Learn R Programming
⚠️There's a newer version (0.7.0) of this package.Take me there.

paws.security.identity (version 0.4.0)

'Amazon Web Services' Security, Identity, & Compliance Services

Description

Interface to 'Amazon Web Services' security, identity, and compliance services, including the 'Identity & Access Management' ('IAM') service for managing access to services and resources, and more .

Copy Link

Version

Install

install.packages('paws.security.identity')

Monthly Downloads

3,912

Version

0.4.0

License

Apache License (>= 2.0)

Issues

47

Pull Requests

1

Stars

319

Forks

37

Maintainer

Dyfan Jones

Last Published

September 11th, 2023

Functions in paws.security.identity (0.4.0)

accessanalyzer_delete_archive_rule

Deletes the specified archive rule
accessanalyzer

Access Analyzer
accessanalyzer_get_analyzed_resource

Retrieves information about a resource that was analyzed
accessanalyzer_create_analyzer

Creates an analyzer for your account
accessanalyzer_get_access_preview

Retrieves information about an access preview for the specified analyzer
accessanalyzer_create_archive_rule

Creates an archive rule for the specified analyzer
accessanalyzer_delete_analyzer

Deletes the specified analyzer
accessanalyzer_get_finding

Retrieves information about the specified finding
accessanalyzer_create_access_preview

Creates an access preview that allows you to preview IAM Access Analyzer findings for your resource before deploying resource permissions
accessanalyzer_cancel_policy_generation

Cancels the requested policy generation
accessanalyzer_list_analyzers

Retrieves a list of analyzers
accessanalyzer_list_access_preview_findings

Retrieves a list of access preview findings generated by the specified access preview
account

AWS Account
accessanalyzer_list_access_previews

Retrieves a list of access previews for the specified analyzer
accessanalyzer_get_analyzer

Retrieves information about the specified analyzer
accessanalyzer_list_archive_rules

Retrieves a list of archive rules created for the specified analyzer
accessanalyzer_list_analyzed_resources

Retrieves a list of resources of the specified type that have been analyzed by the specified analyzer
accessanalyzer_get_archive_rule

Retrieves information about an archive rule
accessanalyzer_update_findings

Updates the status for the specified findings
accessanalyzer_list_tags_for_resource

Retrieves a list of tags applied to the specified resource
accessanalyzer_tag_resource

Adds a tag to the specified resource
accessanalyzer_apply_archive_rule

Retroactively applies the archive rule to existing findings that meet the archive rule criteria
accessanalyzer_start_policy_generation

Starts the policy generation request
accessanalyzer_validate_policy

Requests the validation of a policy and returns a list of findings
accessanalyzer_get_generated_policy

Retrieves the policy that was generated using StartPolicyGeneration
accessanalyzer_start_resource_scan

Immediately starts a scan of the policies applied to the specified resource
accessanalyzer_list_findings

Retrieves a list of findings generated by the specified analyzer
accessanalyzer_untag_resource

Removes a tag from the specified resource
accessanalyzer_list_policy_generations

Lists all of the policy generations requested in the last seven days
account_delete_alternate_contact

Deletes the specified alternate contact from an Amazon Web Services account
accessanalyzer_update_archive_rule

Updates the criteria and values for the specified archive rule
acm

AWS Certificate Manager
account_put_contact_information

Updates the primary contact information of an Amazon Web Services account
account_enable_region

Enables (opts-in) a particular Region for an account
account_put_alternate_contact

Modifies the specified alternate contact attached to an Amazon Web Services account
account_list_regions

Lists all the Regions for a given account and their respective opt-in statuses
account_get_contact_information

Retrieves the primary contact information of an Amazon Web Services account
acm_describe_certificate

Returns detailed metadata about the specified ACM certificate
account_get_alternate_contact

Retrieves the specified alternate contact attached to an Amazon Web Services account
acm_list_certificates

Retrieves a list of certificate ARNs and domain names
acm_add_tags_to_certificate

Adds one or more tags to an ACM certificate
account_disable_region

Disables (opts-out) a particular Region for an account
acm_list_tags_for_certificate

Lists the tags that have been applied to the ACM certificate
account_get_region_opt_status

Retrieves the opt-in status of a particular Region
acm_export_certificate

Exports a private certificate issued by a private certificate authority (CA) for use anywhere
acm_delete_certificate

Deletes a certificate and its associated private key
acm_import_certificate

Imports a certificate into Certificate Manager (ACM) to use with services that are integrated with ACM
acm_put_account_configuration

Adds or modifies account-level configurations in ACM
acm_get_account_configuration

Returns the account configuration options associated with an Amazon Web Services account
acmpca

AWS Certificate Manager Private Certificate Authority
acm_get_certificate

Retrieves an Amazon-issued certificate and its certificate chain
acmpca_create_permission

Grants one or more permissions on a private CA to the Certificate Manager (ACM) service principal (acm
acm_renew_certificate

Renews an eligible ACM certificate
acm_remove_tags_from_certificate

Remove one or more tags from an ACM certificate
acm_request_certificate

Requests an ACM certificate for use with other Amazon Web Services services
acmpca_create_certificate_authority

Creates a root or subordinate private certificate authority (CA)
acmpca_delete_certificate_authority

Deletes a private certificate authority (CA)
acmpca_create_certificate_authority_audit_report

Creates an audit report that lists every time that your CA private key is used
acm_resend_validation_email

Resends the email that requests domain ownership validation
acmpca_describe_certificate_authority

Lists information about your private certificate authority (CA) or one that has been shared with you
acmpca_get_certificate_authority_certificate

Retrieves the certificate and certificate chain for your private certificate authority (CA) or one that has been shared with you
acmpca_get_certificate

Retrieves a certificate from your private CA or one that has been shared with you
acm_update_certificate_options

Updates a certificate
acmpca_get_policy

Retrieves the resource-based policy attached to a private CA
acmpca_delete_policy

Deletes the resource-based policy attached to a private CA
acmpca_issue_certificate

Uses your private certificate authority (CA), or one that has been shared with you, to issue a client certificate
acmpca_get_certificate_authority_csr

Retrieves the certificate signing request (CSR) for your private certificate authority (CA)
acmpca_import_certificate_authority_certificate

Imports a signed private CA certificate into Amazon Web Services Private CA
acmpca_delete_permission

Revokes permissions on a private CA granted to the Certificate Manager (ACM) service principal (acm
acmpca_tag_certificate_authority

Adds one or more tags to your private CA
acmpca_untag_certificate_authority

Remove one or more tags from your private CA
acmpca_describe_certificate_authority_audit_report

Lists information about a specific audit report created by calling the CreateCertificateAuthorityAuditReport action
acmpca_list_certificate_authorities

Lists the private certificate authorities that you created by using the CreateCertificateAuthority action
clouddirectory

Amazon CloudDirectory
acmpca_put_policy

Attaches a resource-based policy to a private CA
acmpca_list_permissions

List all permissions on a private CA, if any, granted to the Certificate Manager (ACM) service principal (acm
acmpca_revoke_certificate

Revokes a certificate that was issued inside Amazon Web Services Private CA
acmpca_list_tags

Lists the tags, if any, that are associated with your private CA or one that has been shared with you
clouddirectory_attach_object

Attaches an existing object to another object
acmpca_restore_certificate_authority

Restores a certificate authority (CA) that is in the DELETED state
acmpca_update_certificate_authority

Updates the status or configuration of a private certificate authority (CA)
clouddirectory_apply_schema

Copies the input published schema, at the specified version, into the Directory with the same name and version as that of the published schema
clouddirectory_attach_policy

Attaches a policy object to a regular object
clouddirectory_batch_write

Performs all the write operations in a batch
clouddirectory_create_directory

Creates a Directory by copying the published schema into the directory
clouddirectory_batch_read

Performs all the read operations in a batch
clouddirectory_add_facet_to_object

Adds a new Facet to an object
clouddirectory_attach_to_index

Attaches the specified object to the specified index
clouddirectory_attach_typed_link

Attaches a typed link to a specified source and target object
clouddirectory_create_facet

Creates a new Facet in a schema
clouddirectory_delete_object

Deletes an object and its associated attributes
clouddirectory_create_index

Creates an index object
clouddirectory_create_typed_link_facet

Creates a TypedLinkFacet
clouddirectory_delete_directory

Deletes a directory
clouddirectory_create_schema

Creates a new schema in a development state
clouddirectory_delete_facet

Deletes a given Facet
clouddirectory_delete_schema

Deletes a given schema
clouddirectory_create_object

Creates an object in a Directory
clouddirectory_delete_typed_link_facet

Deletes a TypedLinkFacet
clouddirectory_detach_from_index

Detaches the specified object from the specified index
clouddirectory_get_directory

Retrieves metadata about a directory
clouddirectory_detach_object

Detaches a given object from the parent object
clouddirectory_get_link_attributes

Retrieves attributes that are associated with a typed link
clouddirectory_get_facet

Gets details of the Facet, such as facet name, attributes, Rules, or ObjectType
clouddirectory_get_applied_schema_version

Returns current applied schema version ARN, including the minor version in use
clouddirectory_detach_typed_link

Detaches a typed link from a specified source and target object
clouddirectory_enable_directory

Enables the specified directory
clouddirectory_detach_policy

Detaches a policy from an object
clouddirectory_get_object_attributes

Retrieves attributes within a facet that are associated with an object
clouddirectory_disable_directory

Disables the specified directory
clouddirectory_list_applied_schema_arns

Lists schema major versions applied to a directory
clouddirectory_get_schema_as_json

Retrieves a JSON representation of the schema
clouddirectory_get_object_information

Retrieves metadata about an object
clouddirectory_list_development_schema_arns

Retrieves each Amazon Resource Name (ARN) of schemas in the development state
clouddirectory_list_incoming_typed_links

Returns a paginated list of all the incoming TypedLinkSpecifier information for an object
clouddirectory_list_facet_names

Retrieves the names of facets that exist in a schema
clouddirectory_list_attached_indices

Lists indices attached to the specified object
clouddirectory_list_facet_attributes

Retrieves attributes attached to the facet
clouddirectory_list_directories

Lists directories created within an account
clouddirectory_get_typed_link_facet_information

Returns the identity attribute order for a specific TypedLinkFacet
clouddirectory_list_object_policies

Returns policies attached to an object in pagination fashion
clouddirectory_list_outgoing_typed_links

Returns a paginated list of all the outgoing TypedLinkSpecifier information for an object
clouddirectory_list_object_attributes

Lists all attributes that are associated with an object
clouddirectory_list_object_parents

Lists parent objects that are associated with a given object in pagination fashion
clouddirectory_list_managed_schema_arns

Lists the major version families of each managed schema
clouddirectory_list_index

Lists objects attached to the specified index
clouddirectory_list_policy_attachments

Returns all of the ObjectIdentifiers to which a given policy is attached
clouddirectory_list_object_parent_paths

Retrieves all available parent paths for any object type such as node, leaf node, policy node, and index node objects
clouddirectory_list_object_children

Returns a paginated list of child objects that are associated with a given object
clouddirectory_list_published_schema_arns

Lists the major version families of each published schema
clouddirectory_list_tags_for_resource

Returns tags for a resource
clouddirectory_put_schema_from_json

Allows a schema to be updated using JSON upload
clouddirectory_lookup_policy

Lists all policies from the root of the Directory to the object specified
clouddirectory_tag_resource

An API operation for adding tags to a resource
clouddirectory_remove_facet_from_object

Removes the specified facet from the specified object
clouddirectory_list_typed_link_facet_names

Returns a paginated list of TypedLink facet names for a particular schema
clouddirectory_untag_resource

An API operation for removing tags from a resource
clouddirectory_update_facet

Does the following:
clouddirectory_list_typed_link_facet_attributes

Returns a paginated list of all attribute definitions for a particular TypedLinkFacet
clouddirectory_publish_schema

Publishes a development schema with a major version and a recommended minor version
clouddirectory_update_typed_link_facet

Updates a TypedLinkFacet
clouddirectory_update_link_attributes

Updates a given typed link’s attributes
cloudhsm

Amazon CloudHSM
cloudhsm_create_hsm

This is documentation for AWS CloudHSM Classic
clouddirectory_update_schema

Updates the schema name with a new name
cloudhsm_create_hapg

This is documentation for AWS CloudHSM Classic
clouddirectory_upgrade_applied_schema

Upgrades a single directory in-place using the PublishedSchemaArn with schema updates found in MinorVersion
cloudhsm_add_tags_to_resource

This is documentation for AWS CloudHSM Classic
clouddirectory_upgrade_published_schema

Upgrades a published schema under a new minor version revision using the current contents of DevelopmentSchemaArn
cloudhsm_create_luna_client

This is documentation for AWS CloudHSM Classic
cloudhsm_describe_hapg

This is documentation for AWS CloudHSM Classic
clouddirectory_update_object_attributes

Updates a given object's attributes
cloudhsm_describe_luna_client

This is documentation for AWS CloudHSM Classic
cloudhsm_list_available_zones

This is documentation for AWS CloudHSM Classic
cloudhsm_delete_luna_client

This is documentation for AWS CloudHSM Classic
cloudhsm_get_config

This is documentation for AWS CloudHSM Classic
cloudhsm_delete_hsm

This is documentation for AWS CloudHSM Classic
cloudhsm_list_hapgs

This is documentation for AWS CloudHSM Classic
cloudhsm_delete_hapg

This is documentation for AWS CloudHSM Classic
cloudhsm_describe_hsm

This is documentation for AWS CloudHSM Classic
cloudhsmv2

AWS CloudHSM V2
cloudhsm_modify_hapg

This is documentation for AWS CloudHSM Classic
cloudhsm_list_luna_clients

This is documentation for AWS CloudHSM Classic
cloudhsmv2_create_cluster

Creates a new AWS CloudHSM cluster
cloudhsmv2_copy_backup_to_region

Copy an AWS CloudHSM cluster backup to a different region
cloudhsm_modify_hsm

This is documentation for AWS CloudHSM Classic
cloudhsm_list_hsms

This is documentation for AWS CloudHSM Classic
cloudhsm_remove_tags_from_resource

This is documentation for AWS CloudHSM Classic
cloudhsm_modify_luna_client

This is documentation for AWS CloudHSM Classic
cloudhsm_list_tags_for_resource

This is documentation for AWS CloudHSM Classic
cloudhsmv2_modify_cluster

Modifies AWS CloudHSM cluster
cloudhsmv2_list_tags

Gets a list of tags for the specified AWS CloudHSM cluster
cloudhsmv2_delete_backup

Deletes a specified AWS CloudHSM backup
cloudhsmv2_modify_backup_attributes

Modifies attributes for AWS CloudHSM backup
cloudhsmv2_delete_cluster

Deletes the specified AWS CloudHSM cluster
cloudhsmv2_initialize_cluster

Claims an AWS CloudHSM cluster by submitting the cluster certificate issued by your issuing certificate authority (CA) and the CA's root certificate
cloudhsmv2_create_hsm

Creates a new hardware security module (HSM) in the specified AWS CloudHSM cluster
cloudhsmv2_describe_backups

Gets information about backups of AWS CloudHSM clusters
cloudhsmv2_describe_clusters

Gets information about AWS CloudHSM clusters
cloudhsmv2_delete_hsm

Deletes the specified HSM
cognitoidentity

Amazon Cognito Identity
cognitoidentity_create_identity_pool

Creates a new identity pool
cognitoidentity_delete_identities

Deletes identities from an identity pool
cloudhsmv2_restore_backup

Restores a specified AWS CloudHSM backup that is in the PENDING_DELETION state
cognitoidentity_delete_identity_pool

Deletes an identity pool
cloudhsmv2_tag_resource

Adds or overwrites one or more tags for the specified AWS CloudHSM cluster
cognitoidentity_describe_identity_pool

Gets details about a particular identity pool, including the pool name, ID description, creation date, and current number of users
cloudhsmv2_untag_resource

Removes the specified tag or tags from the specified AWS CloudHSM cluster
cognitoidentity_describe_identity

Returns metadata related to the given identity, including when the identity was created and any associated linked logins
cognitoidentity_get_credentials_for_identity

Returns credentials for the provided identity ID
cognitoidentity_lookup_developer_identity

Retrieves the IdentityID associated with a DeveloperUserIdentifier or the list of DeveloperUserIdentifier values associated with an IdentityId for an existing identity
cognitoidentity_get_identity_pool_roles

Gets the roles for an identity pool
cognitoidentity_get_principal_tag_attribute_map

Use GetPrincipalTagAttributeMap to list all mappings between PrincipalTags and user attributes
cognitoidentity_get_id

Generates (or retrieves) a Cognito ID
cognitoidentity_merge_developer_identities

Merges two users having different IdentityIds, existing in the same identity pool, and identified by the same developer provider
cognitoidentity_list_tags_for_resource

Lists the tags that are assigned to an Amazon Cognito identity pool
cognitoidentity_get_open_id_token_for_developer_identity

Registers (or retrieves) a Cognito IdentityId and an OpenID Connect token for a user authenticated by your backend authentication process
cognitoidentity_list_identity_pools

Lists all of the Cognito identity pools registered for your account
cognitoidentity_list_identities

Lists the identities in an identity pool
cognitoidentity_get_open_id_token

Gets an OpenID token, using a known Cognito ID
cognitoidentity_update_identity_pool

Updates an identity pool
cognitoidentity_unlink_identity

Unlinks a federated identity from an existing account
cognitoidentityprovider

Amazon Cognito Identity Provider
cognitoidentity_set_principal_tag_attribute_map

You can use this operation to use default (username and clientID) attribute or custom attribute mappings
cognitoidentity_tag_resource

Assigns a set of tags to the specified Amazon Cognito identity pool
cognitoidentityprovider_admin_add_user_to_group

Adds the specified user to the specified group
cognitoidentityprovider_add_custom_attributes

Adds additional user attributes to the user pool schema
cognitoidentity_untag_resource

Removes the specified tags from the specified Amazon Cognito identity pool
cognitoidentity_unlink_developer_identity

Unlinks a DeveloperUserIdentifier from an existing identity
cognitoidentity_set_identity_pool_roles

Sets the roles for an identity pool
cognitoidentityprovider_admin_get_device

Gets the device, as an administrator
cognitoidentityprovider_admin_forget_device

Forgets the device, as an administrator
cognitoidentityprovider_admin_delete_user_attributes

Deletes the user attributes in a user pool as an administrator
cognitoidentityprovider_admin_disable_user

Deactivates a user and revokes all access tokens for the user
cognitoidentityprovider_admin_delete_user

Deletes a user as an administrator
cognitoidentityprovider_admin_enable_user

Enables the specified user as an administrator
cognitoidentityprovider_admin_confirm_sign_up

Confirms user registration as an admin without using a confirmation code
cognitoidentityprovider_admin_get_user

Gets the specified user by user name in a user pool as an administrator
cognitoidentityprovider_admin_create_user

Creates a new user in the specified user pool
cognitoidentityprovider_admin_disable_provider_for_user

Prevents the user from signing in with the specified external (SAML or social) identity provider (IdP)
cognitoidentityprovider_admin_initiate_auth

Initiates the authentication flow, as an administrator
cognitoidentityprovider_admin_list_groups_for_user

Lists the groups that the user belongs to
cognitoidentityprovider_admin_set_user_mfa_preference

The user's multi-factor authentication (MFA) preference, including which MFA options are activated, and if any are preferred
cognitoidentityprovider_admin_list_devices

Lists devices, as an administrator
cognitoidentityprovider_admin_set_user_password

Sets the specified user's password in a user pool as an administrator
cognitoidentityprovider_admin_respond_to_auth_challenge

Responds to an authentication challenge, as an administrator
cognitoidentityprovider_admin_list_user_auth_events

A history of user activity and any risks detected as part of Amazon Cognito advanced security
cognitoidentityprovider_admin_link_provider_for_user

Links an existing user account in a user pool (DestinationUser) to an identity from an external IdP (SourceUser) based on a specified attribute name and value from the external IdP
cognitoidentityprovider_admin_remove_user_from_group

Removes the specified user from the specified group
cognitoidentityprovider_admin_reset_user_password

Resets the specified user's password in a user pool as an administrator
cognitoidentityprovider_admin_update_device_status

Updates the device status as an administrator
cognitoidentityprovider_confirm_forgot_password

Allows a user to enter a confirmation code to reset a forgotten password
cognitoidentityprovider_confirm_device

Confirms tracking of the device
cognitoidentityprovider_confirm_sign_up

Confirms registration of a new user
cognitoidentityprovider_associate_software_token

Begins setup of time-based one-time password (TOTP) multi-factor authentication (MFA) for a user, with a unique private key that Amazon Cognito generates and returns in the API response
cognitoidentityprovider_admin_set_user_settings

This action is no longer supported
cognitoidentityprovider_change_password

Changes the password for a specified user in a user pool
cognitoidentityprovider_admin_user_global_sign_out

Signs out a user from all devices
cognitoidentityprovider_admin_update_auth_event_feedback

Provides feedback for an authentication event indicating if it was from a valid user
cognitoidentityprovider_admin_update_user_attributes

This action might generate an SMS text message
cognitoidentityprovider_delete_identity_provider

Deletes an IdP for a user pool
cognitoidentityprovider_delete_group

Deletes a group
cognitoidentityprovider_create_resource_server

Creates a new OAuth2
cognitoidentityprovider_delete_resource_server

Deletes a resource server
cognitoidentityprovider_create_user_import_job

Creates a user import job
cognitoidentityprovider_create_user_pool

This action might generate an SMS text message
cognitoidentityprovider_create_identity_provider

Creates an IdP for a user pool
cognitoidentityprovider_create_user_pool_domain

Creates a new domain for a user pool
cognitoidentityprovider_create_group

Creates a new group in the specified user pool
cognitoidentityprovider_create_user_pool_client

Creates the user pool client
cognitoidentityprovider_delete_user_pool_domain

Deletes a domain for a user pool
cognitoidentityprovider_describe_user_pool

Returns the configuration information and metadata of the specified user pool
cognitoidentityprovider_describe_user_import_job

Describes the user import job
cognitoidentityprovider_delete_user_attributes

Deletes the attributes for a user
cognitoidentityprovider_describe_resource_server

Describes a resource server
cognitoidentityprovider_delete_user_pool_client

Allows the developer to delete the user pool client
cognitoidentityprovider_describe_identity_provider

Gets information about a specific IdP
cognitoidentityprovider_describe_risk_configuration

Describes the risk configuration
cognitoidentityprovider_delete_user_pool

Deletes the specified Amazon Cognito user pool
cognitoidentityprovider_delete_user

Allows a user to delete their own user profile
cognitoidentityprovider_describe_user_pool_client

Client method for returning the configuration information and metadata of the specified user pool app client
cognitoidentityprovider_get_signing_certificate

This method takes a user pool ID, and returns the signing certificate
cognitoidentityprovider_get_csv_header

Gets the header information for the comma-separated value (CSV) file to be used as input for the user import job
cognitoidentityprovider_get_device

Gets the device
cognitoidentityprovider_forget_device

Forgets the specified device
cognitoidentityprovider_get_group

Gets a group
cognitoidentityprovider_describe_user_pool_domain

Gets information about a domain
cognitoidentityprovider_get_log_delivery_configuration

Gets the detailed activity logging configuration for a user pool
cognitoidentityprovider_get_identity_provider_by_identifier

Gets the specified IdP
cognitoidentityprovider_forgot_password

Calling this API causes a message to be sent to the end user with a confirmation code that is required to change the user's password
cognitoidentityprovider_get_user_attribute_verification_code

Generates a user attribute verification code for the specified attribute name
cognitoidentityprovider_get_ui_customization

Gets the user interface (UI) Customization information for a particular app client's app UI, if any such information exists for the client
cognitoidentityprovider_list_devices

Lists the sign-in devices that Amazon Cognito has registered to the current user
cognitoidentityprovider_list_identity_providers

Lists information about all IdPs for a user pool
cognitoidentityprovider_initiate_auth

Initiates sign-in for a user in the Amazon Cognito user directory
cognitoidentityprovider_get_user_pool_mfa_config

Gets the user pool multi-factor authentication (MFA) configuration
cognitoidentityprovider_get_user

Gets the user attributes and metadata for a user
cognitoidentityprovider_list_resource_servers

Lists the resource servers for a user pool
cognitoidentityprovider_global_sign_out

Signs out a user from all devices
cognitoidentityprovider_list_groups

Lists the groups associated with a user pool
cognitoidentityprovider_resend_confirmation_code

Resends the confirmation (for confirmation of registration) to a specific user in the user pool
cognitoidentityprovider_list_tags_for_resource

Lists the tags that are assigned to an Amazon Cognito user pool
cognitoidentityprovider_list_user_pool_clients

Lists the clients that have been created for the specified user pool
cognitoidentityprovider_revoke_token

Revokes all of the access tokens generated by, and at the same time as, the specified refresh token
cognitoidentityprovider_list_user_pools

Lists the user pools associated with an Amazon Web Services account
cognitoidentityprovider_list_user_import_jobs

Lists user import jobs for a user pool
cognitoidentityprovider_list_users

Lists users and their basic details in a user pool
cognitoidentityprovider_respond_to_auth_challenge

Responds to the authentication challenge
cognitoidentityprovider_list_users_in_group

Lists the users in the specified group
cognitoidentityprovider_set_log_delivery_configuration

Sets up or modifies the detailed activity logging configuration of a user pool
cognitoidentityprovider_tag_resource

Assigns a set of tags to an Amazon Cognito user pool
cognitoidentityprovider_start_user_import_job

Starts the user import
cognitoidentityprovider_set_user_mfa_preference

Set the user's multi-factor authentication (MFA) method preference, including which MFA factors are activated and if any are preferred
cognitoidentityprovider_set_user_settings

This action is no longer supported
cognitoidentityprovider_stop_user_import_job

Stops the user import job
cognitoidentityprovider_sign_up

Registers the user in the specified user pool and creates a user name, password, and user attributes
cognitoidentityprovider_set_risk_configuration

Configures actions on detected risks
cognitoidentityprovider_untag_resource

Removes the specified tags from an Amazon Cognito user pool
cognitoidentityprovider_set_user_pool_mfa_config

Sets the user pool multi-factor authentication (MFA) configuration
cognitoidentityprovider_set_ui_customization

Sets the user interface (UI) customization information for a user pool's built-in app UI
cognitoidentityprovider_update_auth_event_feedback

Provides the feedback for an authentication event, whether it was from a valid user or not
cognitoidentityprovider_update_device_status

Updates the device status
cognitoidentityprovider_update_resource_server

Updates the name and scopes of resource server
cognitoidentityprovider_update_identity_provider

Updates IdP information for a user pool
cognitoidentityprovider_update_user_pool_domain

Updates the Secure Sockets Layer (SSL) certificate for the custom domain for your user pool
cognitoidentityprovider_update_user_attributes

Allows a user to update a specific attribute (one at a time)
cognitoidentityprovider_update_group

Updates the specified group with the specified attributes
cognitoidentityprovider_update_user_pool_client

Updates the specified user pool app client with the specified attributes
cognitoidentityprovider_update_user_pool

This action might generate an SMS text message
cognitoidentityprovider_verify_software_token

Use this API to register a user's entered time-based one-time password (TOTP) code and mark the user's software token MFA status as "verified" if successful
cognitosync_describe_identity_usage

Gets usage information for an identity, including number of datasets and data usage
cognitosync

Amazon Cognito Sync
cognitosync_delete_dataset

Deletes the specific dataset
cognitosync_bulk_publish

Initiates a bulk publish of all existing datasets for an Identity Pool to the configured stream
cognitosync_get_bulk_publish_details

Get the status of the last BulkPublish operation for an identity pool
cognitosync_get_identity_pool_configuration

Gets the configuration settings of an identity pool
cognitosync_describe_dataset

Gets meta data about a dataset by identity and dataset name
cognitoidentityprovider_verify_user_attribute

Verifies the specified user attributes in the user pool
cognitosync_get_cognito_events

Gets the events and the corresponding Lambda functions associated with an identity pool
cognitosync_describe_identity_pool_usage

Gets usage details (for example, data storage) about a particular identity pool
cognitosync_set_cognito_events

Sets the AWS Lambda function for a given event type for an identity pool
cognitosync_set_identity_pool_configuration

Sets the necessary configuration for push sync
cognitosync_list_datasets

Lists datasets for an identity
cognitosync_list_records

Gets paginated records, optionally changed after a particular sync count for a dataset and identity
cognitosync_unsubscribe_from_dataset

Unsubscribes from receiving notifications when a dataset is modified by another device
cognitosync_subscribe_to_dataset

Subscribes to receive notifications when a dataset is modified by another device
detective_batch_get_membership_datasources

Gets information on the data source package history for an account
detective

Amazon Detective
detective_describe_organization_configuration

Returns information about the configuration for the organization behavior graph
detective_delete_members

Removes the specified member accounts from the behavior graph
detective_delete_graph

Disables the specified behavior graph and queues it to be deleted
detective_accept_invitation

Accepts an invitation for the member account to contribute data to a behavior graph
detective_create_members

CreateMembers is used to send invitations to accounts
detective_batch_get_graph_member_datasources

Gets data source package information for the behavior graph
detective_disable_organization_admin_account

Removes the Detective administrator account in the current Region
cognitosync_update_records

Posts updates to records and adds and deletes records for a dataset and user
detective_disassociate_membership

Removes the member account from the specified behavior graph
detective_create_graph

Creates a new behavior graph for the calling account, and sets that account as the administrator account
cognitosync_list_identity_pool_usage

Gets a list of identity pools registered with Cognito
cognitosync_register_device

Registers a device to receive push sync notifications
detective_list_organization_admin_accounts

Returns information about the Detective administrator account for an organization
detective_enable_organization_admin_account

Designates the Detective administrator account for the organization in the current Region
detective_reject_invitation

Rejects an invitation to contribute the account data to a behavior graph
detective_list_invitations

Retrieves the list of open and accepted behavior graph invitations for the member account
detective_list_datasource_packages

Lists data source packages in the behavior graph
detective_start_monitoring_member

Sends a request to enable data ingest for a member account that has a status of ACCEPTED_BUT_DISABLED
detective_get_members

Returns the membership details for specified member accounts for a behavior graph
detective_list_tags_for_resource

Returns the tag values that are assigned to a behavior graph
detective_list_members

Retrieves the list of member accounts for a behavior graph
detective_list_graphs

Returns the list of behavior graphs that the calling account is an administrator account of
directoryservice_add_ip_routes

If the DNS server for your self-managed domain uses a publicly addressable IP address, you must add a CIDR address block to correctly route traffic to and from your Microsoft AD on Amazon Web Services
directoryservice

AWS Directory Service
directoryservice_accept_shared_directory

Accepts a directory sharing request that was sent from the directory owner account
detective_update_datasource_packages

Starts a data source packages for the behavior graph
detective_untag_resource

Removes tags from a behavior graph
detective_tag_resource

Applies tag values to a behavior graph
directoryservice_add_region

Adds two domain controllers in the specified Region for the specified directory
directoryservice_cancel_schema_extension

Cancels an in-progress schema extension to a Microsoft AD directory
directoryservice_add_tags_to_resource

Adds or overwrites one or more tags for the specified directory
detective_update_organization_configuration

Updates the configuration for the Organizations integration in the current Region
directoryservice_create_trust

Directory Service for Microsoft Active Directory allows you to configure trust relationships
directoryservice_create_conditional_forwarder

Creates a conditional forwarder associated with your Amazon Web Services directory
directoryservice_create_directory

Creates a Simple AD directory
directoryservice_create_microsoft_ad

Creates a Microsoft AD directory in the Amazon Web Services Cloud
directoryservice_create_computer

Creates an Active Directory computer object in the specified directory
directoryservice_delete_conditional_forwarder

Deletes a conditional forwarder that has been set up for your Amazon Web Services directory
directoryservice_create_alias

Creates an alias for a directory and assigns the alias to the directory
directoryservice_create_log_subscription

Creates a subscription to forward real-time Directory Service domain controller security logs to the specified Amazon CloudWatch log group in your Amazon Web Services account
directoryservice_create_snapshot

Creates a snapshot of a Simple AD or Microsoft AD directory in the Amazon Web Services cloud
directoryservice_connect_directory

Creates an AD Connector to connect to a self-managed directory
directoryservice_delete_directory

Deletes an Directory Service directory
directoryservice_delete_trust

Deletes an existing trust relationship between your Managed Microsoft AD directory and an external domain
directoryservice_delete_snapshot

Deletes a directory snapshot
directoryservice_describe_certificate

Displays information about the certificate registered for secure LDAP or client certificate authentication
directoryservice_describe_directories

Obtains information about the directories that belong to this account
directoryservice_describe_conditional_forwarders

Obtains information about the conditional forwarders for this account
directoryservice_deregister_event_topic

Removes the specified directory as a publisher to the specified Amazon SNS topic
directoryservice_deregister_certificate

Deletes from the system the certificate that was registered for secure LDAP or client certificate authentication
directoryservice_delete_log_subscription

Deletes the specified log subscription
directoryservice_describe_client_authentication_settings

Retrieves information about the type of client authentication for the specified directory, if the type is specified
directoryservice_describe_shared_directories

Returns the shared directories in your account
directoryservice_describe_domain_controllers

Provides information about any domain controllers in your directory
directoryservice_describe_event_topics

Obtains information about which Amazon SNS topics receive status messages from the specified directory
directoryservice_disable_client_authentication

Disables alternative client authentication methods for the specified directory
directoryservice_describe_ldaps_settings

Describes the status of LDAP security for the specified directory
directoryservice_describe_update_directory

Describes the updates of a directory for a particular update type
directoryservice_describe_snapshots

Obtains information about the directory snapshots that belong to this account
directoryservice_describe_settings

Retrieves information about the configurable settings for the specified directory
directoryservice_describe_trusts

Obtains information about the trust relationships for this account
directoryservice_describe_regions

Provides information about the Regions that are configured for multi-Region replication
directoryservice_enable_client_authentication

Enables alternative client authentication methods for the specified directory
directoryservice_get_snapshot_limits

Obtains the manual snapshot limits for a directory
directoryservice_disable_radius

Disables multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector or Microsoft AD directory
directoryservice_list_certificates

For the specified directory, lists all the certificates registered for a secure LDAP or client certificate authentication
directoryservice_disable_sso

Disables single-sign on for a directory
directoryservice_enable_radius

Enables multi-factor authentication (MFA) with the Remote Authentication Dial In User Service (RADIUS) server for an AD Connector or Microsoft AD directory
directoryservice_get_directory_limits

Obtains directory limit information for the current Region
directoryservice_enable_sso

Enables single sign-on for a directory
directoryservice_disable_ldaps

Deactivates LDAP secure calls for the specified directory
directoryservice_enable_ldaps

Activates the switch for the specific directory to always use LDAP secure calls
directoryservice_reject_shared_directory

Rejects a directory sharing request that was sent from the directory owner account
directoryservice_list_schema_extensions

Lists all schema extensions applied to a Microsoft AD Directory
directoryservice_remove_ip_routes

Removes IP address blocks from a directory
directoryservice_list_log_subscriptions

Lists the active log subscriptions for the Amazon Web Services account
directoryservice_remove_tags_from_resource

Removes tags from a directory
directoryservice_remove_region

Stops all replication and removes the domain controllers from the specified Region
directoryservice_register_event_topic

Associates a directory with an Amazon SNS topic
directoryservice_list_ip_routes

Lists the address blocks that you have added to a directory
directoryservice_list_tags_for_resource

Lists all tags on a directory
directoryservice_register_certificate

Registers a certificate for a secure LDAP or client certificate authentication
directoryservice_update_settings

Updates the configurable settings for the specified directory
directoryservice_update_radius

Updates the Remote Authentication Dial In User Service (RADIUS) server information for an AD Connector or Microsoft AD directory
directoryservice_restore_from_snapshot

Restores a directory using an existing directory snapshot
directoryservice_unshare_directory

Stops the directory sharing between the directory owner and consumer accounts
directoryservice_share_directory

Shares a specified directory (DirectoryId) in your Amazon Web Services account (directory owner) with another Amazon Web Services account (directory consumer)
directoryservice_update_directory_setup

Updates the directory for a particular update type
directoryservice_start_schema_extension

Applies a schema extension to a Microsoft AD directory
directoryservice_update_conditional_forwarder

Updates a conditional forwarder that has been set up for your Amazon Web Services directory
directoryservice_update_number_of_domain_controllers

Adds or removes domain controllers to or from the directory
directoryservice_reset_user_password

Resets the password for any user in your Managed Microsoft AD or Simple AD directory
fms

Firewall Management Service
fms_associate_admin_account

Sets a Firewall Manager default administrator account
fms_delete_apps_list

Permanently deletes an Firewall Manager applications list
fms_batch_associate_resource

Associate resources to a Firewall Manager resource set
fms_delete_policy

Permanently deletes an Firewall Manager policy
directoryservice_verify_trust

Directory Service for Microsoft Active Directory allows you to configure and verify trust relationships
fms_batch_disassociate_resource

Disassociates resources from a Firewall Manager resource set
fms_delete_notification_channel

Deletes an Firewall Manager association with the IAM role and the Amazon Simple Notification Service (SNS) topic that is used to record Firewall Manager SNS logs
directoryservice_update_trust

Updates the trust that has been set up between your Managed Microsoft AD directory and an self-managed Active Directory
fms_associate_third_party_firewall

Sets the Firewall Manager policy administrator as a tenant administrator of a third-party firewall service
fms_disassociate_admin_account

Disassociates an Firewall Manager administrator account
fms_get_admin_account

Returns the Organizations account that is associated with Firewall Manager as the Firewall Manager default administrator
fms_get_compliance_detail

Returns detailed compliance information about the specified member account
fms_get_policy

Returns information about the specified Firewall Manager policy
fms_delete_protocols_list

Permanently deletes an Firewall Manager protocols list
fms_get_admin_scope

Returns information about the specified account's administrative scope
fms_delete_resource_set

Deletes the specified ResourceSet
fms_disassociate_third_party_firewall

Disassociates a Firewall Manager policy administrator from a third-party firewall tenant
fms_get_notification_channel

Information about the Amazon Simple Notification Service (SNS) topic that is used to record Firewall Manager SNS logs
fms_get_apps_list

Returns information about the specified Firewall Manager applications list
fms_get_violation_details

Retrieves violations for a resource based on the specified Firewall Manager policy and Amazon Web Services account
fms_get_protocols_list

Returns information about the specified Firewall Manager protocols list
fms_list_apps_lists

Returns an array of AppsListDataSummary objects
fms_list_compliance_status

Returns an array of PolicyComplianceStatus objects
fms_list_admins_managing_account

Lists the accounts that are managing the specified Organizations member account
fms_get_third_party_firewall_association_status

The onboarding status of a Firewall Manager admin account to third-party firewall vendor tenant
fms_list_discovered_resources

Returns an array of resources in the organization's accounts that are available to be associated with a resource set
fms_get_protection_status

If you created a Shield Advanced policy, returns policy-level attack summary information in the event of a potential DDoS attack
fms_list_resource_sets

Returns an array of ResourceSetSummary objects
fms_get_resource_set

Gets information about a specific resource set
fms_list_admin_accounts_for_organization

Returns a AdminAccounts object that lists the Firewall Manager administrators within the organization that are onboarded to Firewall Manager by AssociateAdminAccount
fms_put_notification_channel

Designates the IAM role and Amazon Simple Notification Service (SNS) topic that Firewall Manager uses to record SNS logs
fms_put_admin_account

Creates or updates an Firewall Manager administrator account
fms_put_apps_list

Creates an Firewall Manager applications list
fms_list_member_accounts

Returns a MemberAccounts object that lists the member accounts in the administrator's Amazon Web Services organization
fms_list_tags_for_resource

Retrieves the list of tags for the specified Amazon Web Services resource
fms_list_protocols_lists

Returns an array of ProtocolsListDataSummary objects
fms_list_resource_set_resources

Returns an array of resources that are currently associated to a resource set
fms_list_third_party_firewall_firewall_policies

Retrieves a list of all of the third-party firewall policies that are associated with the third-party firewall administrator's account
fms_list_policies

Returns an array of PolicySummary objects
fms_tag_resource

Adds one or more tags to an Amazon Web Services resource
fms_untag_resource

Removes one or more tags from an Amazon Web Services resource
guardduty

Amazon GuardDuty
guardduty_archive_findings

Archives GuardDuty findings that are specified by the list of finding IDs
guardduty_create_detector

Creates a single Amazon GuardDuty detector
fms_put_protocols_list

Creates an Firewall Manager protocols list
fms_put_resource_set

Creates the resource set
guardduty_accept_invitation

Accepts the invitation to be monitored by a GuardDuty administrator account
guardduty_accept_administrator_invitation

Accepts the invitation to be a member account and get monitored by a GuardDuty administrator account that sent the invitation
fms_put_policy

Creates an Firewall Manager policy
guardduty_create_sample_findings

Generates sample findings of types specified by the list of finding types
guardduty_delete_filter

Deletes the filter specified by the filter name
guardduty_create_members

Creates member accounts of the current Amazon Web Services account by specifying a list of Amazon Web Services account IDs
guardduty_create_threat_intel_set

Creates a new ThreatIntelSet
guardduty_create_publishing_destination

Creates a publishing destination to export findings to
guardduty_delete_invitations

Deletes invitations sent to the current member account by Amazon Web Services accounts specified by their account IDs
guardduty_create_ip_set

Creates a new IPSet, which is called a trusted IP list in the console user interface
guardduty_delete_detector

Deletes an Amazon GuardDuty detector that is specified by the detector ID
guardduty_decline_invitations

Declines invitations sent to the current member account by Amazon Web Services accounts specified by their account IDs
guardduty_create_filter

Creates a filter using the specified finding criteria
guardduty_disable_organization_admin_account

Disables an Amazon Web Services account within the Organization as the GuardDuty delegated administrator
guardduty_describe_malware_scans

Returns a list of malware scans
guardduty_describe_organization_configuration

Returns information about the account selected as the delegated administrator for GuardDuty
guardduty_disassociate_from_administrator_account

Disassociates the current GuardDuty member account from its administrator account
guardduty_delete_ip_set

Deletes the IPSet specified by the ipSetId
guardduty_delete_members

Deletes GuardDuty member accounts (to the current GuardDuty administrator account) specified by the account IDs
guardduty_get_filter

Returns the details of the filter specified by the filter name
guardduty_get_ip_set

Retrieves the IPSet specified by the ipSetId
guardduty_disassociate_from_master_account

Disassociates the current GuardDuty member account from its administrator account
guardduty_get_detector

Retrieves an Amazon GuardDuty detector specified by the detectorId
guardduty_get_coverage_statistics

Retrieves aggregated statistics for your account
guardduty_delete_publishing_destination

Deletes the publishing definition with the specified destinationId
guardduty_delete_threat_intel_set

Deletes the ThreatIntelSet specified by the ThreatIntelSet ID
guardduty_get_findings

Describes Amazon GuardDuty findings specified by finding IDs
guardduty_describe_publishing_destination

Returns information about the publishing destination specified by the provided destinationId
guardduty_get_invitations_count

Returns the count of all GuardDuty membership invitations that were sent to the current member account except the currently accepted invitation
guardduty_get_findings_statistics

Lists Amazon GuardDuty findings statistics for the specified detector ID
guardduty_get_administrator_account

Provides the details for the GuardDuty administrator account associated with the current GuardDuty member account
guardduty_enable_organization_admin_account

Enables an Amazon Web Services account within the organization as the GuardDuty delegated administrator
guardduty_disassociate_members

Disassociates GuardDuty member accounts (from the current administrator account) specified by the account IDs
guardduty_get_member_detectors

Describes which data sources are enabled for the member account's detector
guardduty_invite_members

Invites Amazon Web Services accounts to become members of an organization administered by the Amazon Web Services account that invokes this API
guardduty_list_detectors

Lists detectorIds of all the existing Amazon GuardDuty detector resources
guardduty_list_coverage

Lists coverage details for your GuardDuty account
guardduty_get_remaining_free_trial_days

Provides the number of days left for each data source used in the free trial period
guardduty_get_threat_intel_set

Retrieves the ThreatIntelSet that is specified by the ThreatIntelSet ID
guardduty_get_usage_statistics

Lists Amazon GuardDuty usage statistics over the last 30 days for the specified detector ID
guardduty_get_master_account

Provides the details for the GuardDuty administrator account associated with the current GuardDuty member account
guardduty_list_tags_for_resource

Lists tags for a resource
guardduty_list_threat_intel_sets

Lists the ThreatIntelSets of the GuardDuty service specified by the detector ID
guardduty_list_organization_admin_accounts

Lists the accounts configured as GuardDuty delegated administrators
guardduty_get_members

Retrieves GuardDuty member accounts (of the current GuardDuty administrator account) specified by the account IDs
guardduty_get_malware_scan_settings

Returns the details of the malware scan settings
guardduty_list_members

Lists details about all member accounts for the current GuardDuty administrator account
guardduty_list_filters

Returns a paginated list of the current filters
guardduty_list_ip_sets

Lists the IPSets of the GuardDuty service specified by the detector ID
guardduty_start_malware_scan

Initiates the malware scan
guardduty_list_publishing_destinations

Returns a list of publishing destinations associated with the specified detectorId
guardduty_list_invitations

Lists all GuardDuty membership invitations that were sent to the current Amazon Web Services account
guardduty_list_findings

Lists Amazon GuardDuty findings for the specified detector ID
guardduty_update_findings_feedback

Marks the specified GuardDuty findings as useful or not useful
guardduty_update_ip_set

Updates the IPSet specified by the IPSet ID
guardduty_untag_resource

Removes tags from a resource
guardduty_start_monitoring_members

Turns on GuardDuty monitoring of the specified member accounts
guardduty_update_filter

Updates the filter specified by the filter name
guardduty_unarchive_findings

Unarchives GuardDuty findings specified by the findingIds
guardduty_tag_resource

Adds tags to a resource
guardduty_update_malware_scan_settings

Updates the malware scan settings
guardduty_stop_monitoring_members

Stops GuardDuty monitoring for the specified member accounts
guardduty_update_detector

Updates the Amazon GuardDuty detector specified by the detectorId
guardduty_update_threat_intel_set

Updates the ThreatIntelSet specified by the ThreatIntelSet ID
iam

AWS Identity and Access Management
guardduty_update_member_detectors

Contains information on member accounts to be updated
guardduty_update_organization_configuration

Configures the delegated administrator account with the provided values
guardduty_update_publishing_destination

Updates information about the publishing destination specified by the destinationId
iam_add_user_to_group

Adds the specified user to the specified group
iam_add_client_id_to_open_id_connect_provider

Adds a new client ID (also known as audience) to the list of client IDs already registered for the specified IAM OpenID Connect (OIDC) provider resource
iam_attach_role_policy

Attaches the specified managed policy to the specified IAM role
iam_change_password

Changes the password of the IAM user who is calling this operation
iam_attach_group_policy

Attaches the specified managed policy to the specified IAM group
iam_create_policy_version

Creates a new version of the specified managed policy
iam_create_login_profile

Creates a password for the specified IAM user
iam_add_role_to_instance_profile

Adds the specified IAM role to the specified instance profile
iam_create_policy

Creates a new managed policy for your Amazon Web Services account
iam_deactivate_mfa_device

Deactivates the specified MFA device and removes it from association with the user name for which it was originally enabled
iam_delete_access_key

Deletes the access key pair associated with the specified IAM user
iam_create_group

Creates a new group
iam_create_account_alias

Creates an alias for your Amazon Web Services account
iam_create_saml_provider

Creates an IAM resource that describes an identity provider (IdP) that supports SAML 2
iam_create_instance_profile

Creates a new instance profile
iam_create_user

Creates a new IAM user for your Amazon Web Services account
iam_create_service_linked_role

Creates an IAM role that is linked to a specific Amazon Web Services service
iam_delete_account_alias

Deletes the specified Amazon Web Services account alias
iam_attach_user_policy

Attaches the specified managed policy to the specified user
iam_create_open_id_connect_provider

Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC)
iam_create_virtual_mfa_device

Creates a new virtual MFA device for the Amazon Web Services account
iam_create_access_key

Creates a new Amazon Web Services secret access key and corresponding Amazon Web Services access key ID for the specified user
iam_create_role

Creates a new role for your Amazon Web Services account
iam_delete_instance_profile

Deletes the specified instance profile
iam_delete_role_policy

Deletes the specified inline policy that is embedded in the specified IAM role
iam_delete_policy_version

Deletes the specified version from the specified managed policy
iam_delete_group_policy

Deletes the specified inline policy that is embedded in the specified IAM group
iam_delete_policy

Deletes the specified managed policy
iam_delete_account_password_policy

Deletes the password policy for the Amazon Web Services account
iam_delete_role

Deletes the specified role
iam_delete_open_id_connect_provider

Deletes an OpenID Connect identity provider (IdP) resource object in IAM
iam_delete_group

Deletes the specified IAM group
iam_delete_login_profile

Deletes the password for the specified IAM user, For more information, see Managing passwords for IAM users
iam_delete_role_permissions_boundary

Deletes the permissions boundary for the specified IAM role
iam_create_service_specific_credential

Generates a set of credentials consisting of a user name and password that can be used to access the service specified in the request
iam_delete_ssh_public_key

Deletes the specified SSH public key
iam_delete_signing_certificate

Deletes a signing certificate associated with the specified IAM user
iam_delete_service_specific_credential

Deletes the specified service-specific credential
iam_delete_saml_provider

Deletes a SAML provider resource in IAM
iam_delete_service_linked_role

Submits a service-linked role deletion request and returns a DeletionTaskId, which you can use to check the status of the deletion
iam_delete_server_certificate

Deletes the specified server certificate
iam_delete_user_policy

Deletes the specified inline policy that is embedded in the specified IAM user
iam_delete_user_permissions_boundary

Deletes the permissions boundary for the specified IAM user
iam_delete_virtual_mfa_device

Deletes a virtual MFA device
iam_delete_user

Deletes the specified IAM user
iam_detach_group_policy

Removes the specified managed policy from the specified IAM group
iam_detach_role_policy

Removes the specified managed policy from the specified role
iam_get_access_key_last_used

Retrieves information about when the specified access key was last used
iam_generate_organizations_access_report

Generates a report for service last accessed data for Organizations
iam_generate_credential_report

Generates a credential report for the Amazon Web Services account
iam_detach_user_policy

Removes the specified managed policy from the specified user
iam_get_account_password_policy

Retrieves the password policy for the Amazon Web Services account
iam_enable_mfa_device

Enables the specified MFA device and associates it with the specified IAM user
iam_get_mfa_device

Retrieves information about an MFA device for a specified user
iam_generate_service_last_accessed_details

Generates a report that includes details about when an IAM resource (user, group, role, or policy) was last used in an attempt to access Amazon Web Services services
iam_get_account_authorization_details

Retrieves information about all IAM users, groups, roles, and policies in your Amazon Web Services account, including their relationships to one another
iam_get_context_keys_for_principal_policy

Gets a list of all of the context keys referenced in all the IAM policies that are attached to the specified IAM entity
iam_get_group

Returns a list of IAM users that are in the specified IAM group
iam_get_group_policy

Retrieves the specified inline policy document that is embedded in the specified IAM group
iam_get_open_id_connect_provider

Returns information about the specified OpenID Connect (OIDC) provider resource object in IAM
iam_get_context_keys_for_custom_policy

Gets a list of all of the context keys referenced in the input policies
iam_get_credential_report

Retrieves a credential report for the Amazon Web Services account
iam_get_instance_profile

Retrieves information about the specified instance profile, including the instance profile's path, GUID, ARN, and role
iam_get_account_summary

Retrieves information about IAM entity usage and IAM quotas in the Amazon Web Services account
iam_get_login_profile

Retrieves the user name for the specified IAM user
iam_get_server_certificate

Retrieves information about the specified server certificate stored in IAM
iam_get_service_linked_role_deletion_status

Retrieves the status of your service-linked role deletion
iam_get_policy_version

Retrieves information about the specified version of the specified managed policy, including the policy document
iam_get_role_policy

Retrieves the specified inline policy document that is embedded with the specified IAM role
iam_get_role

Retrieves information about the specified role, including the role's path, GUID, ARN, and the role's trust policy that grants permission to assume the role
iam_get_saml_provider

Returns the SAML provider metadocument that was uploaded when the IAM SAML provider resource object was created or updated
iam_get_service_last_accessed_details

Retrieves a service last accessed report that was created using the GenerateServiceLastAccessedDetails operation
iam_get_organizations_access_report

Retrieves the service last accessed data report for Organizations that was previously generated using the GenerateOrganizationsAccessReport operation
iam_get_policy

Retrieves information about the specified managed policy, including the policy's default version and the total number of IAM users, groups, and roles to which the policy is attached
iam_get_service_last_accessed_details_with_entities

After you generate a group or policy report using the GenerateServiceLastAccessedDetails operation, you can use the JobId parameter in GetServiceLastAccessedDetailsWithEntities
iam_list_entities_for_policy

Lists all IAM users, groups, and roles that the specified managed policy is attached to
iam_list_attached_group_policies

Lists all managed policies that are attached to the specified IAM group
iam_list_group_policies

Lists the names of the inline policies that are embedded in the specified IAM group
iam_list_access_keys

Returns information about the access key IDs associated with the specified IAM user
iam_get_user_policy

Retrieves the specified inline policy document that is embedded in the specified IAM user
iam_get_user

Retrieves information about the specified IAM user, including the user's creation date, path, unique ID, and ARN
iam_get_ssh_public_key

Retrieves the specified SSH public key, including metadata about the key
iam_list_attached_user_policies

Lists all managed policies that are attached to the specified IAM user
iam_list_attached_role_policies

Lists all managed policies that are attached to the specified IAM role
iam_list_account_aliases

Lists the account alias associated with the Amazon Web Services account (Note: you can have only one)
iam_list_open_id_connect_provider_tags

Lists the tags that are attached to the specified OpenID Connect (OIDC)-compatible identity provider
iam_list_instance_profiles

Lists the instance profiles that have the specified path prefix
iam_list_policies

Lists all the managed policies that are available in your Amazon Web Services account, including your own customer-defined managed policies and all Amazon Web Services managed policies
iam_list_instance_profiles_for_role

Lists the instance profiles that have the specified associated IAM role
iam_list_instance_profile_tags

Lists the tags that are attached to the specified IAM instance profile
iam_list_open_id_connect_providers

Lists information about the IAM OpenID Connect (OIDC) provider resource objects defined in the Amazon Web Services account
iam_list_groups

Lists the IAM groups that have the specified path prefix
iam_list_mfa_devices

Lists the MFA devices for an IAM user
iam_list_mfa_device_tags

Lists the tags that are attached to the specified IAM virtual multi-factor authentication (MFA) device
iam_list_groups_for_user

Lists the IAM groups that the specified IAM user belongs to
iam_list_saml_providers

Lists the SAML provider resource objects defined in IAM in the account
iam_list_roles

Lists the IAM roles that have the specified path prefix
iam_list_role_policies

Lists the names of the inline policies that are embedded in the specified IAM role
iam_list_policy_versions

Lists information about the versions of the specified managed policy, including the version that is currently set as the policy's default version
iam_list_policies_granting_service_access

Retrieves a list of policies that the IAM identity (user, group, or role) can use to access each specified service
iam_list_policy_tags

Lists the tags that are attached to the specified IAM customer managed policy
iam_list_server_certificates

Lists the server certificates stored in IAM that have the specified path prefix
iam_list_server_certificate_tags

Lists the tags that are attached to the specified IAM server certificate
iam_list_saml_provider_tags

Lists the tags that are attached to the specified Security Assertion Markup Language (SAML) identity provider
iam_list_role_tags

Lists the tags that are attached to the specified role
iam_list_virtual_mfa_devices

Lists the virtual MFA devices defined in the Amazon Web Services account by assignment status
iam_put_group_policy

Adds or updates an inline policy document that is embedded in the specified IAM group
iam_list_users

Lists the IAM users that have the specified path prefix
iam_list_user_policies

Lists the names of the inline policies embedded in the specified IAM user
iam_list_user_tags

Lists the tags that are attached to the specified IAM user
iam_list_service_specific_credentials

Returns information about the service-specific credentials associated with the specified IAM user
iam_list_signing_certificates

Returns information about the signing certificates associated with the specified IAM user
iam_list_ssh_public_keys

Returns information about the SSH public keys associated with the specified IAM user
iam_put_role_policy

Adds or updates an inline policy document that is embedded in the specified IAM role
iam_put_role_permissions_boundary

Adds or updates the policy that is specified as the IAM role's permissions boundary
iam_remove_client_id_from_open_id_connect_provider

Removes the specified client ID (also known as audience) from the list of client IDs registered for the specified IAM OpenID Connect (OIDC) provider resource object
iam_put_user_permissions_boundary

Adds or updates the policy that is specified as the IAM user's permissions boundary
iam_set_default_policy_version

Sets the specified version of the specified policy as the policy's default (operative) version
iam_remove_role_from_instance_profile

Removes the specified IAM role from the specified EC2 instance profile
iam_remove_user_from_group

Removes the specified user from the specified group
iam_resync_mfa_device

Synchronizes the specified MFA device with its IAM resource object on the Amazon Web Services servers
iam_simulate_custom_policy

Simulate how a set of IAM policies and optionally a resource-based policy works with a list of API operations and Amazon Web Services resources to determine the policies' effective permissions
iam_put_user_policy

Adds or updates an inline policy document that is embedded in the specified IAM user
iam_reset_service_specific_credential

Resets the password for a service-specific credential
iam_set_security_token_service_preferences

Sets the specified version of the global endpoint token as the token version used for the Amazon Web Services account
iam_tag_instance_profile

Adds one or more tags to an IAM instance profile
iam_tag_user

Adds one or more tags to an IAM user
iam_tag_policy

Adds one or more tags to an IAM customer managed policy
iam_untag_instance_profile

Removes the specified tags from the IAM instance profile
iam_simulate_principal_policy

Simulate how a set of IAM policies attached to an IAM entity works with a list of API operations and Amazon Web Services resources to determine the policies' effective permissions
iam_tag_saml_provider

Adds one or more tags to a Security Assertion Markup Language (SAML) identity provider
iam_tag_mfa_device

Adds one or more tags to an IAM virtual multi-factor authentication (MFA) device
iam_tag_open_id_connect_provider

Adds one or more tags to an OpenID Connect (OIDC)-compatible identity provider
iam_tag_server_certificate

Adds one or more tags to an IAM server certificate
iam_tag_role

Adds one or more tags to an IAM role
iam_untag_open_id_connect_provider

Removes the specified tags from the specified OpenID Connect (OIDC)-compatible identity provider in IAM
iam_untag_mfa_device

Removes the specified tags from the IAM virtual multi-factor authentication (MFA) device
iam_untag_user

Removes the specified tags from the user
iam_untag_policy

Removes the specified tags from the customer managed policy
iam_update_access_key

Changes the status of the specified access key from Active to Inactive, or vice versa
iam_untag_server_certificate

Removes the specified tags from the IAM server certificate
iam_untag_saml_provider

Removes the specified tags from the specified Security Assertion Markup Language (SAML) identity provider in IAM
iam_update_assume_role_policy

Updates the policy that grants an IAM entity permission to assume a role
iam_update_account_password_policy

Updates the password policy settings for the Amazon Web Services account
iam_untag_role

Removes the specified tags from the role
iam_update_login_profile

Changes the password for the specified IAM user
iam_update_role

Updates the description or maximum session duration setting of a role
iam_update_role_description

Use UpdateRole instead
iam_update_saml_provider

Updates the metadata document for an existing SAML provider resource object
iam_update_ssh_public_key

Sets the status of an IAM user's SSH public key to active or inactive
iam_update_group

Updates the name and/or the path of the specified IAM group
iam_update_server_certificate

Updates the name and/or the path of the specified server certificate stored in IAM
iam_update_open_id_connect_provider_thumbprint

Replaces the existing list of server certificate thumbprints associated with an OpenID Connect (OIDC) provider resource object with a new list of thumbprints
iam_update_signing_certificate

Changes the status of the specified user signing certificate from active to disabled, or vice versa
iam_update_service_specific_credential

Sets the status of a service-specific credential to Active or Inactive
iam_upload_signing_certificate

Uploads an X
iamrolesanywhere

IAM Roles Anywhere
iamrolesanywhere_delete_trust_anchor

Deletes a trust anchor
iam_upload_ssh_public_key

Uploads an SSH public key and associates it with the specified IAM user
iamrolesanywhere_delete_crl

Deletes a certificate revocation list (CRL)
iam_update_user

Updates the name and/or the path of the specified IAM user
iam_upload_server_certificate

Uploads a server certificate entity for the Amazon Web Services account
iamrolesanywhere_disable_trust_anchor

Disables a trust anchor
iamrolesanywhere_create_trust_anchor

Creates a trust anchor to establish trust between IAM Roles Anywhere and your certificate authority (CA)
iamrolesanywhere_disable_crl

Disables a certificate revocation list (CRL)
iamrolesanywhere_delete_profile

Deletes a profile
iamrolesanywhere_create_profile

Creates a profile, a list of the roles that Roles Anywhere service is trusted to assume
iamrolesanywhere_get_subject

Gets a subject, which associates a certificate identity with authentication attempts
iamrolesanywhere_get_trust_anchor

Gets a trust anchor
iamrolesanywhere_get_profile

Gets a profile
iamrolesanywhere_enable_profile

Enables temporary credential requests for a profile
iamrolesanywhere_enable_trust_anchor

Enables a trust anchor
iamrolesanywhere_get_crl

Gets a certificate revocation list (CRL)
iamrolesanywhere_disable_profile

Disables a profile
iamrolesanywhere_enable_crl

Enables a certificate revocation list (CRL)
iamrolesanywhere_put_notification_settings

Attaches a list of notification settings to a trust anchor
iamrolesanywhere_list_subjects

Lists the subjects in the authenticated account and Amazon Web Services Region
iamrolesanywhere_untag_resource

Removes tags from the resource
iamrolesanywhere_reset_notification_settings

Resets the custom notification setting to IAM Roles Anywhere default setting
iamrolesanywhere_list_profiles

Lists all profiles in the authenticated account and Amazon Web Services Region
iamrolesanywhere_list_crls

Lists all certificate revocation lists (CRL) in the authenticated account and Amazon Web Services Region
iamrolesanywhere_list_tags_for_resource

Lists the tags attached to the resource
iamrolesanywhere_list_trust_anchors

Lists the trust anchors in the authenticated account and Amazon Web Services Region
iamrolesanywhere_import_crl

Imports the certificate revocation list (CRL)
iamrolesanywhere_tag_resource

Attaches tags to a resource
identitystore_delete_group_membership

Delete a membership within a group given MembershipId
identitystore

AWS SSO Identity Store
iamrolesanywhere_update_trust_anchor

Updates a trust anchor
identitystore_create_group_membership

Creates a relationship between a member and a group
identitystore_delete_user

Deletes a user within an identity store given UserId
identitystore_delete_group

Delete a group within an identity store given GroupId
identitystore_create_user

Creates a user within the specified identity store
iamrolesanywhere_update_crl

Updates the certificate revocation list (CRL)
identitystore_create_group

Creates a group within the specified identity store
iamrolesanywhere_update_profile

Updates a profile, a list of the roles that IAM Roles Anywhere service is trusted to assume
identitystore_list_group_memberships_for_member

For the specified member in the specified identity store, returns the list of all GroupMembership objects and returns results in paginated form
identitystore_get_group_membership_id

Retrieves the MembershipId in an identity store
identitystore_get_group_id

Retrieves GroupId in an identity store
identitystore_list_groups

Lists all groups in the identity store
identitystore_get_user_id

Retrieves the UserId in an identity store
identitystore_describe_group

Retrieves the group metadata and attributes from GroupId in an identity store
identitystore_describe_user

Retrieves the user metadata and attributes from the UserId in an identity store
identitystore_list_group_memberships

For the specified group in the specified identity store, returns the list of all GroupMembership objects and returns results in paginated form
identitystore_describe_group_membership

Retrieves membership metadata and attributes from MembershipId in an identity store
identitystore_is_member_in_groups

Checks the user's membership in all requested groups and returns if the member exists in all queried groups
identitystore_update_group

For the specified group in the specified identity store, updates the group metadata and attributes
inspector2

Inspector2
inspector

Amazon Inspector
inspector2_batch_get_free_trial_info

Gets free trial status for multiple Amazon Web Services accounts
inspector2_batch_get_finding_details

Gets vulnerability details for findings
inspector2_associate_member

Associates an Amazon Web Services account with an Amazon Inspector delegated administrator
inspector2_batch_get_account_status

Retrieves the Amazon Inspector status of multiple Amazon Web Services accounts within your environment
identitystore_update_user

For the specified user in the specified identity store, updates the user metadata and attributes
identitystore_list_users

Lists all users in the identity store
inspector2_batch_get_code_snippet

Retrieves code snippets from findings that Amazon Inspector detected code vulnerabilities in
inspector2_create_sbom_export

Creates a software bill of materials (SBOM) report
inspector2_create_filter

Creates a filter resource using specified filter criteria
inspector2_create_findings_report

Creates a finding report
inspector2_disable

Disables Amazon Inspector scans for one or more Amazon Web Services accounts
inspector2_batch_get_member_ec_2_deep_inspection_status

Retrieves Amazon Inspector deep inspection activation status of multiple member accounts within your organization
inspector2_cancel_findings_report

Cancels the given findings report
inspector2_disable_delegated_admin_account

Disables the Amazon Inspector delegated administrator for your organization
inspector2_get_member

Gets member information for your organization
inspector2_cancel_sbom_export

Cancels a software bill of materials (SBOM) report
inspector2_describe_organization_configuration

Describe Amazon Inspector configuration settings for an Amazon Web Services organization
inspector2_batch_update_member_ec_2_deep_inspection_status

Activates or deactivates Amazon Inspector deep inspection for the provided member accounts in your organization
inspector2_delete_filter

Deletes a filter resource
inspector2_disassociate_member

Disassociates a member account from an Amazon Inspector delegated administrator
inspector2_get_findings_report_status

Gets the status of a findings report
inspector2_enable

Enables Amazon Inspector scans for one or more Amazon Web Services accounts
inspector2_get_encryption_key

Gets an encryption key
inspector2_get_ec_2_deep_inspection_configuration

Retrieves the activation status of Amazon Inspector deep inspection and custom paths associated with your account
inspector2_list_delegated_admin_accounts

Lists information about the Amazon Inspector delegated administrator of your organization
inspector2_enable_delegated_admin_account

Enables the Amazon Inspector delegated administrator for your Organizations organization
inspector2_get_delegated_admin_account

Retrieves information about the Amazon Inspector delegated administrator for your organization
inspector2_get_configuration

Retrieves setting configurations for Inspector scans
inspector2_list_coverage

Lists coverage details for you environment
inspector2_list_finding_aggregations

Lists aggregated finding data for your environment based on specific criteria
inspector2_list_members

List members associated with the Amazon Inspector delegated administrator for your organization
inspector2_list_coverage_statistics

Lists Amazon Inspector coverage statistics for your environment
inspector2_list_tags_for_resource

Lists all tags attached to a given resource
inspector2_list_filters

Lists the filters associated with your account
inspector2_update_ec_2_deep_inspection_configuration

Activates, deactivates Amazon Inspector deep inspection, or updates custom paths for your account
inspector2_list_findings

Lists findings for your environment
inspector2_untag_resource

Removes tags from a resource
inspector2_list_account_permissions

Lists the permissions an account has to configure Amazon Inspector
inspector2_get_sbom_export

Gets details of a software bill of materials (SBOM) report
inspector2_list_usage_totals

Lists the Amazon Inspector usage totals over the last 30 days
inspector2_update_org_ec_2_deep_inspection_configuration

Updates the Amazon Inspector deep inspection custom paths for your organization
inspector2_tag_resource

Adds tags to a resource
inspector2_update_configuration

Updates setting configurations for your Amazon Inspector account
inspector2_update_encryption_key

Updates an encryption key
inspector2_search_vulnerabilities

Lists Amazon Inspector coverage details for a specific vulnerability
inspector2_reset_encryption_key

Resets an encryption key
inspector2_update_filter

Specifies the action that is to be applied to the findings that match the filter
inspector_add_attributes_to_findings

Assigns attributes (key and value pairs) to the findings that are specified by the ARNs of the findings
inspector_delete_assessment_target

Deletes the assessment target that is specified by the ARN of the assessment target
inspector_delete_assessment_run

Deletes the assessment run that is specified by the ARN of the assessment run
inspector2_update_organization_configuration

Updates the configurations for your Amazon Inspector organization
inspector_create_assessment_target

Creates a new assessment target using the ARN of the resource group that is generated by CreateResourceGroup
inspector_create_assessment_template

Creates an assessment template for the assessment target that is specified by the ARN of the assessment target
inspector_describe_assessment_runs

Describes the assessment runs that are specified by the ARNs of the assessment runs
inspector_delete_assessment_template

Deletes the assessment template that is specified by the ARN of the assessment template
inspector_create_exclusions_preview

Starts the generation of an exclusions preview for the specified assessment template
inspector_create_resource_group

Creates a resource group using the specified set of tags (key and value pairs) that are used to select the EC2 instances to be included in an Amazon Inspector assessment target
inspector_describe_exclusions

Describes the exclusions that are specified by the exclusions' ARNs
inspector_describe_cross_account_access_role

Describes the IAM role that enables Amazon Inspector to access your AWS account
inspector_describe_resource_groups

Describes the resource groups that are specified by the ARNs of the resource groups
inspector_get_exclusions_preview

Retrieves the exclusions preview (a list of ExclusionPreview objects) specified by the preview token
inspector_describe_assessment_targets

Describes the assessment targets that are specified by the ARNs of the assessment targets
inspector_describe_findings

Describes the findings that are specified by the ARNs of the findings
inspector_get_telemetry_metadata

Information about the data that is collected for the specified assessment run
inspector_describe_rules_packages

Describes the rules packages that are specified by the ARNs of the rules packages
inspector_get_assessment_report

Produces an assessment report that includes detailed and comprehensive results of a specified assessment run
inspector_describe_assessment_templates

Describes the assessment templates that are specified by the ARNs of the assessment templates
inspector_list_rules_packages

Lists all available Amazon Inspector rules packages
inspector_list_assessment_templates

Lists the assessment templates that correspond to the assessment targets that are specified by the ARNs of the assessment targets
inspector_list_event_subscriptions

Lists all the event subscriptions for the assessment template that is specified by the ARN of the assessment template
inspector_preview_agents

Previews the agents installed on the EC2 instances that are part of the specified assessment target
inspector_list_tags_for_resource

Lists all tags associated with an assessment template
inspector_list_assessment_runs

Lists the assessment runs that correspond to the assessment templates that are specified by the ARNs of the assessment templates
inspector_list_assessment_targets

Lists the ARNs of the assessment targets within this AWS account
inspector_list_findings

Lists findings that are generated by the assessment runs that are specified by the ARNs of the assessment runs
inspector_list_exclusions

List exclusions that are generated by the assessment run
inspector_list_assessment_run_agents

Lists the agents of the assessment runs that are specified by the ARNs of the assessment runs
inspector_set_tags_for_resource

Sets tags (key and value pairs) to the assessment template that is specified by the ARN of the assessment template
inspector_update_assessment_target

Updates the assessment target that is specified by the ARN of the assessment target
kms

AWS Key Management Service
inspector_remove_attributes_from_findings

Removes entire attributes (key and value pairs) from the findings that are specified by the ARNs of the findings where an attribute with the specified key exists
inspector_stop_assessment_run

Stops the assessment run that is specified by the ARN of the assessment run
inspector_register_cross_account_access_role

Registers the IAM role that grants Amazon Inspector access to AWS Services needed to perform security assessments
kms_cancel_key_deletion

Cancels the deletion of a KMS key
inspector_start_assessment_run

Starts the assessment run specified by the ARN of the assessment template
inspector_subscribe_to_event

Enables the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic
inspector_unsubscribe_from_event

Disables the process of sending Amazon Simple Notification Service (SNS) notifications about a specified event to a specified SNS topic
kms_describe_custom_key_stores

Gets information about custom key stores in the account and Region
kms_connect_custom_key_store

Connects or reconnects a custom key store to its backing key store
kms_decrypt

Decrypts ciphertext that was encrypted by a KMS key using any of the following operations:
kms_create_alias

Creates a friendly name for a KMS key
kms_delete_alias

Deletes the specified alias
kms_delete_imported_key_material

Deletes key material that was previously imported
kms_create_grant

Adds a grant to a KMS key
kms_delete_custom_key_store

Deletes a custom key store
kms_create_custom_key_store

Creates a custom key store backed by a key store that you own and manage
kms_create_key

Creates a unique customer managed KMS key in your Amazon Web Services account and Region
kms_generate_data_key_pair

Returns a unique asymmetric data key pair for use outside of KMS
kms_enable_key_rotation

Enables automatic rotation of the key material of the specified symmetric encryption KMS key
kms_disconnect_custom_key_store

Disconnects the custom key store from its backing key store
kms_describe_key

Provides detailed information about a KMS key
kms_enable_key

Sets the key state of a KMS key to enabled
kms_encrypt

Encrypts plaintext of up to 4,096 bytes using a KMS key
kms_disable_key_rotation

Disables automatic rotation of the key material of the specified symmetric encryption KMS key
kms_generate_data_key_pair_without_plaintext

Returns a unique asymmetric data key pair for use outside of KMS
kms_disable_key

Sets the state of a KMS key to disabled
kms_generate_data_key

Returns a unique symmetric data key for use outside of KMS
kms_import_key_material

Imports or reimports key material into an existing KMS key that was created without key material
kms_list_aliases

Gets a list of aliases in the caller's Amazon Web Services account and region
kms_list_grants

Gets a list of all grants for the specified KMS key
kms_generate_random

Returns a random byte string that is cryptographically secure
kms_generate_data_key_without_plaintext

Returns a unique symmetric data key for use outside of KMS
kms_get_parameters_for_import

Returns the public key and an import token you need to import or reimport key material for a KMS key
kms_get_key_rotation_status

Gets a Boolean value that indicates whether automatic rotation of the key material is enabled for the specified KMS key
kms_generate_mac

Generates a hash-based message authentication code (HMAC) for a message using an HMAC KMS key and a MAC algorithm that the key supports
kms_get_public_key

Returns the public key of an asymmetric KMS key
kms_get_key_policy

Gets a key policy attached to the specified KMS key
kms_list_resource_tags

Returns all tags on the specified KMS key
kms_list_retirable_grants

Returns information about all grants in the Amazon Web Services account and Region that have the specified retiring principal
kms_schedule_key_deletion

Schedules the deletion of a KMS key
kms_revoke_grant

Deletes the specified grant
kms_put_key_policy

Attaches a key policy to the specified KMS key
kms_list_key_policies

Gets the names of the key policies that are attached to a KMS key
kms_retire_grant

Deletes a grant
kms_re_encrypt

Decrypts ciphertext and then reencrypts it entirely within KMS
kms_list_keys

Gets a list of all KMS keys in the caller's Amazon Web Services account and Region
kms_update_custom_key_store

Changes the properties of a custom key store
kms_replicate_key

Replicates a multi-Region key into the specified Region
macie

Amazon Macie
kms_verify_mac

Verifies the hash-based message authentication code (HMAC) for a specified message, HMAC KMS key, and MAC algorithm
kms_update_primary_region

Changes the primary key of a multi-Region key
kms_untag_resource

Deletes tags from a customer managed key
kms_update_alias

Associates an existing KMS alias with a different KMS key
kms_tag_resource

Adds or edits tags on a customer managed key
kms_verify

Verifies a digital signature that was generated by the Sign operation
kms_sign

Creates a digital signature for a message or message digest by using the private key in an asymmetric signing KMS key
kms_update_key_description

Updates the description of a KMS key
macie2_batch_get_custom_data_identifiers

Retrieves information about one or more custom data identifiers
macie2

Amazon Macie 2
macie2_create_member

Associates an account with an Amazon Macie administrator account
macie2_create_invitations

Sends an Amazon Macie membership invitation to one or more accounts
macie2_create_classification_job

Creates and defines the settings for a classification job
macie2_create_sample_findings

Creates sample findings
macie2_create_allow_list

Creates and defines the settings for an allow list
macie2_create_custom_data_identifier

Creates and defines the criteria and other settings for a custom data identifier
macie2_accept_invitation

Accepts an Amazon Macie membership invitation that was received from a specific account
macie2_create_findings_filter

Creates and defines the criteria and other settings for a findings filter
macie2_describe_organization_configuration

Retrieves the Amazon Macie configuration settings for an organization in Organizations
macie2_delete_invitations

Deletes Amazon Macie membership invitations that were received from specific accounts
macie2_delete_allow_list

Deletes an allow list
macie2_delete_custom_data_identifier

Soft deletes a custom data identifier
macie2_decline_invitations

Declines Amazon Macie membership invitations that were received from specific accounts
macie2_describe_buckets

Retrieves (queries) statistical data and other information about one or more S3 buckets that Amazon Macie monitors and analyzes for an account
macie2_delete_findings_filter

Deletes a findings filter
macie2_delete_member

Deletes the association between an Amazon Macie administrator account and an account
macie2_describe_classification_job

Retrieves the status and settings for a classification job
macie2_disassociate_member

Disassociates an Amazon Macie administrator account from a member account
macie2_enable_macie

Enables Amazon Macie and specifies the configuration settings for a Macie account
macie2_disable_macie

Disables Amazon Macie and deletes all settings and resources for a Macie account
macie2_disable_organization_admin_account

Disables an account as the delegated Amazon Macie administrator account for an organization in Organizations
macie2_get_bucket_statistics

Retrieves (queries) aggregated statistical data about all the S3 buckets that Amazon Macie monitors and analyzes for an account
macie2_get_administrator_account

Retrieves information about the Amazon Macie administrator account for an account
macie2_disassociate_from_administrator_account

Disassociates a member account from its Amazon Macie administrator account
macie2_get_automated_discovery_configuration

Retrieves the configuration settings and status of automated sensitive data discovery for an account
macie2_get_allow_list

Retrieves the settings and status of an allow list
macie2_enable_organization_admin_account

Designates an account as the delegated Amazon Macie administrator account for an organization in Organizations
macie2_disassociate_from_master_account

(Deprecated) Disassociates a member account from its Amazon Macie administrator account
macie2_get_classification_export_configuration

Retrieves the configuration settings for storing data classification results
macie2_get_classification_scope

Retrieves the classification scope settings for an account
macie2_get_findings_filter

Retrieves the criteria and other settings for a findings filter
macie2_get_invitations_count

Retrieves the count of Amazon Macie membership invitations that were received by an account
macie2_get_custom_data_identifier

Retrieves the criteria and other settings for a custom data identifier
macie2_get_master_account

(Deprecated) Retrieves information about the Amazon Macie administrator account for an account
macie2_get_macie_session

Retrieves the status and configuration settings for an Amazon Macie account
macie2_get_findings

Retrieves the details of one or more findings
macie2_get_finding_statistics

Retrieves (queries) aggregated statistical data about findings
macie2_get_findings_publication_configuration

Retrieves the configuration settings for publishing findings to Security Hub
macie2_get_reveal_configuration

Retrieves the status and configuration settings for retrieving occurrences of sensitive data reported by findings
macie2_list_findings_filters

Retrieves a subset of information about all the findings filters for an account
macie2_get_sensitive_data_occurrences_availability

Checks whether occurrences of sensitive data can be retrieved for a finding
macie2_get_resource_profile

Retrieves (queries) sensitive data discovery statistics and the sensitivity score for an S3 bucket
macie2_list_classification_jobs

Retrieves a subset of information about one or more classification jobs
macie2_list_allow_lists

Retrieves a subset of information about all the allow lists for an account
macie2_get_member

Retrieves information about an account that's associated with an Amazon Macie administrator account
macie2_get_usage_statistics

Retrieves (queries) quotas and aggregated usage data for one or more accounts
macie2_list_custom_data_identifiers

Retrieves a subset of information about all the custom data identifiers for an account
macie2_get_sensitive_data_occurrences

Retrieves occurrences of sensitive data reported by a finding
macie2_get_usage_totals

Retrieves (queries) aggregated usage data for an account
macie2_get_sensitivity_inspection_template

Retrieves the settings for the sensitivity inspection template for an account
macie2_list_findings

Retrieves a subset of information about one or more findings
macie2_list_managed_data_identifiers

Retrieves information about all the managed data identifiers that Amazon Macie currently provides
macie2_list_classification_scopes

Retrieves a subset of information about the classification scope for an account
macie2_update_automated_discovery_configuration

Enables or disables automated sensitive data discovery for an account
macie2_tag_resource

Adds or updates one or more tags (keys and values) that are associated with an Amazon Macie resource
macie2_list_organization_admin_accounts

Retrieves information about the delegated Amazon Macie administrator account for an organization in Organizations
macie2_list_invitations

Retrieves information about the Amazon Macie membership invitations that were received by an account
macie2_list_members

Retrieves information about the accounts that are associated with an Amazon Macie administrator account
macie2_list_sensitivity_inspection_templates

Retrieves a subset of information about the sensitivity inspection template for an account
macie2_put_classification_export_configuration

Creates or updates the configuration settings for storing data classification results
macie2_list_resource_profile_detections

Retrieves information about the types and amount of sensitive data that Amazon Macie found in an S3 bucket
macie2_search_resources

Retrieves (queries) statistical data and other information about Amazon Web Services resources that Amazon Macie monitors and analyzes
macie2_test_custom_data_identifier

Tests a custom data identifier
macie2_untag_resource

Removes one or more tags (keys and values) from an Amazon Macie resource
macie2_put_findings_publication_configuration

Updates the configuration settings for publishing findings to Security Hub
macie2_update_allow_list

Updates the settings for an allow list
macie2_list_resource_profile_artifacts

Retrieves information about objects that were selected from an S3 bucket for automated sensitive data discovery
macie2_list_tags_for_resource

Retrieves the tags (keys and values) that are associated with an Amazon Macie resource
macie2_update_resource_profile

Updates the sensitivity score for an S3 bucket
macie2_update_findings_filter

Updates the criteria and other settings for a findings filter
macie2_update_member_session

Enables an Amazon Macie administrator to suspend or re-enable Macie for a member account
macie2_update_resource_profile_detections

Updates the sensitivity scoring settings for an S3 bucket
macie2_update_classification_scope

Updates the classification scope settings for an account
macie2_update_classification_job

Changes the status of a classification job
macie2_update_sensitivity_inspection_template

Updates the settings for the sensitivity inspection template for an account
macie2_update_reveal_configuration

Updates the status and configuration settings for retrieving occurrences of sensitive data reported by findings
macie2_update_organization_configuration

Updates the Amazon Macie configuration settings for an organization in Organizations
macie2_update_macie_session

Suspends or re-enables Amazon Macie, or updates the configuration settings for a Macie account
macie_associate_member_account

(Discontinued) Associates a specified Amazon Web Services account with Amazon Macie Classic as a member account
macie_disassociate_s3_resources

(Discontinued) Removes specified S3 resources from being monitored by Amazon Macie Classic
macie_associate_s3_resources

(Discontinued) Associates specified S3 resources with Amazon Macie Classic for monitoring and data classification
macie_list_s3_resources

(Discontinued) Lists all the S3 resources associated with Amazon Macie Classic
macie_list_member_accounts

(Discontinued) Lists all Amazon Macie Classic member accounts for the current Macie Classic administrator account
macie_disassociate_member_account

(Discontinued) Removes the specified member account from Amazon Macie Classic
macie_update_s3_resources

(Discontinued) Updates the classification types for the specified S3 resources
ram_accept_resource_share_invitation

Accepts an invitation to a resource share from another Amazon Web Services account
ram

AWS Resource Access Manager
ram_associate_resource_share

Adds the specified list of principals and list of resources to a resource share
ram_delete_permission_version

Deletes one version of a customer managed permission
ram_enable_sharing_with_aws_organization

Enables resource sharing within your organization in Organizations
ram_associate_resource_share_permission

Adds or replaces the RAM permission for a resource type included in a resource share
ram_delete_resource_share

Deletes the specified resource share
ram_delete_permission

Deletes the specified customer managed permission in the Amazon Web Services Region in which you call this operation
ram_create_resource_share

Creates a resource share
ram_disassociate_resource_share_permission

Removes a managed permission from a resource share
ram_create_permission

Creates a customer managed permission for a specified resource type that you can attach to resource shares
ram_create_permission_version

Creates a new version of the specified customer managed permission
ram_disassociate_resource_share

Removes the specified principals or resources from participating in the specified resource share
ram_get_resource_share_invitations

Retrieves details about invitations that you have received for resource shares
ram_list_pending_invitation_resources

Lists the resources in a resource share that is shared with you but for which the invitation is still PENDING
ram_get_permission

Retrieves the contents of a managed permission in JSON format
ram_get_resource_shares

Retrieves details about the resource shares that you own or that are shared with you
ram_get_resource_policies

Retrieves the resource policies for the specified resources that you own and have shared
ram_list_permissions

Retrieves a list of available RAM permissions that you can use for the supported resource types
ram_get_resource_share_associations

Retrieves the lists of resources and principals that associated for resource shares that you own
ram_list_permission_versions

Lists the available versions of the specified RAM permission
ram_list_permission_associations

Lists information about the managed permission and its associations to any resource shares that use this managed permission
ram_list_principals

Lists the principals that you are sharing resources with or that are sharing resources with you
ram_promote_resource_share_created_from_policy

When you attach a resource-based policy to a resource, RAM automatically creates a resource share of featureSet=CREATED_FROM_POLICY with a managed permission that has the same IAM permissions as the original resource-based policy
ram_list_replace_permission_associations_work

Retrieves the current status of the asynchronous tasks performed by RAM when you perform the ReplacePermissionAssociationsWork operation
ram_reject_resource_share_invitation

Rejects an invitation to a resource share from another Amazon Web Services account
ram_tag_resource

Adds the specified tag keys and values to a resource share or managed permission
ram_promote_permission_created_from_policy

When you attach a resource-based policy to a resource, RAM automatically creates a resource share of featureSet=CREATED_FROM_POLICY with a managed permission that has the same IAM permissions as the original resource-based policy
ram_list_resource_types

Lists the resource types that can be shared by RAM
ram_replace_permission_associations

Updates all resource shares that use a managed permission to a different managed permission
ram_list_resources

Lists the resources that you added to a resource share or the resources that are shared with you
ram_list_resource_share_permissions

Lists the RAM permissions that are associated with a resource share
ram_set_default_permission_version

Designates the specified version number as the default version for the specified customer managed permission
ram_untag_resource

Removes the specified tag key and value pairs from the specified resource share or managed permission
secretsmanager_cancel_rotate_secret

Turns off automatic rotation, and if a rotation is currently in progress, cancels the rotation
secretsmanager

AWS Secrets Manager
secretsmanager_delete_secret

Deletes a secret and all of its versions
secretsmanager_describe_secret

Retrieves the details of a secret
secretsmanager_get_random_password

Generates a random password
ram_update_resource_share

Modifies some of the properties of the specified resource share
secretsmanager_create_secret

Creates a new secret
reexports

Objects exported from other packages
secretsmanager_delete_resource_policy

Deletes the resource-based permission policy attached to the secret
secretsmanager_put_resource_policy

Attaches a resource-based permission policy to a secret
secretsmanager_replicate_secret_to_regions

Replicates the secret to a new Regions
secretsmanager_get_secret_value

Retrieves the contents of the encrypted fields SecretString or SecretBinary from the specified version of a secret, whichever contains content
secretsmanager_remove_regions_from_replication

For a secret that is replicated to other Regions, deletes the secret replicas from the Regions you specify
secretsmanager_rotate_secret

Configures and starts the asynchronous process of rotating the secret
secretsmanager_list_secrets

Lists the secrets that are stored by Secrets Manager in the Amazon Web Services account, not including secrets that are marked for deletion
secretsmanager_restore_secret

Cancels the scheduled deletion of a secret by removing the DeletedDate time stamp
secretsmanager_get_resource_policy

Retrieves the JSON text of the resource-based policy document attached to the secret
secretsmanager_list_secret_version_ids

Lists the versions of a secret
secretsmanager_put_secret_value

Creates a new version with a new encrypted secret value and attaches it to the secret
secretsmanager_update_secret

Modifies the details of a secret, including metadata and the secret value
securityhub

AWS SecurityHub
securityhub_accept_administrator_invitation

Accepts the invitation to be a member account and be monitored by the Security Hub administrator account that the invitation was sent from
secretsmanager_tag_resource

Attaches tags to a secret
secretsmanager_untag_resource

Removes specific tags from a secret
secretsmanager_validate_resource_policy

Validates that a resource policy does not grant a wide range of principals access to your secret
secretsmanager_update_secret_version_stage

Modifies the staging labels attached to a version of a secret
secretsmanager_stop_replication_to_replica

Removes the link between the replica secret and the primary secret and promotes the replica to a primary secret in the replica Region
securityhub_batch_delete_automation_rules

Deletes one or more automation rules
securityhub_accept_invitation

This method is deprecated
securityhub_batch_update_automation_rules

Updates one or more automation rules based on rule Amazon Resource Names (ARNs) and input parameters
securityhub_batch_get_automation_rules

Retrieves a list of details for automation rules based on rule Amazon Resource Names (ARNs)
securityhub_batch_import_findings

Imports security findings generated by a finding provider into Security Hub
securityhub_batch_get_standards_control_associations

For a batch of security controls and standards, identifies whether each control is currently enabled or disabled in a standard
securityhub_batch_enable_standards

Enables the standards specified by the provided StandardsArn
securityhub_batch_update_standards_control_associations

For a batch of security controls and standards, this operation updates the enablement status of a control in a standard
securityhub_batch_get_security_controls

Provides details about a batch of security controls for the current Amazon Web Services account and Amazon Web Services Region
securityhub_create_action_target

Creates a custom action target in Security Hub
securityhub_batch_update_findings

Used by Security Hub customers to update information about their investigation into a finding
securityhub_delete_finding_aggregator

Deletes a finding aggregator
securityhub_delete_action_target

Deletes a custom action target from Security Hub
securityhub_create_automation_rule

Creates an automation rule based on input parameters
securityhub_create_members

Creates a member association in Security Hub between the specified accounts and the account used to make the request, which is the administrator account
securityhub_delete_insight

Deletes the insight specified by the InsightArn
securityhub_batch_disable_standards

Disables the standards specified by the provided StandardsSubscriptionArns
securityhub_create_finding_aggregator

Used to enable finding aggregation
securityhub_decline_invitations

Declines invitations to become a member account
securityhub_delete_members

Deletes the specified member accounts from Security Hub
securityhub_delete_invitations

Deletes invitations received by the Amazon Web Services account to become a member account
securityhub_create_insight

Creates a custom insight in Security Hub
securityhub_disassociate_from_administrator_account

Disassociates the current Security Hub member account from the associated administrator account
securityhub_describe_standards_controls

Returns a list of security standards controls
securityhub_describe_standards

Returns a list of the available standards in Security Hub
securityhub_disable_import_findings_for_product

Disables the integration of the specified product with Security Hub
securityhub_disable_organization_admin_account

Disables a Security Hub administrator account
securityhub_disable_security_hub

Disables Security Hub in your account only in the current Amazon Web Services Region
securityhub_describe_hub

Returns details about the Hub resource in your account, including the HubArn and the time when you enabled Security Hub
securityhub_describe_organization_configuration

Returns information about the Organizations configuration for Security Hub
securityhub_describe_action_targets

Returns a list of the custom action targets in Security Hub in your account
securityhub_describe_products

Returns information about product integrations in Security Hub
securityhub_get_finding_aggregator

Returns the current finding aggregation configuration
securityhub_get_administrator_account

Provides the details for the Security Hub administrator account for the current member account
securityhub_get_findings

Returns a list of findings that match the specified criteria
securityhub_disassociate_from_master_account

This method is deprecated
securityhub_enable_import_findings_for_product

Enables the integration of a partner product with Security Hub
securityhub_get_enabled_standards

Returns a list of the standards that are currently enabled
securityhub_disassociate_members

Disassociates the specified member accounts from the associated administrator account
securityhub_get_finding_history

Returns history for a Security Hub finding in the last 90 days
securityhub_enable_organization_admin_account

Designates the Security Hub administrator account for an organization
securityhub_enable_security_hub

Enables Security Hub for your account in the current Region or the Region you specify in the request
securityhub_list_enabled_products_for_import

Lists all findings-generating solutions (products) that you are subscribed to receive findings from in Security Hub
securityhub_list_finding_aggregators

If finding aggregation is enabled, then ListFindingAggregators returns the ARN of the finding aggregator
securityhub_invite_members

Invites other Amazon Web Services accounts to become member accounts for the Security Hub administrator account that the invitation is sent from
securityhub_get_members

Returns the details for the Security Hub member accounts for the specified account IDs
securityhub_get_insight_results

Lists the results of the Security Hub insight specified by the insight ARN
securityhub_list_automation_rules

A list of automation rules and their metadata for the calling account
securityhub_get_master_account

This method is deprecated
securityhub_get_invitations_count

Returns the count of all Security Hub membership invitations that were sent to the current member account, not including the currently accepted invitation
securityhub_list_invitations

Lists all Security Hub membership invitations that were sent to the current Amazon Web Services account
securityhub_get_insights

Lists and describes insights for the specified insight ARNs
securityhub_update_findings

UpdateFindings is deprecated
securityhub_update_finding_aggregator

Updates the finding aggregation configuration
securityhub_list_tags_for_resource

Returns a list of tags associated with a resource
securityhub_tag_resource

Adds one or more tags to a resource
securityhub_list_standards_control_associations

Specifies whether a control is currently enabled or disabled in each enabled standard in the calling account
securityhub_update_action_target

Updates the name and description of a custom action target in Security Hub
securityhub_list_organization_admin_accounts

Lists the Security Hub administrator accounts
securityhub_list_security_control_definitions

Lists all of the security controls that apply to a specified standard
securityhub_untag_resource

Removes one or more tags from a resource
securityhub_list_members

Lists details about all member accounts for the current Security Hub administrator account
shield_associate_drt_log_bucket

Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources
shield

AWS Shield
shield_associate_drt_role

Authorizes the Shield Response Team (SRT) using the specified role, to access your Amazon Web Services account to assist with DDoS attack mitigation during potential attacks
shield_create_protection

Enables Shield Advanced for a specific Amazon Web Services resource
securityhub_update_insight

Updates the Security Hub insight identified by the specified insight ARN
securityhub_update_standards_control

Used to control whether an individual security standard control is enabled or disabled
securityhub_update_security_hub_configuration

Updates configuration options for Security Hub
shield_associate_health_check

Adds health-based detection to the Shield Advanced protection for a resource
shield_associate_proactive_engagement_details

Initializes proactive engagement and sets the list of contacts for the Shield Response Team (SRT) to use
securityhub_update_organization_configuration

Used to update the configuration related to Organizations
shield_describe_protection

Lists the details of a Protection object
shield_delete_protection

Deletes an Shield Advanced Protection
shield_create_protection_group

Creates a grouping of protected resources so they can be handled as a collective
shield_delete_subscription

Removes Shield Advanced from an account
shield_describe_attack_statistics

Provides information about the number and type of attacks Shield has detected in the last year for all resources that belong to your account, regardless of whether you've defined Shield protections for them
shield_delete_protection_group

Removes the specified protection group
shield_describe_attack

Describes the details of a DDoS attack
shield_describe_drt_access

Returns the current role and list of Amazon S3 log buckets used by the Shield Response Team (SRT) to access your Amazon Web Services account while assisting with attack mitigation
shield_create_subscription

Activates Shield Advanced for an account
shield_describe_emergency_contact_settings

A list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you if you have proactive engagement enabled, for escalations to the SRT and to initiate proactive customer support
shield_disassociate_health_check

Removes health-based detection from the Shield Advanced protection for a resource
shield_enable_proactive_engagement

Authorizes the Shield Response Team (SRT) to use email and phone to notify contacts about escalations to the SRT and to initiate proactive customer support
shield_enable_application_layer_automatic_response

Enable the Shield Advanced automatic application layer DDoS mitigation for the protected resource
shield_disable_application_layer_automatic_response

Disable the Shield Advanced automatic application layer DDoS mitigation feature for the protected resource
shield_disable_proactive_engagement

Removes authorization from the Shield Response Team (SRT) to notify contacts about escalations to the SRT and to initiate proactive customer support
shield_get_subscription_state

Returns the SubscriptionState, either Active or Inactive
shield_describe_protection_group

Returns the specification for the specified protection group
shield_disassociate_drt_role

Removes the Shield Response Team's (SRT) access to your Amazon Web Services account
shield_disassociate_drt_log_bucket

Removes the Shield Response Team's (SRT) access to the specified Amazon S3 bucket containing the logs that you shared previously
shield_describe_subscription

Provides details about the Shield Advanced subscription for an account
shield_untag_resource

Removes tags from a resource in Shield
shield_list_tags_for_resource

Gets information about Amazon Web Services tags for a specified Amazon Resource Name (ARN) in Shield
shield_update_protection_group

Updates an existing protection group
shield_update_emergency_contact_settings

Updates the details of the list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you if you have proactive engagement enabled, for escalations to the SRT and to initiate proactive customer support
shield_list_protections

Retrieves Protection objects for the account
shield_list_resources_in_protection_group

Retrieves the resources that are included in the protection group
shield_list_attacks

Returns all ongoing DDoS attacks or all DDoS attacks during a specified time period
shield_update_application_layer_automatic_response

Updates an existing Shield Advanced automatic application layer DDoS mitigation configuration for the specified resource
shield_list_protection_groups

Retrieves ProtectionGroup objects for the account
shield_tag_resource

Adds or updates tags for a resource in Shield
sso_list_accounts

Lists all AWS accounts assigned to the user
ssoadmin

AWS Single Sign-On Admin
sso

AWS Single Sign-On
sso_list_account_roles

Lists all roles that are assigned to the user for a given AWS account
ssoadmin_attach_customer_managed_policy_reference_to_permission_set

Attaches the specified customer managed policy to the specified PermissionSet
ssoadmin_create_account_assignment

Assigns access to a principal for a specified AWS account using a specified permission set
sso_get_role_credentials

Returns the STS short-term credentials for a given role name that is assigned to the user
shield_update_subscription

Updates the details of an existing subscription
sso_logout

Removes the locally stored SSO tokens from the client-side cache and sends an API call to the IAM Identity Center service to invalidate the corresponding server-side IAM Identity Center sign in session
ssoadmin_attach_managed_policy_to_permission_set

Attaches an AWS managed policy ARN to a permission set
ssoadmin_delete_permission_set

Deletes the specified permission set
ssoadmin_describe_account_assignment_deletion_status

Describes the status of the assignment deletion request
ssoadmin_get_permissions_boundary_for_permission_set

Obtains the permissions boundary for a specified PermissionSet
ssoadmin_delete_instance_access_control_attribute_configuration

Disables the attributes-based access control (ABAC) feature for the specified IAM Identity Center instance and deletes all of the attribute mappings that have been configured
ssoadmin_create_instance_access_control_attribute_configuration

Enables the attributes-based access control (ABAC) feature for the specified IAM Identity Center instance
ssoadmin_delete_permissions_boundary_from_permission_set

Deletes the permissions boundary from a specified PermissionSet
ssoadmin_describe_instance_access_control_attribute_configuration

Returns the list of IAM Identity Center identity store attributes that have been configured to work with attributes-based access control (ABAC) for the specified IAM Identity Center instance
ssoadmin_delete_inline_policy_from_permission_set

Deletes the inline policy from a specified permission set
ssoadmin_get_inline_policy_for_permission_set

Obtains the inline policy assigned to the permission set
ssoadmin_detach_customer_managed_policy_reference_from_permission_set

Detaches the specified customer managed policy from the specified PermissionSet
ssoadmin_delete_account_assignment

Deletes a principal's access from a specified AWS account using a specified permission set
ssoadmin_describe_permission_set_provisioning_status

Describes the status for the given permission set provisioning request
ssoadmin_list_accounts_for_provisioned_permission_set

Lists all the AWS accounts where the specified permission set is provisioned
ssoadmin_describe_account_assignment_creation_status

Describes the status of the assignment creation request
ssoadmin_describe_permission_set

Gets the details of the permission set
ssoadmin_list_account_assignment_creation_status

Lists the status of the AWS account assignment creation requests for a specified IAM Identity Center instance
ssoadmin_list_account_assignments

Lists the assignee of the specified AWS account with the specified permission set
ssoadmin_detach_managed_policy_from_permission_set

Detaches the attached AWS managed policy ARN from the specified permission set
ssoadmin_create_permission_set

Creates a permission set within a specified IAM Identity Center instance
ssoadmin_list_account_assignment_deletion_status

Lists the status of the AWS account assignment deletion requests for a specified IAM Identity Center instance
ssoadmin_list_managed_policies_in_permission_set

Lists the AWS managed policy that is attached to a specified permission set
ssoadmin_provision_permission_set

The process by which a specified permission set is provisioned to the specified target
ssoadmin_list_permission_sets_provisioned_to_account

Lists all the permission sets that are provisioned to a specified AWS account
ssoadmin_put_inline_policy_to_permission_set

Attaches an inline policy to a permission set
ssoadmin_list_tags_for_resource

Lists the tags that are attached to a specified resource
ssoadmin_list_instances

Lists the IAM Identity Center instances that the caller has access to
ssoadmin_put_permissions_boundary_to_permission_set

Attaches an AWS managed or customer managed policy to the specified PermissionSet as a permissions boundary
ssoadmin_list_permission_sets

Lists the PermissionSets in an IAM Identity Center instance
ssoadmin_list_permission_set_provisioning_status

Lists the status of the permission set provisioning requests for a specified IAM Identity Center instance
ssoadmin_list_customer_managed_policy_references_in_permission_set

Lists all customer managed policies attached to a specified PermissionSet
sts_assume_role

Returns a set of temporary security credentials that you can use to access Amazon Web Services resources
ssooidc

AWS SSO OIDC
ssoadmin_untag_resource

Disassociates a set of tags from a specified resource
ssoadmin_tag_resource

Associates a set of tags with a specified resource
sts

AWS Security Token Service
ssooidc_create_token

Creates and returns an access token for the authorized client
ssooidc_start_device_authorization

Initiates device authorization by requesting a pair of verification codes from the authorization service
ssooidc_register_client

Registers a client with IAM Identity Center
ssoadmin_update_instance_access_control_attribute_configuration

Updates the IAM Identity Center identity store attributes that you can use with the IAM Identity Center instance for attributes-based access control (ABAC)
ssoadmin_update_permission_set

Updates an existing permission set
sts_get_session_token

Returns a set of temporary credentials for an Amazon Web Services account or IAM user
waf

AWS WAF
waf_create_geo_match_set

This is AWS WAF Classic documentation
waf_create_byte_match_set

This is AWS WAF Classic documentation
sts_assume_role_with_saml

Returns a set of temporary security credentials for users who have been authenticated via a SAML authentication response
sts_assume_role_with_web_identity

Returns a set of temporary security credentials for users who have been authenticated in a mobile or web application with a web identity provider
sts_get_caller_identity

Returns details about the IAM user or role whose credentials are used to call the operation
waf_create_ip_set

This is AWS WAF Classic documentation
waf_create_web_acl_migration_stack

Creates an AWS CloudFormation WAFV2 template for the specified web ACL in the specified Amazon S3 bucket
sts_get_federation_token

Returns a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) for a user
waf_create_rate_based_rule

This is AWS WAF Classic documentation
sts_get_access_key_info

Returns the account identifier for the specified access key ID
sts_decode_authorization_message

Decodes additional information about the authorization status of a request from an encoded message returned in response to an Amazon Web Services request
waf_create_sql_injection_match_set

This is AWS WAF Classic documentation
waf_create_regex_match_set

This is AWS WAF Classic documentation
waf_create_rule_group

This is AWS WAF Classic documentation
waf_create_web_acl

This is AWS WAF Classic documentation
waf_delete_logging_configuration

This is AWS WAF Classic documentation
waf_create_size_constraint_set

This is AWS WAF Classic documentation
waf_create_regex_pattern_set

This is AWS WAF Classic documentation
waf_create_rule

This is AWS WAF Classic documentation
waf_delete_regex_pattern_set

This is AWS WAF Classic documentation
waf_delete_permission_policy

This is AWS WAF Classic documentation
waf_delete_ip_set

This is AWS WAF Classic documentation
waf_delete_byte_match_set

This is AWS WAF Classic documentation
waf_delete_regex_match_set

This is AWS WAF Classic documentation
waf_delete_geo_match_set

This is AWS WAF Classic documentation
waf_delete_rule

This is AWS WAF Classic documentation
waf_delete_rate_based_rule

This is AWS WAF Classic documentation
waf_delete_rule_group

This is AWS WAF Classic documentation
waf_delete_size_constraint_set

This is AWS WAF Classic documentation
waf_delete_xss_match_set

This is AWS WAF Classic documentation
waf_create_xss_match_set

This is AWS WAF Classic documentation
waf_get_ip_set

This is AWS WAF Classic documentation
waf_get_byte_match_set

This is AWS WAF Classic documentation
waf_get_change_token

This is AWS WAF Classic documentation
waf_get_geo_match_set

This is AWS WAF Classic documentation
waf_get_change_token_status

This is AWS WAF Classic documentation
waf_delete_web_acl

This is AWS WAF Classic documentation
waf_delete_sql_injection_match_set

This is AWS WAF Classic documentation
waf_get_regex_match_set

This is AWS WAF Classic documentation
waf_get_logging_configuration

This is AWS WAF Classic documentation
waf_get_rate_based_rule

This is AWS WAF Classic documentation
waf_get_permission_policy

This is AWS WAF Classic documentation
waf_get_rate_based_rule_managed_keys

This is AWS WAF Classic documentation
waf_get_sampled_requests

This is AWS WAF Classic documentation
waf_get_size_constraint_set

This is AWS WAF Classic documentation
waf_get_rule_group

This is AWS WAF Classic documentation
waf_get_regex_pattern_set

This is AWS WAF Classic documentation
waf_get_rule

This is AWS WAF Classic documentation
waf_get_web_acl

This is AWS WAF Classic documentation
waf_get_sql_injection_match_set

This is AWS WAF Classic documentation
waf_list_rate_based_rules

This is AWS WAF Classic documentation
waf_get_xss_match_set

This is AWS WAF Classic documentation
waf_list_logging_configurations

This is AWS WAF Classic documentation
waf_list_regex_match_sets

This is AWS WAF Classic documentation
waf_list_activated_rules_in_rule_group

This is AWS WAF Classic documentation
waf_list_geo_match_sets

This is AWS WAF Classic documentation
waf_list_ip_sets

This is AWS WAF Classic documentation
waf_list_byte_match_sets

This is AWS WAF Classic documentation
waf_list_subscribed_rule_groups

This is AWS WAF Classic documentation
waf_list_regex_pattern_sets

This is AWS WAF Classic documentation
waf_list_tags_for_resource

This is AWS WAF Classic documentation
waf_list_sql_injection_match_sets

This is AWS WAF Classic documentation
waf_list_size_constraint_sets

This is AWS WAF Classic documentation
waf_put_logging_configuration

This is AWS WAF Classic documentation
waf_list_rule_groups

This is AWS WAF Classic documentation
waf_list_xss_match_sets

This is AWS WAF Classic documentation
waf_untag_resource

This is AWS WAF Classic documentation
waf_list_rules

This is AWS WAF Classic documentation
waf_update_rule

This is AWS WAF Classic documentation
waf_update_regex_match_set

This is AWS WAF Classic documentation
waf_list_web_ac_ls

This is AWS WAF Classic documentation
waf_update_geo_match_set

This is AWS WAF Classic documentation
waf_put_permission_policy

This is AWS WAF Classic documentation
waf_tag_resource

This is AWS WAF Classic documentation
waf_update_regex_pattern_set

This is AWS WAF Classic documentation
waf_update_byte_match_set

This is AWS WAF Classic documentation
waf_update_ip_set

This is AWS WAF Classic documentation
waf_update_rate_based_rule

This is AWS WAF Classic documentation
waf_update_xss_match_set

This is AWS WAF Classic documentation
wafregional

AWS WAF Regional
wafregional_create_ip_set

This is AWS WAF Classic documentation
waf_update_sql_injection_match_set

This is AWS WAF Classic documentation
wafregional_create_byte_match_set

This is AWS WAF Classic documentation
wafregional_create_geo_match_set

This is AWS WAF Classic documentation
waf_update_web_acl

This is AWS WAF Classic documentation
wafregional_associate_web_acl

This is AWS WAF Classic Regional documentation
waf_update_size_constraint_set

This is AWS WAF Classic documentation
waf_update_rule_group

This is AWS WAF Classic documentation
wafregional_create_regex_match_set

This is AWS WAF Classic documentation
wafregional_create_web_acl

This is AWS WAF Classic documentation
wafregional_create_rule

This is AWS WAF Classic documentation
wafregional_create_rule_group

This is AWS WAF Classic documentation
wafregional_create_sql_injection_match_set

This is AWS WAF Classic documentation
wafregional_create_web_acl_migration_stack

Creates an AWS CloudFormation WAFV2 template for the specified web ACL in the specified Amazon S3 bucket
wafregional_create_size_constraint_set

This is AWS WAF Classic documentation
wafregional_create_rate_based_rule

This is AWS WAF Classic documentation
wafregional_create_regex_pattern_set

This is AWS WAF Classic documentation
wafregional_create_xss_match_set

This is AWS WAF Classic documentation
wafregional_delete_byte_match_set

This is AWS WAF Classic documentation
wafregional_delete_logging_configuration

This is AWS WAF Classic documentation
wafregional_delete_permission_policy

This is AWS WAF Classic documentation
wafregional_delete_geo_match_set

This is AWS WAF Classic documentation
wafregional_delete_ip_set

This is AWS WAF Classic documentation
wafregional_delete_regex_match_set

This is AWS WAF Classic documentation
wafregional_delete_rule_group

This is AWS WAF Classic documentation
wafregional_delete_regex_pattern_set

This is AWS WAF Classic documentation
wafregional_delete_rule

This is AWS WAF Classic documentation
wafregional_delete_rate_based_rule

This is AWS WAF Classic documentation
wafregional_delete_size_constraint_set

This is AWS WAF Classic documentation
wafregional_delete_web_acl

This is AWS WAF Classic documentation
wafregional_get_change_token

This is AWS WAF Classic documentation
wafregional_get_geo_match_set

This is AWS WAF Classic documentation
wafregional_get_change_token_status

This is AWS WAF Classic documentation
wafregional_get_ip_set

This is AWS WAF Classic documentation
wafregional_delete_xss_match_set

This is AWS WAF Classic documentation
wafregional_get_rule

This is AWS WAF Classic documentation
wafregional_get_rate_based_rule

This is AWS WAF Classic documentation
wafregional_disassociate_web_acl

This is AWS WAF Classic Regional documentation
wafregional_get_regex_match_set

This is AWS WAF Classic documentation
wafregional_get_byte_match_set

This is AWS WAF Classic documentation
wafregional_get_regex_pattern_set

This is AWS WAF Classic documentation
wafregional_get_sampled_requests

This is AWS WAF Classic documentation
wafregional_get_rule_group

This is AWS WAF Classic documentation
wafregional_get_size_constraint_set

This is AWS WAF Classic documentation
wafregional_delete_sql_injection_match_set

This is AWS WAF Classic documentation
wafregional_get_logging_configuration

This is AWS WAF Classic documentation
wafregional_get_rate_based_rule_managed_keys

This is AWS WAF Classic documentation
wafregional_list_activated_rules_in_rule_group

This is AWS WAF Classic documentation
wafregional_list_byte_match_sets

This is AWS WAF Classic documentation
wafregional_get_permission_policy

This is AWS WAF Classic documentation
wafregional_list_ip_sets

This is AWS WAF Classic documentation
wafregional_get_web_acl_for_resource

This is AWS WAF Classic Regional documentation
wafregional_list_logging_configurations

This is AWS WAF Classic documentation
wafregional_get_web_acl

This is AWS WAF Classic documentation
wafregional_list_geo_match_sets

This is AWS WAF Classic documentation
wafregional_list_rate_based_rules

This is AWS WAF Classic documentation
wafregional_get_xss_match_set

This is AWS WAF Classic documentation
wafregional_get_sql_injection_match_set

This is AWS WAF Classic documentation
wafregional_list_sql_injection_match_sets

This is AWS WAF Classic documentation
wafregional_list_size_constraint_sets

This is AWS WAF Classic documentation
wafregional_list_rules

This is AWS WAF Classic documentation
wafregional_list_resources_for_web_acl

This is AWS WAF Classic Regional documentation
wafregional_list_rule_groups

This is AWS WAF Classic documentation
wafregional_list_regex_match_sets

This is AWS WAF Classic documentation
wafregional_list_regex_pattern_sets

This is AWS WAF Classic documentation
wafregional_list_web_ac_ls

This is AWS WAF Classic documentation
wafregional_put_permission_policy

This is AWS WAF Classic documentation
wafregional_list_tags_for_resource

This is AWS WAF Classic documentation
wafregional_update_ip_set

This is AWS WAF Classic documentation
wafregional_tag_resource

This is AWS WAF Classic documentation
wafregional_update_geo_match_set

This is AWS WAF Classic documentation
wafregional_list_xss_match_sets

This is AWS WAF Classic documentation
wafregional_update_byte_match_set

This is AWS WAF Classic documentation
wafregional_put_logging_configuration

This is AWS WAF Classic documentation
wafregional_update_regex_match_set

This is AWS WAF Classic documentation
wafregional_update_rate_based_rule

This is AWS WAF Classic documentation
wafregional_list_subscribed_rule_groups

This is AWS WAF Classic documentation
wafregional_untag_resource

This is AWS WAF Classic documentation
wafregional_update_rule_group

This is AWS WAF Classic documentation
wafregional_update_xss_match_set

This is AWS WAF Classic documentation
wafv2_associate_web_acl

Associates a web ACL with a regional application resource, to protect the resource
wafregional_update_sql_injection_match_set

This is AWS WAF Classic documentation
wafv2

AWS WAFV2
wafregional_update_rule

This is AWS WAF Classic documentation
wafregional_update_regex_pattern_set

This is AWS WAF Classic documentation
wafv2_check_capacity

Returns the web ACL capacity unit (WCU) requirements for a specified scope and set of rules
wafregional_update_web_acl

This is AWS WAF Classic documentation
wafregional_update_size_constraint_set

This is AWS WAF Classic documentation
wafv2_create_web_acl

Creates a WebACL per the specifications provided
wafv2_delete_regex_pattern_set

Deletes the specified RegexPatternSet
wafv2_create_api_key

Creates an API key that contains a set of token domains
wafv2_create_rule_group

Creates a RuleGroup per the specifications provided
wafv2_create_ip_set

Creates an IPSet, which you use to identify web requests that originate from specific IP addresses or ranges of IP addresses
wafv2_delete_permission_policy

Permanently deletes an IAM policy from the specified rule group
wafv2_delete_firewall_manager_rule_groups

Deletes all rule groups that are managed by Firewall Manager for the specified web ACL
wafv2_delete_logging_configuration

Deletes the LoggingConfiguration from the specified web ACL
wafv2_create_regex_pattern_set

Creates a RegexPatternSet, which you reference in a RegexPatternSetReferenceStatement, to have WAF inspect a web request component for the specified patterns
wafv2_describe_managed_rule_group

Provides high-level information for a managed rule group, including descriptions of the rules
wafv2_delete_rule_group

Deletes the specified RuleGroup
wafv2_delete_ip_set

Deletes the specified IPSet
wafv2_get_logging_configuration

Returns the LoggingConfiguration for the specified web ACL
wafv2_disassociate_web_acl

Disassociates the specified regional application resource from any existing web ACL association
wafv2_delete_web_acl

Deletes the specified WebACL
wafv2_get_ip_set

Retrieves the specified IPSet
wafv2_generate_mobile_sdk_release_url

Generates a presigned download URL for the specified release of the mobile SDK
wafv2_get_decrypted_api_key

Returns your API key in decrypted form
wafv2_describe_managed_products_by_vendor

Provides high-level information for the managed rule groups owned by a specific vendor
wafv2_describe_all_managed_products

Provides high-level information for the Amazon Web Services Managed Rules rule groups and Amazon Web Services Marketplace managed rule groups
wafv2_get_rule_group

Retrieves the specified RuleGroup
wafv2_get_permission_policy

Returns the IAM policy that is attached to the specified rule group
wafv2_get_regex_pattern_set

Retrieves the specified RegexPatternSet
wafv2_get_rate_based_statement_managed_keys

Retrieves the IP addresses that are currently blocked by a rate-based rule instance
wafv2_get_sampled_requests

Gets detailed information about a specified number of requests--a sample--that WAF randomly selects from among the first 5,000 requests that your Amazon Web Services resource received during a time range that you choose
wafv2_get_mobile_sdk_release

Retrieves information for the specified mobile SDK release, including release notes and tags
wafv2_get_web_acl

Retrieves the specified WebACL
wafv2_list_api_keys

Retrieves a list of the API keys that you've defined for the specified scope
wafv2_get_managed_rule_set

Retrieves the specified managed rule set
wafv2_list_mobile_sdk_releases

Retrieves a list of the available releases for the mobile SDK and the specified device platform
wafv2_get_web_acl_for_resource

Retrieves the WebACL for the specified resource
wafv2_list_managed_rule_sets

Retrieves the managed rule sets that you own
wafv2_list_available_managed_rule_groups

Retrieves an array of managed rule groups that are available for you to use
wafv2_list_regex_pattern_sets

Retrieves an array of RegexPatternSetSummary objects for the regex pattern sets that you manage
wafv2_list_ip_sets

Retrieves an array of IPSetSummary objects for the IP sets that you manage
wafv2_list_logging_configurations

Retrieves an array of your LoggingConfiguration objects
wafv2_list_available_managed_rule_group_versions

Returns a list of the available versions for the specified managed rule group
wafv2_list_tags_for_resource

Retrieves the TagInfoForResource for the specified resource
wafv2_list_rule_groups

Retrieves an array of RuleGroupSummary objects for the rule groups that you manage
wafv2_list_resources_for_web_acl

Retrieves an array of the Amazon Resource Names (ARNs) for the regional resources that are associated with the specified web ACL
wafv2_untag_resource

Disassociates tags from an Amazon Web Services resource
wafv2_update_regex_pattern_set

Updates the specified RegexPatternSet
wafv2_update_managed_rule_set_version_expiry_date

Updates the expiration information for your managed rule set
wafv2_update_rule_group

Updates the specified RuleGroup
wafv2_update_ip_set

Updates the specified IPSet
wafv2_tag_resource

Associates tags with the specified Amazon Web Services resource
wafv2_put_permission_policy

Attaches an IAM policy to the specified resource
wafv2_put_managed_rule_set_versions

Defines the versions of your managed rule set that you are offering to the customers
wafv2_put_logging_configuration

Enables the specified LoggingConfiguration, to start logging from a web ACL, according to the configuration provided
wafv2_list_web_ac_ls

Retrieves an array of WebACLSummary objects for the web ACLs that you manage
wafv2_update_web_acl

Updates the specified WebACL