specific AWS service
ram_create_resource_share

Creates a resource share
directoryservice_enable_radius

Enables multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector or Microsoft AD directory
guardduty_update_findings_feedback

Marks the specified GuardDuty findings as useful or not useful
guardduty_get_threat_intel_set

Retrieves the ThreatIntelSet that is specified by the ThreatIntelSet ID
guardduty_untag_resource

Removes tags from a resource
guardduty_list_invitations

Lists all GuardDuty membership invitations that were sent to the current AWS account
iam_get_service_last_accessed_details

Retrieves a service last accessed report that was created using the GenerateServiceLastAccessedDetails operation
guardduty_update_detector

Updates the Amazon GuardDuty detector specified by the detectorId
ram_get_resource_share_associations

Gets the resources or principals for the resource shares that you own
iam_create_group

Creates a new group
iam_delete_signing_certificate

Deletes a signing certificate associated with the specified IAM user
directoryservice_list_tags_for_resource

Lists all tags on a directory
iam_create_account_alias

Creates an alias for your AWS account
iam_delete_policy

Deletes the specified managed policy
secretsmanager_put_secret_value

Stores a new encrypted secret value in the specified secret
guardduty_unarchive_findings

Unarchives GuardDuty findings specified by the findingIds
iam_add_role_to_instance_profile

Adds the specified IAM role to the specified instance profile
fms_list_tags_for_resource

Retrieves the list of tags for the specified AWS resource
directoryservice_register_certificate

Registers a certificate for secured LDAP connection
secretsmanager_describe_secret

Retrieves the details of a secret
fms_list_policies

Returns an array of PolicySummary objects in the response
secretsmanager_get_random_password

Generates a random password of the specified complexity
ram_get_resource_share_invitations

Gets the invitations for resource sharing that you've received
fms_delete_policy

Permanently deletes an AWS Firewall Manager policy
iam_get_login_profile

Retrieves the user name and password-creation date for the specified IAM user
iam_get_open_id_connect_provider

Returns information about the specified OpenID Connect (OIDC) provider resource object in IAM
guardduty_list_publishing_destinations

Returns a list of publishing destinations associated with the specified dectectorId
iam_create_service_specific_credential

Generates a set of credentials consisting of a user name and password that can be used to access the service specified in the request
iam_list_attached_role_policies

Lists all managed policies that are attached to the specified IAM role
guardduty_disassociate_members

Disassociates GuardDuty member accounts (to the current GuardDuty master account) specified by the account IDs
sts_assume_role_with_web_identity

Returns a set of temporary security credentials for users who have been authenticated in a mobile or web application with a web identity provider
iam_list_groups

Lists the IAM groups that have the specified path prefix
iam_create_user

Creates a new IAM user for your AWS account
iam_get_policy

Retrieves information about the specified managed policy, including the policy's default version and the total number of IAM users, groups, and roles to which the policy is attached
guardduty_create_sample_findings

Generates example findings of types specified by the list of finding types
waf_create_rate_based_rule

Creates a RateBasedRule
iam_delete_service_linked_role

Submits a service-linked role deletion request and returns a DeletionTaskId, which you can use to check the status of the deletion
guardduty_get_ip_set

Retrieves the IPSet specified by the ipSetId
iam_list_attached_user_policies

Lists all managed policies that are attached to the specified IAM user
waf_create_ip_set

Creates an IPSet, which you use to specify which web requests that you want to allow or block based on the IP addresses that the requests originate from
iam_delete_group_policy

Deletes the specified inline policy that is embedded in the specified IAM group
iam_add_client_id_to_open_id_connect_provider

Adds a new client ID (also known as audience) to the list of client IDs already registered for the specified IAM OpenID Connect (OIDC) provider resource
securityhub_batch_import_findings

Imports security findings generated from an integrated third-party product into Security Hub
securityhub_delete_invitations

Deletes invitations received by the AWS account to become a member account
iam_attach_user_policy

Attaches the specified managed policy to the specified user
securityhub_create_action_target

Creates a custom action target in Security Hub
iam_list_groups_for_user

Lists the IAM groups that the specified IAM user belongs to
iam_get_context_keys_for_custom_policy

Gets a list of all of the context keys referenced in the input policies
guardduty_create_threat_intel_set

Create a new ThreatIntelSet
fms_put_policy

Creates an AWS Firewall Manager policy
iam_delete_policy_version

Deletes the specified version from the specified managed policy
iam

AWS Identity and Access Management
guardduty_get_master_account

Provides the details for the GuardDuty master account associated with the current GuardDuty member account
iam_delete_instance_profile

Deletes the specified instance profile
iam_delete_service_specific_credential

Deletes the specified service-specific credential
iam_detach_role_policy

Removes the specified managed policy from the specified role
guardduty_get_detector

Retrieves an Amazon GuardDuty detector specified by the detectorId
iam_generate_credential_report

Generates a credential report for the AWS account
securityhub_get_master_account

Provides the details for the Security Hub master account to the current member account
iam_create_role

Creates a new role for your AWS account
securityhub_get_invitations_count

Returns the count of all Security Hub membership invitations that were sent to the current member account, not including the currently accepted invitation
iam_list_user_tags

Lists the tags that are attached to the specified user
iam_list_mfa_devices

Lists the MFA devices for an IAM user
guardduty_update_threat_intel_set

Updates the ThreatIntelSet specified by ThreatIntelSet ID
securityhub_list_invitations

Lists all Security Hub membership invitations that were sent to the current AWS account
iam_put_role_permissions_boundary

Adds or updates the policy that is specified as the IAM role's permissions boundary
iam_create_open_id_connect_provider

Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC)
securityhub_list_enabled_products_for_import

Lists all findings-generating solutions (products) whose findings you have subscribed to receive in Security Hub
iam_delete_role_policy

Deletes the specified inline policy that is embedded in the specified IAM role
iam_create_policy_version

Creates a new version of the specified managed policy
shield_associate_drt_log_bucket

Authorizes the DDoS Response team (DRT) to access the specified Amazon S3 bucket containing your AWS WAF logs
iam_create_policy

Creates a new managed policy for your AWS account
iam_put_role_policy

Adds or updates an inline policy document that is embedded in the specified IAM role
inspector_describe_cross_account_access_role

Describes the IAM role that enables Amazon Inspector to access your AWS account
iam_delete_account_password_policy

Deletes the password policy for the AWS account
iam_enable_mfa_device

Enables the specified MFA device and associates it with the specified IAM user
iam_detach_user_policy

Removes the specified managed policy from the specified user
shield_list_attacks

Returns all ongoing DDoS attacks or all DDoS attacks during a specified time period
inspector_start_assessment_run

Starts the assessment run specified by the ARN of the assessment template
iam_get_role

Retrieves information about the specified role, including the role's path, GUID, ARN, and the role's trust policy that grants permission to assume the role
iam_update_server_certificate

Updates the name and/or the path of the specified server certificate stored in IAM
shield_associate_drt_role

Authorizes the DDoS Response team (DRT), using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks
shield_list_protections

Lists all Protection objects for the account
iam_get_account_password_policy

Retrieves the password policy for the AWS account
iam_simulate_custom_policy

Simulate how a set of IAM policies and optionally a resource-based policy works with a list of API operations and AWS resources to determine the policies' effective permissions
iam_list_user_policies

Lists the names of the inline policies embedded in the specified IAM user
iam_set_security_token_service_preferences

Sets the specified version of the global endpoint token as the token version used for the AWS account
iam_get_context_keys_for_principal_policy

Gets a list of all of the context keys referenced in all the IAM policies that are attached to the specified IAM entity
waf_create_web_acl

Creates a WebACL, which contains the Rules that identify the CloudFront web requests that you want to allow, block, or count
inspector_describe_resource_groups

Describes the resource groups that are specified by the ARNs of the resource groups
iam_get_account_summary

Retrieves information about IAM entity usage and IAM quotas in the AWS account
iam_update_service_specific_credential

Sets the status of a service-specific credential to Active or Inactive
iam_delete_group

Deletes the specified IAM group
inspector_set_tags_for_resource

Sets tags (key and value pairs) to the assessment template that is specified by the ARN of the assessment template
iam_get_policy_version

Retrieves information about the specified version of the specified managed policy, including the policy document
iam_update_ssh_public_key

Sets the status of an IAM user's SSH public key to active or inactive
iam_get_server_certificate

Retrieves information about the specified server certificate stored in IAM
iam_get_group_policy

Retrieves the specified inline policy document that is embedded in the specified IAM group
iam_get_user_policy

Retrieves the specified inline policy document that is embedded in the specified IAM user
iam_update_signing_certificate

Changes the status of the specified user signing certificate from active to disabled, or vice versa
iam_delete_saml_provider

Deletes a SAML provider resource in IAM
iam_list_policies_granting_service_access

Retrieves a list of policies that the IAM identity (user, group, or role) can use to access each specified service
iam_list_roles

Lists the IAM roles that have the specified path prefix
iam_list_entities_for_policy

Lists all IAM users, groups, and roles that the specified managed policy is attached to
sts_assume_role_with_saml

Returns a set of temporary security credentials for users who have been authenticated via a SAML authentication response
iam_list_policy_versions

Lists information about the versions of the specified managed policy, including the version that is currently set as the policy's default version
inspector_describe_findings

Describes the findings that are specified by the ARNs of the findings
inspector_describe_exclusions

Describes the exclusions that are specified by the exclusions' ARNs
iam_remove_user_from_group

Removes the specified user from the specified group
iam_list_access_keys

Returns information about the access key IDs associated with the specified IAM user
iam_put_group_policy

Adds or updates an inline policy document that is embedded in the specified IAM group
waf_list_activated_rules_in_rule_group

Returns an array of ActivatedRule objects
iam_list_group_policies

Lists the names of the inline policies that are embedded in the specified IAM group
kms_delete_custom_key_store

Deletes a custom key store
iam_get_account_authorization_details

Retrieves information about all IAM users, groups, roles, and policies in your AWS account, including their relationships to one another
waf_delete_web_acl

Permanently deletes a WebACL
iam_get_access_key_last_used

Retrieves information about when the specified access key was last used
iam_list_policies

Lists all the managed policies that are available in your AWS account, including your own customer-defined managed policies and all AWS managed policies
iam_list_role_tags

Lists the tags that are attached to the specified role
iam_list_ssh_public_keys

Returns information about the SSH public keys associated with the specified IAM user
iam_resync_mfa_device

Synchronizes the specified MFA device with its IAM resource object on the AWS servers
iam_get_instance_profile

Retrieves information about the specified instance profile, including the instance profile's path, GUID, ARN, and role
iam_list_role_policies

Lists the names of the inline policies that are embedded in the specified IAM role
waf_update_size_constraint_set

Inserts or deletes SizeConstraint objects (filters) in a SizeConstraintSet
iam_list_attached_group_policies

Lists all managed policies that are attached to the specified IAM group
iam_update_open_id_connect_provider_thumbprint

Replaces the existing list of server certificate thumbprints associated with an OpenID Connect (OIDC) provider resource object with a new list of thumbprints
kms_create_custom_key_store

Creates a custom key store that is associated with an AWS CloudHSM cluster that you own and manage
iam_list_virtual_mfa_devices

Lists the virtual MFA devices defined in the AWS account by assignment status
kms_list_aliases

Gets a list of aliases in the caller's AWS account and region
kms_create_grant

Adds a grant to a customer master key (CMK)
inspector_create_assessment_target

Creates a new assessment target using the ARN of the resource group that is generated by CreateResourceGroup
inspector

Amazon Inspector
iam_update_group

Updates the name and/or the path of the specified IAM group
kms_delete_alias

Deletes the specified alias
waf_create_xss_match_set

Creates an XssMatchSet, which you use to allow, block, or count requests that contain cross-site scripting attacks in the specified part of web requests
kms_revoke_grant

Revokes the specified grant for the specified customer master key (CMK)
iam_set_default_policy_version

Sets the specified version of the specified policy as the policy's default (operative) version
iam_update_role

Updates the description or maximum session duration setting of a role
inspector_create_exclusions_preview

Starts the generation of an exclusions preview for the specified assessment template
inspector_add_attributes_to_findings

Assigns attributes (key and value pairs) to the findings that are specified by the ARNs of the findings
wafregional_get_ip_set

Returns the IPSet that is specified by IPSetId
iam_reset_service_specific_credential

Resets the password for a service-specific credential
kms_generate_data_key_without_plaintext

Generates a unique symmetric data key
inspector_create_resource_group

Creates a resource group using the specified set of tags (key and value pairs) that are used to select the EC2 instances to be included in an Amazon Inspector assessment target
inspector_get_exclusions_preview

Retrieves the exclusions preview (a list of ExclusionPreview objects) specified by the preview token
iam_update_login_profile

Changes the password for the specified IAM user
inspector_list_findings

Lists findings that are generated by the assessment runs that are specified by the ARNs of the assessment runs
kms_verify

Verifies a digital signature that was generated by the Sign operation
kms_generate_random

Returns a random byte string that is cryptographically secure
iam_get_role_policy

Retrieves the specified inline policy document that is embedded with the specified IAM role
kms_import_key_material

Imports key material into an existing symmetric AWS KMS customer master key (CMK) that was created without key material
waf_delete_xss_match_set

Permanently deletes an XssMatchSet
iam_untag_user

Removes the specified tags from the user
inspector_list_assessment_templates

Lists the assessment templates that correspond to the assessment targets that are specified by the ARNs of the assessment targets
iam_update_access_key

Changes the status of the specified access key from Active to Inactive, or vice versa
waf_get_regex_match_set

Returns the RegexMatchSet specified by RegexMatchSetId
iam_get_saml_provider

Returns the SAML provider metadocument that was uploaded when the IAM SAML provider resource object was created or updated
waf_get_rate_based_rule_managed_keys

Returns an array of IP addresses currently being blocked by the RateBasedRule that is specified by the RuleId
waf_list_rule_groups

Returns an array of RuleGroup objects
waf_list_byte_match_sets

Returns an array of ByteMatchSetSummary objects
iam_upload_server_certificate

Uploads a server certificate entity for the AWS account
iam_list_open_id_connect_providers

Lists information about the IAM OpenID Connect (OIDC) provider resource objects defined in the AWS account
iam_tag_role

Adds one or more tags to an IAM role
ram_accept_resource_share_invitation

Accepts an invitation to a resource share from another AWS account
waf_tag_resource

Tag resource
kms

AWS Key Management Service
iam_list_saml_providers

Lists the SAML provider resource objects defined in IAM in the account
inspector_get_telemetry_metadata

Information about the data that is collected for the specified assessment run
wafregional_create_ip_set

Creates an IPSet, which you use to specify which web requests that you want to allow or block based on the IP addresses that the requests originate from
iam_list_account_aliases

Lists the account alias associated with the AWS account (Note: you can have only one)
kms_describe_custom_key_stores

Gets information about custom key stores in the account and region
waf_list_rules

Returns an array of RuleSummary objects
inspector_list_assessment_run_agents

Lists the agents of the assessment runs that are specified by the ARNs of the assessment runs
iam_remove_client_id_from_open_id_connect_provider

Removes the specified client ID (also known as audience) from the list of client IDs registered for the specified IAM OpenID Connect (OIDC) provider resource object
iam_list_server_certificates

Lists the server certificates stored in IAM that have the specified path prefix
iam_remove_role_from_instance_profile

Removes the specified IAM role from the specified EC2 instance profile
iam_simulate_principal_policy

Simulate how a set of IAM policies attached to an IAM entity works with a list of API operations and AWS resources to determine the policies' effective permissions
waf_update_sql_injection_match_set

Inserts or deletes SqlInjectionMatchTuple objects (filters) in a SqlInjectionMatchSet
kms_schedule_key_deletion

Schedules the deletion of a customer master key (CMK)
inspector_list_rules_packages

Lists all available Amazon Inspector rules packages
waf_untag_resource

Untag resource
iam_update_user

Updates the name and/or the path of the specified IAM user
iam_update_saml_provider

Updates the metadata document for an existing SAML provider resource object
inspector_list_assessment_targets

Lists the ARNs of the assessment targets within this AWS account
wafregional_get_geo_match_set

Returns the GeoMatchSet that is specified by GeoMatchSetId
wafregional_create_rate_based_rule

Creates a RateBasedRule
macie

Amazon Macie
inspector_delete_assessment_run

Deletes the assessment run that is specified by the ARN of the assessment run
ram_list_pending_invitation_resources

Lists the resources in a resource share that is shared with you but that the invitation is still pending for
iam_update_role_description

Use UpdateRole instead
inspector_create_assessment_template

Creates an assessment template for the assessment target that is specified by the ARN of the assessment target
inspector_delete_assessment_target

Deletes the assessment target that is specified by the ARN of the assessment target
kms_list_key_policies

Gets the names of the key policies that are attached to a customer master key (CMK)
inspector_list_assessment_runs

Lists the assessment runs that correspond to the assessment templates that are specified by the ARNs of the assessment templates
kms_cancel_key_deletion

Cancels the deletion of a customer master key (CMK)
wafregional_delete_permission_policy

Permanently deletes an IAM policy from the specified RuleGroup
inspector_list_event_subscriptions

Lists all the event subscriptions for the assessment template that is specified by the ARN of the assessment template
kms_delete_imported_key_material

Deletes key material that you previously imported
inspector_list_exclusions

List exclusions that are generated by the assessment run
ram_associate_resource_share

Associates the specified resource share with the specified principals and resources
kms_disconnect_custom_key_store

Disconnects the custom key store from its associated AWS CloudHSM cluster
inspector_register_cross_account_access_role

Registers the IAM role that grants Amazon Inspector access to AWS Services needed to perform security assessments
kms_update_custom_key_store

Changes the properties of a custom key store
inspector_subscribe_to_event

Enables the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic
kms_disable_key_rotation

Disables automatic rotation of the key material for the specified symmetric customer master key (CMK)
inspector_stop_assessment_run

Stops the assessment run that is specified by the ARN of the assessment run
inspector_describe_assessment_runs

Describes the assessment runs that are specified by the ARNs of the assessment runs
wafregional_get_sampled_requests

Gets detailed information about a specified number of requests--a sample--that AWS WAF randomly selects from among the first 5,000 requests that your AWS resource received during a time range that you choose
kms_untag_resource

Removes the specified tags from the specified customer master key (CMK)
sts_assume_role

Returns a set of temporary security credentials that you can use to access AWS resources that you might not normally have access to
kms_create_key

Creates a unique customer managed customer master key (CMK) in your AWS account and Region
kms_generate_data_key_pair

Generates a unique asymmetric data key pair
inspector_delete_assessment_template

Deletes the assessment template that is specified by the ARN of the assessment template
kms_list_retirable_grants

Returns a list of all grants for which the grant's RetiringPrincipal matches the one specified
wafregional_delete_rate_based_rule

Permanently deletes a RateBasedRule
kms_get_key_policy

Gets a key policy attached to the specified customer master key (CMK)
inspector_remove_attributes_from_findings

Removes entire attributes (key and value pairs) from the findings that are specified by the ARNs of the findings where an attribute with the specified key exists
secretsmanager_rotate_secret

Configures and starts the asynchronous process of rotating this secret
ram_get_resource_shares

Gets the resource shares that you own or the resource shares that are shared with you
secretsmanager_restore_secret

Cancels the scheduled deletion of a secret by removing the DeletedDate time stamp
ram_untag_resource

Removes the specified tags from the specified resource share that you own
wafregional_get_size_constraint_set

Returns the SizeConstraintSet specified by SizeConstraintSetId
kms_get_key_rotation_status

Gets a Boolean value that indicates whether automatic rotation of the key material is enabled for the specified customer master key (CMK)
inspector_unsubscribe_from_event

Disables the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic
kms_update_key_description

Updates the description of a customer master key (CMK)
wafregional_list_sql_injection_match_sets

Returns an array of SqlInjectionMatchSet objects
inspector_update_assessment_target

Updates the assessment target that is specified by the ARN of the assessment target
securityhub_accept_invitation

Accepts the invitation to be a member account and be monitored by the Security Hub master account that the invitation was sent from
macie_list_member_accounts

Lists all Amazon Macie member accounts for the current Amazon Macie master account
kms_generate_data_key_pair_without_plaintext

Generates a unique asymmetric data key pair
securityhub

AWS SecurityHub
ram_tag_resource

Adds the specified tags to the specified resource share that you own
ram_disassociate_resource_share

Disassociates the specified principals or resources from the specified resource share
securityhub_tag_resource

Adds one or more tags to a resource
securityhub_get_findings

Returns a list of findings that match the specified criteria
kms_encrypt

Encrypts plaintext into ciphertext by using a customer master key (CMK)
secretsmanager_list_secrets

Lists all of the secrets that are stored by Secrets Manager in the AWS account
kms_put_key_policy

Attaches a key policy to the specified customer master key (CMK)
wafregional_get_web_acl

Returns the WebACL that is specified by WebACLId
kms_generate_data_key

Generates a unique symmetric data key
kms_list_keys

Gets a list of all customer master keys (CMKs) in the caller's AWS account and Region
wafregional_get_sql_injection_match_set

Returns the SqlInjectionMatchSet that is specified by SqlInjectionMatchSetId
securityhub_decline_invitations

Declines invitations to become a member account
kms_decrypt

Decrypts ciphertext that was encrypted by a AWS KMS customer master key (CMK) using any of the following operations: - Encrypt - GenerateDataKey
  • GenerateDataKeyPair - GenerateDataKeyWithoutPlaintext - GenerateDataKeyPairWithoutPlaintext You can use this operation to decrypt ciphertext that was encrypted under a symmetric or asymmetric CMK

kms_update_alias

Associates an existing AWS KMS alias with a different customer master key (CMK)
securityhub_delete_action_target

Deletes a custom action target from Security Hub
kms_list_grants

Gets a list of all grants for the specified customer master key (CMK)
wafregional_update_geo_match_set

Inserts or deletes GeoMatchConstraint objects in an GeoMatchSet
securityhub_get_enabled_standards

Returns a list of the standards that are currently enabled
kms_list_resource_tags

Returns a list of all tags for the specified customer master key (CMK)
kms_tag_resource

Adds or edits tags for a customer master key (CMK)
shield_update_emergency_contact_settings

Updates the details of the list of email addresses that the DRT can use to contact you during a suspected attack
shield_describe_attack

Describes the details of a DDoS attack
securityhub_untag_resource

Removes one or more tags from a resource
ram_delete_resource_share

Deletes the specified resource share
wafregional_list_subscribed_rule_groups

Returns an array of RuleGroup objects that you are subscribed to
kms_sign

Creates a digital signature for a message or message digest by using the private key in an asymmetric CMK
waf_create_rule

Creates a Rule, which contains the IPSet objects, ByteMatchSet objects, and other predicates that identify the requests that you want to block
macie_associate_member_account

Associates a specified AWS account with Amazon Macie as a member account
macie_associate_s3_resources

Associates specified S3 resources with Amazon Macie for monitoring and data classification
ram_disassociate_resource_share_permission

Disassociates an AWS RAM permission from a resource share
ram_get_resource_policies

Gets the policies for the specified resources that you own and have shared
securityhub_update_findings

Updates the Note and RecordState of the Security Hub-aggregated findings that the filter attributes specify
ram_list_resources

Lists the resources that you added to a resource shares or the resources that are shared with you
macie_list_s3_resources

Lists all the S3 resources associated with Amazon Macie
shield_describe_drt_access

Returns the current role and list of Amazon S3 log buckets used by the DDoS Response team (DRT) to access your AWS account while assisting with attack mitigation
shield_update_subscription

Updates the details of an existing subscription
ram_promote_resource_share_created_from_policy

Resource shares that were created by attaching a policy to a resource are visible only to the resource share owner, and the resource share cannot be modified in AWS RAM
macie_disassociate_member_account

Removes the specified member account from Amazon Macie
ram_get_permission

Gets the contents of an AWS RAM permission in JSON format
wafregional_update_ip_set

Inserts or deletes IPSetDescriptor objects in an IPSet
ram_list_principals

Lists the principals that you have shared resources with or that have shared resources with you
secretsmanager_tag_resource

Attaches one or more tags, each consisting of a key name and a value, to the specified secret
macie_disassociate_s3_resources

Removes specified S3 resources from being monitored by Amazon Macie
securityhub_get_members

Returns the details on the Security Hub member accounts that the account IDs specify
ram_enable_sharing_with_aws_organization

Enables resource sharing within your AWS Organization
ram_list_permissions

Lists the AWS RAM permissions
wafregional_update_rule_group

Inserts or deletes ActivatedRule objects in a RuleGroup
securityhub_enable_import_findings_for_product

Enables the integration of a partner product with Security Hub
secretsmanager_delete_resource_policy

Deletes the resource-based permission policy that's attached to the secret
ram_list_resource_share_permissions

Lists the AWS RAM permissions that are associated with a resource share
secretsmanager_cancel_rotate_secret

Disables automatic scheduled rotation and cancels the rotation of a secret if one is currently in progress
ram_update_resource_share

Updates the specified resource share that you own
ram_reject_resource_share_invitation

Rejects an invitation to a resource share from another AWS account
secretsmanager

AWS Secrets Manager
wafregional_update_size_constraint_set

Inserts or deletes SizeConstraint objects (filters) in a SizeConstraintSet
waf_create_rule_group

Creates a RuleGroup
sts

AWS Security Token Service
secretsmanager_create_secret

Creates a new secret
secretsmanager_get_secret_value

Retrieves the contents of the encrypted fields SecretString or SecretBinary from the specified version of a secret, whichever contains content
secretsmanager_delete_secret

Deletes an entire secret and all of its versions
shield_describe_emergency_contact_settings

Lists the email addresses that the DRT can use to contact you during a suspected attack
securityhub_list_members

Lists details about all member accounts for the current Security Hub master account
secretsmanager_list_secret_version_ids

Lists all of the versions attached to the specified secret
securityhub_disable_import_findings_for_product

Disables the integration of the specified product with Security Hub
secretsmanager_untag_resource

Removes one or more tags from the specified secret
shield_delete_protection

Deletes an AWS Shield Advanced Protection
waf_update_rate_based_rule

Inserts or deletes Predicate objects in a rule and updates the RateLimit in the rule
secretsmanager_get_resource_policy

Retrieves the JSON text of the resource-based policy document that's attached to the specified secret
waf_delete_rate_based_rule

Permanently deletes a RateBasedRule
waf_delete_regex_match_set

Permanently deletes a RegexMatchSet
waf_delete_permission_policy

Permanently deletes an IAM policy from the specified RuleGroup
waf_get_change_token_status

Returns the status of a ChangeToken that you got by calling GetChangeToken
wafregional_create_rule_group

Creates a RuleGroup
securityhub_batch_disable_standards

Disables the standards specified by the provided StandardsSubscriptionArns
securityhub_delete_members

Deletes the specified member accounts from Security Hub
waf_list_regex_match_sets

Returns an array of RegexMatchSetSummary objects
securityhub_describe_hub

Returns details about the Hub resource in your account, including the HubArn and the time when you enabled Security Hub
securityhub_update_insight

Updates the Security Hub insight that the insight ARN specifies
secretsmanager_update_secret_version_stage

Modifies the staging labels attached to a version of a secret
securityhub_batch_enable_standards

Enables the standards specified by the provided standardsArn
waf_get_ip_set

Returns the IPSet that is specified by IPSetId
secretsmanager_update_secret

Modifies many of the details of the specified secret
securityhub_enable_security_hub

Enables Security Hub for your account in the current Region or the Region you specify in the request
securityhub_invite_members

Invites other AWS accounts to become member accounts for the Security Hub master account that the invitation is sent from
securityhub_describe_products

Returns information about the products available that you can subscribe to and integrate with Security Hub to consolidate findings
securityhub_create_insight

Creates a custom insight in Security Hub
securityhub_create_members

Creates a member association in Security Hub between the specified accounts and the account used to make the request, which is the master account
waf_get_geo_match_set

Returns the GeoMatchSet that is specified by GeoMatchSetId
shield

AWS Shield
securityhub_disable_security_hub

Disables Security Hub in your account only in the current Region
securityhub_get_insight_results

Lists the results of the Security Hub insight that the insight ARN specifies
securityhub_describe_action_targets

Returns a list of the custom action targets in Security Hub in your account
waf_delete_regex_pattern_set

Permanently deletes a RegexPatternSet
securityhub_update_action_target

Updates the name and description of a custom action target in Security Hub
shield_create_subscription

Activates AWS Shield Advanced for an account
securityhub_disassociate_members

Disassociates the specified member accounts from the associated master account
securityhub_get_insights

Lists and describes insights that insight ARNs specify
shield_create_protection

Enables AWS Shield Advanced for a specific AWS resource
shield_describe_protection

Lists the details of a Protection object
waf_get_logging_configuration

Returns the LoggingConfiguration for the specified web ACL
shield_disassociate_drt_role

Removes the DDoS Response team's (DRT) access to your AWS account
securityhub_disassociate_from_master_account

Disassociates the current Security Hub member account from the associated master account
shield_delete_subscription

Removes AWS Shield Advanced from an account
waf_get_web_acl

Returns the WebACL that is specified by WebACLId
sts_get_access_key_info

Returns the account identifier for the specified access key ID
waf_get_xss_match_set

Returns the XssMatchSet that is specified by XssMatchSetId
waf_list_regex_pattern_sets

Returns an array of RegexPatternSetSummary objects
waf_delete_geo_match_set

Permanently deletes a GeoMatchSet
waf_update_ip_set

Inserts or deletes IPSetDescriptor objects in an IPSet
securityhub_list_tags_for_resource

Returns a list of tags associated with a resource
waf_update_xss_match_set

Inserts or deletes XssMatchTuple objects (filters) in an XssMatchSet
shield_disassociate_drt_log_bucket

Removes the DDoS Response team's (DRT) access to the specified Amazon S3 bucket containing your AWS WAF logs
sts_decode_authorization_message

Decodes additional information about the authorization status of a request from an encoded message returned in response to an AWS request
shield_describe_subscription

Provides details about the AWS Shield Advanced subscription for an account
sts_get_caller_identity

Returns details about the IAM user or role whose credentials are used to call the operation
waf_update_web_acl

Inserts or deletes ActivatedRule objects in a WebACL
waf_create_byte_match_set

Creates a ByteMatchSet
wafregional_create_rule

Creates a Rule, which contains the IPSet objects, ByteMatchSet objects, and other predicates that identify the requests that you want to block
waf_create_sql_injection_match_set

Creates a SqlInjectionMatchSet, which you use to allow, block, or count requests that contain snippets of SQL code in a specified part of web requests
wafregional_delete_size_constraint_set

Permanently deletes a SizeConstraintSet
shield_get_subscription_state

Returns the SubscriptionState, either Active or Inactive
waf_update_geo_match_set

Inserts or deletes GeoMatchConstraint objects in an GeoMatchSet
waf_create_size_constraint_set

Creates a SizeConstraintSet
waf_update_rule

Inserts or deletes Predicate objects in a Rule
wafregional_list_xss_match_sets

Returns an array of XssMatchSet objects
waf_get_regex_pattern_set

Returns the RegexPatternSet specified by RegexPatternSetId
waf_delete_size_constraint_set

Permanently deletes a SizeConstraintSet
waf_delete_sql_injection_match_set

Permanently deletes a SqlInjectionMatchSet
waf_delete_rule

Permanently deletes a Rule
wafregional_delete_regex_match_set

Permanently deletes a RegexMatchSet
waf_get_rate_based_rule

Returns the RateBasedRule that is specified by the RuleId that you included in the GetRateBasedRule request
waf

AWS WAF
waf_update_byte_match_set

Inserts or deletes ByteMatchTuple objects (filters) in a ByteMatchSet
sts_get_session_token

Returns a set of temporary credentials for an AWS account or IAM user
wafregional_delete_regex_pattern_set

Permanently deletes a RegexPatternSet
waf_list_ip_sets

Returns an array of IPSetSummary objects in the response
waf_list_geo_match_sets

Returns an array of GeoMatchSetSummary objects in the response
wafregional_delete_ip_set

Permanently deletes an IPSet
wafregional_delete_sql_injection_match_set

Permanently deletes a SqlInjectionMatchSet
waf_list_size_constraint_sets

Returns an array of SizeConstraintSetSummary objects
waf_list_web_ac_ls

Returns an array of WebACLSummary objects in the response
waf_create_regex_match_set

Creates a RegexMatchSet
waf_delete_logging_configuration

Permanently deletes the LoggingConfiguration from the specified web ACL
sts_get_federation_token

Returns a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) for a federated user
waf_get_permission_policy

Returns the IAM policy attached to the RuleGroup
waf_delete_ip_set

Permanently deletes an IPSet
waf_get_byte_match_set

Returns the ByteMatchSet specified by ByteMatchSetId
wafregional_get_xss_match_set

Returns the XssMatchSet that is specified by XssMatchSetId
waf_list_xss_match_sets

Returns an array of XssMatchSet objects
waf_update_rule_group

Inserts or deletes ActivatedRule objects in a RuleGroup
wafregional_get_permission_policy

Returns the IAM policy attached to the RuleGroup
waf_get_rule

Returns the Rule that is specified by the RuleId that you included in the GetRule request
waf_create_regex_pattern_set

Creates a RegexPatternSet
waf_delete_byte_match_set

Permanently deletes a ByteMatchSet
wafregional_get_logging_configuration

Returns the LoggingConfiguration for the specified web ACL
waf_get_change_token

When you want to create, update, or delete AWS WAF objects, get a change token and include the change token in the create, update, or delete request
wafregional_get_web_acl_for_resource

Returns the web ACL for the specified resource, either an application load balancer or Amazon API Gateway stage
wafregional_create_regex_match_set

Creates a RegexMatchSet
wafregional_disassociate_web_acl

Removes a web ACL from the specified resource, either an application load balancer or Amazon API Gateway stage
wafregional_list_rule_groups

Returns an array of RuleGroup objects
wafregional_update_web_acl

Inserts or deletes ActivatedRule objects in a WebACL
wafregional_list_resources_for_web_acl

Returns an array of resources associated with the specified web ACL
waf_create_geo_match_set

Creates an GeoMatchSet, which you use to specify which web requests you want to allow or block based on the country that the requests originate from
waf_get_sampled_requests

Gets detailed information about a specified number of requests--a sample--that AWS WAF randomly selects from among the first 5,000 requests that your AWS resource received during a time range that you choose
waf_list_logging_configurations

Returns an array of LoggingConfiguration objects
waf_get_rule_group

Returns the RuleGroup that is specified by the RuleGroupId that you included in the GetRuleGroup request
waf_delete_rule_group

Permanently deletes a RuleGroup
waf_get_size_constraint_set

Returns the SizeConstraintSet specified by SizeConstraintSetId
waf_update_regex_pattern_set

Inserts or deletes RegexPatternString objects in a RegexPatternSet
waf_put_logging_configuration

Associates a LoggingConfiguration with a specified web ACL
waf_update_regex_match_set

Inserts or deletes RegexMatchTuple objects (filters) in a RegexMatchSet
wafregional_put_logging_configuration

Associates a LoggingConfiguration with a specified web ACL
wafregional_update_rule

Inserts or deletes Predicate objects in a Rule
waf_list_tags_for_resource

List tags for resource
waf_get_sql_injection_match_set

Returns the SqlInjectionMatchSet that is specified by SqlInjectionMatchSetId
waf_list_sql_injection_match_sets

Returns an array of SqlInjectionMatchSet objects
waf_list_subscribed_rule_groups

Returns an array of RuleGroup objects that you are subscribed to
wafregional_create_byte_match_set

Creates a ByteMatchSet
wafregional_create_regex_pattern_set

Creates a RegexPatternSet
wafregional_delete_byte_match_set

Permanently deletes a ByteMatchSet
wafregional_get_regex_pattern_set

Returns the RegexPatternSet specified by RegexPatternSetId
wafregional_get_byte_match_set

Returns the ByteMatchSet specified by ByteMatchSetId
wafregional_update_sql_injection_match_set

Inserts or deletes SqlInjectionMatchTuple objects (filters) in a SqlInjectionMatchSet
wafregional_create_xss_match_set

Creates an XssMatchSet, which you use to allow, block, or count requests that contain cross-site scripting attacks in the specified part of web requests
wafregional_get_rule

Returns the Rule that is specified by the RuleId that you included in the GetRule request
waf_list_rate_based_rules

Returns an array of RuleSummary objects
wafregional_create_web_acl

Creates a WebACL, which contains the Rules that identify the CloudFront web requests that you want to allow, block, or count
wafregional_delete_logging_configuration

Permanently deletes the LoggingConfiguration from the specified web ACL
wafregional_list_logging_configurations

Returns an array of LoggingConfiguration objects
wafregional_update_regex_match_set

Inserts or deletes RegexMatchTuple objects (filters) in a RegexMatchSet
wafregional_create_geo_match_set

Creates an GeoMatchSet, which you use to specify which web requests you want to allow or block based on the country that the requests originate from
wafregional

AWS WAF Regional
waf_put_permission_policy

Attaches a IAM policy to the specified resource
wafregional_delete_xss_match_set

Permanently deletes an XssMatchSet
wafregional_associate_web_acl

Associates a web ACL with a resource, either an application load balancer or Amazon API Gateway stage
wafregional_create_size_constraint_set

Creates a SizeConstraintSet
wafregional_create_sql_injection_match_set

Creates a SqlInjectionMatchSet, which you use to allow, block, or count requests that contain snippets of SQL code in a specified part of web requests
wafregional_list_geo_match_sets

Returns an array of GeoMatchSetSummary objects in the response
wafregional_list_web_ac_ls

Returns an array of WebACLSummary objects in the response
wafregional_delete_rule

Permanently deletes a Rule
wafregional_get_regex_match_set

Returns the RegexMatchSet specified by RegexMatchSetId
wafregional_get_change_token_status

Returns the status of a ChangeToken that you got by calling GetChangeToken
wafregional_list_rules

Returns an array of RuleSummary objects
wafregional_delete_geo_match_set

Permanently deletes a GeoMatchSet
wafregional_delete_web_acl

Permanently deletes a WebACL
wafregional_list_rate_based_rules

Returns an array of RuleSummary objects
wafregional_list_size_constraint_sets

Returns an array of SizeConstraintSetSummary objects
wafregional_delete_rule_group

Permanently deletes a RuleGroup
wafregional_get_rule_group

Returns the RuleGroup that is specified by the RuleGroupId that you included in the GetRuleGroup request
wafregional_get_change_token

When you want to create, update, or delete AWS WAF objects, get a change token and include the change token in the create, update, or delete request
wafregional_update_rate_based_rule

Inserts or deletes Predicate objects in a rule and updates the RateLimit in the rule
wafregional_get_rate_based_rule

Returns the RateBasedRule that is specified by the RuleId that you included in the GetRateBasedRule request
wafregional_list_activated_rules_in_rule_group

Returns an array of ActivatedRule objects
wafregional_list_byte_match_sets

Returns an array of ByteMatchSetSummary objects
wafregional_untag_resource

Untag resource
wafregional_get_rate_based_rule_managed_keys

Returns an array of IP addresses currently being blocked by the RateBasedRule that is specified by the RuleId
wafregional_list_regex_match_sets

Returns an array of RegexMatchSetSummary objects
wafregional_put_permission_policy

Attaches a IAM policy to the specified resource
wafregional_list_regex_pattern_sets

Returns an array of RegexPatternSetSummary objects
wafregional_list_ip_sets

Returns an array of IPSetSummary objects in the response
wafregional_list_tags_for_resource

List tags for resource
wafregional_tag_resource

Tag resource
wafregional_update_byte_match_set

Inserts or deletes ByteMatchTuple objects (filters) in a ByteMatchSet
wafregional_update_xss_match_set

Inserts or deletes XssMatchTuple objects (filters) in an XssMatchSet
wafregional_update_regex_pattern_set

Inserts or deletes RegexPatternString objects in a RegexPatternSet