{-# LANGUAGE OverloadedStrings #-} -- Derived from AWS service descriptions, licensed under Apache 2.0. -- | -- Module : Network.AWS.IAM.Types -- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay -- Stability : auto-generated -- Portability : non-portable (GHC extensions) -- module Network.AWS.IAM.Types ( -- * Service Configuration iam -- * Errors , _CredentialReportNotPresentException , _CredentialReportNotReadyException , _MalformedPolicyDocumentException , _EntityAlreadyExistsException , _MalformedCertificateException , _CredentialReportExpiredException , _UnmodifiableEntityException , _DuplicateCertificateException , _DeleteConflictException , _NoSuchEntityException , _InvalidCertificateException , _PolicyNotAttachableException , _ServiceNotSupportedException , _UnrecognizedPublicKeyEncodingException , _InvalidUserTypeException , _ServiceFailureException , _InvalidInputException , _InvalidPublicKeyException , _InvalidAuthenticationCodeException , _EntityTemporarilyUnmodifiableException , _DuplicateSSHPublicKeyException , _KeyPairMismatchException , _PolicyEvaluationException , _PasswordPolicyViolationException , _LimitExceededException -- * AssignmentStatusType , AssignmentStatusType (..) -- * ContextKeyTypeEnum , ContextKeyTypeEnum (..) -- * DeletionTaskStatusType , DeletionTaskStatusType (..) -- * EncodingType , EncodingType (..) -- * EntityType , EntityType (..) -- * PolicyEvaluationDecisionType , PolicyEvaluationDecisionType (..) -- * PolicyScopeType , PolicyScopeType (..) -- * PolicySourceType , PolicySourceType (..) -- * ReportFormatType , ReportFormatType (..) -- * ReportStateType , ReportStateType (..) -- * StatusType , StatusType (..) -- * SummaryKeyType , SummaryKeyType (..) -- * AccessKeyInfo , AccessKeyInfo , accessKeyInfo , akiCreateDate , akiUserName , akiAccessKeyId , akiStatus , akiSecretAccessKey -- * AccessKeyLastUsed , AccessKeyLastUsed , accessKeyLastUsed , akluLastUsedDate , akluServiceName , akluRegion -- * AccessKeyMetadata , AccessKeyMetadata , accessKeyMetadata , akmStatus , akmCreateDate , akmUserName , akmAccessKeyId -- * AttachedPolicy , AttachedPolicy , attachedPolicy , apPolicyName , apPolicyARN -- * ContextEntry , ContextEntry , contextEntry , ceContextKeyValues , ceContextKeyName , ceContextKeyType -- * DeletionTaskFailureReasonType , DeletionTaskFailureReasonType , deletionTaskFailureReasonType , dtfrtRoleUsageList , dtfrtReason -- * EvaluationResult , EvaluationResult , evaluationResult , erMatchedStatements , erEvalDecisionDetails , erResourceSpecificResults , erEvalResourceName , erMissingContextValues , erOrganizationsDecisionDetail , erEvalActionName , erEvalDecision -- * GetContextKeysForPolicyResponse , GetContextKeysForPolicyResponse , getContextKeysForPolicyResponse , gckfpContextKeyNames -- * Group , Group , group' , gPath , gGroupName , gGroupId , gARN , gCreateDate -- * GroupDetail , GroupDetail , groupDetail , gdARN , gdPath , gdCreateDate , gdGroupId , gdGroupPolicyList , gdGroupName , gdAttachedManagedPolicies -- * InstanceProfile , InstanceProfile , instanceProfile , ipPath , ipInstanceProfileName , ipInstanceProfileId , ipARN , ipCreateDate , ipRoles -- * LoginProfile , LoginProfile , loginProfile , lpPasswordResetRequired , lpUserName , lpCreateDate -- * MFADevice , MFADevice , mfaDevice , mdUserName , mdSerialNumber , mdEnableDate -- * ManagedPolicyDetail , ManagedPolicyDetail , managedPolicyDetail , mpdPolicyName , mpdARN , mpdUpdateDate , mpdPolicyId , mpdPath , mpdPolicyVersionList , mpdCreateDate , mpdIsAttachable , mpdDefaultVersionId , mpdAttachmentCount , mpdDescription -- * OpenIdConnectProviderListEntry , OpenIdConnectProviderListEntry , openIdConnectProviderListEntry , oicpleARN -- * OrganizationsDecisionDetail , OrganizationsDecisionDetail , organizationsDecisionDetail , oddAllowedByOrganizations -- * PasswordPolicy , PasswordPolicy , passwordPolicy , ppExpirePasswords , ppMinimumPasswordLength , ppRequireNumbers , ppPasswordReusePrevention , ppRequireLowercaseCharacters , ppMaxPasswordAge , ppHardExpiry , ppRequireSymbols , ppRequireUppercaseCharacters , ppAllowUsersToChangePassword -- * Policy , Policy , policy , pPolicyName , pARN , pUpdateDate , pPolicyId , pPath , pCreateDate , pIsAttachable , pDefaultVersionId , pAttachmentCount , pDescription -- * PolicyDetail , PolicyDetail , policyDetail , pdPolicyDocument , pdPolicyName -- * PolicyGroup , PolicyGroup , policyGroup , pgGroupId , pgGroupName -- * PolicyRole , PolicyRole , policyRole , prRoleName , prRoleId -- * PolicyUser , PolicyUser , policyUser , puUserName , puUserId -- * PolicyVersion , PolicyVersion , policyVersion , pvVersionId , pvCreateDate , pvDocument , pvIsDefaultVersion -- * Position , Position , position , pLine , pColumn -- * ResourceSpecificResult , ResourceSpecificResult , resourceSpecificResult , rsrMatchedStatements , rsrEvalDecisionDetails , rsrMissingContextValues , rsrEvalResourceName , rsrEvalResourceDecision -- * Role , Role , role' , rMaxSessionDuration , rAssumeRolePolicyDocument , rDescription , rPath , rRoleName , rRoleId , rARN , rCreateDate -- * RoleDetail , RoleDetail , roleDetail , rdAssumeRolePolicyDocument , rdARN , rdPath , rdInstanceProfileList , rdCreateDate , rdRoleName , rdRoleId , rdRolePolicyList , rdAttachedManagedPolicies -- * RoleUsageType , RoleUsageType , roleUsageType , rutResources , rutRegion -- * SAMLProviderListEntry , SAMLProviderListEntry , sAMLProviderListEntry , samlpleARN , samlpleCreateDate , samlpleValidUntil -- * SSHPublicKey , SSHPublicKey , sshPublicKey , spkUploadDate , spkUserName , spkSSHPublicKeyId , spkFingerprint , spkSSHPublicKeyBody , spkStatus -- * SSHPublicKeyMetadata , SSHPublicKeyMetadata , sshPublicKeyMetadata , spkmUserName , spkmSSHPublicKeyId , spkmStatus , spkmUploadDate -- * ServerCertificate , ServerCertificate , serverCertificate , sCertificateChain , sServerCertificateMetadata , sCertificateBody -- * ServerCertificateMetadata , ServerCertificateMetadata , serverCertificateMetadata , scmUploadDate , scmExpiration , scmPath , scmServerCertificateName , scmServerCertificateId , scmARN -- * ServiceSpecificCredential , ServiceSpecificCredential , serviceSpecificCredential , sscCreateDate , sscServiceName , sscServiceUserName , sscServicePassword , sscServiceSpecificCredentialId , sscUserName , sscStatus -- * ServiceSpecificCredentialMetadata , ServiceSpecificCredentialMetadata , serviceSpecificCredentialMetadata , sscmUserName , sscmStatus , sscmServiceUserName , sscmCreateDate , sscmServiceSpecificCredentialId , sscmServiceName -- * SigningCertificate , SigningCertificate , signingCertificate , scUploadDate , scUserName , scCertificateId , scCertificateBody , scStatus -- * SimulatePolicyResponse , SimulatePolicyResponse , simulatePolicyResponse , spEvaluationResults , spMarker , spIsTruncated -- * Statement , Statement , statement , sSourcePolicyType , sSourcePolicyId , sEndPosition , sStartPosition -- * User , User , user , uPasswordLastUsed , uPath , uUserName , uUserId , uARN , uCreateDate -- * UserDetail , UserDetail , userDetail , udGroupList , udARN , udPath , udCreateDate , udUserName , udUserId , udUserPolicyList , udAttachedManagedPolicies -- * VirtualMFADevice , VirtualMFADevice , virtualMFADevice , vmdQRCodePNG , vmdBase32StringSeed , vmdUser , vmdEnableDate , vmdSerialNumber ) where import Network.AWS.IAM.Types.Product import Network.AWS.IAM.Types.Sum import Network.AWS.Lens import Network.AWS.Prelude import Network.AWS.Sign.V4 -- | API version @2010-05-08@ of the Amazon Identity and Access Management SDK configuration. iam :: Service iam = Service { _svcAbbrev = "IAM" , _svcSigner = v4 , _svcPrefix = "iam" , _svcVersion = "2010-05-08" , _svcEndpoint = defaultEndpoint iam , _svcTimeout = Just 70 , _svcCheck = statusSuccess , _svcError = parseXMLError "IAM" , _svcRetry = retry } where retry = Exponential { _retryBase = 5.0e-2 , _retryGrowth = 2 , _retryAttempts = 5 , _retryCheck = check } check e | has (hasCode "ThrottledException" . hasStatus 400) e = Just "throttled_exception" | has (hasStatus 429) e = Just "too_many_requests" | has (hasCode "ThrottlingException" . hasStatus 400) e = Just "throttling_exception" | has (hasCode "Throttling" . hasStatus 400) e = Just "throttling" | has (hasStatus 504) e = Just "gateway_timeout" | has (hasCode "RequestThrottledException" . hasStatus 400) e = Just "request_throttled_exception" | has (hasStatus 502) e = Just "bad_gateway" | has (hasStatus 503) e = Just "service_unavailable" | has (hasStatus 500) e = Just "general_server_error" | has (hasStatus 509) e = Just "limit_exceeded" | otherwise = Nothing -- | The request was rejected because the credential report does not exist. To generate a credential report, use 'GenerateCredentialReport' . -- -- _CredentialReportNotPresentException :: AsError a => Getting (First ServiceError) a ServiceError _CredentialReportNotPresentException = _MatchServiceError iam "ReportNotPresent" . hasStatus 410 -- | The request was rejected because the credential report is still being generated. -- -- _CredentialReportNotReadyException :: AsError a => Getting (First ServiceError) a ServiceError _CredentialReportNotReadyException = _MatchServiceError iam "ReportInProgress" . hasStatus 404 -- | The request was rejected because the policy document was malformed. The error message describes the specific error. -- -- _MalformedPolicyDocumentException :: AsError a => Getting (First ServiceError) a ServiceError _MalformedPolicyDocumentException = _MatchServiceError iam "MalformedPolicyDocument" . hasStatus 400 -- | The request was rejected because it attempted to create a resource that already exists. -- -- _EntityAlreadyExistsException :: AsError a => Getting (First ServiceError) a ServiceError _EntityAlreadyExistsException = _MatchServiceError iam "EntityAlreadyExists" . hasStatus 409 -- | The request was rejected because the certificate was malformed or expired. The error message describes the specific error. -- -- _MalformedCertificateException :: AsError a => Getting (First ServiceError) a ServiceError _MalformedCertificateException = _MatchServiceError iam "MalformedCertificate" . hasStatus 400 -- | The request was rejected because the most recent credential report has expired. To generate a new credential report, use 'GenerateCredentialReport' . For more information about credential report expiration, see in the /IAM User Guide/ . -- -- _CredentialReportExpiredException :: AsError a => Getting (First ServiceError) a ServiceError _CredentialReportExpiredException = _MatchServiceError iam "ReportExpired" . hasStatus 410 -- | The request was rejected because only the service that depends on the service-linked role can modify or delete the role on your behalf. The error message includes the name of the service that depends on this service-linked role. You must request the change through that service. -- -- _UnmodifiableEntityException :: AsError a => Getting (First ServiceError) a ServiceError _UnmodifiableEntityException = _MatchServiceError iam "UnmodifiableEntity" . hasStatus 400 -- | The request was rejected because the same certificate is associated with an IAM user in the account. -- -- _DuplicateCertificateException :: AsError a => Getting (First ServiceError) a ServiceError _DuplicateCertificateException = _MatchServiceError iam "DuplicateCertificate" . hasStatus 409 -- | The request was rejected because it attempted to delete a resource that has attached subordinate entities. The error message describes these entities. -- -- _DeleteConflictException :: AsError a => Getting (First ServiceError) a ServiceError _DeleteConflictException = _MatchServiceError iam "DeleteConflict" . hasStatus 409 -- | The request was rejected because it referenced an entity that does not exist. The error message describes the entity. -- -- _NoSuchEntityException :: AsError a => Getting (First ServiceError) a ServiceError _NoSuchEntityException = _MatchServiceError iam "NoSuchEntity" . hasStatus 404 -- | The request was rejected because the certificate is invalid. -- -- _InvalidCertificateException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidCertificateException = _MatchServiceError iam "InvalidCertificate" . hasStatus 400 -- | The request failed because AWS service role policies can only be attached to the service-linked role for that service. -- -- _PolicyNotAttachableException :: AsError a => Getting (First ServiceError) a ServiceError _PolicyNotAttachableException = _MatchServiceError iam "PolicyNotAttachable" . hasStatus 400 -- | The specified service does not support service-specific credentials. -- -- _ServiceNotSupportedException :: AsError a => Getting (First ServiceError) a ServiceError _ServiceNotSupportedException = _MatchServiceError iam "NotSupportedService" . hasStatus 404 -- | The request was rejected because the public key encoding format is unsupported or unrecognized. -- -- _UnrecognizedPublicKeyEncodingException :: AsError a => Getting (First ServiceError) a ServiceError _UnrecognizedPublicKeyEncodingException = _MatchServiceError iam "UnrecognizedPublicKeyEncoding" . hasStatus 400 -- | The request was rejected because the type of user for the transaction was incorrect. -- -- _InvalidUserTypeException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidUserTypeException = _MatchServiceError iam "InvalidUserType" . hasStatus 400 -- | The request processing has failed because of an unknown error, exception or failure. -- -- _ServiceFailureException :: AsError a => Getting (First ServiceError) a ServiceError _ServiceFailureException = _MatchServiceError iam "ServiceFailure" . hasStatus 500 -- | The request was rejected because an invalid or out-of-range value was supplied for an input parameter. -- -- _InvalidInputException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidInputException = _MatchServiceError iam "InvalidInput" . hasStatus 400 -- | The request was rejected because the public key is malformed or otherwise invalid. -- -- _InvalidPublicKeyException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidPublicKeyException = _MatchServiceError iam "InvalidPublicKey" . hasStatus 400 -- | The request was rejected because the authentication code was not recognized. The error message describes the specific error. -- -- _InvalidAuthenticationCodeException :: AsError a => Getting (First ServiceError) a ServiceError _InvalidAuthenticationCodeException = _MatchServiceError iam "InvalidAuthenticationCode" . hasStatus 403 -- | The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity. -- -- _EntityTemporarilyUnmodifiableException :: AsError a => Getting (First ServiceError) a ServiceError _EntityTemporarilyUnmodifiableException = _MatchServiceError iam "EntityTemporarilyUnmodifiable" . hasStatus 409 -- | The request was rejected because the SSH public key is already associated with the specified IAM user. -- -- _DuplicateSSHPublicKeyException :: AsError a => Getting (First ServiceError) a ServiceError _DuplicateSSHPublicKeyException = _MatchServiceError iam "DuplicateSSHPublicKey" . hasStatus 400 -- | The request was rejected because the public key certificate and the private key do not match. -- -- _KeyPairMismatchException :: AsError a => Getting (First ServiceError) a ServiceError _KeyPairMismatchException = _MatchServiceError iam "KeyPairMismatch" . hasStatus 400 -- | The request failed because a provided policy could not be successfully evaluated. An additional detailed message indicates the source of the failure. -- -- _PolicyEvaluationException :: AsError a => Getting (First ServiceError) a ServiceError _PolicyEvaluationException = _MatchServiceError iam "PolicyEvaluation" . hasStatus 500 -- | The request was rejected because the provided password did not meet the requirements imposed by the account password policy. -- -- _PasswordPolicyViolationException :: AsError a => Getting (First ServiceError) a ServiceError _PasswordPolicyViolationException = _MatchServiceError iam "PasswordPolicyViolation" . hasStatus 400 -- | The request was rejected because it attempted to create resources beyond the current AWS account limits. The error message describes the limit exceeded. -- -- _LimitExceededException :: AsError a => Getting (First ServiceError) a ServiceError _LimitExceededException = _MatchServiceError iam "LimitExceeded" . hasStatus 409