Learn R Programming
⚠️There's a newer version (0.7.0) of this package.Take me there.

paws.security.identity (version 0.1.0)

Amazon Web Services Security, Identity, & Compliance APIs

Description

Interface to Amazon Web Services security, identity, and compliance APIs, including the 'Identity & Access Management' ('IAM') service for managing access to services and resources, and more .

Copy Link

Version

Install

install.packages('paws.security.identity')

Monthly Downloads

4,525

Version

0.1.0

License

Apache License (>= 2.0)

Maintainer

David Kretch

Last Published

May 3rd, 2019

Functions in paws.security.identity (0.1.0)

acmpca

AWS Certificate Manager Private Certificate Authority
acmpca_create_certificate_authority_audit_report

Creates an audit report that lists every time that your CA private key is used
acmpca_delete_certificate_authority

Deletes a private certificate authority (CA)
acmpca_list_permissions

Lists all the permissions, if any, that have been assigned by a private CA
acmpca_delete_permission

Revokes permissions that a private CA assigned to a designated AWS service
acmpca_restore_certificate_authority

Restores a certificate authority (CA) that is in the DELETED state
clouddirectory_create_index

Creates an index object
clouddirectory_create_object

Creates an object in a Directory
acmpca_list_tags

Lists the tags, if any, that are associated with your private CA
acmpca_revoke_certificate

Revokes a certificate that you issued by calling the IssueCertificate operation
acmpca_create_certificate_authority

Creates a private subordinate certificate authority (CA)
acmpca_create_permission

Assigns permissions from a private CA to a designated AWS service
acm_renew_certificate

Renews an eligable ACM certificate
acmpca_describe_certificate_authority

Lists information about your private certificate authority (CA)
acmpca_describe_certificate_authority_audit_report

Lists information about a specific audit report created by calling the CreateCertificateAuthorityAuditReport operation
acmpca_tag_certificate_authority

Adds one or more tags to your private CA
acmpca_get_certificate_authority_csr

Retrieves the certificate signing request (CSR) for your private certificate authority (CA)
acm_request_certificate

Requests an ACM certificate for use with other AWS services
acmpca_import_certificate_authority_certificate

Imports your signed private CA certificate into ACM PCA
clouddirectory_add_facet_to_object

Adds a new Facet to an object
clouddirectory_apply_schema

Copies the input published schema, at the specified version, into the Directory with the same name and version as that of the published schema
acm_describe_certificate

Returns detailed metadata about the specified ACM certificate
acmpca_issue_certificate

Uses your private certificate authority (CA) to issue a client certificate
acmpca_list_certificate_authorities

Lists the private certificate authorities that you created by using the CreateCertificateAuthority operation
clouddirectory_attach_object

Attaches an existing object to another object
clouddirectory_detach_object

Detaches a given object from the parent object
clouddirectory_attach_policy

Attaches a policy object to a regular object
clouddirectory_create_schema

Creates a new schema in a development state
clouddirectory_detach_policy

Detaches a policy from an object
clouddirectory_batch_read

Performs all the read operations in a batch
clouddirectory_get_link_attributes

Retrieves attributes that are associated with a typed link
clouddirectory_create_typed_link_facet

Creates a TypedLinkFacet
clouddirectory_enable_directory

Enables the specified directory
acm_update_certificate_options

Updates a certificate
acm_resend_validation_email

Resends the email that requests domain ownership validation
clouddirectory_get_object_attributes

Retrieves attributes within a facet that are associated with an object
clouddirectory_attach_to_index

Attaches the specified object to the specified index
clouddirectory_list_object_children

Returns a paginated list of child objects that are associated with a given object
clouddirectory_list_object_attributes

Lists all attributes that are associated with an object
acmpca_get_certificate

Retrieves a certificate from your private CA
clouddirectory_batch_write

Performs all the write operations in a batch
acmpca_untag_certificate_authority

Remove one or more tags from your private CA
acmpca_get_certificate_authority_certificate

Retrieves the certificate and certificate chain for your private certificate authority (CA)
clouddirectory_list_typed_link_facet_names

Returns a paginated list of TypedLink facet names for a particular schema
clouddirectory_lookup_policy

Lists all policies from the root of the Directory to the object specified
clouddirectory_get_applied_schema_version

Returns current applied schema version ARN, including the minor version in use
clouddirectory_delete_directory

Deletes a directory
clouddirectory_delete_facet

Deletes a given Facet
clouddirectory_get_object_information

Retrieves metadata about an object
clouddirectory_detach_typed_link

Detaches a typed link from a specified source and target object
clouddirectory_disable_directory

Disables the specified directory
clouddirectory_get_typed_link_facet_information

Returns the identity attribute order for a specific TypedLinkFacet
cloudhsm_delete_hsm

This is documentation for AWS CLOUDHSM CLASSIC
clouddirectory_update_typed_link_facet

Updates a TypedLinkFacet
clouddirectory_update_schema

Updates the schema name with a new name
clouddirectory_list_facet_attributes

Retrieves attributes attached to the facet
clouddirectory_list_directories

Lists directories created within an account
cloudhsm_delete_luna_client

This is documentation for AWS CLOUDHSM CLASSIC
cloudhsm_list_hsms

This is documentation for AWS CLOUDHSM CLASSIC
cloudhsm_list_luna_clients

This is documentation for AWS CLOUDHSM CLASSIC
clouddirectory_get_schema_as_json

Retrieves a JSON representation of the schema
cloudhsmv2_copy_backup_to_region

Copy an AWS CloudHSM cluster backup to a different region
acmpca_update_certificate_authority

Updates the status or configuration of a private certificate authority (CA)
clouddirectory_list_applied_schema_arns

Lists schema major versions applied to a directory
clouddirectory_attach_typed_link

Attaches a typed link to a specified source and target object
clouddirectory_detach_from_index

Detaches the specified object from the specified index
clouddirectory_delete_typed_link_facet

Deletes a TypedLinkFacet
clouddirectory_get_directory

Retrieves metadata about a directory
cloudhsmv2_create_cluster

Creates a new AWS CloudHSM cluster
clouddirectory_list_object_parent_paths

Retrieves all available parent paths for any object type such as node, leaf node, policy node, and index node objects
clouddirectory

Amazon CloudDirectory
clouddirectory_untag_resource

An API operation for removing tags from a resource
clouddirectory_list_object_parents

Lists parent objects that are associated with a given object in pagination fashion
clouddirectory_create_directory

Creates a Directory by copying the published schema into the directory
clouddirectory_delete_schema

Deletes a given schema
clouddirectory_create_facet

Creates a new Facet in a schema
clouddirectory_delete_object

Deletes an object and its associated attributes
clouddirectory_list_index

Lists objects attached to the specified index
clouddirectory_update_object_attributes

Updates a given object's attributes
clouddirectory_update_link_attributes

Updates a given typed link<U+00E2><U+20AC><U+2122>s attributes
clouddirectory_list_attached_indices

Lists indices attached to the specified object
clouddirectory_update_facet

Does the following: 1
cloudhsm

Amazon CloudHSM
clouddirectory_get_facet

Gets details of the Facet, such as facet name, attributes, Rules, or ObjectType
clouddirectory_list_development_schema_arns

Retrieves each Amazon Resource Name (ARN) of schemas in the development state
clouddirectory_list_policy_attachments

Returns all of the ObjectIdentifiers to which a given policy is attached
clouddirectory_list_managed_schema_arns

Lists the major version families of each managed schema
clouddirectory_list_object_policies

Returns policies attached to an object in pagination fashion
cloudhsm_add_tags_to_resource

This is documentation for AWS CLOUDHSM CLASSIC
cloudhsmv2_untag_resource

Removes the specified tag or tags from the specified AWS CloudHSM cluster
cloudhsm_list_tags_for_resource

This is documentation for AWS CLOUDHSM CLASSIC
clouddirectory_list_published_schema_arns

Lists the major version families of each published schema
cloudhsm_modify_hapg

This is documentation for AWS CLOUDHSM CLASSIC
clouddirectory_remove_facet_from_object

Removes the specified facet from the specified object
clouddirectory_list_facet_names

Retrieves the names of facets that exist in a schema
cloudhsm_describe_luna_client

This is documentation for AWS CLOUDHSM CLASSIC
cloudhsm_remove_tags_from_resource

This is documentation for AWS CLOUDHSM CLASSIC
cloudhsmv2

AWS CloudHSM V2
clouddirectory_list_incoming_typed_links

Returns a paginated list of all the incoming TypedLinkSpecifier information for an object
cloudhsm_get_config

This is documentation for AWS CLOUDHSM CLASSIC
clouddirectory_list_tags_for_resource

Returns tags for a resource
clouddirectory_list_outgoing_typed_links

Returns a paginated list of all the outgoing TypedLinkSpecifier information for an object
clouddirectory_tag_resource

An API operation for adding tags to a resource
cloudhsm_create_hapg

This is documentation for AWS CLOUDHSM CLASSIC
cloudhsmv2_create_hsm

Creates a new hardware security module (HSM) in the specified AWS CloudHSM cluster
cloudhsmv2_delete_backup

Deletes a specified AWS CloudHSM backup
cognitoidentity

Amazon Cognito Identity
cognitoidentity_get_id

Generates (or retrieves) a Cognito ID
cloudhsmv2_tag_resource

Adds or overwrites one or more tags for the specified AWS CloudHSM cluster
cloudhsmv2_restore_backup

Restores a specified AWS CloudHSM backup that is in the PENDING_DELETION state
cloudhsm_create_hsm

This is documentation for AWS CLOUDHSM CLASSIC
clouddirectory_list_typed_link_facet_attributes

Returns a paginated list of all attribute definitions for a particular TypedLinkFacet
cloudhsm_list_available_zones

This is documentation for AWS CLOUDHSM CLASSIC
clouddirectory_publish_schema

Publishes a development schema with a major version and a recommended minor version
clouddirectory_upgrade_applied_schema

Upgrades a single directory in-place using the PublishedSchemaArn with schema updates found in MinorVersion
cognitoidentity_list_tags_for_resource

Lists the tags that are assigned to an Amazon Cognito identity pool
cognitoidentity_lookup_developer_identity

Retrieves the IdentityID associated with a DeveloperUserIdentifier or the list of DeveloperUserIdentifier values associated with an IdentityId for an existing identity
cognitoidentity_create_identity_pool

Creates a new identity pool
cognitoidentityprovider_admin_confirm_sign_up

Confirms user registration as an admin without using a confirmation code
cloudhsm_list_hapgs

This is documentation for AWS CLOUDHSM CLASSIC
cognitoidentity_describe_identity_pool

Gets details about a particular identity pool, including the pool name, ID description, creation date, and current number of users
cognitoidentityprovider_admin_create_user

Creates a new user in the specified user pool
cognitoidentity_get_identity_pool_roles

Gets the roles for an identity pool
clouddirectory_upgrade_published_schema

Upgrades a published schema under a new minor version revision using the current contents of DevelopmentSchemaArn
cognitoidentity_delete_identities

Deletes identities from an identity pool
cognitoidentity_tag_resource

Assigns a set of tags to an Amazon Cognito identity pool
cognitoidentity_get_credentials_for_identity

Returns credentials for the provided identity ID
cognitoidentity_update_identity_pool

Updates an identity pool
cognitoidentity_list_identities

Lists the identities in an identity pool
cognitoidentity_list_identity_pools

Lists all of the Cognito identity pools registered for your account
clouddirectory_put_schema_from_json

Allows a schema to be updated using JSON upload
cloudhsm_modify_hsm

This is documentation for AWS CLOUDHSM CLASSIC
cloudhsm_modify_luna_client

This is documentation for AWS CLOUDHSM CLASSIC
cognitoidentityprovider_admin_list_user_auth_events

Lists a history of user activity and any risks detected as part of Amazon Cognito advanced security
cloudhsm_create_luna_client

This is documentation for AWS CLOUDHSM CLASSIC
cognitoidentity_get_open_id_token

Gets an OpenID token, using a known Cognito ID
cognitoidentity_get_open_id_token_for_developer_identity

Registers (or retrieves) a Cognito IdentityId and an OpenID Connect token for a user authenticated by your backend authentication process
cloudhsmv2_describe_backups

Gets information about backups of AWS CloudHSM clusters
cloudhsmv2_describe_clusters

Gets information about AWS CloudHSM clusters
cognitoidentityprovider

Amazon Cognito Identity Provider
cognitoidentityprovider_admin_delete_user

Deletes a user as an administrator
cognitoidentityprovider_admin_delete_user_attributes

Deletes the user attributes in a user pool as an administrator
cognitoidentityprovider_admin_remove_user_from_group

Removes the specified user from the specified group
cognitoidentity_merge_developer_identities

Merges two users having different IdentityIds, existing in the same identity pool, and identified by the same developer provider
cognitoidentity_set_identity_pool_roles

Sets the roles for an identity pool
cloudhsm_delete_hapg

This is documentation for AWS CLOUDHSM CLASSIC
cloudhsm_describe_hapg

This is documentation for AWS CLOUDHSM CLASSIC
cognitoidentityprovider_admin_disable_provider_for_user

Disables the user from signing in with the specified external (SAML or social) identity provider
cloudhsm_describe_hsm

This is documentation for AWS CLOUDHSM CLASSIC
cloudhsmv2_delete_cluster

Deletes the specified AWS CloudHSM cluster
cognitoidentity_unlink_developer_identity

Unlinks a DeveloperUserIdentifier from an existing identity
cognitoidentityprovider_admin_reset_user_password

Resets the specified user's password in a user pool as an administrator
cognitoidentityprovider_add_custom_attributes

Adds additional user attributes to the user pool schema
cognitoidentityprovider_admin_respond_to_auth_challenge

Responds to an authentication challenge, as an administrator
cognitoidentityprovider_admin_user_global_sign_out

Signs out users from all devices, as an administrator
cognitoidentityprovider_get_device

Gets the device
cognitoidentityprovider_admin_update_user_attributes

Updates the specified user's attributes, including developer attributes, as an administrator
cognitoidentityprovider_create_resource_server

Creates a new OAuth2
cognitoidentityprovider_create_identity_provider

Creates an identity provider for a user pool
cognitoidentityprovider_admin_add_user_to_group

Adds the specified user to the specified group
cognitoidentityprovider_admin_get_device

Gets the device, as an administrator
cognitoidentityprovider_admin_get_user

Gets the specified user by user name in a user pool as an administrator
cognitoidentityprovider_confirm_device

Confirms tracking of the device
cognitoidentityprovider_delete_resource_server

Deletes a resource server
cloudhsmv2_initialize_cluster

Claims an AWS CloudHSM cluster by submitting the cluster certificate issued by your issuing certificate authority (CA) and the CA's root certificate
cloudhsmv2_list_tags

Gets a list of tags for the specified AWS CloudHSM cluster
cognitoidentity_describe_identity

Returns metadata related to the given identity, including when the identity was created and any associated linked logins
cloudhsmv2_delete_hsm

Deletes the specified HSM
cognitoidentity_delete_identity_pool

Deletes an identity pool
cognitoidentity_unlink_identity

Unlinks a federated identity from an existing account
cognitoidentity_untag_resource

Removes the specified tags from an Amazon Cognito identity pool
cognitoidentityprovider_delete_user

Allows a user to delete himself or herself
cognitoidentityprovider_admin_enable_user

Enables the specified user as an administrator
cognitoidentityprovider_get_group

Gets a group
cognitoidentityprovider_associate_software_token

Returns a unique generated shared secret key code for the user account
cognitoidentityprovider_respond_to_auth_challenge

Responds to the authentication challenge
cognitoidentityprovider_resend_confirmation_code

Resends the confirmation (for confirmation of registration) to a specific user in the user pool
cognitoidentityprovider_get_user_pool_mfa_config

Gets the user pool multi-factor authentication (MFA) configuration
cognitoidentityprovider_admin_disable_user

Disables the specified user as an administrator
cognitoidentityprovider_get_user_attribute_verification_code

Gets the user attribute verification code for the specified attribute name
cognitoidentityprovider_admin_list_devices

Lists devices, as an administrator
cognitoidentityprovider_get_identity_provider_by_identifier

Gets the specified identity provider
cognitoidentityprovider_get_signing_certificate

This method takes a user pool ID, and returns the signing certificate
cognitoidentityprovider_change_password

Changes the password for a specified user in a user pool
cognitoidentityprovider_admin_update_auth_event_feedback

Provides feedback for an authentication event as to whether it was from a valid user
cognitoidentityprovider_create_user_pool_client

Creates the user pool client
cognitoidentityprovider_admin_list_groups_for_user

Lists the groups that the user belongs to
cognitoidentityprovider_initiate_auth

Initiates the authentication flow
cognitoidentityprovider_global_sign_out

Signs out users from all devices
cognitoidentityprovider_create_user_pool_domain

Creates a new domain for a user pool
cognitoidentityprovider_delete_user_attributes

Deletes the attributes for a user
cognitoidentityprovider_list_users

Lists the users in the Amazon Cognito user pool
cognitoidentityprovider_set_user_mfa_preference

Set the user's multi-factor authentication (MFA) method preference
cognitoidentityprovider_confirm_forgot_password

Allows a user to enter a confirmation code to reset a forgotten password
cognitoidentityprovider_list_users_in_group

Lists the users in the specified group
cognitoidentityprovider_admin_forget_device

Forgets the device, as an administrator
directoryservice_accept_shared_directory

Accepts a directory sharing request that was sent from the directory owner account
cognitoidentityprovider_tag_resource

Assigns a set of tags to an Amazon Cognito user pool
cognitoidentityprovider_untag_resource

Removes the specified tags from an Amazon Cognito user pool
cognitoidentityprovider_admin_update_device_status

Updates the device status as an administrator
cognitoidentityprovider_set_user_pool_mfa_config

Set the user pool MFA configuration
cognitoidentityprovider_update_user_pool

Updates the specified user pool with the specified attributes
cognitoidentityprovider_confirm_sign_up

Confirms registration of a user and handles the existing alias from a previous user
cognitoidentityprovider_update_user_pool_client

Updates the specified user pool app client with the specified attributes
directoryservice_add_ip_routes

If the DNS server for your on-premises domain uses a publicly addressable IP address, you must add a CIDR address block to correctly route traffic to and from your Microsoft AD on Amazon Web Services
cognitoidentityprovider_delete_user_pool

Deletes the specified Amazon Cognito user pool
cognitoidentityprovider_describe_risk_configuration

Describes the risk configuration
cognitoidentityprovider_delete_identity_provider

Deletes an identity provider for a user pool
cognitoidentityprovider_delete_group

Deletes a group
cognitosync_describe_identity_usage

Gets usage information for an identity, including number of datasets and data usage
cognitoidentityprovider_describe_user_pool_domain

Gets information about a domain
directoryservice_delete_directory

Deletes an AWS Directory Service directory
cognitoidentityprovider_forget_device

Forgets the specified device
cognitosync_get_bulk_publish_details

Get the status of the last BulkPublish operation for an identity pool
directoryservice_delete_log_subscription

Deletes the specified log subscription
cognitoidentityprovider_create_group

Creates a new group in the specified user pool
cognitosync_set_cognito_events

Sets the AWS Lambda function for a given event type for an identity pool
cognitosync_set_identity_pool_configuration

Sets the necessary configuration for push sync
cognitoidentityprovider_describe_user_import_job

Describes the user import job
cognitoidentityprovider_get_ui_customization

Gets the UI Customization information for a particular app client's app UI, if there is something set
directoryservice_connect_directory

Creates an AD Connector to connect to an on-premises directory
directoryservice_enable_radius

Enables multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector or Microsoft AD directory
cognitoidentityprovider_describe_user_pool

Returns the configuration information and metadata of the specified user pool
directoryservice_create_alias

Creates an alias for a directory and assigns the alias to the directory
directoryservice_enable_sso

Enables single sign-on for a directory
directoryservice_describe_directories

Obtains information about the directories that belong to this account
cognitoidentityprovider_get_user

Gets the user attributes and metadata for a user
directoryservice_reset_user_password

Resets the password for any user in your AWS Managed Microsoft AD or Simple AD directory
cognitoidentityprovider_describe_user_pool_client

Client method for returning the configuration information and metadata of the specified user pool app client
cognitoidentityprovider_list_identity_providers

Lists information about all identity providers for a user pool
cognitoidentityprovider_describe_identity_provider

Gets information about a specific identity provider
cognitoidentityprovider_describe_resource_server

Describes a resource server
cognitoidentityprovider_forgot_password

Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password
cognitoidentityprovider_list_user_pool_clients

Lists the clients that have been created for the specified user pool
cognitoidentityprovider_get_csv_header

Gets the header information for the
cognitoidentityprovider_set_risk_configuration

Configures actions on detected risks
directoryservice_restore_from_snapshot

Restores a directory using an existing directory snapshot
cognitoidentityprovider_set_ui_customization

Sets the UI customization information for a user pool's built-in app UI
cognitoidentityprovider_list_resource_servers

Lists the resource servers for a user pool
cognitoidentityprovider_set_user_settings

Sets the user settings like multi-factor authentication (MFA)
cognitoidentityprovider_list_user_pools

Lists the user pools associated with an AWS account
cognitoidentityprovider_update_resource_server

Updates the name and scopes of resource server
cognitoidentityprovider_sign_up

Registers the user in the specified user pool and creates a user name, password, and user attributes
cognitoidentityprovider_update_user_attributes

Allows a user to update a specific attribute (one at a time)
cognitosync_describe_dataset

Gets meta data about a dataset by identity and dataset name
cognitoidentityprovider_update_group

Updates the specified group with the specified attributes
directoryservice_describe_domain_controllers

Provides information about any domain controllers in your directory
cognitoidentityprovider_update_identity_provider

Updates identity provider information for a user pool
fms_list_compliance_status

Returns an array of PolicyComplianceStatus objects in the response
fms_put_policy

Creates an AWS Firewall Manager policy
fms_list_member_accounts

Returns a MemberAccounts object that lists the member accounts in the administrator's AWS organization
cognitoidentityprovider_list_tags_for_resource

Lists the tags that are assigned to an Amazon Cognito user pool
directoryservice_list_ip_routes

Lists the address blocks that you have added to a directory
cognitoidentityprovider_list_user_import_jobs

Lists the user import jobs
directoryservice_list_log_subscriptions

Lists the active log subscriptions for the AWS account
cognitosync_get_cognito_events

Gets the events and the corresponding Lambda functions associated with an identity pool
cognitoidentityprovider_admin_initiate_auth

Initiates the authentication flow, as an administrator
cognitosync

Amazon Cognito Sync
cognitoidentityprovider_update_auth_event_feedback

Provides the feedback for an authentication event whether it was from a valid user or not
cognitoidentityprovider_update_device_status

Updates the device status
cognitoidentityprovider_verify_user_attribute

Verifies the specified user attributes in the user pool
cognitosync_get_identity_pool_configuration

Gets the configuration settings of an identity pool
directoryservice_update_number_of_domain_controllers

Adds or removes domain controllers to or from the directory
guardduty

Amazon GuardDuty
cognitosync_describe_identity_pool_usage

Gets usage details (for example, data storage) about a particular identity pool
guardduty_decline_invitations

Declines invitations sent to the current member account by AWS account specified by their account IDs
guardduty_delete_detector

Deletes a Amazon GuardDuty detector specified by the detector ID
cognitosync_subscribe_to_dataset

Subscribes to receive notifications when a dataset is modified by another device
guardduty_disassociate_members

Disassociates GuardDuty member accounts (to the current GuardDuty master account) specified by the account IDs
cognitosync_bulk_publish

Initiates a bulk publish of all existing datasets for an Identity Pool to the configured stream
cognitosync_unsubscribe_from_dataset

Unsubscribes from receiving notifications when a dataset is modified by another device
cognitosync_delete_dataset

Deletes the specific dataset
directoryservice_create_directory

Creates a Simple AD directory
cognitoidentityprovider_admin_link_provider_for_user

Links an existing user account in a user pool (DestinationUser) to an identity from an external identity provider (SourceUser) based on a specified attribute name and value from the external identity provider
guardduty_get_detector

Retrieves an Amazon GuardDuty detector specified by the detectorId
directoryservice_update_radius

Updates the Remote Authentication Dial In User Service (RADIUS) server information for an AD Connector or Microsoft AD directory
directoryservice_add_tags_to_resource

Adds or overwrites one or more tags for the specified directory
cognitosync_list_records

Gets paginated records, optionally changed after a particular sync count for a dataset and identity
guardduty_list_members

Lists details about all member accounts for the current GuardDuty master account
directoryservice_cancel_schema_extension

Cancels an in-progress schema extension to a Microsoft AD directory
guardduty_create_detector

Creates a single Amazon GuardDuty detector
guardduty_create_filter

Creates a filter using the specified finding criteria
guardduty_list_threat_intel_sets

Lists the ThreatIntelSets of the GuardDuty service specified by the detector ID
cognitosync_register_device

Registers a device to receive push sync notifications
cognitoidentityprovider_admin_set_user_settings

Sets all the user settings for a specified user name
cognitoidentityprovider_admin_set_user_mfa_preference

Sets the user's multi-factor authentication (MFA) preference
iam_attach_user_policy

Attaches the specified managed policy to the specified user
directoryservice_deregister_event_topic

Removes the specified directory as a publisher to the specified SNS topic
cognitoidentityprovider_create_user_import_job

Creates the user import job
cognitoidentityprovider_create_user_pool

Creates a new Amazon Cognito user pool and sets the password policy for the pool
cognitoidentityprovider_delete_user_pool_client

Allows the developer to delete the user pool client
directoryservice_create_log_subscription

Creates a subscription to forward real time Directory Service domain controller security logs to the specified CloudWatch log group in your AWS account
cognitoidentityprovider_delete_user_pool_domain

Deletes a domain for a user pool
iam_change_password

Changes the password of the IAM user who is calling this operation
guardduty_delete_threat_intel_set

Deletes ThreatIntelSet specified by the ThreatIntelSet ID
guardduty_disassociate_from_master_account

Disassociates the current GuardDuty member account from its master account
directoryservice_describe_snapshots

Obtains information about the directory snapshots that belong to this account
directoryservice_describe_trusts

Obtains information about the trust relationships for this account
directoryservice_describe_conditional_forwarders

Obtains information about the conditional forwarders for this account
directoryservice_create_microsoft_ad

Creates an AWS Managed Microsoft AD directory
guardduty_get_findings_statistics

Lists Amazon GuardDuty findings' statistics for the specified detector ID
directoryservice_get_directory_limits

Obtains directory limit information for the current region
directoryservice_remove_ip_routes

Removes IP address blocks from a directory
guardduty_get_invitations_count

Returns the count of all GuardDuty membership invitations that were sent to the current member account except the currently accepted invitation
directoryservice_get_snapshot_limits

Obtains the manual snapshot limits for a directory
directoryservice_remove_tags_from_resource

Removes tags from a directory
directoryservice_register_event_topic

Associates a directory with an SNS topic
cognitoidentityprovider_list_devices

Lists the devices
fms

Firewall Management Service
directoryservice_create_snapshot

Creates a snapshot of a Simple AD or Microsoft AD directory in the AWS cloud
iam_create_policy

Creates a new managed policy for your AWS account
fms_associate_admin_account

Sets the AWS Firewall Manager administrator account
guardduty_start_monitoring_members

Re-enables GuardDuty to monitor findings of the member accounts specified by the account IDs
iam_create_policy_version

Creates a new version of the specified managed policy
directoryservice_reject_shared_directory

Rejects a directory sharing request that was sent from the directory owner account
directoryservice_delete_snapshot

Deletes a directory snapshot
guardduty_stop_monitoring_members

Disables GuardDuty from monitoring findings of the member accounts specified by the account IDs
cognitoidentityprovider_list_groups

Lists the groups associated with a user pool
fms_get_policy

Returns information about the specified AWS Firewall Manager policy
iam_delete_policy_version

Deletes the specified version from the specified managed policy
fms_get_protection_status

If you created a Shield Advanced policy, returns policy-level attack summary information in the event of a potential DDoS attack
cognitoidentityprovider_start_user_import_job

Starts the user import
cognitoidentityprovider_stop_user_import_job

Stops the user import job
directoryservice_update_trust

Updates the trust that has been set up between your AWS Managed Microsoft AD directory and an on-premises Active Directory
iam_delete_role

Deletes the specified role
cognitoidentityprovider_update_user_pool_domain

Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool
cognitoidentityprovider_verify_software_token

Use this API to register a user's entered TOTP code and mark the user's software token MFA status as "verified" if successful
cognitosync_list_datasets

Lists datasets for an identity
iam

AWS Identity and Access Management
fms_list_policies

Returns an array of PolicySummary objects in the response
directoryservice_delete_trust

Deletes an existing trust relationship between your AWS Managed Microsoft AD directory and an external domain
directoryservice_verify_trust

AWS Directory Service for Microsoft Active Directory allows you to configure and verify trust relationships
directoryservice_describe_event_topics

Obtains information about which SNS topics receive status messages from the specified directory
fms_disassociate_admin_account

Disassociates the account that has been set as the AWS Firewall Manager administrator account
iam_add_client_id_to_open_id_connect_provider

Adds a new client ID (also known as audience) to the list of client IDs already registered for the specified IAM OpenID Connect (OIDC) provider resource
iam_delete_role_permissions_boundary

Deletes the permissions boundary for the specified IAM role
directoryservice_describe_shared_directories

Returns the shared directories in your account
iam_delete_role_policy

Deletes the specified inline policy that is embedded in the specified IAM role
fms_get_admin_account

Returns the AWS Organizations master account that is associated with AWS Firewall Manager as the AWS Firewall Manager administrator
directoryservice_unshare_directory

Stops the directory sharing between the directory owner and consumer accounts
iam_detach_user_policy

Removes the specified managed policy from the specified user
cognitosync_list_identity_pool_usage

Gets a list of identity pools registered with Cognito
directoryservice_update_conditional_forwarder

Updates a conditional forwarder that has been set up for your AWS directory
guardduty_delete_filter

Deletes the filter specified by the filter name
fms_delete_notification_channel

Deletes an AWS Firewall Manager association with the IAM role and the Amazon Simple Notification Service (SNS) topic that is used to record AWS Firewall Manager SNS logs
iam_attach_group_policy

Attaches the specified managed policy to the specified IAM group
cognitosync_update_records

Posts updates to records and adds and deletes records for a dataset and user
guardduty_delete_invitations

Deletes invitations sent to the current member account by AWS accounts specified by their account IDs
iam_attach_role_policy

Attaches the specified managed policy to the specified IAM role
guardduty_get_members

Retrieves GuardDuty member accounts (to the current GuardDuty master account) specified by the account IDs
iam_enable_mfa_device

Enables the specified MFA device and associates it with the specified IAM user
fms_delete_policy

Permanently deletes an AWS Firewall Manager policy
iam_create_role

Creates a new role for your AWS account
directoryservice

AWS Directory Service
iam_get_credential_report

Retrieves a credential report for the AWS account
guardduty_accept_invitation

Accepts the invitation to be monitored by a master GuardDuty account
iam_get_group

Returns a list of IAM users that are in the specified IAM group
fms_put_notification_channel

Designates the IAM role and Amazon Simple Notification Service (SNS) topic that AWS Firewall Manager uses to record SNS logs
iam_create_saml_provider

Creates an IAM resource that describes an identity provider (IdP) that supports SAML 2
guardduty_get_threat_intel_set

Retrieves the ThreatIntelSet that is specified by the ThreatIntelSet ID
guardduty_archive_findings

Archives Amazon GuardDuty findings specified by the list of finding IDs
guardduty_delete_ip_set

Deletes the IPSet specified by the IPSet ID
iam_get_policy

Retrieves information about the specified managed policy, including the policy's default version and the total number of IAM users, groups, and roles to which the policy is attached
guardduty_get_filter

Returns the details of the filter specified by the filter name
guardduty_invite_members

Invites other AWS accounts (created as members of the current AWS account by CreateMembers) to enable GuardDuty and allow the current AWS account to view and manage these accounts' GuardDuty findings on their behalf as the master account
iam_delete_group

Deletes the specified IAM group
guardduty_list_detectors

Lists detectorIds of all the existing Amazon GuardDuty detector resources
guardduty_get_findings

Describes Amazon GuardDuty findings specified by finding IDs
iam_delete_group_policy

Deletes the specified inline policy that is embedded in the specified IAM group
directoryservice_create_computer

Creates a computer account in the specified directory, and joins the computer to the directory
guardduty_list_filters

Returns a paginated list of the current filters
iam_delete_service_linked_role

Submits a service-linked role deletion request and returns a DeletionTaskId, which you can use to check the status of the deletion
directoryservice_create_conditional_forwarder

Creates a conditional forwarder associated with your AWS directory
iam_get_policy_version

Retrieves information about the specified version of the specified managed policy, including the policy document
iam_delete_service_specific_credential

Deletes the specified service-specific credential
guardduty_unarchive_findings

Unarchives Amazon GuardDuty findings specified by the list of finding IDs
guardduty_list_findings

Lists Amazon GuardDuty findings for the specified detector ID
guardduty_update_detector

Updates an Amazon GuardDuty detector specified by the detectorId
iam_list_attached_group_policies

Lists all managed policies that are attached to the specified IAM group
iam_list_attached_role_policies

Lists all managed policies that are attached to the specified IAM role
iam_delete_account_alias

Deletes the specified AWS account alias
guardduty_delete_members

Deletes GuardDuty member accounts (to the current GuardDuty master account) specified by the account IDs
guardduty_update_ip_set

Updates the IPSet specified by the IPSet ID
iam_add_role_to_instance_profile

Adds the specified IAM role to the specified instance profile
iam_delete_account_password_policy

Deletes the password policy for the AWS account
iam_delete_user

Deletes the specified IAM user
guardduty_update_threat_intel_set

Updates the ThreatIntelSet specified by ThreatIntelSet ID
iam_delete_user_permissions_boundary

Deletes the permissions boundary for the specified IAM user
iam_generate_credential_report

Generates a credential report for the AWS account
iam_create_login_profile

Creates a password for the specified user, giving the user the ability to access AWS services through the AWS Management Console
iam_list_open_id_connect_providers

Lists information about the IAM OpenID Connect (OIDC) provider resource objects defined in the AWS account
iam_add_user_to_group

Adds the specified user to the specified group
iam_generate_service_last_accessed_details

Generates a request for a report that includes details about when an IAM resource (user, group, role, or policy) was last used in an attempt to access AWS services
directoryservice_create_trust

AWS Directory Service for Microsoft Active Directory allows you to configure trust relationships
iam_get_group_policy

Retrieves the specified inline policy document that is embedded in the specified IAM group
iam_get_service_last_accessed_details

After you generate a user, group, role, or policy report using the GenerateServiceLastAccessedDetails operation, you can use the JobId parameter in GetServiceLastAccessedDetails
iam_get_service_last_accessed_details_with_entities

After you generate a group or policy report using the GenerateServiceLastAccessedDetails operation, you can use the JobId parameter in GetServiceLastAccessedDetailsWithEntities
iam_create_account_alias

Creates an alias for your AWS account
iam_create_access_key

Creates a new AWS secret access key and corresponding AWS access key ID for the specified user
iam_get_instance_profile

Retrieves information about the specified instance profile, including the instance profile's path, GUID, ARN, and role
iam_list_policies

Lists all the managed policies that are available in your AWS account, including your own customer-defined managed policies and all AWS managed policies
iam_list_signing_certificates

Returns information about the signing certificates associated with the specified IAM user
iam_get_role

Retrieves information about the specified role, including the role's path, GUID, ARN, and the role's trust policy that grants permission to assume the role
iam_get_role_policy

Retrieves the specified inline policy document that is embedded with the specified IAM role
iam_list_ssh_public_keys

Returns information about the SSH public keys associated with the specified IAM user
directoryservice_delete_conditional_forwarder

Deletes a conditional forwarder that has been set up for your AWS directory
iam_deactivate_mfa_device

Deactivates the specified MFA device and removes it from association with the user name for which it was originally enabled
iam_list_role_tags

Lists the tags that are attached to the specified role
iam_list_role_policies

Lists the names of the inline policies that are embedded in the specified IAM role
iam_delete_access_key

Deletes the access key pair associated with the specified IAM user
iam_list_access_keys

Returns information about the access key IDs associated with the specified IAM user
iam_list_roles

Lists the IAM roles that have the specified path prefix
iam_list_account_aliases

Lists the account alias associated with the AWS account (Note: you can have only one)
iam_delete_open_id_connect_provider

Deletes an OpenID Connect identity provider (IdP) resource object in IAM
iam_list_saml_providers

Lists the SAML provider resource objects defined in IAM in the account
iam_delete_policy

Deletes the specified managed policy
iam_remove_role_from_instance_profile

Removes the specified IAM role from the specified EC2 instance profile
iam_remove_user_from_group

Removes the specified user from the specified group
iam_put_role_policy

Adds or updates an inline policy document that is embedded in the specified IAM role
iam_create_open_id_connect_provider

Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC)
directoryservice_disable_radius

Disables multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector or Microsoft AD directory
iam_list_groups_for_user

Lists the IAM groups that the specified IAM user belongs to
iam_simulate_principal_policy

Simulate how a set of IAM policies attached to an IAM entity works with a list of API operations and AWS resources to determine the policies' effective permissions
iam_create_user

Creates a new IAM user for your AWS account
iam_put_user_permissions_boundary

Adds or updates the policy that is specified as the IAM user's permissions boundary
directoryservice_disable_sso

Disables single-sign on for a directory
iam_list_instance_profiles

Lists the instance profiles that have the specified path prefix
iam_tag_role

Adds one or more tags to an IAM role
iam_update_server_certificate

Updates the name and/or the path of the specified server certificate stored in IAM
iam_update_open_id_connect_provider_thumbprint

Replaces the existing list of server certificate thumbprints associated with an OpenID Connect (OIDC) provider resource object with a new list of thumbprints
iam_update_role

Updates the description or maximum session duration setting of a role
directoryservice_list_schema_extensions

Lists all schema extensions applied to a Microsoft AD Directory
iam_create_virtual_mfa_device

Creates a new virtual MFA device for the AWS account
iam_list_users

Lists the IAM users that have the specified path prefix
iam_delete_saml_provider

Deletes a SAML provider resource in IAM
inspector_describe_findings

Describes the findings that are specified by the ARNs of the findings
iam_list_virtual_mfa_devices

Lists the virtual MFA devices defined in the AWS account by assignment status
iam_update_service_specific_credential

Sets the status of a service-specific credential to Active or Inactive
iam_update_user

Updates the name and/or the path of the specified IAM user
iam_delete_signing_certificate

Deletes a signing certificate associated with the specified IAM user
iam_put_group_policy

Adds or updates an inline policy document that is embedded in the specified IAM group
inspector_describe_resource_groups

Describes the resource groups that are specified by the ARNs of the resource groups
inspector_get_exclusions_preview

Retrieves the exclusions preview (a list of ExclusionPreview objects) specified by the preview token
directoryservice_list_tags_for_resource

Lists all tags on a directory
iam_put_role_permissions_boundary

Adds or updates the policy that is specified as the IAM role's permissions boundary
iam_delete_ssh_public_key

Deletes the specified SSH public key
iam_upload_server_certificate

Uploads a server certificate entity for the AWS account
inspector_describe_assessment_targets

Describes the assessment targets that are specified by the ARNs of the assessment targets
iam_delete_server_certificate

Deletes the specified server certificate
iam_get_access_key_last_used

Retrieves information about when the specified access key was last used
iam_tag_user

Adds one or more tags to an IAM user
iam_untag_role

Removes the specified tags from the role
iam_detach_group_policy

Removes the specified managed policy from the specified IAM group
inspector_get_telemetry_metadata

Information about the data that is collected for the specified assessment run
inspector_describe_assessment_templates

Describes the assessment templates that are specified by the ARNs of the assessment templates
directoryservice_share_directory

Shares a specified directory (DirectoryId) in your AWS account (directory owner) with another AWS account (directory consumer)
iam_get_account_authorization_details

Retrieves information about all IAM users, groups, roles, and policies in your AWS account, including their relationships to one another
iam_update_role_description

Use UpdateRole instead
iam_get_account_password_policy

Retrieves the password policy for the AWS account
directoryservice_start_schema_extension

Applies a schema extension to a Microsoft AD directory
iam_get_account_summary

Retrieves information about IAM entity usage and IAM quotas in the AWS account
iam_detach_role_policy

Removes the specified managed policy from the specified role
inspector_list_findings

Lists findings that are generated by the assessment runs that are specified by the ARNs of the assessment runs
inspector_list_rules_packages

Lists all available Amazon Inspector rules packages
kms_create_key

Creates a customer master key (CMK) in the caller's AWS account
fms_get_compliance_detail

Returns detailed compliance information about the specified member account
kms_decrypt

Decrypts ciphertext
kms_describe_custom_key_stores

Gets information about custom key stores in the account and region
kms_delete_imported_key_material

Deletes key material that you previously imported
iam_get_service_linked_role_deletion_status

Retrieves the status of your service-linked role deletion
iam_update_saml_provider

Updates the metadata document for an existing SAML provider resource object
iam_get_login_profile

Retrieves the user name and password-creation date for the specified IAM user
kms_get_key_policy

Gets a key policy attached to the specified customer master key (CMK)
inspector_list_event_subscriptions

Lists all the event subscriptions for the assessment template that is specified by the ARN of the assessment template
inspector_create_exclusions_preview

Starts the generation of an exclusions preview for the specified assessment template
inspector_create_resource_group

Creates a resource group using the specified set of tags (key and value pairs) that are used to select the EC2 instances to be included in an Amazon Inspector assessment target
iam_get_open_id_connect_provider

Returns information about the specified OpenID Connect (OIDC) provider resource object in IAM
kms_get_key_rotation_status

Gets a Boolean value that indicates whether automatic rotation of the key material is enabled for the specified customer master key (CMK)
fms_get_notification_channel

Returns information about the Amazon Simple Notification Service (SNS) topic that is used to record AWS Firewall Manager SNS logs
kms_list_grants

Gets a list of all grants for the specified customer master key (CMK)
guardduty_create_ip_set

Creates a new IPSet - a list of trusted IP addresses that have been whitelisted for secure communication with AWS infrastructure and applications
iam_get_ssh_public_key

Retrieves the specified SSH public key, including metadata about the key
kms_untag_resource

Removes the specified tags from the specified customer master key (CMK)
inspector_list_exclusions

List exclusions that are generated by the assessment run
guardduty_create_members

Creates member accounts of the current AWS account by specifying a list of AWS account IDs
guardduty_create_sample_findings

Generates example findings of types specified by the list of finding types
kms_update_alias

Associates an existing alias with a different customer master key (CMK)
iam_get_saml_provider

Returns the SAML provider metadocument that was uploaded when the IAM SAML provider resource object was created or updated
guardduty_create_threat_intel_set

Create a new ThreatIntelSet
iam_get_server_certificate

Retrieves information about the specified server certificate stored in IAM
ram_enable_sharing_with_aws_organization

Enables resource sharing within your organization
inspector_delete_assessment_run

Deletes the assessment run that is specified by the ARN of the assessment run
securityhub_get_members

Returns the details on the Security Hub member accounts that are specified by the account IDs
inspector_delete_assessment_target

Deletes the assessment target that is specified by the ARN of the assessment target
inspector_list_tags_for_resource

Lists all tags associated with an assessment template
ram_get_resource_policies

Gets the policies for the specifies resources
kms

AWS Key Management Service
inspector_preview_agents

Previews the agents installed on the EC2 instances that are part of the specified assessment target
iam_list_attached_user_policies

Lists all managed policies that are attached to the specified IAM user
guardduty_get_ip_set

Retrieves the IPSet specified by the IPSet ID
iam_list_entities_for_policy

Lists all IAM users, groups, and roles that the specified managed policy is attached to
shield_describe_emergency_contact_settings

Lists the email addresses that the DRT can use to contact you during a suspected attack
secretsmanager_tag_resource

Attaches one or more tags, each consisting of a key name and a value, to the specified secret
iam_list_group_policies

Lists the names of the inline policies that are embedded in the specified IAM group
iam_list_groups

Lists the IAM groups that have the specified path prefix
kms_cancel_key_deletion

Cancels the deletion of a customer master key (CMK)
guardduty_get_master_account

Provides the details for the GuardDuty master account to the current GuardDuty member account
kms_enable_key

Sets the key state of a customer master key (CMK) to enabled
securityhub_disable_security_hub

Disables the AWS Security Hub Service
guardduty_list_invitations

Lists all GuardDuty membership invitations that were sent to the current AWS account
iam_list_policies_granting_service_access

Retrieves a list of policies that the IAM identity (user, group, or role) can use to access each specified service
kms_enable_key_rotation

Enables automatic rotation of the key material for the specified customer master key (CMK)
inspector_stop_assessment_run

Stops the assessment run that is specified by the ARN of the assessment run
secretsmanager_untag_resource

Removes one or more tags from the specified secret
wafregional_delete_permission_policy

Permanently deletes an IAM policy from the specified RuleGroup
iam_list_policy_versions

Lists information about the versions of the specified managed policy, including the version that is currently set as the policy's default version
iam_list_server_certificates

Lists the server certificates stored in IAM that have the specified path prefix
iam_list_instance_profiles_for_role

Lists the instance profiles that have the specified associated IAM role
ram_tag_resource

Adds the specified tags to the specified resource share
securityhub_delete_insight

Deletes an insight that is specified by the insight ARN
kms_generate_data_key_without_plaintext

Returns a data encryption key encrypted under a customer master key (CMK)
ram

AWS Resource Access Manager
inspector_subscribe_to_event

Enables the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic
iam_remove_client_id_from_open_id_connect_provider

Removes the specified client ID (also known as audience) from the list of client IDs registered for the specified IAM OpenID Connect (OIDC) provider resource object
waf_get_ip_set

Returns the IPSet that is specified by IPSetId
iam_list_mfa_devices

Lists the MFA devices for an IAM user
kms_generate_random

Returns a random byte string that is cryptographically secure
secretsmanager_get_resource_policy

Retrieves the JSON text of the resource-based policy document that's attached to the specified secret
kms_list_resource_tags

Returns a list of all tags for the specified customer master key (CMK)
iam_reset_service_specific_credential

Resets the password for a service-specific credential
kms_create_custom_key_store

Creates a custom key store that is associated with an AWS CloudHSM cluster that you own and manage
iam_resync_mfa_device

Synchronizes the specified MFA device with its IAM resource object on the AWS servers
iam_list_service_specific_credentials

Returns information about the service-specific credentials associated with the specified IAM user
iam_upload_ssh_public_key

Uploads an SSH public key and associates it with the specified IAM user
ram_accept_resource_share_invitation

Accepts an invitation to a resource share from another AWS account
securityhub_delete_invitations

Deletes invitations that are sent to this AWS account (invitee) by the AWS accounts (inviters) that are specified by their account IDs
kms_list_keys

Gets a list of all customer master keys (CMKs) in the caller's AWS account and region
iam_put_user_policy

Adds or updates an inline policy document that is embedded in the specified IAM user
iam_update_ssh_public_key

Sets the status of an IAM user's SSH public key to active or inactive
iam_update_account_password_policy

Updates the password policy settings for the AWS account
secretsmanager_put_secret_value

Stores a new encrypted secret value in the specified secret
iam_update_assume_role_policy

Updates the policy that grants an IAM entity permission to assume a role
guardduty_list_ip_sets

Lists the IPSets of the GuardDuty service specified by the detector ID
iam_set_default_policy_version

Sets the specified version of the specified policy as the policy's default (operative) version
waf_delete_rule

Permanently deletes a Rule
iam_update_signing_certificate

Changes the status of the specified user signing certificate from active to disabled, or vice versa
kms_list_retirable_grants

Returns a list of all grants for which the grant's RetiringPrincipal matches the one specified
securityhub_get_insights

Lists and describes insights that are specified by insight ARNs
kms_create_grant

Adds a grant to a customer master key (CMK)
waf_update_rate_based_rule

Inserts or deletes Predicate objects in a rule and updates the RateLimit in the rule
securityhub_get_invitations_count

Returns the count of all Security Hub membership invitations that were sent to the current member account, not including the currently accepted invitation
guardduty_update_filter

Updates the filter specified by the filter name
kms_list_aliases

Gets a list of all aliases in the caller's AWS account and region
secretsmanager_get_secret_value

Retrieves the contents of the encrypted fields SecretString or SecretBinary from the specified version of a secret, whichever contains content
guardduty_update_findings_feedback

Marks specified Amazon GuardDuty findings as useful or not useful
iam_simulate_custom_policy

Simulate how a set of IAM policies and optionally a resource-based policy works with a list of API operations and AWS resources to determine the policies' effective permissions
macie

Amazon Macie
inspector_list_assessment_run_agents

Lists the agents of the assessment runs that are specified by the ARNs of the assessment runs
iam_update_group

Updates the name and/or the path of the specified IAM group
inspector_create_assessment_target

Creates a new assessment target using the ARN of the resource group that is generated by CreateResourceGroup
iam_update_login_profile

Changes the password for the specified IAM user
iam_create_group

Creates a new group
kms_delete_alias

Deletes the specified alias
macie_associate_member_account

Associates a specified AWS account with Amazon Macie as a member account
securityhub_get_master_account

Provides the details for the Security Hub master account to the current member account
ram_get_resource_share_invitations

Gets the specified invitations for resource sharing
inspector_list_assessment_runs

Lists the assessment runs that correspond to the assessment templates that are specified by the ARNs of the assessment templates
iam_create_instance_profile

Creates a new instance profile
waf_create_web_acl

Creates a WebACL, which contains the Rules that identify the CloudFront web requests that you want to allow, block, or count
waf_delete_rule_group

Permanently deletes a RuleGroup
secretsmanager_rotate_secret

Configures and starts the asynchronous process of rotating this secret
iam_create_service_linked_role

Creates an IAM role that is linked to a specific AWS service
wafregional_list_size_constraint_sets

Returns an array of SizeConstraintSetSummary objects
iam_create_service_specific_credential

Generates a set of credentials consisting of a user name and password that can be used to access the service specified in the request
inspector_create_assessment_template

Creates an assessment template for the assessment target that is specified by the ARN of the assessment target
waf_list_byte_match_sets

Returns an array of ByteMatchSetSummary objects
inspector_describe_cross_account_access_role

Describes the IAM role that enables Amazon Inspector to access your AWS account
inspector_describe_exclusions

Describes the exclusions that are specified by the exclusions' ARNs
inspector_start_assessment_run

Starts the assessment run specified by the ARN of the assessment template
inspector_list_assessment_targets

Lists the ARNs of the assessment targets within this AWS account
ram_get_resource_share_associations

Gets the associations for the specified resource share
iam_upload_signing_certificate

Uploads an X
shield_describe_drt_access

Returns the current role and list of Amazon S3 log buckets used by the DDoS Response team (DRT) to access your AWS account while assisting with attack mitigation
inspector_list_assessment_templates

Lists the assessment templates that correspond to the assessment targets that are specified by the ARNs of the assessment targets
kms_disable_key_rotation

Disables automatic rotation of the key material for the specified customer master key (CMK)
kms_disconnect_custom_key_store

Disconnects the custom key store from its associated AWS CloudHSM cluster
kms_encrypt

Encrypts plaintext into ciphertext by using a customer master key (CMK)
iam_delete_instance_profile

Deletes the specified instance profile
kms_delete_custom_key_store

Deletes a custom key store
waf_create_xss_match_set

Creates an XssMatchSet, which you use to allow, block, or count requests that contain cross-site scripting attacks in the specified part of web requests
secretsmanager_list_secret_version_ids

Lists all of the versions attached to the specified secret
iam_delete_login_profile

Deletes the password for the specified IAM user, which terminates the user's ability to access AWS services through the AWS Management Console
kms_generate_data_key

Returns a data encryption key that you can use in your application to encrypt data locally
waf_delete_logging_configuration

Permanently deletes the LoggingConfiguration from the specified web ACL
shield_associate_drt_log_bucket

Authorizes the DDoS Response team (DRT) to access the specified Amazon S3 bucket containing your flow logs
kms_retire_grant

Retires a grant
iam_delete_user_policy

Deletes the specified inline policy that is embedded in the specified IAM user
wafregional_update_web_acl

Inserts or deletes ActivatedRule objects in a WebACL
waf_put_logging_configuration

Associates a LoggingConfiguration with a specified web ACL
ram_delete_resource_share

Deletes the specified resource share
kms_list_key_policies

Gets the names of the key policies that are attached to a customer master key (CMK)
inspector_set_tags_for_resource

Sets tags (key and value pairs) to the assessment template that is specified by the ARN of the assessment template
wafregional_list_logging_configurations

Returns an array of LoggingConfiguration objects
waf_update_xss_match_set

Inserts or deletes XssMatchTuple objects (filters) in an XssMatchSet
shield

AWS Shield
macie_associate_s3_resources

Associates specified S3 resources with Amazon Macie for monitoring and data classification
sts

AWS Security Token Service
kms_re_encrypt

Encrypts data on the server side with a new customer master key (CMK) without exposing the plaintext of the data on the client side
inspector_unsubscribe_from_event

Disables the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic
iam_delete_virtual_mfa_device

Deletes a virtual MFA device
shield_update_subscription

Updates the details of an existing subscription
waf_list_sql_injection_match_sets

Returns an array of SqlInjectionMatchSet objects
inspector_update_assessment_target

Updates the assessment target that is specified by the ARN of the assessment target
shield_create_subscription

Activates AWS Shield Advanced for an account
waf_update_byte_match_set

Inserts or deletes ByteMatchTuple objects (filters) in a ByteMatchSet
macie_update_s3_resources

Updates the classification types for the specified S3 resources
macie_disassociate_member_account

Removes the specified member account from Amazon Macie
waf_get_regex_pattern_set

Returns the RegexPatternSet specified by RegexPatternSetId
kms_revoke_grant

Revokes the specified grant for the specified customer master key (CMK)
iam_get_context_keys_for_custom_policy

Gets a list of all of the context keys referenced in the input policies
waf_get_logging_configuration

Returns the LoggingConfiguration for the specified web ACL
kms_put_key_policy

Attaches a key policy to the specified customer master key (CMK)
iam_get_context_keys_for_principal_policy

Gets a list of all of the context keys referenced in all the IAM policies that are attached to the specified IAM entity
iam_get_user

Retrieves information about the specified IAM user, including the user's creation date, path, unique ID, and ARN
shield_update_emergency_contact_settings

Updates the details of the list of email addresses that the DRT can use to contact you during a suspected attack
macie_list_s3_resources

Lists all the S3 resources associated with Amazon Macie
secretsmanager_cancel_rotate_secret

Disables automatic scheduled rotation and cancels the rotation of a secret if one is currently in progress
ram_disassociate_resource_share

Disassociates the specified principals or resources from the specified resource share
shield_create_protection

Enables AWS Shield Advanced for a specific AWS resource
iam_list_user_tags

Lists the tags that are attached to the specified user
iam_get_user_policy

Retrieves the specified inline policy document that is embedded in the specified IAM user
iam_untag_user

Removes the specified tags from the user
iam_list_user_policies

Lists the names of the inline policies embedded in the specified IAM user
iam_update_access_key

Changes the status of the specified access key from Active to Inactive, or vice versa
waf_delete_ip_set

Permanently deletes an IPSet
inspector

Amazon Inspector
secretsmanager_restore_secret

Cancels the scheduled deletion of a secret by removing the DeletedDate time stamp
waf_put_permission_policy

Attaches a IAM policy to the specified resource
shield_delete_protection

Deletes an AWS Shield Advanced Protection
inspector_add_attributes_to_findings

Assigns attributes (key and value pairs) to the findings that are specified by the ARNs of the findings
wafregional_disassociate_web_acl

Removes a web ACL from the specified resource, either an application load balancer or Amazon API Gateway stage
macie_disassociate_s3_resources

Removes specified S3 resources from being monitored by Amazon Macie
waf_get_rule

Returns the Rule that is specified by the RuleId that you included in the GetRule request
ram_untag_resource

Removes the specified tags from the specified resource share
securityhub_disassociate_from_master_account

Disassociates the current Security Hub member account from its master account
ram_update_resource_share

Updates the specified resource share
wafregional_delete_logging_configuration

Permanently deletes the LoggingConfiguration from the specified web ACL
secretsmanager

AWS Secrets Manager
waf_list_rules

Returns an array of RuleSummary objects
secretsmanager_describe_secret

Retrieves the details of a secret
waf_update_regex_match_set

Inserts or deletes RegexMatchTuple objects (filters) in a RegexMatchSet
macie_list_member_accounts

Lists all Amazon Macie member accounts for the current Amazon Macie master account
sts_assume_role_with_web_identity

Returns a set of temporary security credentials for users who have been authenticated in a mobile or web application with a web identity provider, such as Amazon Cognito, Login with Amazon, Facebook, Google, or any OpenID Connect-compatible identity provider
waf_create_sql_injection_match_set

Creates a SqlInjectionMatchSet, which you use to allow, block, or count requests that contain snippets of SQL code in a specified part of web requests
secretsmanager_list_secrets

Lists all of the secrets that are stored by Secrets Manager in the AWS account
wafregional_delete_xss_match_set

Permanently deletes an XssMatchSet
wafregional_associate_web_acl

Associates a web ACL with a resource, either an application load balancer or Amazon API Gateway stage
securityhub_disable_import_findings_for_product

Stops you from being able to import findings generated by integrated third-party providers into Security Hub
securityhub_get_findings

Lists and describes Security Hub-aggregated findings that are specified by filter attributes
ram_associate_resource_share

Associates the specified resource share with the specified principals and resources
secretsmanager_get_random_password

Generates a random password of the specified complexity
waf_get_change_token_status

Returns the status of a ChangeToken that you got by calling GetChangeToken
securityhub_delete_members

Deletes the Security Hub member accounts that are specified by the account IDs
sts_decode_authorization_message

Decodes additional information about the authorization status of a request from an encoded message returned in response to an AWS request
wafregional_create_byte_match_set

Creates a ByteMatchSet
wafregional_create_geo_match_set

Creates an GeoMatchSet, which you use to specify which web requests you want to allow or block based on the country that the requests originate from
wafregional_create_size_constraint_set

Creates a SizeConstraintSet
waf_create_rule

Creates a Rule, which contains the IPSet objects, ByteMatchSet objects, and other predicates that identify the requests that you want to block
ram_create_resource_share

Creates a resource share
inspector_delete_assessment_template

Deletes the assessment template that is specified by the ARN of the assessment template
waf_get_rule_group

Returns the RuleGroup that is specified by the RuleGroupId that you included in the GetRuleGroup request
secretsmanager_put_resource_policy

Attaches the contents of the specified resource-based permission policy to a secret
waf_get_xss_match_set

Returns the XssMatchSet that is specified by XssMatchSetId
shield_associate_drt_role

Authorizes the DDoS Response team (DRT), using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks
wafregional_get_rate_based_rule_managed_keys

Returns an array of IP addresses currently being blocked by the RateBasedRule that is specified by the RuleId
securityhub_get_insight_results

Lists the results of the Security Hub insight specified by the insight ARN
sts_get_caller_identity

Returns details about the IAM identity whose credentials are used to call the API
waf_create_rule_group

Creates a RuleGroup
securityhub_create_insight

Creates an insight, which is a consolidation of findings that identifies a security area that requires attention or intervention
waf_list_xss_match_sets

Returns an array of XssMatchSet objects
inspector_describe_assessment_runs

Describes the assessment runs that are specified by the ARNs of the assessment runs
wafregional_create_rate_based_rule

Creates a RateBasedRule
shield_disassociate_drt_log_bucket

Removes the DDoS Response team's (DRT) access to the specified Amazon S3 bucket containing your flow logs
wafregional_list_ip_sets

Returns an array of IPSetSummary objects in the response
waf_delete_regex_pattern_set

Permanently deletes a RegexPatternSet
securityhub_batch_import_findings

Imports security findings that are generated by the integrated third-party products into Security Hub
wafregional_get_regex_match_set

Returns the RegexMatchSet specified by RegexMatchSetId
waf_get_rate_based_rule

Returns the RateBasedRule that is specified by the RuleId that you included in the GetRateBasedRule request
ram_get_resource_shares

Gets the specified resource shares or all of your resource shares
waf_delete_regex_match_set

Permanently deletes a RegexMatchSet
securityhub_list_enabled_products_for_import

Lists all Security Hub-integrated third-party findings providers
sts_get_federation_token

Returns a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) for a federated user
waf_list_rule_groups

Returns an array of RuleGroup objects
shield_disassociate_drt_role

Removes the DDoS Response team's (DRT) access to your AWS account
inspector_describe_rules_packages

Describes the rules packages that are specified by the ARNs of the rules packages
inspector_get_assessment_report

Produces an assessment report that includes detailed and comprehensive results of a specified assessment run
shield_describe_protection

Lists the details of a Protection object
securityhub_invite_members

Invites other AWS accounts to enable Security Hub and become Security Hub member accounts
ram_list_principals

Lists the principals with access to the specified resource
waf_get_web_acl

Returns the WebACL that is specified by WebACLId
inspector_register_cross_account_access_role

Registers the IAM role that grants Amazon Inspector access to AWS Services needed to perform security assessments
inspector_remove_attributes_from_findings

Removes entire attributes (key and value pairs) from the findings that are specified by the ARNs of the findings where an attribute with the specified key exists
waf_list_size_constraint_sets

Returns an array of SizeConstraintSetSummary objects
kms_connect_custom_key_store

Connects or reconnects a custom key store to its associated AWS CloudHSM cluster
securityhub_batch_disable_standards

Disables the standards specified by the standards subscription ARNs
securityhub_list_invitations

Lists all Security Hub membership invitations that were sent to the current AWS account
shield_list_protections

Lists all Protection objects for the account
waf_list_activated_rules_in_rule_group

Returns an array of ActivatedRule objects
wafregional_delete_regex_pattern_set

Permanently deletes a RegexPatternSet
shield_describe_subscription

Provides details about the AWS Shield Advanced subscription for an account
wafregional_update_sql_injection_match_set

Inserts or deletes SqlInjectionMatchTuple objects (filters) in a SqlInjectionMatchSet
secretsmanager_create_secret

Creates a new secret
secretsmanager_update_secret

Modifies many of the details of the specified secret
waf_update_geo_match_set

Inserts or deletes GeoMatchConstraint objects in an GeoMatchSet
waf_delete_sql_injection_match_set

Permanently deletes a SqlInjectionMatchSet
waf_create_regex_match_set

Creates a RegexMatchSet
waf_get_permission_policy

Returns the IAM policy attached to the RuleGroup
secretsmanager_update_secret_version_stage

Modifies the staging labels attached to a version of a secret
waf_get_geo_match_set

Returns the GeoMatchSet that is specified by GeoMatchSetId
waf_list_regex_match_sets

Returns an array of RegexMatchSetSummary objects
waf_create_regex_pattern_set

Creates a RegexPatternSet
waf_update_size_constraint_set

Inserts or deletes SizeConstraint objects (filters) in a SizeConstraintSet
waf_delete_size_constraint_set

Permanently deletes a SizeConstraintSet
wafregional_get_geo_match_set

Returns the GeoMatchSet that is specified by GeoMatchSetId
wafregional_create_regex_match_set

Creates a RegexMatchSet
securityhub_batch_enable_standards

Enables the standards specified by the standards ARNs
waf_get_sampled_requests

Gets detailed information about a specified number of requests--a sample--that AWS WAF randomly selects from among the first 5,000 requests that your AWS resource received during a time range that you choose
sts_get_session_token

Returns a set of temporary credentials for an AWS account or IAM user
wafregional_create_sql_injection_match_set

Creates a SqlInjectionMatchSet, which you use to allow, block, or count requests that contain snippets of SQL code in a specified part of web requests
kms_create_alias

Creates a display name for a customer master key (CMK)
kms_disable_key

Sets the state of a customer master key (CMK) to disabled, thereby preventing its use for cryptographic operations
securityhub_enable_import_findings_for_product

Enables you to import findings generated by integrated third-party providers into Security Hub
waf_update_ip_set

Inserts or deletes IPSetDescriptor objects in an IPSet
securityhub_disassociate_members

Disassociates the Security Hub member accounts that are specified by the account IDs from their master account
wafregional_delete_web_acl

Permanently deletes a WebACL
waf_update_regex_pattern_set

Inserts or deletes RegexPatternString objects in a RegexPatternSet
waf_create_rate_based_rule

Creates a RateBasedRule
kms_get_parameters_for_import

Returns the items you need in order to import key material into AWS KMS from your existing key management infrastructure
waf_update_web_acl

Inserts or deletes ActivatedRule objects in a WebACL
waf

AWS WAF
waf_list_ip_sets

Returns an array of IPSetSummary objects in the response
wafregional_create_xss_match_set

Creates an XssMatchSet, which you use to allow, block, or count requests that contain cross-site scripting attacks in the specified part of web requests
waf_update_rule_group

Inserts or deletes ActivatedRule objects in a RuleGroup
wafregional_get_ip_set

Returns the IPSet that is specified by IPSetId
wafregional_get_rule_group

Returns the RuleGroup that is specified by the RuleGroupId that you included in the GetRuleGroup request
waf_update_sql_injection_match_set

Inserts or deletes SqlInjectionMatchTuple objects (filters) in a SqlInjectionMatchSet
waf_get_byte_match_set

Returns the ByteMatchSet specified by ByteMatchSetId
kms_describe_key

Provides detailed information about the specified customer master key (CMK)
waf_list_geo_match_sets

Returns an array of GeoMatchSetSummary objects in the response
securityhub_list_members

Lists details about all member accounts for the current Security Hub master account
kms_tag_resource

Adds or edits tags for a customer master key (CMK)
waf_list_subscribed_rule_groups

Returns an array of RuleGroup objects that you are subscribed to
sts_assume_role

Returns a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) that you can use to access AWS resources that you might not normally have access to
sts_assume_role_with_saml

Returns a set of temporary security credentials for users who have been authenticated via a SAML authentication response
wafregional_delete_rate_based_rule

Permanently deletes a RateBasedRule
wafregional_create_web_acl

Creates a WebACL, which contains the Rules that identify the CloudFront web requests that you want to allow, block, or count
wafregional_list_sql_injection_match_sets

Returns an array of SqlInjectionMatchSet objects
wafregional_delete_sql_injection_match_set

Permanently deletes a SqlInjectionMatchSet
wafregional

AWS WAF Regional
waf_create_ip_set

Creates an IPSet, which you use to specify which web requests that you want to allow or block based on the IP addresses that the requests originate from
wafregional_create_rule

Creates a Rule, which contains the IPSet objects, ByteMatchSet objects, and other predicates that identify the requests that you want to block
kms_import_key_material

Imports key material into an existing AWS KMS customer master key (CMK) that was created without key material
kms_schedule_key_deletion

Schedules the deletion of a customer master key (CMK)
wafregional_get_regex_pattern_set

Returns the RegexPatternSet specified by RegexPatternSetId
waf_create_size_constraint_set

Creates a SizeConstraintSet
kms_update_custom_key_store

Changes the properties of a custom key store
wafregional_create_ip_set

Creates an IPSet, which you use to specify which web requests that you want to allow or block based on the IP addresses that the requests originate from
wafregional_update_regex_pattern_set

Inserts or deletes RegexPatternString objects in a RegexPatternSet
wafregional_delete_rule

Permanently deletes a Rule
wafregional_update_byte_match_set

Inserts or deletes ByteMatchTuple objects (filters) in a ByteMatchSet
wafregional_get_size_constraint_set

Returns the SizeConstraintSet specified by SizeConstraintSetId
securityhub_update_findings

Updates the AWS Security Hub-aggregated findings specified by the filter attributes
wafregional_list_activated_rules_in_rule_group

Returns an array of ActivatedRule objects
wafregional_delete_regex_match_set

Permanently deletes a RegexMatchSet
wafregional_get_sql_injection_match_set

Returns the SqlInjectionMatchSet that is specified by SqlInjectionMatchSetId
wafregional_list_rule_groups

Returns an array of RuleGroup objects
kms_update_key_description

Updates the description of a customer master key (CMK)
wafregional_list_rules

Returns an array of RuleSummary objects
wafregional_get_change_token_status

Returns the status of a ChangeToken that you got by calling GetChangeToken
wafregional_update_xss_match_set

Inserts or deletes XssMatchTuple objects (filters) in an XssMatchSet
wafregional_put_permission_policy

Attaches a IAM policy to the specified resource
secretsmanager_delete_resource_policy

Deletes the resource-based permission policy that's attached to the secret
wafregional_list_xss_match_sets

Returns an array of XssMatchSet objects
waf_get_sql_injection_match_set

Returns the SqlInjectionMatchSet that is specified by SqlInjectionMatchSetId
waf_get_change_token

When you want to create, update, or delete AWS WAF objects, get a change token and include the change token in the create, update, or delete request
waf_list_regex_pattern_sets

Returns an array of RegexPatternSetSummary objects
waf_get_size_constraint_set

Returns the SizeConstraintSet specified by SizeConstraintSetId
waf_list_web_ac_ls

Returns an array of WebACLSummary objects in the response
wafregional_list_geo_match_sets

Returns an array of GeoMatchSetSummary objects in the response
wafregional_get_sampled_requests

Gets detailed information about a specified number of requests--a sample--that AWS WAF randomly selects from among the first 5,000 requests that your AWS resource received during a time range that you choose
wafregional_put_logging_configuration

Associates a LoggingConfiguration with a specified web ACL
ram_list_resources

Lists the resources that the specified principal can access
wafregional_create_regex_pattern_set

Creates a RegexPatternSet
wafregional_delete_byte_match_set

Permanently deletes a ByteMatchSet
ram_reject_resource_share_invitation

Rejects an invitation to a resource share from another AWS account
wafregional_delete_ip_set

Permanently deletes an IPSet
wafregional_update_rule

Inserts or deletes Predicate objects in a Rule
waf_delete_rate_based_rule

Permanently deletes a RateBasedRule
wafregional_get_xss_match_set

Returns the XssMatchSet that is specified by XssMatchSetId
wafregional_get_logging_configuration

Returns the LoggingConfiguration for the specified web ACL
wafregional_create_rule_group

Creates a RuleGroup
wafregional_list_subscribed_rule_groups

Returns an array of RuleGroup objects that you are subscribed to
wafregional_get_permission_policy

Returns the IAM policy attached to the RuleGroup
wafregional_get_rate_based_rule

Returns the RateBasedRule that is specified by the RuleId that you included in the GetRateBasedRule request
secretsmanager_delete_secret

Deletes an entire secret and all of its versions
wafregional_list_byte_match_sets

Returns an array of ByteMatchSetSummary objects
wafregional_list_web_ac_ls

Returns an array of WebACLSummary objects in the response
waf_update_rule

Inserts or deletes Predicate objects in a Rule
waf_create_geo_match_set

Creates an GeoMatchSet, which you use to specify which web requests you want to allow or block based on the country that the requests originate from
wafregional_get_byte_match_set

Returns the ByteMatchSet specified by ByteMatchSetId
wafregional_delete_geo_match_set

Permanently deletes a GeoMatchSet
wafregional_update_rate_based_rule

Inserts or deletes Predicate objects in a rule and updates the RateLimit in the rule
wafregional_update_regex_match_set

Inserts or deletes RegexMatchTuple objects (filters) in a RegexMatchSet
wafregional_get_change_token

When you want to create, update, or delete AWS WAF objects, get a change token and include the change token in the create, update, or delete request
securityhub

AWS SecurityHub
wafregional_list_regex_pattern_sets

Returns an array of RegexPatternSetSummary objects
securityhub_decline_invitations

Declines invitations that are sent to this AWS account (invitee) by the AWS accounts (inviters) that are specified by the account IDs
securityhub_accept_invitation

Accepts the invitation to be monitored by a master SecurityHub account
wafregional_list_resources_for_web_acl

Returns an array of resources associated with the specified web ACL
wafregional_update_size_constraint_set

Inserts or deletes SizeConstraint objects (filters) in a SizeConstraintSet
waf_get_rate_based_rule_managed_keys

Returns an array of IP addresses currently being blocked by the RateBasedRule that is specified by the RuleId
wafregional_update_rule_group

Inserts or deletes ActivatedRule objects in a RuleGroup
shield_delete_subscription

Removes AWS Shield Advanced from an account
wafregional_get_web_acl_for_resource

Returns the web ACL for the specified resource, either an application load balancer or Amazon API Gateway stage
securityhub_create_members

Creates member Security Hub accounts in the current AWS account (which becomes the master Security Hub account) that has Security Hub enabled
securityhub_enable_security_hub

Enables the AWS Security Hub service
waf_delete_permission_policy

Permanently deletes an IAM policy from the specified RuleGroup
securityhub_get_enabled_standards

Lists and describes enabled standards
shield_describe_attack

Describes the details of a DDoS attack
securityhub_update_insight

Updates the AWS Security Hub insight specified by the insight ARN
waf_create_byte_match_set

Creates a ByteMatchSet
shield_list_attacks

Returns all ongoing DDoS attacks or all DDoS attacks during a specified time period
shield_get_subscription_state

Returns the SubscriptionState, either Active or Inactive
wafregional_list_rate_based_rules

Returns an array of RuleSummary objects
waf_delete_geo_match_set

Permanently deletes a GeoMatchSet
waf_delete_byte_match_set

Permanently deletes a ByteMatchSet
waf_delete_web_acl

Permanently deletes a WebACL
waf_delete_xss_match_set

Permanently deletes an XssMatchSet
wafregional_get_web_acl

Returns the WebACL that is specified by WebACLId
wafregional_delete_rule_group

Permanently deletes a RuleGroup
waf_list_logging_configurations

Returns an array of LoggingConfiguration objects
waf_get_regex_match_set

Returns the RegexMatchSet specified by RegexMatchSetId
wafregional_delete_size_constraint_set

Permanently deletes a SizeConstraintSet
waf_list_rate_based_rules

Returns an array of RuleSummary objects
wafregional_get_rule

Returns the Rule that is specified by the RuleId that you included in the GetRule request
wafregional_update_ip_set

Inserts or deletes IPSetDescriptor objects in an IPSet
wafregional_update_geo_match_set

Inserts or deletes GeoMatchConstraint objects in an GeoMatchSet
wafregional_list_regex_match_sets

Returns an array of RegexMatchSetSummary objects
acm

AWS Certificate Manager
acm_delete_certificate

Deletes a certificate and its associated private key
acm_import_certificate

Imports a certificate into AWS Certificate Manager (ACM) to use with services that are integrated with ACM
acm_list_tags_for_certificate

Lists the tags that have been applied to the ACM certificate
acm_get_certificate

Retrieves a certificate specified by an ARN and its certificate chain
acm_export_certificate

Exports a private certificate issued by a private certificate authority (CA) for use anywhere
acm_remove_tags_from_certificate

Remove one or more tags from an ACM certificate
acm_add_tags_to_certificate

Adds one or more tags to an ACM certificate
acm_list_certificates

Retrieves a list of certificate ARNs and domain names