amazonka-iam-0.3.3: Amazon Identity and Access Management SDK.

Safe HaskellNone
LanguageHaskell2010

Network.AWS.IAM.Types

Contents

Synopsis

Service

data IAM Source

Version 2010-05-08 of the Amazon Identity and Access Management service.

Instances

AWSService IAM 
type Er IAM = RESTError 
type Sg IAM = V4 

Error

data RESTError :: *

Instances

Eq RESTError 
Show RESTError 
Generic RESTError 
AWSErrorCode RESTError 
FromXML RESTError 
type Rep RESTError = D1 D1RESTError (C1 C1_0RESTError ((:*:) ((:*:) (S1 S1_0_0RESTError (Rec0 Text)) (S1 S1_0_1RESTError (Rec0 (Maybe ErrorType)))) ((:*:) (S1 S1_0_2RESTError (Rec0 ErrorCode)) (S1 S1_0_3RESTError (Rec0 Text))))) 

XML

ns :: Text Source

PolicyRole

data PolicyRole Source

Instances

policyRole :: PolicyRole Source

PolicyRole constructor.

The fields accessible through corresponding lenses are:

prRoleName :: Lens' PolicyRole (Maybe Text) Source

The name (friendly name, not ARN) identifying the role.

AssignmentStatusType

data AssignmentStatusType Source

Constructors

Any

Any

Assigned

Assigned

Unassigned

Unassigned

Instances

PasswordPolicy

data PasswordPolicy Source

Instances

passwordPolicy :: PasswordPolicy Source

PasswordPolicy constructor.

The fields accessible through corresponding lenses are:

ppAllowUsersToChangePassword :: Lens' PasswordPolicy (Maybe Bool) Source

Specifies whether IAM users are allowed to change their own password.

ppExpirePasswords :: Lens' PasswordPolicy (Maybe Bool) Source

Specifies whether IAM users are required to change their password after a specified number of days.

ppHardExpiry :: Lens' PasswordPolicy (Maybe Bool) Source

Specifies whether IAM users are prevented from setting a new password after their password has expired.

ppMaxPasswordAge :: Lens' PasswordPolicy (Maybe Natural) Source

The number of days that an IAM user password is valid.

ppMinimumPasswordLength :: Lens' PasswordPolicy (Maybe Natural) Source

Minimum length to require for IAM user passwords.

ppPasswordReusePrevention :: Lens' PasswordPolicy (Maybe Natural) Source

Specifies the number of previous passwords that IAM users are prevented from reusing.

ppRequireLowercaseCharacters :: Lens' PasswordPolicy (Maybe Bool) Source

Specifies whether to require lowercase characters for IAM user passwords.

ppRequireNumbers :: Lens' PasswordPolicy (Maybe Bool) Source

Specifies whether to require numbers for IAM user passwords.

ppRequireSymbols :: Lens' PasswordPolicy (Maybe Bool) Source

Specifies whether to require symbols for IAM user passwords.

ppRequireUppercaseCharacters :: Lens' PasswordPolicy (Maybe Bool) Source

Specifies whether to require uppercase characters for IAM user passwords.

Group

data Group Source

Instances

group Source

Arguments

:: Text

gPath

-> Text

gGroupName

-> Text

gGroupId

-> Text

gArn

-> UTCTime

gCreateDate

-> Group 

Group constructor.

The fields accessible through corresponding lenses are:

gArn :: Lens' Group Text Source

The Amazon Resource Name (ARN) specifying the group. For more information about ARNs and how to use them in policies, see IAM Identifiers in the UsingIAM guide.

gCreateDate :: Lens' Group UTCTime Source

The date and time, in ISO 8601 date-time format, when the group was created.

gGroupId :: Lens' Group Text Source

The stable and unique string identifying the group. For more information about IDs, see IAM Identifiers in the Using IAM guide.

gGroupName :: Lens' Group Text Source

The friendly name that identifies the group.

gPath :: Lens' Group Text Source

The path to the group. For more information about paths, see IAM Identifiers in the Using IAM guide.

AttachedPolicy

data AttachedPolicy Source

Instances

attachedPolicy :: AttachedPolicy Source

AttachedPolicy constructor.

The fields accessible through corresponding lenses are:

apPolicyArn :: Lens' AttachedPolicy (Maybe Text) Source

apPolicyName :: Lens' AttachedPolicy (Maybe Text) Source

The friendly name of the attached policy.

MFADevice

data MFADevice Source

Instances

mfadevice Source

Arguments

:: Text

mfadUserName

-> Text

mfadSerialNumber

-> UTCTime

mfadEnableDate

-> MFADevice 

MFADevice constructor.

The fields accessible through corresponding lenses are:

mfadEnableDate :: Lens' MFADevice UTCTime Source

The date when the MFA device was enabled for the user.

mfadSerialNumber :: Lens' MFADevice Text Source

The serial number that uniquely identifies the MFA device. For virtual MFA devices, the serial number is the device ARN.

mfadUserName :: Lens' MFADevice Text Source

The user with whom the MFA device is associated.

PolicyVersion

data PolicyVersion Source

Instances

policyVersion :: PolicyVersion Source

PolicyVersion constructor.

The fields accessible through corresponding lenses are:

pvCreateDate :: Lens' PolicyVersion (Maybe UTCTime) Source

The date and time, in ISO 8601 date-time format, when the policy version was created.

pvDocument :: Lens' PolicyVersion (Maybe Text) Source

The policy document.

The policy document is returned in the response to the GetPolicyVersion operation. It is not included in the response to the ListPolicyVersions operation.

pvIsDefaultVersion :: Lens' PolicyVersion (Maybe Bool) Source

Specifies whether the policy version is set as the policy's default version.

pvVersionId :: Lens' PolicyVersion (Maybe Text) Source

The identifier for the policy version.

Policy version identifiers always begin with v (always lowercase). When a policy is created, the first policy version is v1.

InstanceProfile

data InstanceProfile Source

Instances

instanceProfile Source

Arguments

:: Text

ipPath

-> Text

ipInstanceProfileName

-> Text

ipInstanceProfileId

-> Text

ipArn

-> UTCTime

ipCreateDate

-> InstanceProfile 

InstanceProfile constructor.

The fields accessible through corresponding lenses are:

ipArn :: Lens' InstanceProfile Text Source

The Amazon Resource Name (ARN) specifying the instance profile. For more information about ARNs and how to use them in policies, see IAM Identifiers in the Using IAM guide.

ipCreateDate :: Lens' InstanceProfile UTCTime Source

The date when the instance profile was created.

ipInstanceProfileId :: Lens' InstanceProfile Text Source

The stable and unique string identifying the instance profile. For more information about IDs, see IAM Identifiers in the Using IAM guide.

ipInstanceProfileName :: Lens' InstanceProfile Text Source

The name identifying the instance profile.

ipPath :: Lens' InstanceProfile Text Source

The path to the instance profile. For more information about paths, see IAMIdentifiers in the Using IAM guide.

ipRoles :: Lens' InstanceProfile [Role] Source

The role associated with the instance profile.

RoleDetail

data RoleDetail Source

Instances

roleDetail :: RoleDetail Source

RoleDetail constructor.

The fields accessible through corresponding lenses are:

rdArn :: Lens' RoleDetail (Maybe Text) Source

rdAssumeRolePolicyDocument :: Lens' RoleDetail (Maybe Text) Source

The trust policy that grants permission to assume the role.

The returned policy is URL-encoded according to RFC 3986.

rdCreateDate :: Lens' RoleDetail (Maybe UTCTime) Source

The date and time, in ISO 8601 date-time format, when the role was created.

rdInstanceProfileList :: Lens' RoleDetail [InstanceProfile] Source

rdPath :: Lens' RoleDetail (Maybe Text) Source

The path to the role. For more information about paths, see IAM Identifiers in the Using IAM guide.

rdRoleId :: Lens' RoleDetail (Maybe Text) Source

The stable and unique string identifying the role. For more information about IDs, see IAM Identifiers in the Using IAM guide.

rdRoleName :: Lens' RoleDetail (Maybe Text) Source

The friendly name that identifies the role.

rdRolePolicyList :: Lens' RoleDetail [PolicyDetail] Source

A list of the role's access (permissions) policies.

ReportFormatType

data ReportFormatType Source

Constructors

TextCsv

text/csv

Instances

ServerCertificateMetadata

data ServerCertificateMetadata Source

Instances

serverCertificateMetadata Source

Arguments

:: Text

scmPath

-> Text

scmServerCertificateName

-> Text

scmServerCertificateId

-> Text

scmArn

-> ServerCertificateMetadata 

ServerCertificateMetadata constructor.

The fields accessible through corresponding lenses are:

scmArn :: Lens' ServerCertificateMetadata Text Source

The Amazon Resource Name (ARN) specifying the server certificate. For more information about ARNs and how to use them in policies, see IAM Identifiers in the Using IAM guide.

scmExpiration :: Lens' ServerCertificateMetadata (Maybe UTCTime) Source

The date on which the certificate is set to expire.

scmPath :: Lens' ServerCertificateMetadata Text Source

The path to the server certificate. For more information about paths, see IAM Identifiers in the Using IAM guide.

scmServerCertificateId :: Lens' ServerCertificateMetadata Text Source

The stable and unique string identifying the server certificate. For more information about IDs, see IAM Identifiers in the Using IAM guide.

scmServerCertificateName :: Lens' ServerCertificateMetadata Text Source

The name that identifies the server certificate.

scmUploadDate :: Lens' ServerCertificateMetadata (Maybe UTCTime) Source

The date when the server certificate was uploaded.

OpenIDConnectProviderListEntry

data OpenIDConnectProviderListEntry Source

Instances

openIDConnectProviderListEntry :: OpenIDConnectProviderListEntry Source

OpenIDConnectProviderListEntry constructor.

The fields accessible through corresponding lenses are:

oidcpleArn :: Lens' OpenIDConnectProviderListEntry (Maybe Text) Source

LoginProfile

data LoginProfile Source

Instances

loginProfile Source

Arguments

:: Text

lpUserName

-> UTCTime

lpCreateDate

-> LoginProfile 

LoginProfile constructor.

The fields accessible through corresponding lenses are:

lpCreateDate :: Lens' LoginProfile UTCTime Source

The date when the password for the user was created.

lpPasswordResetRequired :: Lens' LoginProfile (Maybe Bool) Source

Specifies whether the user is required to set a new password on next sign-in.

lpUserName :: Lens' LoginProfile Text Source

The name of the user, which can be used for signing in to the AWS Management Console.

EntityType

data EntityType Source

Constructors

ETGroup

Group

ETRole

Role

ETUser

User

Instances

SummaryKeyType

data SummaryKeyType Source

Constructors

AccessKeysPerUserQuota

AccessKeysPerUserQuota

AccountAccessKeysPresent

AccountAccessKeysPresent

AccountMFAEnabled

AccountMFAEnabled

AccountSigningCertificatesPresent

AccountSigningCertificatesPresent

AttachedPoliciesPerGroupQuota

AttachedPoliciesPerGroupQuota

AttachedPoliciesPerRoleQuota

AttachedPoliciesPerRoleQuota

AttachedPoliciesPerUserQuota

AttachedPoliciesPerUserQuota

GroupPolicySizeQuota

GroupPolicySizeQuota

Groups

Groups

GroupsPerUserQuota

GroupsPerUserQuota

GroupsQuota

GroupsQuota

MFADevices

MFADevices

MFADevicesInUse

MFADevicesInUse

Policies

Policies

PoliciesQuota

PoliciesQuota

PolicySizeQuota

PolicySizeQuota

PolicyVersionsInUse

PolicyVersionsInUse

PolicyVersionsInUseQuota

PolicyVersionsInUseQuota

ServerCertificates

ServerCertificates

ServerCertificatesQuota

ServerCertificatesQuota

SigningCertificatesPerUserQuota

SigningCertificatesPerUserQuota

UserPolicySizeQuota

UserPolicySizeQuota

Users

Users

UsersQuota

UsersQuota

VersionsPerPolicyQuota

VersionsPerPolicyQuota

Instances

GroupDetail

data GroupDetail Source

Instances

groupDetail :: GroupDetail Source

GroupDetail constructor.

The fields accessible through corresponding lenses are:

gdArn :: Lens' GroupDetail (Maybe Text) Source

gdCreateDate :: Lens' GroupDetail (Maybe UTCTime) Source

The date and time, in ISO 8601 date-time format, when the group was created.

gdGroupId :: Lens' GroupDetail (Maybe Text) Source

The stable and unique string identifying the group. For more information about IDs, see IAM Identifiers in the Using IAM guide.

gdGroupName :: Lens' GroupDetail (Maybe Text) Source

The friendly name that identifies the group.

gdGroupPolicyList :: Lens' GroupDetail [PolicyDetail] Source

A list of the group's policies.

gdPath :: Lens' GroupDetail (Maybe Text) Source

The path to the group. For more information about paths, see IAM Identifiers in the Using IAM guide.

ReportStateType

data ReportStateType Source

Constructors

Complete

COMPLETE

Inprogress

INPROGRESS

Started

STARTED

Instances

User

data User Source

Instances

user Source

Arguments

:: Text

uPath

-> Text

uUserName

-> Text

uUserId

-> Text

uArn

-> UTCTime

uCreateDate

-> User 

User constructor.

The fields accessible through corresponding lenses are:

uArn :: Lens' User Text Source

The Amazon Resource Name (ARN) that identifies the user. For more information about ARNs and how to use ARNs in policies, see IAM Identifiers in the UsingIAM guide.

uCreateDate :: Lens' User UTCTime Source

The date and time, in ISO 8601 date-time format, when the user was created.

uPasswordLastUsed :: Lens' User (Maybe UTCTime) Source

The date and time, in ISO 8601 date-time format, when the user's password was last used to sign in to an AWS website. For a list of AWS websites that capture a user's last sign-in time, see the Credential Reports topic in the Using IAM guide. If a password is used more than once in a five-minute span, only the first use is returned in this field. When the user does not have a password, this field is null (not present). When a user's password exists but has never been used, or when there is no sign-in data associated with the user, this field is null (not present).

This value is returned only in the GetUser and ListUsers actions.

uPath :: Lens' User Text Source

The path to the user. For more information about paths, see IAM Identifiers in the Using IAM guide.

uUserId :: Lens' User Text Source

The stable and unique string identifying the user. For more information about IDs, see IAM Identifiers in the Using IAM guide.

uUserName :: Lens' User Text Source

The friendly name identifying the user.

PolicyDetail

data PolicyDetail Source

Instances

policyDetail :: PolicyDetail Source

PolicyDetail constructor.

The fields accessible through corresponding lenses are:

pdPolicyDocument :: Lens' PolicyDetail (Maybe Text) Source

The policy document.

The returned policy is URL-encoded according to RFC 3986.

pdPolicyName :: Lens' PolicyDetail (Maybe Text) Source

The name of the policy.

StatusType

data StatusType Source

Constructors

Active

Active

Inactive

Inactive

Instances

SAMLProviderListEntry

data SAMLProviderListEntry Source

Instances

samlproviderListEntry :: SAMLProviderListEntry Source

SAMLProviderListEntry constructor.

The fields accessible through corresponding lenses are:

samlpleArn :: Lens' SAMLProviderListEntry (Maybe Text) Source

The Amazon Resource Name (ARN) of the SAML provider.

samlpleCreateDate :: Lens' SAMLProviderListEntry (Maybe UTCTime) Source

The date and time when the SAML provider was created.

samlpleValidUntil :: Lens' SAMLProviderListEntry (Maybe UTCTime) Source

The expiration date and time for the SAML provider.

Role

data Role Source

Instances

role Source

Arguments

:: Text

rPath

-> Text

rRoleName

-> Text

rRoleId

-> Text

rArn

-> UTCTime

rCreateDate

-> Role 

Role constructor.

The fields accessible through corresponding lenses are:

rArn :: Lens' Role Text Source

The Amazon Resource Name (ARN) specifying the role. For more information about ARNs and how to use them in policies, see IAM Identifiers in the UsingIAM guide.

rAssumeRolePolicyDocument :: Lens' Role (Maybe Text) Source

The policy that grants an entity permission to assume the role.

The returned policy is URL-encoded according to RFC 3986.

rCreateDate :: Lens' Role UTCTime Source

The date and time, in ISO 8601 date-time format, when the role was created.

rPath :: Lens' Role Text Source

The path to the role. For more information about paths, see IAM Identifiers in the Using IAM guide.

rRoleId :: Lens' Role Text Source

The stable and unique string identifying the role. For more information about IDs, see IAM Identifiers in the Using IAM guide.

rRoleName :: Lens' Role Text Source

The friendly name that identifies the role.

PolicyGroup

data PolicyGroup Source

Instances

policyGroup :: PolicyGroup Source

PolicyGroup constructor.

The fields accessible through corresponding lenses are:

pgGroupName :: Lens' PolicyGroup (Maybe Text) Source

The name (friendly name, not ARN) identifying the group.

PolicyScopeType

data PolicyScopeType Source

Constructors

All

All

Aws

AWS

Local

Local

Instances

UserDetail

data UserDetail Source

Instances

userDetail :: UserDetail Source

UserDetail constructor.

The fields accessible through corresponding lenses are:

udArn :: Lens' UserDetail (Maybe Text) Source

udCreateDate :: Lens' UserDetail (Maybe UTCTime) Source

The date and time, in ISO 8601 date-time format, when the user was created.

udGroupList :: Lens' UserDetail [Text] Source

A list of IAM groups that the user is in.

udPath :: Lens' UserDetail (Maybe Text) Source

The path to the user. For more information about paths, see IAM Identifiers in the Using IAM guide.

udUserId :: Lens' UserDetail (Maybe Text) Source

The stable and unique string identifying the user. For more information about IDs, see IAM Identifiers in the Using IAM guide.

udUserName :: Lens' UserDetail (Maybe Text) Source

The friendly name identifying the user.

udUserPolicyList :: Lens' UserDetail [PolicyDetail] Source

A list of the user's policies.

Policy

data Policy Source

Instances

policy :: Policy Source

Policy constructor.

The fields accessible through corresponding lenses are:

pArn :: Lens' Policy (Maybe Text) Source

pAttachmentCount :: Lens' Policy (Maybe Int) Source

The number of entities (users, groups, and roles) that the policy is attached to.

pCreateDate :: Lens' Policy (Maybe UTCTime) Source

The date and time, in ISO 8601 date-time format, when the policy was created.

pDefaultVersionId :: Lens' Policy (Maybe Text) Source

The identifier for the version of the policy that is set as the default version.

pDescription :: Lens' Policy (Maybe Text) Source

A friendly description of the policy.

This element is included in the response to the GetPolicy operation. It is not included in the response to the ListPolicies operation.

pIsAttachable :: Lens' Policy (Maybe Bool) Source

Specifies whether the policy can be attached to an IAM user, group, or role.

pPath :: Lens' Policy (Maybe Text) Source

The path to the policy.

For more information about paths, see IAM Identifiers in the Using IAM guide.

pPolicyId :: Lens' Policy (Maybe Text) Source

The stable and unique string identifying the policy.

For more information about IDs, see IAM Identifiers in the Using IAM guide.

pPolicyName :: Lens' Policy (Maybe Text) Source

The friendly name (not ARN) identifying the policy.

pUpdateDate :: Lens' Policy (Maybe UTCTime) Source

The date and time, in ISO 8601 date-time format, when the policy was last updated.

When a policy has only one version, this field contains the date and time when the policy was created. When a policy has more than one version, this field contains the date and time when the most recent policy version was created.

ServerCertificate

data ServerCertificate Source

Instances

serverCertificate Source

Arguments

:: ServerCertificateMetadata

scServerCertificateMetadata

-> Text

scCertificateBody

-> ServerCertificate 

ServerCertificate constructor.

The fields accessible through corresponding lenses are:

scCertificateBody :: Lens' ServerCertificate Text Source

The contents of the public key certificate.

scCertificateChain :: Lens' ServerCertificate (Maybe Text) Source

The contents of the public key certificate chain.

scServerCertificateMetadata :: Lens' ServerCertificate ServerCertificateMetadata Source

The meta information of the server certificate, such as its name, path, ID, and ARN.

AccessKey

data AccessKey Source

Instances

accessKey Source

Arguments

:: Text

akUserName

-> Text

akAccessKeyId

-> StatusType

akStatus

-> Text

akSecretAccessKey

-> AccessKey 

AccessKey constructor.

The fields accessible through corresponding lenses are:

akAccessKeyId :: Lens' AccessKey Text Source

The ID for this access key.

akCreateDate :: Lens' AccessKey (Maybe UTCTime) Source

The date when the access key was created.

akSecretAccessKey :: Lens' AccessKey Text Source

The secret key used to sign requests.

akStatus :: Lens' AccessKey StatusType Source

The status of the access key. Active means the key is valid for API calls, while Inactive means it is not.

akUserName :: Lens' AccessKey Text Source

The name of the IAM user that the access key is associated with.

VirtualMFADevice

data VirtualMFADevice Source

Instances

virtualMFADevice Source

Arguments

:: Text

vmfadSerialNumber

-> VirtualMFADevice 

VirtualMFADevice constructor.

The fields accessible through corresponding lenses are:

vmfadBase32StringSeed :: Lens' VirtualMFADevice (Maybe Base64) Source

The Base32 seed defined as specified in RFC3548. The Base32StringSeed is Base64-encoded.

vmfadEnableDate :: Lens' VirtualMFADevice (Maybe UTCTime) Source

The date and time on which the virtual MFA device was enabled.

vmfadQRCodePNG :: Lens' VirtualMFADevice (Maybe Base64) Source

A QR code PNG image that encodes 'otpauth://totp/$virtualMFADeviceName@$AccountName?secret=$Base32String' where '$virtualMFADeviceName' is one of the create call arguments, AccountName is the user name if set (otherwise, the account ID otherwise), and Base32String is the seed in Base32 format. The Base32String value is Base64-encoded.

vmfadSerialNumber :: Lens' VirtualMFADevice Text Source

The serial number associated with VirtualMFADevice.

vmfadUser :: Lens' VirtualMFADevice (Maybe User) Source

SigningCertificate

data SigningCertificate Source

Instances

signingCertificate Source

Arguments

:: Text

sc1UserName

-> Text

sc1CertificateId

-> Text

sc1CertificateBody

-> StatusType

sc1Status

-> SigningCertificate 

SigningCertificate constructor.

The fields accessible through corresponding lenses are:

sc1CertificateBody :: Lens' SigningCertificate Text Source

The contents of the signing certificate.

sc1CertificateId :: Lens' SigningCertificate Text Source

The ID for the signing certificate.

sc1Status :: Lens' SigningCertificate StatusType Source

The status of the signing certificate. Active means the key is valid for API calls, while Inactive means it is not.

sc1UploadDate :: Lens' SigningCertificate (Maybe UTCTime) Source

The date when the signing certificate was uploaded.

sc1UserName :: Lens' SigningCertificate Text Source

The name of the user the signing certificate is associated with.

AccessKeyMetadata

data AccessKeyMetadata Source

Instances

accessKeyMetadata :: AccessKeyMetadata Source

AccessKeyMetadata constructor.

The fields accessible through corresponding lenses are:

akmAccessKeyId :: Lens' AccessKeyMetadata (Maybe Text) Source

The ID for this access key.

akmCreateDate :: Lens' AccessKeyMetadata (Maybe UTCTime) Source

The date when the access key was created.

akmStatus :: Lens' AccessKeyMetadata (Maybe StatusType) Source

The status of the access key. Active means the key is valid for API calls; Inactive means it is not.

akmUserName :: Lens' AccessKeyMetadata (Maybe Text) Source

The name of the IAM user that the key is associated with.

PolicyUser

data PolicyUser Source

Instances

policyUser :: PolicyUser Source

PolicyUser constructor.

The fields accessible through corresponding lenses are:

puUserName :: Lens' PolicyUser (Maybe Text) Source

The name (friendly name, not ARN) identifying the user.