Access Analyzer
accessanalyzer_get_analyzed_resource
Retrieves information about a resource that was analyzed
accessanalyzer_apply_archive_rule
Retroactively applies the archive rule to existing findings that meet
the archive rule criteria
accessanalyzer_list_access_previews
Retrieves a list of access previews for the specified analyzer
accessanalyzer_delete_analyzer
Deletes the specified analyzer
accessanalyzer_create_analyzer
Creates an analyzer for your account
accessanalyzer_get_access_preview
Retrieves information about an access preview for the specified analyzer
accessanalyzer_delete_archive_rule
Deletes the specified archive rule
accessanalyzer_list_access_preview_findings
Retrieves a list of access preview findings generated by the specified
access preview
accessanalyzer_check_no_new_access
Checks whether new access is allowed for an updated policy when compared
to the existing policy
accessanalyzer_list_policy_generations
Lists all of the policy generations requested in the last seven days
accessanalyzer_list_analyzed_resources
Retrieves a list of resources of the specified type that have been
analyzed by the specified analyzer
accessanalyzer_list_findings_v2
Retrieves a list of findings generated by the specified analyzer
accessanalyzer_list_findings
Retrieves a list of findings generated by the specified analyzer
accessanalyzer_check_access_not_granted
Checks whether the specified access isn't allowed by a policy
accessanalyzer_get_archive_rule
Retrieves information about an archive rule
account_delete_alternate_contact
Deletes the specified alternate contact from an Amazon Web Services
account
Enables (opts-in) a particular Region for an account
accessanalyzer_get_finding
Retrieves information about the specified finding
Disables (opts-out) a particular Region for an account
acm_get_account_configuration
Returns the account configuration options associated with an Amazon Web
Services account
accessanalyzer_list_tags_for_resource
Retrieves a list of tags applied to the specified resource
accessanalyzer_get_analyzer
Retrieves information about the specified analyzer
Lists all the Regions for a given account and their respective opt-in
statuses
accessanalyzer_untag_resource
Removes a tag from the specified resource
Retrieves an Amazon-issued certificate and its certificate chain
account_get_contact_information
Retrieves the primary contact information of an Amazon Web Services
account
account_get_alternate_contact
Retrieves the specified alternate contact attached to an Amazon Web
Services account
Exports a private certificate issued by a private certificate authority
(CA) for use anywhere
accessanalyzer_list_analyzers
Retrieves a list of analyzers
accessanalyzer_create_access_preview
Creates an access preview that allows you to preview IAM Access Analyzer
findings for your resource before deploying resource permissions
accessanalyzer_cancel_policy_generation
Cancels the requested policy generation
account_put_alternate_contact
Modifies the specified alternate contact attached to an Amazon Web
Services account
AWS Certificate Manager
AWS Account
accessanalyzer_get_finding_v2
Retrieves information about the specified finding
accessanalyzer_tag_resource
Adds a tag to the specified resource
acm_put_account_configuration
Adds or modifies account-level configurations in ACM
accessanalyzer_update_archive_rule
Updates the criteria and values for the specified archive rule
accessanalyzer_start_resource_scan
Immediately starts a scan of the policies applied to the specified
resource
accessanalyzer_create_archive_rule
Creates an archive rule for the specified analyzer
acm_resend_validation_email
Resends the email that requests domain ownership validation
acmpca_list_certificate_authorities
Lists the private certificate authorities that you created by using the
CreateCertificateAuthority action
accessanalyzer_list_archive_rules
Retrieves a list of archive rules created for the specified analyzer
account_put_contact_information
Updates the primary contact information of an Amazon Web Services
account
Revokes permissions on a private CA granted to the Certificate Manager
(ACM) service principal (acm
Retrieves a list of certificate ARNs and domain names
acm_list_tags_for_certificate
Lists the tags that have been applied to the ACM certificate
clouddirectory_attach_typed_link
Attaches a typed link to a specified source and target object
account_get_region_opt_status
Retrieves the opt-in status of a particular Region
accessanalyzer_validate_policy
Requests the validation of a policy and returns a list of findings
Retrieves the resource-based policy attached to a private CA
acm_remove_tags_from_certificate
Remove one or more tags from an ACM certificate
List all permissions on a private CA, if any, granted to the Certificate
Manager (ACM) service principal (acm
Deletes the resource-based policy attached to a private CA
clouddirectory_attach_to_index
Attaches the specified object to the specified index
AWS Certificate Manager Private Certificate Authority
acmpca_update_certificate_authority
Updates the status or configuration of a private certificate authority
(CA)
acmpca_delete_certificate_authority
Deletes a private certificate authority (CA)
acm_add_tags_to_certificate
Adds one or more tags to an ACM certificate
acmpca_import_certificate_authority_certificate
Imports a signed private CA certificate into Amazon Web Services Private
CA
Returns detailed metadata about the specified ACM certificate
Deletes a certificate and its associated private key
clouddirectory_apply_schema
Copies the input published schema, at the specified version, into the
Directory with the same name and version as that of the published schema
acmpca_revoke_certificate
Revokes a certificate that was issued inside Amazon Web Services Private
CA
Renews an eligible ACM certificate
acmpca_get_certificate_authority_csr
Retrieves the certificate signing request (CSR) for your private
certificate authority (CA)
Requests an ACM certificate for use with other Amazon Web Services
services
acm_update_certificate_options
Updates a certificate
acmpca_describe_certificate_authority_audit_report
Lists information about a specific audit report created by calling the
CreateCertificateAuthorityAuditReport action
Imports a certificate into Certificate Manager (ACM) to use with
services that are integrated with ACM
clouddirectory_create_schema
Creates a new schema in a development state
clouddirectory_create_typed_link_facet
Creates a TypedLinkFacet
Uses your private certificate authority (CA), or one that has been
shared with you, to issue a client certificate
acmpca_create_certificate_authority
Creates a root or subordinate private certificate authority (CA)
clouddirectory_create_object
Creates an object in a Directory
accessanalyzer_update_findings
Updates the status for the specified findings
clouddirectory_create_index
Creates an index object
acmpca_untag_certificate_authority
Remove one or more tags from your private CA
clouddirectory_update_object_attributes
Updates a given object's attributes
clouddirectory_attach_policy
Attaches a policy object to a regular object
acmpca_restore_certificate_authority
Restores a certificate authority (CA) that is in the DELETED state
acmpca_describe_certificate_authority
Lists information about your private certificate authority (CA) or one
that has been shared with you
clouddirectory_list_object_attributes
Lists all attributes that are associated with an object
clouddirectory_delete_schema
Deletes a given schema
clouddirectory_attach_object
Attaches an existing object to another object
clouddirectory_publish_schema
Publishes a development schema with a major version and a recommended
minor version
acmpca_create_certificate_authority_audit_report
Creates an audit report that lists every time that your CA private key
is used
clouddirectory_get_object_attributes
Retrieves attributes within a facet that are associated with an object
accessanalyzer_start_policy_generation
Starts the policy generation request
clouddirectory_enable_directory
Enables the specified directory
accessanalyzer_get_generated_policy
Retrieves the policy that was generated using StartPolicyGeneration
clouddirectory_list_applied_schema_arns
Lists schema major versions applied to a directory
acmpca_tag_certificate_authority
Adds one or more tags to your private CA
clouddirectory_get_typed_link_facet_information
Returns the identity attribute order for a specific TypedLinkFacet
clouddirectory_list_managed_schema_arns
Lists the major version families of each managed schema
clouddirectory_upgrade_published_schema
Upgrades a published schema under a new minor version revision using the
current contents of DevelopmentSchemaArn
clouddirectory_list_development_schema_arns
Retrieves each Amazon Resource Name (ARN) of schemas in the development
state
clouddirectory_add_facet_to_object
Adds a new Facet to an object
Lists the tags, if any, that are associated with your private CA or one
that has been shared with you
clouddirectory_list_facet_names
Retrieves the names of facets that exist in a schema
This is documentation for AWS CloudHSM Classic
clouddirectory_list_object_children
Returns a paginated list of child objects that are associated with a
given object
clouddirectory_list_typed_link_facet_names
Returns a paginated list of TypedLink facet names for a particular
schema
clouddirectory_batch_write
Performs all the write operations in a batch
clouddirectory_detach_policy
Detaches a policy from an object
clouddirectory_get_schema_as_json
Retrieves a JSON representation of the schema
clouddirectory_delete_object
Deletes an object and its associated attributes
clouddirectory_list_incoming_typed_links
Returns a paginated list of all the incoming TypedLinkSpecifier
information for an object
clouddirectory_untag_resource
An API operation for removing tags from a resource
clouddirectory_put_schema_from_json
Allows a schema to be updated using JSON upload
acmpca_get_certificate_authority_certificate
Retrieves the certificate and certificate chain for your private
certificate authority (CA) or one that has been shared with you
clouddirectory_list_index
Lists objects attached to the specified index
This is documentation for AWS CloudHSM Classic
clouddirectory_detach_object
Detaches a given object from the parent object
Amazon CloudDirectory
clouddirectory_batch_read
Performs all the read operations in a batch
cloudhsm_list_available_zones
This is documentation for AWS CloudHSM Classic
clouddirectory_delete_facet
Deletes a given Facet
clouddirectory_list_attached_indices
Lists indices attached to the specified object
clouddirectory_delete_typed_link_facet
Deletes a TypedLinkFacet
clouddirectory_get_link_attributes
Retrieves attributes that are associated with a typed link
Grants one or more permissions on a private CA to the Certificate
Manager (ACM) service principal (acm
clouddirectory_detach_from_index
Detaches the specified object from the specified index
This is documentation for AWS CloudHSM Classic
cloudhsmv2_copy_backup_to_region
Copy an AWS CloudHSM cluster backup to a different region
clouddirectory_lookup_policy
Lists all policies from the root of the Directory to the object
specified
clouddirectory_update_schema
Updates the schema name with a new name
clouddirectory_update_link_attributes
Updates a given typed link’s attributes
cloudhsm_describe_luna_client
This is documentation for AWS CloudHSM Classic
clouddirectory_update_facet
Does the following:
clouddirectory_list_directories
Lists directories created within an account
clouddirectory_list_object_policies
Returns policies attached to an object in pagination fashion
This is documentation for AWS CloudHSM Classic
This is documentation for AWS CloudHSM Classic
clouddirectory_get_applied_schema_version
Returns current applied schema version ARN, including the minor version
in use
AWS CloudHSM V2
cognitoidentity_lookup_developer_identity
Retrieves the IdentityID associated with a DeveloperUserIdentifier or
the list of DeveloperUserIdentifier values associated with an IdentityId
for an existing identity
cloudhsm_add_tags_to_resource
This is documentation for AWS CloudHSM Classic
This is documentation for AWS CloudHSM Classic
clouddirectory_upgrade_applied_schema
Upgrades a single directory in-place using the PublishedSchemaArn with
schema updates found in MinorVersion
Retrieves a certificate from your private CA or one that has been shared
with you
clouddirectory_get_directory
Retrieves metadata about a directory
This is documentation for AWS CloudHSM Classic
cloudhsmv2_restore_backup
Restores a specified AWS CloudHSM backup that is in the PENDING_DELETION
state
clouddirectory_list_outgoing_typed_links
Returns a paginated list of all the outgoing TypedLinkSpecifier
information for an object
Creates a new hardware security module (HSM) in the specified AWS
CloudHSM cluster
clouddirectory_delete_directory
Deletes a directory
clouddirectory_list_tags_for_resource
Returns tags for a resource
clouddirectory_list_facet_attributes
Retrieves attributes attached to the facet
clouddirectory_list_typed_link_facet_attributes
Returns a paginated list of all attribute definitions for a particular
TypedLinkFacet
Amazon CloudHSM
clouddirectory_list_object_parent_paths
Retrieves all available parent paths for any object type such as node,
leaf node, policy node, and index node objects
cloudhsm_delete_luna_client
This is documentation for AWS CloudHSM Classic
clouddirectory_detach_typed_link
Detaches a typed link from a specified source and target object
cloudhsm_remove_tags_from_resource
This is documentation for AWS CloudHSM Classic
cognitoidentityprovider_admin_list_devices
Lists devices, as an administrator
cognitoidentity_get_credentials_for_identity
Returns credentials for the provided identity ID
cognitoidentity_delete_identities
Deletes identities from an identity pool
cloudhsm_list_luna_clients
This is documentation for AWS CloudHSM Classic
cloudhsmv2_describe_backups
Gets information about backups of AWS CloudHSM clusters
clouddirectory_update_typed_link_facet
Updates a TypedLinkFacet
Adds or overwrites one or more tags for the specified AWS CloudHSM
cluster
Attaches a resource-based policy to a private CA
cloudhsmv2_delete_cluster
Deletes the specified AWS CloudHSM cluster
This is documentation for AWS CloudHSM Classic
cloudhsmv2_describe_clusters
Gets information about AWS CloudHSM clusters
clouddirectory_create_directory
Creates a Directory by copying the published schema into the directory
clouddirectory_get_object_information
Retrieves metadata about an object
cognitoidentityprovider_admin_set_user_password
Sets the specified user's password in a user pool as an administrator
cloudhsm_list_tags_for_resource
This is documentation for AWS CloudHSM Classic
clouddirectory_create_facet
Creates a new Facet in a schema
cognitoidentity_delete_identity_pool
Deletes an identity pool
cognitoidentityprovider_get_ui_customization
Gets the user interface (UI) Customization information for a particular
app client's app UI, if any such information exists for the client
cloudhsmv2_modify_backup_attributes
Modifies attributes for AWS CloudHSM backup
cognitoidentity_get_open_id_token_for_developer_identity
Registers (or retrieves) a Cognito IdentityId and an OpenID Connect
token for a user authenticated by your backend authentication process
cognitoidentityprovider_admin_initiate_auth
Initiates the authentication flow, as an administrator
clouddirectory_disable_directory
Disables the specified directory
cognitoidentity_create_identity_pool
Creates a new identity pool
cognitoidentity_describe_identity
Returns metadata related to the given identity, including when the
identity was created and any associated linked logins
cognitoidentityprovider_admin_confirm_sign_up
This IAM-authenticated API operation provides a code that Amazon Cognito
sent to your user when they signed up in your user pool
cognitoidentity_set_identity_pool_roles
Sets the roles for an identity pool
cognitoidentity_describe_identity_pool
Gets details about a particular identity pool, including the pool name,
ID description, creation date, and current number of users
clouddirectory_list_object_parents
Lists parent objects that are associated with a given object in
pagination fashion
cognitoidentity_get_open_id_token
Gets an OpenID token, using a known Cognito ID
cognitoidentity_merge_developer_identities
Merges two users having different IdentityIds, existing in the same
identity pool, and identified by the same developer provider
clouddirectory_tag_resource
An API operation for adding tags to a resource
This is documentation for AWS CloudHSM Classic
cognitoidentityprovider_admin_delete_user
Deletes a user as an administrator
cognitoidentity_untag_resource
Removes the specified tags from the specified Amazon Cognito identity
pool
cognitoidentityprovider_admin_delete_user_attributes
Deletes the user attributes in a user pool as an administrator
Deletes the specified HSM
This is documentation for AWS CloudHSM Classic
cognitoidentityprovider_admin_list_user_auth_events
A history of user activity and any risks detected as part of Amazon
Cognito advanced security
cognitoidentityprovider_admin_get_user
Gets the specified user by user name in a user pool as an administrator
cognitoidentityprovider_delete_user
Allows a user to delete their own user profile
cloudhsmv2_create_cluster
Creates a new AWS CloudHSM cluster
clouddirectory_list_policy_attachments
Returns all of the ObjectIdentifiers to which a given policy is attached
cognitoidentityprovider_add_custom_attributes
Adds additional user attributes to the user pool schema
This is documentation for AWS CloudHSM Classic
cloudhsmv2_initialize_cluster
Claims an AWS CloudHSM cluster by submitting the cluster certificate
issued by your issuing certificate authority (CA) and the CA's root
certificate
Gets details of the Facet, such as facet name, attributes, Rules, or
ObjectType
cognitoidentityprovider_delete_user_attributes
Deletes the attributes for a user
cognitoidentity_unlink_identity
Unlinks a federated identity from an existing account
clouddirectory_list_published_schema_arns
Lists the major version families of each published schema
Gets a list of tags for the specified AWS CloudHSM cluster
Generates (or retrieves) a Cognito ID
cognitoidentity_tag_resource
Assigns a set of tags to the specified Amazon Cognito identity pool
cloudhsm_modify_luna_client
This is documentation for AWS CloudHSM Classic
clouddirectory_remove_facet_from_object
Removes the specified facet from the specified object
cloudhsm_create_luna_client
This is documentation for AWS CloudHSM Classic
cognitoidentityprovider_delete_user_pool
Deletes the specified Amazon Cognito user pool
cognitoidentity_get_principal_tag_attribute_map
Use GetPrincipalTagAttributeMap to list all mappings between
PrincipalTags and user attributes
Deletes a specified AWS CloudHSM backup
cognitoidentityprovider_create_group
Creates a new group in the specified user pool
cloudhsmv2_untag_resource
Removes the specified tag or tags from the specified AWS CloudHSM
cluster
cognitoidentity_set_principal_tag_attribute_map
You can use this operation to use default (username and clientID)
attribute or custom attribute mappings
cognitoidentityprovider_admin_create_user
Creates a new user in the specified user pool
cognitoidentityprovider_create_user_pool_client
Creates the user pool client
detective_list_organization_admin_accounts
Returns information about the Detective administrator account for an
organization
Amazon Cognito Identity Provider
cloudhsmv2_modify_cluster
Modifies AWS CloudHSM cluster
cognitoidentityprovider_admin_update_user_attributes
This action might generate an SMS text message
cognitoidentityprovider_set_risk_configuration
Configures actions on detected risks
cognitoidentityprovider_describe_identity_provider
Gets information about a specific IdP
cognitoidentityprovider_admin_get_device
Gets the device, as an administrator
cognitoidentity_unlink_developer_identity
Unlinks a DeveloperUserIdentifier from an existing identity
Gets paginated records, optionally changed after a particular sync count
for a dataset and identity
cognitoidentityprovider_create_identity_provider
Creates an IdP for a user pool
cognitoidentityprovider_update_user_pool
This action might generate an SMS text message
Amazon Cognito Identity
cognitoidentityprovider_change_password
Changes the password for a specified user in a user pool
cognitoidentityprovider_tag_resource
Assigns a set of tags to an Amazon Cognito user pool
cognitoidentityprovider_describe_resource_server
Describes a resource server
cognitoidentityprovider_admin_list_groups_for_user
Lists the groups that a user belongs to
cognitoidentity_list_identity_pools
Lists all of the Cognito identity pools registered for your account
cognitoidentityprovider_admin_user_global_sign_out
Invalidates the identity, access, and refresh tokens that Amazon Cognito
issued to a user
cognitoidentity_get_identity_pool_roles
Gets the roles for an identity pool
cognitoidentityprovider_describe_user_import_job
Describes the user import job
cognitoidentityprovider_admin_update_auth_event_feedback
Provides feedback for an authentication event indicating if it was from
a valid user
cognitoidentityprovider_delete_user_pool_domain
Deletes a domain for a user pool
directoryservice_enable_radius
Enables multi-factor authentication (MFA) with the Remote Authentication
Dial In User Service (RADIUS) server for an AD Connector or Microsoft AD
directory
cognitoidentity_list_tags_for_resource
Lists the tags that are assigned to an Amazon Cognito identity pool
cognitoidentityprovider_admin_add_user_to_group
Adds a user to a group
cognitoidentityprovider_get_log_delivery_configuration
Gets the detailed activity logging configuration for a user pool
cognitoidentityprovider_confirm_forgot_password
Allows a user to enter a confirmation code to reset a forgotten password
cognitoidentityprovider_create_resource_server
Creates a new OAuth2
cognitoidentityprovider_admin_disable_provider_for_user
Prevents the user from signing in with the specified external (SAML or
social) identity provider (IdP)
cognitoidentityprovider_admin_set_user_settings
This action is no longer supported
Amazon Cognito Sync
cognitoidentityprovider_admin_disable_user
Deactivates a user and revokes all access tokens for the user
cognitoidentityprovider_create_user_pool
This action might generate an SMS text message
directoryservice_reject_shared_directory
Rejects a directory sharing request that was sent from the directory
owner account
cognitoidentityprovider_admin_forget_device
Forgets the device, as an administrator
cognitoidentity_update_identity_pool
Updates an identity pool
cognitoidentityprovider_global_sign_out
Invalidates the identity, access, and refresh tokens that Amazon Cognito
issued to a user
cognitoidentityprovider_set_ui_customization
Sets the user interface (UI) customization information for a user pool's
built-in app UI
cognitoidentity_list_identities
Lists the identities in an identity pool
directoryservice_restore_from_snapshot
Restores a directory using an existing directory snapshot
cognitoidentityprovider_admin_remove_user_from_group
Removes the specified user from the specified group
cognitoidentityprovider_verify_software_token
Use this API to register a user's entered time-based one-time password
(TOTP) code and mark the user's software token MFA status as "verified"
if successful
cognitoidentityprovider_admin_reset_user_password
Resets the specified user's password in a user pool as an administrator
cognitoidentityprovider_list_user_pool_clients
Lists the clients that have been created for the specified user pool
cognitoidentityprovider_forget_device
Forgets the specified device
cognitoidentityprovider_get_csv_header
Gets the header information for the comma-separated value (CSV) file to
be used as input for the user import job
cognitoidentityprovider_get_signing_certificate
This method takes a user pool ID, and returns the signing certificate
cognitoidentityprovider_list_user_pools
Lists the user pools associated with an Amazon Web Services account
cognitoidentityprovider_associate_software_token
Begins setup of time-based one-time password (TOTP) multi-factor
authentication (MFA) for a user, with a unique private key that Amazon
Cognito generates and returns in the API response
cognitoidentityprovider_admin_respond_to_auth_challenge
Some API operations in a user pool generate a challenge, like a prompt
for an MFA code, for device authentication that bypasses MFA, or for a
custom authentication challenge
cognitosync_register_device
Registers a device to receive push sync notifications
cognitoidentityprovider_stop_user_import_job
Stops the user import job
cognitoidentityprovider_describe_user_pool
Returns the configuration information and metadata of the specified user
pool
detective_batch_get_graph_member_datasources
Gets data source package information for the behavior graph
cognitoidentityprovider_get_user
Gets the user attributes and metadata for a user
cognitoidentityprovider_update_auth_event_feedback
Provides the feedback for an authentication event, whether it was from a
valid user or not
cognitoidentityprovider_update_user_pool_domain
Updates the Secure Sockets Layer (SSL) certificate for the custom domain
for your user pool
cognitoidentityprovider_confirm_sign_up
This public API operation provides a code that Amazon Cognito sent to
your user when they signed up in your user pool via the SignUp API
operation
cognitoidentityprovider_admin_enable_user
Enables the specified user as an administrator
cognitoidentityprovider_verify_user_attribute
Verifies the specified user attributes in the user pool
Returns an array of PolicySummary objects
cognitoidentityprovider_start_user_import_job
Starts the user import
cognitoidentityprovider_admin_update_device_status
Updates the device status as an administrator
cognitoidentityprovider_create_user_import_job
Creates a user import job
cognitoidentityprovider_list_users
Lists users and their basic details in a user pool
cognitoidentityprovider_delete_group
Deletes a group
cognitosync_describe_identity_pool_usage
Gets usage details (for example, data storage) about a particular
identity pool
cognitoidentityprovider_admin_set_user_mfa_preference
The user's multi-factor authentication (MFA) preference, including which
MFA options are activated, and if any are preferred
detective_disable_organization_admin_account
Removes the Detective administrator account in the current Region
cognitoidentityprovider_get_group
Gets a group
cognitosync_set_identity_pool_configuration
Sets the necessary configuration for push sync
cognitoidentityprovider_describe_user_pool_client
Client method for returning the configuration information and metadata
of the specified user pool app client
cognitoidentityprovider_get_device
Gets the device
cognitoidentityprovider_delete_user_pool_client
Allows the developer to delete the user pool client
Retrieves the list of member accounts for a behavior graph
cognitoidentityprovider_confirm_device
Confirms tracking of the device
cognitoidentityprovider_create_user_pool_domain
Creates a new domain for a user pool
cognitoidentityprovider_list_devices
Lists the sign-in devices that Amazon Cognito has registered to the
current user
cognitoidentityprovider_set_user_mfa_preference
Set the user's multi-factor authentication (MFA) method preference,
including which MFA factors are activated and if any are preferred
cognitoidentityprovider_list_tags_for_resource
Lists the tags that are assigned to an Amazon Cognito user pool
directoryservice_remove_tags_from_resource
Removes tags from a directory
cognitoidentityprovider_update_resource_server
Updates the name and scopes of resource server
cognitoidentityprovider_list_groups
Lists the groups associated with a user pool
cognitoidentityprovider_admin_link_provider_for_user
Links an existing user account in a user pool (DestinationUser) to an
identity from an external IdP (SourceUser) based on a specified
attribute name and value from the external IdP
cognitoidentityprovider_update_user_attributes
With this operation, your users can update one or more of their
attributes with their own credentials
cognitoidentityprovider_list_users_in_group
Lists the users in the specified group
cognitoidentityprovider_delete_identity_provider
Deletes an IdP for a user pool
cognitoidentityprovider_describe_risk_configuration
Describes the risk configuration
directoryservice_delete_conditional_forwarder
Deletes a conditional forwarder that has been set up for your Amazon Web
Services directory
detective_start_investigation
initiate an investigation on an entity in a graph
cognitosync_get_bulk_publish_details
Get the status of the last BulkPublish operation for an identity pool
cognitoidentityprovider_delete_resource_server
Deletes a resource server
directoryservice_connect_directory
Creates an AD Connector to connect to a self-managed directory
cognitoidentityprovider_forgot_password
Calling this API causes a message to be sent to the end user with a
confirmation code that is required to change the user's password
detective_describe_organization_configuration
Returns information about the configuration for the organization
behavior graph
cognitoidentityprovider_describe_user_pool_domain
Gets information about a domain
cognitoidentityprovider_revoke_token
Revokes all of the access tokens generated by, and at the same time as,
the specified refresh token
fms_associate_third_party_firewall
Sets the Firewall Manager policy administrator as a tenant administrator
of a third-party firewall service
detective_list_datasource_packages
Lists data source packages in the behavior graph
cognitoidentityprovider_set_user_pool_mfa_config
Sets the user pool multi-factor authentication (MFA) configuration
Removes the specified member accounts from the behavior graph
cognitoidentityprovider_get_user_attribute_verification_code
Generates a user attribute verification code for the specified attribute
name
cognitoidentityprovider_list_user_import_jobs
Lists user import jobs for a user pool
Returns the membership details for specified member accounts for a
behavior graph
cognitoidentityprovider_sign_up
Registers the user in the specified user pool and creates a user name,
password, and user attributes
cognitoidentityprovider_resend_confirmation_code
Resends the confirmation (for confirmation of registration) to a
specific user in the user pool
directoryservice_add_region
Adds two domain controllers in the specified Region for the specified
directory
detective_accept_invitation
Accepts an invitation for the member account to contribute data to a
behavior graph
cognitoidentityprovider_get_identity_provider_by_identifier
Gets the specified IdP
cognitoidentityprovider_update_identity_provider
Updates IdP information for a user pool
directoryservice_add_ip_routes
If the DNS server for your self-managed domain uses a publicly
addressable IP address, you must add a CIDR address block to correctly
route traffic to and from your Microsoft AD on Amazon Web Services
cognitoidentityprovider_list_identity_providers
Lists information about all IdPs for a user pool
directoryservice_cancel_schema_extension
Cancels an in-progress schema extension to a Microsoft AD directory
cognitoidentityprovider_update_user_pool_client
Updates the specified user pool app client with the specified attributes
cognitoidentityprovider_initiate_auth
Initiates sign-in for a user in the Amazon Cognito user directory
cognitosync_list_identity_pool_usage
Gets a list of identity pools registered with Cognito
directoryservice_describe_trusts
Obtains information about the trust relationships for this account
Creates a new behavior graph for the calling account, and sets that
account as the administrator account
cognitosync_set_cognito_events
Sets the AWS Lambda function for a given event type for an identity pool
detective_update_datasource_packages
Starts a data source packages for the behavior graph
cognitoidentityprovider_list_resource_servers
Lists the resource servers for a user pool
cognitosync_update_records
Posts updates to records and adds and deletes records for a dataset and
user
cognitoidentityprovider_get_user_pool_mfa_config
Gets the user pool multi-factor authentication (MFA) configuration
directoryservice_delete_log_subscription
Deletes the specified log subscription
detective_list_investigations
List all Investigations
cognitosync_describe_identity_usage
Gets usage information for an identity, including number of datasets and
data usage
directoryservice_add_tags_to_resource
Adds or overwrites one or more tags for the specified directory
Initiates a bulk publish of all existing datasets for an Identity Pool
to the configured stream
cognitosync_delete_dataset
Deletes the specific dataset
cognitoidentityprovider_respond_to_auth_challenge
Some API operations in a user pool generate a challenge, like a prompt
for an MFA code, for device authentication that bypasses MFA, or for a
custom authentication challenge
detective_list_tags_for_resource
Returns the tag values that are assigned to a behavior graph
cognitoidentityprovider_untag_resource
Removes the specified tags from an Amazon Cognito user pool
cognitoidentityprovider_set_log_delivery_configuration
Sets up or modifies the detailed activity logging configuration of a
user pool
cognitoidentityprovider_set_user_settings
This action is no longer supported
detective_batch_get_membership_datasources
Gets information on the data source package history for an account
directoryservice_create_log_subscription
Creates a subscription to forward real-time Directory Service domain
controller security logs to the specified Amazon CloudWatch log group in
your Amazon Web Services account
cognitoidentityprovider_update_device_status
Updates the device status
directoryservice_deregister_event_topic
Removes the specified directory as a publisher to the specified Amazon
SNS topic
cognitoidentityprovider_update_group
Updates the specified group with the specified attributes
directoryservice_create_computer
Creates an Active Directory computer object in the specified directory
detective_update_investigation_state
Update the state of an investigation
directoryservice_describe_certificate
Displays information about the certificate registered for secure LDAP or
client certificate authentication
fms_get_compliance_detail
Returns detailed compliance information about the specified member
account
cognitosync_list_datasets
Lists datasets for an identity
guardduty_list_tags_for_resource
Lists tags for a resource
cognitosync_get_identity_pool_configuration
Gets the configuration settings of an identity pool
cognitosync_get_cognito_events
Gets the events and the corresponding Lambda functions associated with
an identity pool
detective_get_investigation
Returns the investigation results of an investigation for a behavior
graph
detective_enable_organization_admin_account
Designates the Detective administrator account for the organization in
the current Region
Creates an Firewall Manager policy
directoryservice_delete_directory
Deletes an Directory Service directory
Amazon Detective
fms_batch_associate_resource
Associate resources to a Firewall Manager resource set
directoryservice_create_microsoft_ad
Creates a Microsoft AD directory in the Amazon Web Services Cloud
Adds one or more tags to an Amazon Web Services resource
directoryservice_delete_snapshot
Deletes a directory snapshot
cognitosync_subscribe_to_dataset
Subscribes to receive notifications when a dataset is modified by
another device
directoryservice_describe_domain_controllers
Provides information about any domain controllers in your directory
detective_reject_invitation
Rejects an invitation to contribute the account data to a behavior graph
directoryservice_create_conditional_forwarder
Creates a conditional forwarder associated with your Amazon Web Services
directory
detective_start_monitoring_member
Sends a request to enable data ingest for a member account that has a
status of ACCEPTED_BUT_DISABLED
Applies tag values to a behavior graph
directoryservice_get_directory_limits
Obtains directory limit information for the current Region
directoryservice_describe_regions
Provides information about the Regions that are configured for
multi-Region replication
Disables the specified behavior graph and queues it to be deleted
directoryservice_describe_client_authentication_settings
Retrieves information about the type of client authentication for the
specified directory, if the type is specified
directoryservice_start_schema_extension
Applies a schema extension to a Microsoft AD directory
CreateMembers is used to send invitations to accounts
cognitosync_describe_dataset
Gets meta data about a dataset by identity and dataset name
directoryservice_enable_client_authentication
Enables alternative client authentication methods for the specified
directory
detective_disassociate_membership
Removes the member account from the specified behavior graph
guardduty_delete_invitations
Deletes invitations sent to the current member account by Amazon Web
Services accounts specified by their account IDs
Returns information about the specified Firewall Manager policy
directoryservice_remove_ip_routes
Removes IP address blocks from a directory
directoryservice_create_alias
Creates an alias for a directory and assigns the alias to the directory
directoryservice_create_directory
Creates a Simple AD directory
directoryservice_remove_region
Stops all replication and removes the domain controllers from the
specified Region
directoryservice_create_snapshot
Creates a snapshot of a Simple AD or Microsoft AD directory in the
Amazon Web Services cloud
Removes tags from a resource
fms_batch_disassociate_resource
Disassociates resources from a Firewall Manager resource set
directoryservice_create_trust
Directory Service for Microsoft Active Directory allows you to configure
trust relationships
directoryservice_enable_sso
Enables single sign-on for a directory
directoryservice_describe_update_directory
Describes the updates of a directory for a particular update type
directoryservice_get_snapshot_limits
Obtains the manual snapshot limits for a directory
fms_put_notification_channel
Designates the IAM role and Amazon Simple Notification Service (SNS)
topic that Firewall Manager uses to record SNS logs
guardduty_create_publishing_destination
Creates a publishing destination to export findings to
detective_list_indicators
Get the indicators from an investigation
directoryservice_list_log_subscriptions
Lists the active log subscriptions for the Amazon Web Services account
fms_get_notification_channel
Information about the Amazon Simple Notification Service (SNS) topic
that is used to record Firewall Manager SNS logs
directoryservice_accept_shared_directory
Accepts a directory sharing request that was sent from the directory
owner account
iam_get_context_keys_for_principal_policy
Gets a list of all of the context keys referenced in all the IAM
policies that are attached to the specified IAM entity
guardduty_stop_monitoring_members
Stops GuardDuty monitoring for the specified member accounts
directoryservice_update_directory_setup
Updates the directory for a particular update type
directoryservice_list_tags_for_resource
Lists all tags on a directory
directoryservice_describe_directories
Obtains information about the directories that belong to this account
Returns the list of behavior graphs that the calling account is an
administrator account of
cognitosync_unsubscribe_from_dataset
Unsubscribes from receiving notifications when a dataset is modified by
another device
fms_list_resource_set_resources
Returns an array of resources that are currently associated to a
resource set
Creates an Firewall Manager protocols list
Firewall Management Service
fms_get_protection_status
If you created a Shield Advanced policy, returns policy-level attack
summary information in the event of a potential DDoS attack
directoryservice_reset_user_password
Resets the password for any user in your Managed Microsoft AD or Simple
AD directory
Creates a new IPSet, which is called a trusted IP list in the console
user interface
Removes one or more tags from an Amazon Web Services resource
directoryservice_unshare_directory
Stops the directory sharing between the directory owner and consumer
accounts
guardduty_accept_invitation
Accepts the invitation to be monitored by a GuardDuty administrator
account
directoryservice_register_certificate
Registers a certificate for a secure LDAP or client certificate
authentication
Retrieves the IPSet specified by the ipSetId
Returns a paginated list of the current filters
directoryservice_describe_shared_directories
Returns the shared directories in your account
directoryservice_enable_ldaps
Activates the switch for the specific directory to always use LDAP
secure calls
directoryservice_update_settings
Updates the configurable settings for the specified directory
guardduty_get_remaining_free_trial_days
Provides the number of days left for each data source used in the free
trial period
Permanently deletes an Firewall Manager applications list
detective_list_invitations
Retrieves the list of open and accepted behavior graph invitations for
the member account
directoryservice_verify_trust
Directory Service for Microsoft Active Directory allows you to configure
and verify trust relationships
Retrieves an Amazon GuardDuty detector specified by the detectorId
directoryservice_describe_settings
Retrieves information about the configurable settings for the specified
directory
Removes tags from a behavior graph
directoryservice_describe_event_topics
Obtains information about which Amazon SNS topics receive status
messages from the specified directory
directoryservice_delete_trust
Deletes an existing trust relationship between your Managed Microsoft AD
directory and an external domain
Deletes GuardDuty member accounts (to the current GuardDuty
administrator account) specified by the account IDs
Returns an array of ResourceSetSummary objects
directoryservice_describe_conditional_forwarders
Obtains information about the conditional forwarders for this account
directoryservice_list_ip_routes
Lists the address blocks that you have added to a directory
directoryservice_update_conditional_forwarder
Updates a conditional forwarder that has been set up for your Amazon Web
Services directory
directoryservice_list_certificates
For the specified directory, lists all the certificates registered for a
secure LDAP or client certificate authentication
AWS Directory Service
directoryservice_update_number_of_domain_controllers
Adds or removes domain controllers to or from the directory
Returns an array of AppsListDataSummary objects
detective_update_organization_configuration
Updates the configuration for the Organizations integration in the
current Region
guardduty_describe_malware_scans
Returns a list of malware scans
fms_list_third_party_firewall_firewall_policies
Retrieves a list of all of the third-party firewall policies that are
associated with the third-party firewall administrator's account
guardduty_disable_organization_admin_account
Removes the existing GuardDuty delegated administrator of the
organization
guardduty_delete_threat_intel_set
Deletes the ThreatIntelSet specified by the ThreatIntelSet ID
directoryservice_describe_snapshots
Obtains information about the directory snapshots that belong to this
account
directoryservice_update_trust
Updates the trust that has been set up between your Managed Microsoft AD
directory and an self-managed Active Directory
directoryservice_disable_client_authentication
Disables alternative client authentication methods for the specified
directory
Creates the resource set
directoryservice_deregister_certificate
Deletes from the system the certificate that was registered for secure
LDAP or client certificate authentication
Lists the IAM groups that have the specified path prefix
fms_list_compliance_status
Returns an array of PolicyComplianceStatus objects
Returns information about the specified account's administrative scope
Returns the details of the filter specified by the filter name
Returns information about the specified Firewall Manager protocols list
fms_list_tags_for_resource
Retrieves the list of tags for the specified Amazon Web Services
resource
directoryservice_disable_ldaps
Deactivates LDAP secure calls for the specified directory
directoryservice_share_directory
Shares a specified directory (DirectoryId) in your Amazon Web Services
account (directory owner) with another Amazon Web Services account
(directory consumer)
directoryservice_describe_ldaps_settings
Describes the status of LDAP security for the specified directory
guardduty_create_sample_findings
Generates sample findings of types specified by the list of finding
types
fms_disassociate_third_party_firewall
Disassociates a Firewall Manager policy administrator from a third-party
firewall tenant
guardduty_update_publishing_destination
Updates information about the publishing destination specified by the
destinationId
guardduty_disassociate_from_master_account
Disassociates the current GuardDuty member account from its
administrator account
directoryservice_list_schema_extensions
Lists all schema extensions applied to a Microsoft AD Directory
Gets information about a specific resource set
guardduty_create_threat_intel_set
Creates a new ThreatIntelSet
Returns the Organizations account that is associated with Firewall
Manager as the Firewall Manager default administrator
directoryservice_update_radius
Updates the Remote Authentication Dial In User Service (RADIUS) server
information for an AD Connector or Microsoft AD directory
Creates an Firewall Manager applications list
Creates a new role for your Amazon Web Services account
Invites Amazon Web Services accounts to become members of an
organization administered by the Amazon Web Services account that
invokes this API
Returns an array of ProtocolsListDataSummary objects
Creates member accounts of the current Amazon Web Services account by
specifying a list of Amazon Web Services account IDs
guardduty_get_organization_statistics
Retrieves how many active member accounts in your Amazon Web Services
organization have each feature enabled within GuardDuty
Creates or updates an Firewall Manager administrator account
guardduty_delete_publishing_destination
Deletes the publishing definition with the specified destinationId
Retrieves information about an MFA device for a specified user
guardduty_create_detector
Creates a single Amazon GuardDuty detector
directoryservice_disable_radius
Disables multi-factor authentication (MFA) with the Remote
Authentication Dial In User Service (RADIUS) server for an AD Connector
or Microsoft AD directory
guardduty_decline_invitations
Declines invitations sent to the current member account by Amazon Web
Services accounts specified by their account IDs
Retrieves GuardDuty member accounts (of the current GuardDuty
administrator account) specified by the account IDs
directoryservice_register_event_topic
Associates a directory with an Amazon SNS topic
fms_associate_admin_account
Sets a Firewall Manager default administrator account
directoryservice_disable_sso
Disables single-sign on for a directory
guardduty_get_usage_statistics
Lists Amazon GuardDuty usage statistics over the last 30 days for the
specified detector ID
Lists details about all member accounts for the current GuardDuty
administrator account
guardduty_disassociate_from_administrator_account
Disassociates the current GuardDuty member account from its
administrator account
fms_delete_notification_channel
Deletes an Firewall Manager association with the IAM role and the Amazon
Simple Notification Service (SNS) topic that is used to record Firewall
Manager SNS logs
Lists coverage details for your GuardDuty account
fms_list_admin_accounts_for_organization
Returns a AdminAccounts object that lists the Firewall Manager
administrators within the organization that are onboarded to Firewall
Manager by AssociateAdminAccount
fms_get_violation_details
Retrieves violations for a resource based on the specified Firewall
Manager policy and Amazon Web Services account
Attaches the specified managed policy to the specified IAM group
guardduty_update_detector
Updates the Amazon GuardDuty detector specified by the detectorId
iam_delete_service_specific_credential
Deletes the specified service-specific credential
guardduty_list_organization_admin_accounts
Lists the accounts designated as GuardDuty delegated administrators
iam_get_service_last_accessed_details_with_entities
After you generate a group or policy report using the
GenerateServiceLastAccessedDetails operation, you can use the JobId
parameter in GetServiceLastAccessedDetailsWithEntities
fms_get_third_party_firewall_association_status
The onboarding status of a Firewall Manager admin account to third-party
firewall vendor tenant
iam_create_service_linked_role
Creates an IAM role that is linked to a specific Amazon Web Services
service
guardduty_describe_publishing_destination
Returns information about the publishing destination specified by the
provided destinationId
guardduty_describe_organization_configuration
Returns information about the account selected as the delegated
administrator for GuardDuty
Attaches the specified managed policy to the specified user
Amazon GuardDuty
Permanently deletes an Firewall Manager policy
Lists Amazon GuardDuty findings for the specified detector ID
guardduty_archive_findings
Archives GuardDuty findings that are specified by the list of finding
IDs
Deletes the IPSet specified by the ipSetId
fms_disassociate_admin_account
Disassociates an Firewall Manager administrator account
iam_update_server_certificate
Updates the name and/or the path of the specified server certificate
stored in IAM
iam_delete_policy_version
Deletes the specified version from the specified managed policy
guardduty_start_monitoring_members
Turns on GuardDuty monitoring of the specified member accounts
fms_list_discovered_resources
Returns an array of resources in the organization's accounts that are
available to be associated with a resource set
guardduty_get_master_account
Provides the details for the GuardDuty administrator account associated
with the current GuardDuty member account
Returns information about the specified Firewall Manager applications
list
Describes Amazon GuardDuty findings specified by finding IDs
guardduty_update_member_detectors
Contains information on member accounts to be updated
Deletes the specified IAM user
guardduty_get_coverage_statistics
Retrieves aggregated statistics for your account
guardduty_accept_administrator_invitation
Accepts the invitation to be a member account and get monitored by a
GuardDuty administrator account that sent the invitation
fms_delete_protocols_list
Permanently deletes an Firewall Manager protocols list
iam_delete_ssh_public_key
Deletes the specified SSH public key
guardduty_update_organization_configuration
Configures the delegated administrator account with the provided values
guardduty_get_malware_scan_settings
Returns the details of the malware scan settings
AWS Identity and Access Management
fms_list_admins_managing_account
Lists the accounts that are managing the specified Organizations member
account
guardduty_update_findings_feedback
Marks the specified GuardDuty findings as useful or not useful
guardduty_list_invitations
Lists all GuardDuty membership invitations that were sent to the current
Amazon Web Services account
Creates a filter using the specified finding criteria
guardduty_enable_organization_admin_account
Designates an Amazon Web Services account within the organization as
your GuardDuty delegated administrator
Deletes the specified ResourceSet
iam_deactivate_mfa_device
Deactivates the specified MFA device and removes it from association
with the user name for which it was originally enabled
Deletes the specified role
Deletes the filter specified by the filter name
guardduty_update_threat_intel_set
Updates the ThreatIntelSet specified by the ThreatIntelSet ID
Deletes the specified Amazon Web Services account alias
guardduty_disassociate_members
Disassociates GuardDuty member accounts (from the current administrator
account) specified by the account IDs
Returns a MemberAccounts object that lists the member accounts in the
administrator's Amazon Web Services organization
Adds tags to a resource
iam_delete_role_permissions_boundary
Deletes the permissions boundary for the specified IAM role
Changes the password of the IAM user who is calling this operation
Lists the account alias associated with the Amazon Web Services account
(Note: you can have only one)
guardduty_list_threat_intel_sets
Lists the ThreatIntelSets of the GuardDuty service specified by the
detector ID
Lists the IPSets of the GuardDuty service specified by the detector ID
Deletes the specified inline policy that is embedded in the specified
IAM role
guardduty_delete_detector
Deletes an Amazon GuardDuty detector that is specified by the detector
ID
guardduty_get_administrator_account
Provides the details of the GuardDuty administrator account associated
with the current GuardDuty member account
Enables the specified MFA device and associates it with the specified
IAM user
guardduty_get_findings_statistics
Lists Amazon GuardDuty findings statistics for the specified detector ID
Removes the specified managed policy from the specified IAM group
Lists detectorIds of all the existing Amazon GuardDuty detector
resources
Deletes the access key pair associated with the specified IAM user
iam_generate_organizations_access_report
Generates a report for service last accessed data for Organizations
iam_create_open_id_connect_provider
Creates an IAM entity to describe an identity provider (IdP) that
supports OpenID Connect (OIDC)
Updates the filter specified by the filter name
Creates a password for the specified IAM user
iam_delete_service_linked_role
Submits a service-linked role deletion request and returns a
DeletionTaskId, which you can use to check the status of the deletion
iam_create_service_specific_credential
Generates a set of credentials consisting of a user name and password
that can be used to access the service specified in the request
guardduty_start_malware_scan
Initiates the malware scan
iam_add_client_id_to_open_id_connect_provider
Adds a new client ID (also known as audience) to the list of client IDs
already registered for the specified IAM OpenID Connect (OIDC) provider
resource
Updates the IPSet specified by the IPSet ID
guardduty_get_member_detectors
Describes which data sources are enabled for the member account's
detector
iam_delete_instance_profile
Deletes the specified instance profile
Removes the specified managed policy from the specified user
Removes the specified managed policy from the specified role
guardduty_get_invitations_count
Returns the count of all GuardDuty membership invitations that were sent
to the current member account except the currently accepted invitation
iam_get_open_id_connect_provider
Returns information about the specified OpenID Connect (OIDC) provider
resource object in IAM
iam_get_account_authorization_details
Retrieves information about all IAM users, groups, roles, and policies
in your Amazon Web Services account, including their relationships to
one another
iam_delete_user_permissions_boundary
Deletes the permissions boundary for the specified IAM user
Lists the IAM groups that the specified IAM user belongs to
Retrieves the specified SSH public key, including metadata about the key
Creates a new Amazon Web Services secret access key and corresponding
Amazon Web Services access key ID for the specified user
Retrieves information about IAM entity usage and IAM quotas in the
Amazon Web Services account
iam_get_organizations_access_report
Retrieves the service last accessed data report for Organizations that
was previously generated using the GenerateOrganizationsAccessReport
operation
iam_generate_credential_report
Generates a credential report for the Amazon Web Services account
iam_add_role_to_instance_profile
Adds the specified IAM role to the specified instance profile
iam_remove_user_from_group
Removes the specified user from the specified group
guardduty_get_threat_intel_set
Retrieves the ThreatIntelSet that is specified by the ThreatIntelSet ID
iam_delete_signing_certificate
Deletes a signing certificate associated with the specified IAM user
iam_get_context_keys_for_custom_policy
Gets a list of all of the context keys referenced in the input policies
guardduty_list_publishing_destinations
Returns a list of publishing destinations associated with the specified
detectorId
iam_generate_service_last_accessed_details
Generates a report that includes details about when an IAM resource
(user, group, role, or policy) was last used in an attempt to access
Amazon Web Services services
Creates an IAM resource that describes an identity provider (IdP) that
supports SAML 2
Adds one or more tags to an IAM role
guardduty_unarchive_findings
Unarchives GuardDuty findings specified by the findingIds
Creates a new managed policy for your Amazon Web Services account
Creates an alias for your Amazon Web Services account
iam_create_instance_profile
Creates a new instance profile
iam_get_credential_report
Retrieves a credential report for the Amazon Web Services account
Attaches the specified managed policy to the specified IAM role
iamrolesanywhere_get_trust_anchor
Gets a trust anchor
Adds the specified user to the specified group
Retrieves information about the specified instance profile, including
the instance profile's path, GUID, ARN, and role
iam_delete_open_id_connect_provider
Deletes an OpenID Connect identity provider (IdP) resource object in IAM
Deletes the specified inline policy that is embedded in the specified
IAM group
iam_list_policies_granting_service_access
Retrieves a list of policies that the IAM identity (user, group, or
role) can use to access each specified service
Updates the metadata document for an existing SAML provider resource
object
Retrieves the user name for the specified IAM user
iam_delete_account_password_policy
Deletes the password policy for the Amazon Web Services account
iam_get_account_password_policy
Retrieves the password policy for the Amazon Web Services account
iam_list_attached_user_policies
Lists all managed policies that are attached to the specified IAM user
iam_create_policy_version
Creates a new version of the specified managed policy
iam_list_server_certificates
Lists the server certificates stored in IAM that have the specified path
prefix
Deletes the specified inline policy that is embedded in the specified
IAM user
iam_get_service_linked_role_deletion_status
Retrieves the status of your service-linked role deletion
Retrieves information about the specified managed policy, including the
policy's default version and the total number of IAM users, groups, and
roles to which the policy is attached
iam_list_attached_group_policies
Lists all managed policies that are attached to the specified IAM group
Adds or updates an inline policy document that is embedded in the
specified IAM group
iam_untag_open_id_connect_provider
Removes the specified tags from the specified OpenID Connect
(OIDC)-compatible identity provider in IAM
Returns information about the SSH public keys associated with the
specified IAM user
Adds or updates an inline policy document that is embedded in the
specified IAM user
Returns information about the access key IDs associated with the
specified IAM user
Lists information about the versions of the specified managed policy,
including the version that is currently set as the policy's default
version
guardduty_update_malware_scan_settings
Updates the malware scan settings
Adds one or more tags to an IAM user
iam_delete_virtual_mfa_device
Deletes a virtual MFA device
Lists the IAM roles that have the specified path prefix
Lists the MFA devices for an IAM user
iam_list_open_id_connect_provider_tags
Lists the tags that are attached to the specified OpenID Connect
(OIDC)-compatible identity provider
Retrieves information about the specified IAM user, including the user's
creation date, path, unique ID, and ARN
iam_get_service_last_accessed_details
Retrieves a service last accessed report that was created using the
GenerateServiceLastAccessedDetails operation
Deletes the specified IAM group
iam_untag_instance_profile
Removes the specified tags from the IAM instance profile
iamrolesanywhere_disable_profile
Disables a profile
Adds or updates an inline policy document that is embedded in the
specified IAM role
Lists the tags that are attached to the specified IAM user
Deletes the password for the specified IAM user, For more information,
see Managing passwords for IAM users
iam_list_server_certificate_tags
Lists the tags that are attached to the specified IAM server certificate
Lists the tags that are attached to the specified role
iam_list_open_id_connect_providers
Lists information about the IAM OpenID Connect (OIDC) provider resource
objects defined in the Amazon Web Services account
Lists the names of the inline policies that are embedded in the
specified IAM role
iam_put_user_permissions_boundary
Adds or updates the policy that is specified as the IAM user's
permissions boundary
iam_tag_server_certificate
Adds one or more tags to an IAM server certificate
Retrieves the specified inline policy document that is embedded with the
specified IAM role
iam_set_security_token_service_preferences
Sets the specified version of the global endpoint token as the token
version used for the Amazon Web Services account
iamrolesanywhere_list_tags_for_resource
Lists the tags attached to the resource
Adds one or more tags to an IAM virtual multi-factor authentication
(MFA) device
iam_update_account_password_policy
Updates the password policy settings for the Amazon Web Services account
iam_list_instance_profile_tags
Lists the tags that are attached to the specified IAM instance profile
Lists the SAML provider resource objects defined in IAM in the account
Returns the SAML provider metadocument that was uploaded when the IAM
SAML provider resource object was created or updated
Creates a new IAM user for your Amazon Web Services account
iam_get_server_certificate
Retrieves information about the specified server certificate stored in
IAM
Removes the specified tags from the customer managed policy
identitystore_describe_group_membership
Retrieves membership metadata and attributes from MembershipId in an
identity store
iam_list_attached_role_policies
Lists all managed policies that are attached to the specified IAM role
iam_put_role_permissions_boundary
Adds or updates the policy that is specified as the IAM role's
permissions boundary
iam_list_virtual_mfa_devices
Lists the virtual MFA devices defined in the Amazon Web Services account
by assignment status
iam_list_instance_profiles
Lists the instance profiles that have the specified path prefix
iam_update_assume_role_policy
Updates the policy that grants an IAM entity permission to assume a role
identitystore_delete_group_membership
Delete a membership within a group given MembershipId
Retrieves the specified inline policy document that is embedded in the
specified IAM group
iam_remove_client_id_from_open_id_connect_provider
Removes the specified client ID (also known as audience) from the list
of client IDs registered for the specified IAM OpenID Connect (OIDC)
provider resource object
iam_list_entities_for_policy
Lists all IAM users, groups, and roles that the specified managed policy
is attached to
iamrolesanywhere_delete_profile
Deletes a profile
iam_update_ssh_public_key
Sets the status of an IAM user's SSH public key to active or inactive
iam_reset_service_specific_credential
Resets the password for a service-specific credential
iam_update_service_specific_credential
Sets the status of a service-specific credential to Active or Inactive
Lists the IAM users that have the specified path prefix
inspector2_get_ec_2_deep_inspection_configuration
Retrieves the activation status of Amazon Inspector deep inspection and
custom paths associated with your account
iam_tag_open_id_connect_provider
Adds one or more tags to an OpenID Connect (OIDC)-compatible identity
provider
Adds one or more tags to an IAM customer managed policy
inspector2_update_organization_configuration
Updates the configurations for your Amazon Inspector organization
iam_update_open_id_connect_provider_thumbprint
Replaces the existing list of server certificate thumbprints associated
with an OpenID Connect (OIDC) provider resource object with a new list
of thumbprints
iamrolesanywhere_create_trust_anchor
Creates a trust anchor to establish trust between IAM Roles Anywhere and
your certificate authority (CA)
iam_remove_role_from_instance_profile
Removes the specified IAM role from the specified EC2 instance profile
Gets a certificate revocation list (CRL)
iam_delete_server_certificate
Deletes the specified server certificate
Adds one or more tags to a Security Assertion Markup Language (SAML)
identity provider
iam_upload_signing_certificate
Uploads an X
Retrieves information about the specified version of the specified
managed policy, including the policy document
iam_set_default_policy_version
Sets the specified version of the specified policy as the policy's
default (operative) version
Retrieves the specified inline policy document that is embedded in the
specified IAM user
iam_update_role_description
Use UpdateRole instead
iam_list_saml_provider_tags
Lists the tags that are attached to the specified Security Assertion
Markup Language (SAML) identity provider
identitystore_create_group
Creates a group within the specified identity store
Lists all the managed policies that are available in your Amazon Web
Services account, including your own customer-defined managed policies
and all Amazon Web Services managed policies
iam_update_signing_certificate
Changes the status of the specified user signing certificate from active
to disabled, or vice versa
Creates a new group
iamrolesanywhere_list_profiles
Lists all profiles in the authenticated account and Amazon Web Services
Region
iam_simulate_custom_policy
Simulate how a set of IAM policies and optionally a resource-based
policy works with a list of API operations and Amazon Web Services
resources to determine the policies' effective permissions
Lists the names of the inline policies embedded in the specified IAM
user
iam_upload_ssh_public_key
Uploads an SSH public key and associates it with the specified IAM user
Changes the status of the specified access key from Active to Inactive,
or vice versa
iamrolesanywhere_disable_crl
Disables a certificate revocation list (CRL)
identitystore_create_user
Creates a user within the specified identity store
iamrolesanywhere_get_profile
Gets a profile
Removes the specified tags from the IAM virtual multi-factor
authentication (MFA) device
iamrolesanywhere_delete_crl
Deletes a certificate revocation list (CRL)
iam_create_virtual_mfa_device
Creates a new virtual MFA device for the Amazon Web Services account
iam_get_access_key_last_used
Retrieves information about when the specified access key was last used
Deletes the specified managed policy
inspector2_untag_resource
Removes tags from a resource
Deletes a SAML provider resource in IAM
iam_list_instance_profiles_for_role
Lists the instance profiles that have the specified associated IAM role
iamrolesanywhere_list_subjects
Lists the subjects in the authenticated account and Amazon Web Services
Region
Returns a list of IAM users that are in the specified IAM group
inspector2_describe_organization_configuration
Describe Amazon Inspector configuration settings for an Amazon Web
Services organization
iamrolesanywhere_put_notification_settings
Attaches a list of notification settings to a trust anchor
iamrolesanywhere_import_crl
Imports the certificate revocation list (CRL)
iam_upload_server_certificate
Uploads a server certificate entity for the Amazon Web Services account
Removes the specified tags from the specified Security Assertion Markup
Language (SAML) identity provider in IAM
identitystore_list_group_memberships
For the specified group in the specified identity store, returns the
list of all GroupMembership objects and returns results in paginated
form
iamrolesanywhere_delete_trust_anchor
Deletes a trust anchor
identitystore_describe_group
Retrieves the group metadata and attributes from GroupId in an identity
store
iamrolesanywhere_list_crls
Lists all certificate revocation lists (CRL) in the authenticated
account and Amazon Web Services Region
identitystore_create_group_membership
Creates a relationship between a member and a group
iam_untag_server_certificate
Removes the specified tags from the IAM server certificate
Retrieves information about the specified role, including the role's
path, GUID, ARN, and the role's trust policy that grants permission to
assume the role
Creates a filter resource using specified filter criteria
iamrolesanywhere_enable_profile
Enables temporary credential requests for a profile
iamrolesanywhere_get_subject
Gets a subject, which associates a certificate identity with
authentication attempts
iamrolesanywhere_enable_trust_anchor
Enables a trust anchor
iamrolesanywhere_reset_notification_settings
Resets the custom notification setting to IAM Roles Anywhere default
setting
Updates the name and/or the path of the specified IAM group
Removes the specified tags from the user
Updates the description or maximum session duration setting of a role
Disables Amazon Inspector scans for one or more Amazon Web Services
accounts
iam_list_signing_certificates
Returns information about the signing certificates associated with the
specified IAM user
identitystore_list_groups
Lists all groups in the identity store
Lists the names of the inline policies that are embedded in the
specified IAM group
Lists the tags that are attached to the specified IAM customer managed
policy
Updates the name and/or the path of the specified IAM user
Enables Amazon Inspector scans for one or more Amazon Web Services
accounts
inspector_get_telemetry_metadata
Information about the data that is collected for the specified
assessment run
inspector2_cancel_sbom_export
Cancels a software bill of materials (SBOM) report
inspector2_batch_get_account_status
Retrieves the Amazon Inspector status of multiple Amazon Web Services
accounts within your environment
Removes the specified tags from the role
iam_simulate_principal_policy
Simulate how a set of IAM policies attached to an IAM entity works with
a list of API operations and Amazon Web Services resources to determine
the policies' effective permissions
kms_connect_custom_key_store
Connects or reconnects a custom key store to its backing key store
inspector_subscribe_to_event
Enables the process of sending Amazon Simple Notification Service (SNS)
notifications about a specified event to a specified SNS topic
inspector_describe_findings
Describes the findings that are specified by the ARNs of the findings
identitystore_delete_user
Deletes a user within an identity store given UserId
inspector2_batch_get_code_snippet
Retrieves code snippets from findings that Amazon Inspector detected
code vulnerabilities in
identitystore_get_group_id
Retrieves GroupId in an identity store
identitystore_delete_group
Delete a group within an identity store given GroupId
Lists the tags that are attached to the specified IAM virtual
multi-factor authentication (MFA) device
inspector2_update_configuration
Updates setting configurations for your Amazon Inspector account
identitystore_describe_user
Retrieves the user metadata and attributes from the UserId in an
identity store
Amazon Inspector
inspector2_enable_delegated_admin_account
Enables the Amazon Inspector delegated administrator for your
Organizations organization
inspector_list_assessment_run_agents
Lists the agents of the assessment runs that are specified by the ARNs
of the assessment runs
inspector2_get_configuration
Retrieves setting configurations for Inspector scans
Lists the filters associated with your account
inspector2_list_finding_aggregations
Lists aggregated finding data for your environment based on specific
criteria
Inspector2
inspector2_list_account_permissions
Lists the permissions an account has to configure Amazon Inspector
inspector2_get_delegated_admin_account
Retrieves information about the Amazon Inspector delegated administrator
for your organization
inspector2_create_findings_report
Creates a finding report
iamrolesanywhere_list_trust_anchors
Lists the trust anchors in the authenticated account and Amazon Web
Services Region
identitystore_list_group_memberships_for_member
For the specified member in the specified identity store, returns the
list of all GroupMembership objects and returns results in paginated
form
Adds one or more tags to an IAM instance profile
identitystore_update_user
For the specified user in the specified identity store, updates the user
metadata and attributes
iam_list_service_specific_credentials
Returns information about the service-specific credentials associated
with the specified IAM user
inspector_list_assessment_templates
Lists the assessment templates that correspond to the assessment targets
that are specified by the ARNs of the assessment targets
inspector2_update_ec_2_deep_inspection_configuration
Activates, deactivates Amazon Inspector deep inspection, or updates
custom paths for your account
iamrolesanywhere_disable_trust_anchor
Disables a trust anchor
iamrolesanywhere_update_trust_anchor
Updates a trust anchor
inspector2_update_encryption_key
Updates an encryption key
Synchronizes the specified MFA device with its IAM resource object on
the Amazon Web Services servers
Lists findings for your environment
AWS SSO Identity Store
inspector2_get_sbom_export
Gets details of a software bill of materials (SBOM) report
Lists findings that are generated by the assessment runs that are
specified by the ARNs of the assessment runs
IAM Roles Anywhere
inspector2_search_vulnerabilities
Lists Amazon Inspector coverage details for a specific vulnerability
inspector2_batch_get_member_ec_2_deep_inspection_status
Retrieves Amazon Inspector deep inspection activation status of multiple
member accounts within your organization
iamrolesanywhere_tag_resource
Attaches tags to a resource
inspector2_get_findings_report_status
Gets the status of a findings report
identitystore_is_member_in_groups
Checks the user's membership in all requested groups and returns if the
member exists in all queried groups
inspector2_cancel_findings_report
Cancels the given findings report
Lists coverage details for you environment
inspector2_associate_member
Associates an Amazon Web Services account with an Amazon Inspector
delegated administrator
inspector_add_attributes_to_findings
Assigns attributes (key and value pairs) to the findings that are
specified by the ARNs of the findings
inspector2_get_encryption_key
Gets an encryption key
inspector2_batch_get_free_trial_info
Gets free trial status for multiple Amazon Web Services accounts
Changes the password for the specified IAM user
Adds tags to a resource
iamrolesanywhere_create_profile
Creates a profile, a list of the roles that Roles Anywhere service is
trusted to assume
iamrolesanywhere_enable_crl
Enables a certificate revocation list (CRL)
inspector2_batch_get_finding_details
Gets vulnerability details for findings
inspector_delete_assessment_run
Deletes the assessment run that is specified by the ARN of the
assessment run
inspector_get_exclusions_preview
Retrieves the exclusions preview (a list of ExclusionPreview objects)
specified by the preview token
inspector_describe_rules_packages
Describes the rules packages that are specified by the ARNs of the rules
packages
inspector_create_resource_group
Creates a resource group using the specified set of tags (key and value
pairs) that are used to select the EC2 instances to be included in an
Amazon Inspector assessment target
AWS Key Management Service
inspector_get_assessment_report
Produces an assessment report that includes detailed and comprehensive
results of a specified assessment run
inspector2_batch_update_member_ec_2_deep_inspection_status
Activates or deactivates Amazon Inspector deep inspection for the
provided member accounts in your organization
inspector_list_assessment_targets
Lists the ARNs of the assessment targets within this AWS account
inspector_unsubscribe_from_event
Disables the process of sending Amazon Simple Notification Service (SNS)
notifications about a specified event to a specified SNS topic
Replicates a multi-Region key into the specified Region
inspector_list_tags_for_resource
Lists all tags associated with an assessment template
Previews the agents installed on the EC2 instances that are part of the
specified assessment target
inspector_describe_assessment_runs
Describes the assessment runs that are specified by the ARNs of the
assessment runs
iamrolesanywhere_untag_resource
Removes tags from the resource
inspector_describe_resource_groups
Describes the resource groups that are specified by the ARNs of the
resource groups
inspector2_list_delegated_admin_accounts
Lists information about the Amazon Inspector delegated administrator of
your organization
inspector_describe_assessment_templates
Describes the assessment templates that are specified by the ARNs of the
assessment templates
iamrolesanywhere_update_crl
Updates the certificate revocation list (CRL)
Cancels the deletion of a KMS key
macie2_list_classification_jobs
Retrieves a subset of information about one or more classification jobs
Gets member information for your organization
inspector_create_exclusions_preview
Starts the generation of an exclusions preview for the specified
assessment template
inspector_describe_assessment_targets
Describes the assessment targets that are specified by the ARNs of the
assessment targets
inspector_delete_assessment_template
Deletes the assessment template that is specified by the ARN of the
assessment template
kms_generate_data_key_pair
Returns a unique asymmetric data key pair for use outside of KMS
iamrolesanywhere_update_profile
Updates a profile, a list of the roles that IAM Roles Anywhere service
is trusted to assume
Generates a hash-based message authentication code (HMAC) for a message
using an HMAC KMS key and a MAC algorithm that the key supports
inspector2_update_org_ec_2_deep_inspection_configuration
Updates the Amazon Inspector deep inspection custom paths for your
organization
inspector_list_rules_packages
Lists all available Amazon Inspector rules packages
inspector_list_assessment_runs
Lists the assessment runs that correspond to the assessment templates
that are specified by the ARNs of the assessment templates
inspector_stop_assessment_run
Stops the assessment run that is specified by the ARN of the assessment
run
Deletes a filter resource
Lists all users in the identity store
inspector_delete_assessment_target
Deletes the assessment target that is specified by the ARN of the
assessment target
kms_generate_data_key_without_plaintext
Returns a unique symmetric data key for use outside of KMS
Specifies the action that is to be applied to the findings that match
the filter
inspector2_create_sbom_export
Creates a software bill of materials (SBOM) report
inspector2_list_tags_for_resource
Lists all tags attached to a given resource
Amazon Macie 2
Creates a friendly name for a KMS key
Adds a grant to a KMS key
Deletes a grant
inspector_set_tags_for_resource
Sets tags (key and value pairs) to the assessment template that is
specified by the ARN of the assessment template
identitystore_get_user_id
Retrieves the UserId in an identity store
inspector2_disable_delegated_admin_account
Disables the Amazon Inspector delegated administrator for your
organization
inspector_start_assessment_run
Starts the assessment run specified by the ARN of the assessment
template
inspector_update_assessment_target
Updates the assessment target that is specified by the ARN of the
assessment target
inspector2_list_coverage_statistics
Lists Amazon Inspector coverage statistics for your environment
identitystore_get_group_membership_id
Retrieves the MembershipId in an identity store
Disables automatic rotation of the key material of the specified
symmetric encryption KMS key
Deletes the specified alias
Creates a unique customer managed KMS key in your Amazon Web Services
account and Region
Attaches a key policy to the specified KMS key
kms_delete_custom_key_store
Deletes a custom key store
Enables automatic rotation of the key material of the specified
symmetric encryption KMS key
Sets the key state of a KMS key to enabled
macie2_disable_organization_admin_account
Disables an account as the delegated Amazon Macie administrator account
for an organization in Organizations
Gets a list of all grants for the specified KMS key
Creates and defines the settings for an allow list
identitystore_update_group
For the specified group in the specified identity store, updates the
group metadata and attributes
Decrypts ciphertext that was encrypted by a KMS key using any of the
following operations:
inspector2_disassociate_member
Disassociates a member account from an Amazon Inspector delegated
administrator
inspector2_list_usage_totals
Lists the Amazon Inspector usage totals over the last 30 days
Returns the public key of an asymmetric KMS key
Verifies a digital signature that was generated by the Sign operation
kms_get_key_rotation_status
Gets a Boolean value that indicates whether automatic rotation of the
key material is enabled for the specified KMS key
Encrypts plaintext of up to 4,096 bytes using a KMS key
inspector_create_assessment_target
Creates a new assessment target using the ARN of the resource group that
is generated by CreateResourceGroup
kms_get_parameters_for_import
Returns the public key and an import token you need to import or
reimport key material for a KMS key
kms_disconnect_custom_key_store
Disconnects the custom key store from its backing key store
inspector_create_assessment_template
Creates an assessment template for the assessment target that is
specified by the ARN of the assessment target
Returns a unique symmetric data key for use outside of KMS
inspector_describe_cross_account_access_role
Describes the IAM role that enables Amazon Inspector to access your AWS
account
inspector2_reset_encryption_key
Resets an encryption key
inspector_register_cross_account_access_role
Registers the IAM role that grants Amazon Inspector access to AWS
Services needed to perform security assessments
inspector_list_event_subscriptions
Lists all the event subscriptions for the assessment template that is
specified by the ARN of the assessment template
Retrieves a subset of information about one or more findings
macie2_get_classification_export_configuration
Retrieves the configuration settings for storing data classification
results
kms_generate_data_key_pair_without_plaintext
Returns a unique asymmetric data key pair for use outside of KMS
List members associated with the Amazon Inspector delegated
administrator for your organization
inspector_describe_exclusions
Describes the exclusions that are specified by the exclusions' ARNs
inspector_list_exclusions
List exclusions that are generated by the assessment run
Verifies the hash-based message authentication code (HMAC) for a
specified message, HMAC KMS key, and MAC algorithm
macie2_get_classification_scope
Retrieves the classification scope settings for an account
secretsmanager_replicate_secret_to_regions
Replicates the secret to a new Regions
Gets a list of aliases in the caller's Amazon Web Services account and
region
macie2_list_custom_data_identifiers
Retrieves a subset of information about all the custom data identifiers
for an account
Gets a key policy attached to the specified KMS key
macie2_get_bucket_statistics
Retrieves (queries) aggregated statistical data about all the S3 buckets
that Amazon Macie monitors and analyzes for an account
kms_update_primary_region
Changes the primary key of a multi-Region key
Deletes an allow list
Disables Amazon Macie and deletes all settings and resources for a Macie
account
kms_delete_imported_key_material
Deletes key material that was previously imported
Returns all tags on the specified KMS key
macie2_update_resource_profile_detections
Updates the sensitivity scoring settings for an S3 bucket
macie2_put_findings_publication_configuration
Updates the configuration settings for publishing findings to Security
Hub
macie2_list_classification_scopes
Retrieves a subset of information about the classification scope for an
account
macie2_get_resource_profile
Retrieves (queries) sensitive data discovery statistics and the
sensitivity score for an S3 bucket
macie2_list_tags_for_resource
Retrieves the tags (keys and values) that are associated with an Amazon
Macie resource
Imports or reimports key material into an existing KMS key that was
created without key material
inspector_remove_attributes_from_findings
Removes entire attributes (key and value pairs) from the findings that
are specified by the ARNs of the findings where an attribute with the
specified key exists
macie2_create_classification_job
Creates and defines the settings for a classification job
kms_list_retirable_grants
Returns information about all grants in the Amazon Web Services account
and Region that have the specified retiring principal
macie2_create_invitations
Sends an Amazon Macie membership invitation to one or more accounts
ram_create_permission_version
Creates a new version of the specified customer managed permission
kms_describe_custom_key_stores
Gets information about custom key stores in the account and Region
Retrieves information about an account that's associated with an Amazon
Macie administrator account
ram_create_resource_share
Creates a resource share
Decrypts ciphertext and then reencrypts it entirely within KMS
Retrieves a list of available RAM permissions that you can use for the
supported resource types
Gets the names of the key policies that are attached to a KMS key
Gets a list of all KMS keys in the caller's Amazon Web Services account
and Region
macie2_get_custom_data_identifier
Retrieves the criteria and other settings for a custom data identifier
macie2_get_automated_discovery_configuration
Retrieves the configuration settings and status of automated sensitive
data discovery for an account
kms_create_custom_key_store
Creates a custom key store backed by a key store that you own and manage
Deletes tags from a customer managed key
kms_schedule_key_deletion
Schedules the deletion of a KMS key
securityhub_accept_administrator_invitation
Accepts the invitation to be a member account and be monitored by the
Security Hub administrator account that the invitation was sent from
Retrieves the settings and status of an allow list
Sets the state of a KMS key to disabled
Retrieves a subset of information about all the allow lists for an
account
macie2_enable_organization_admin_account
Designates an account as the delegated Amazon Macie administrator
account for an organization in Organizations
pcaconnectorad_get_template
Retrieves a certificate template that the connector uses to issue
certificates from a private CA
Associates an existing KMS alias with a different KMS key
Returns a random byte string that is cryptographically secure
macie2_describe_classification_job
Retrieves the status and settings for a classification job
Provides detailed information about a KMS key
macie2_get_reveal_configuration
Retrieves the status and configuration settings for retrieving
occurrences of sensitive data reported by findings
securityhub_create_configuration_policy
Creates a configuration policy with the defined configuration
pcaconnectorad_tag_resource
Adds one or more tags to your resource
Retrieves (queries) aggregated usage data for an account
Retrieves information about the Amazon Macie membership invitations that
were received by an account
macie2_create_findings_filter
Creates and defines the criteria and other settings for a findings
filter
macie2_create_custom_data_identifier
Creates and defines the criteria and other settings for a custom data
identifier
Deletes the specified grant
pcaconnectorad_get_connector
Lists information about your connector
Retrieves (queries) statistical data and other information about Amazon
Web Services resources that Amazon Macie monitors and analyzes
macie2_decline_invitations
Declines Amazon Macie membership invitations that were received from
specific accounts
macie2_put_classification_export_configuration
Creates or updates the configuration settings for storing data
classification results
pcaconnectorad_get_service_principal_name
Lists the service principal name that the connector uses to authenticate
with Active Directory
macie2_get_findings_filter
Retrieves the criteria and other settings for a findings filter
ram_associate_resource_share
Adds the specified list of principals and list of resources to a
resource share
macie2_disassociate_member
Disassociates an Amazon Macie administrator account from a member
account
macie2_get_administrator_account
Retrieves information about the Amazon Macie administrator account for
an account
Enables Amazon Macie and specifies the configuration settings for a
Macie account
macie2_get_invitations_count
Retrieves the count of Amazon Macie membership invitations that were
received by an account
pcaconnectorad_delete_directory_registration
Deletes a directory registration
pcaconnectorad_list_templates
Lists the templates, if any, that are associated with a connector
Creates a digital signature for a message or message digest by using the
private key in an asymmetric signing KMS key
macie2_get_sensitivity_inspection_template
Retrieves the settings for the sensitivity inspection template for an
account
Associates an account with an Amazon Macie administrator account
macie2_create_sample_findings
Creates sample findings
Removes one or more tags (keys and values) from an Amazon Macie resource
pcaconnectorad_list_directory_registrations
Lists the directory registrations that you created by using the
https://docs
Retrieves (queries) statistical data and other information about one or
more S3 buckets that Amazon Macie monitors and analyzes for an account
Updates the settings for an allow list
macie2_get_findings_publication_configuration
Retrieves the configuration settings for publishing findings to Security
Hub
pcaconnectorad_delete_service_principal_name
Deletes the service principal name (SPN) used by a connector to
authenticate with your Active Directory
securityhub_batch_delete_automation_rules
Deletes one or more automation rules
Retrieves the contents of a managed permission in JSON format
macie2_list_findings_filters
Retrieves a subset of information about all the findings filters for an
account
macie2_list_sensitivity_inspection_templates
Retrieves a subset of information about the sensitivity inspection
template for an account
macie2_list_managed_data_identifiers
Retrieves information about all the managed data identifiers that Amazon
Macie currently provides
pcaconnectorad_create_service_principal_name
Creates a service principal name (SPN) for the service account in Active
Directory
pcaconnectorad_list_service_principal_names
Lists the service principal names that the connector uses to
authenticate with Active Directory
macie2_update_reveal_configuration
Updates the status and configuration settings for retrieving occurrences
of sensitive data reported by findings
Accepts an Amazon Macie membership invitation that was received from a
specific account
Adds or edits tags on a customer managed key
macie2_describe_organization_configuration
Retrieves the Amazon Macie configuration settings for an organization in
Organizations
Retrieves information about the accounts that are associated with an
Amazon Macie administrator account
Deletes the specified customer managed permission in the Amazon Web
Services Region in which you call this operation
macie2_delete_invitations
Deletes Amazon Macie membership invitations that were received from
specific accounts
PcaConnectorAd
securityhub_get_configuration_policy_association
Returns the association between a configuration and a target account,
organizational unit, or the root
secretsmanager_get_secret_value
Retrieves the contents of the encrypted fields SecretString or
SecretBinary from the specified version of a secret, whichever contains
content
Removes the specified tag key and value pairs from the specified
resource share or managed permission
ram_list_replace_permission_associations_work
Retrieves the current status of the asynchronous tasks performed by RAM
when you perform the ReplacePermissionAssociationsWork operation
pcaconnectorad_create_template
Creates an Active Directory compatible certificate template
macie2_delete_findings_filter
Deletes a findings filter
macie2_update_macie_session
Suspends or re-enables Amazon Macie, or updates the configuration
settings for a Macie account
ram_update_resource_share
Modifies some of the properties of the specified resource share
kms_update_key_description
Updates the description of a KMS key
macie2_test_custom_data_identifier
Tests a custom data identifier
Creates a customer managed permission for a specified resource type that
you can attach to resource shares
macie2_update_sensitivity_inspection_template
Updates the settings for the sensitivity inspection template for an
account
macie2_list_resource_profile_detections
Retrieves information about the types and amount of sensitive data that
Amazon Macie found in an S3 bucket
ram_accept_resource_share_invitation
Accepts an invitation to a resource share from another Amazon Web
Services account
macie2_get_master_account
(Deprecated) Retrieves information about the Amazon Macie administrator
account for an account
macie2_delete_custom_data_identifier
Soft deletes a custom data identifier
secretsmanager_cancel_rotate_secret
Turns off automatic rotation, and if a rotation is currently in
progress, cancels the rotation
pcaconnectorad_untag_resource
Removes one or more tags from your resource
macie2_update_member_session
Enables an Amazon Macie administrator to suspend or re-enable Macie for
a member account
ram_get_resource_share_invitations
Retrieves details about invitations that you have received for resource
shares
macie2_batch_get_custom_data_identifiers
Retrieves information about one or more custom data identifiers
pcaconnectorad_delete_template
Deletes a template
kms_update_custom_key_store
Changes the properties of a custom key store
pcaconnectorad_delete_template_group_access_control_entry
Deletes a group access control entry
macie2_get_finding_statistics
Retrieves (queries) aggregated statistical data about findings
macie2_disassociate_from_master_account
(Deprecated) Disassociates a member account from its Amazon Macie
administrator account
AWS Resource Access Manager
securityhub_delete_invitations
Deletes invitations received by the Amazon Web Services account to
become a member account
securityhub_batch_enable_standards
Enables the standards specified by the provided StandardsArn
ram_set_default_permission_version
Designates the specified version number as the default version for the
specified customer managed permission
pcaconnectorad_get_directory_registration
A structure that contains information about your directory registration
secretsmanager_batch_get_secret_value
Retrieves the contents of the encrypted fields SecretString or
SecretBinary for up to 20 secrets
pcaconnectorad_update_template
Update template configuration to define the information included in
certificates
Retrieves Protection objects for the account
Retrieves the details of one or more findings
securityhub_batch_get_configuration_policy_associations
Returns associations between an Security Hub configuration and a batch
of target accounts, organizational units, or the root
Objects exported from other packages
Deletes the association between an Amazon Macie administrator account
and an account
Retrieves the status and configuration settings for an Amazon Macie
account
macie2_update_classification_job
Changes the status of a classification job
pcaconnectorad_update_template_group_access_control_entry
Update a group access control entry you created using
CreateTemplateGroupAccessControlEntry
secretsmanager_list_secrets
Lists the secrets that are stored by Secrets Manager in the Amazon Web
Services account, not including secrets that are marked for deletion
securityhub_accept_invitation
This method is deprecated
secretsmanager_list_secret_version_ids
Lists the versions of a secret
ram_delete_permission_version
Deletes one version of a customer managed permission
Adds one or more tags to a resource
Adds or updates one or more tags (keys and values) that are associated
with an Amazon Macie resource
Adds the specified tag keys and values to a resource share or managed
permission
Amazon Security Lake
macie2_disassociate_from_administrator_account
Disassociates a member account from its Amazon Macie administrator
account
macie2_update_resource_profile
Updates the sensitivity score for an S3 bucket
secretsmanager_put_resource_policy
Attaches a resource-based permission policy to a secret
macie2_get_sensitive_data_occurrences
Retrieves occurrences of sensitive data reported by a finding
macie2_update_automated_discovery_configuration
Enables or disables automated sensitive data discovery for an account
macie2_get_usage_statistics
Retrieves (queries) quotas and aggregated usage data for one or more
accounts
pcaconnectorad_get_template_group_access_control_entry
Retrieves the group access control entries for a template
ram_disassociate_resource_share
Removes the specified principals or resources from participating in the
specified resource share
macie2_update_organization_configuration
Updates the Amazon Macie configuration settings for an organization in
Organizations
macie2_get_sensitive_data_occurrences_availability
Checks whether occurrences of sensitive data can be retrieved for a
finding
ram_list_permission_associations
Lists information about the managed permission and its associations to
any resource shares that use this managed permission
pcaconnectorad_create_template_group_access_control_entry
Create a group access control entry
ram_disassociate_resource_share_permission
Removes a managed permission from a resource share
pcaconnectorad_create_connector
Creates a connector between Amazon Web Services Private CA and an Active
Directory
macie2_update_classification_scope
Updates the classification scope settings for an account
pcaconnectorad_list_connectors
Lists the connectors that you created by using the https://docs
macie2_list_resource_profile_artifacts
Retrieves information about objects that were selected from an S3 bucket
for automated sensitive data discovery
ram_associate_resource_share_permission
Adds or replaces the RAM permission for a resource type included in a
resource share
pcaconnectorad_create_directory_registration
Creates a directory registration that authorizes communication between
Amazon Web Services Private CA and an Active Directory
securityhub_batch_get_automation_rules
Retrieves a list of details for automation rules based on rule Amazon
Resource Names (ARNs)
secretsmanager_delete_secret
Deletes a secret and all of its versions
pcaconnectorad_list_tags_for_resource
Lists the tags, if any, that are associated with your resource
securityhub_describe_products
Returns information about product integrations in Security Hub
ram_list_permission_versions
Lists the available versions of the specified RAM permission
macie2_update_findings_filter
Updates the criteria and other settings for a findings filter
ram_get_resource_share_associations
Retrieves the lists of resources and principals that associated for
resource shares that you own
secretsmanager_get_random_password
Generates a random password
pcaconnectorad_delete_connector
Deletes a connector for Active Directory
ram_delete_resource_share
Deletes the specified resource share
Retrieves details about the resource shares that you own or that are
shared with you
securityhub_delete_members
Deletes the specified member accounts from Security Hub
ram_promote_resource_share_created_from_policy
When you attach a resource-based policy to a resource, RAM automatically
creates a resource share of featureSet=CREATED_FROM_POLICY with a
managed permission that has the same IAM permissions as the original
resource-based policy
pcaconnectorad_list_template_group_access_control_entries
Lists group access control entries you created
ram_reject_resource_share_invitation
Rejects an invitation to a resource share from another Amazon Web
Services account
securityhub_disable_import_findings_for_product
Disables the integration of the specified product with Security Hub
securitylake_create_data_lake_organization_configuration
Automatically enables Amazon Security Lake for new member accounts in
your organization
Lists the resources that you added to a resource share or the resources
that are shared with you
Lists the resource types that can be shared by RAM
Lists the principals that you are sharing resources with or that are
sharing resources with you
ram_list_resource_share_permissions
Lists the RAM permissions that are associated with a resource share
macie2_list_organization_admin_accounts
Retrieves information about the delegated Amazon Macie administrator
account for an organization in Organizations
AWS Secrets Manager
ram_enable_sharing_with_aws_organization
Enables resource sharing within your organization in Organizations
ram_list_pending_invitation_resources
Lists the resources in a resource share that is shared with you but for
which the invitation is still PENDING
secretsmanager_put_secret_value
Creates a new version with a new encrypted secret value and attaches it
to the secret
secretsmanager_describe_secret
Retrieves the details of a secret
secretsmanager_validate_resource_policy
Validates that a resource policy does not grant a wide range of
principals access to your secret
securityhub_update_security_control
Updates the properties of a security control
secretsmanager_create_secret
Creates a new secret
securityhub_create_automation_rule
Creates an automation rule based on input parameters
secretsmanager_get_resource_policy
Retrieves the JSON text of the resource-based policy document attached
to the secret
securityhub_disassociate_from_master_account
This method is deprecated
securityhub_delete_finding_aggregator
Deletes a finding aggregator
secretsmanager_tag_resource
Attaches tags to a secret
securityhub_create_action_target
Creates a custom action target in Security Hub
AWS SecurityHub
securityhub_batch_get_standards_control_associations
For a batch of security controls and standards, identifies whether each
control is currently enabled or disabled in a standard
securityhub_batch_update_standards_control_associations
For a batch of security controls and standards, this operation updates
the enablement status of a control in a standard
ram_replace_permission_associations
Updates all resource shares that use a managed permission to a different
managed permission
ram_get_resource_policies
Retrieves the resource policies for the specified resources that you own
and have shared
secretsmanager_restore_secret
Cancels the scheduled deletion of a secret by removing the DeletedDate
time stamp
securityhub_batch_get_security_controls
Provides details about a batch of security controls for the current
Amazon Web Services account and Amazon Web Services Region
securityhub_create_finding_aggregator
Used to enable finding aggregation
Enables Shield Advanced for a specific Amazon Web Services resource
securityhub_get_enabled_standards
Returns a list of the standards that are currently enabled
secretsmanager_remove_regions_from_replication
For a secret that is replicated to other Regions, deletes the secret
replicas from the Regions you specify
securityhub_enable_security_hub
Enables Security Hub for your account in the current Region or the
Region you specify in the request
securityhub_delete_configuration_policy
Deletes a configuration policy
securityhub_delete_action_target
Deletes a custom action target from Security Hub
securityhub_create_members
Creates a member association in Security Hub between the specified
accounts and the account used to make the request, which is the
administrator account
securityhub_list_invitations
Lists all Security Hub membership invitations that were sent to the
current Amazon Web Services account
securityhub_list_organization_admin_accounts
Lists the Security Hub administrator accounts
securityhub_describe_action_targets
Returns a list of the custom action targets in Security Hub in your
account
secretsmanager_rotate_secret
Configures and starts the asynchronous process of rotating the secret
secretsmanager_delete_resource_policy
Deletes the resource-based permission policy attached to the secret
ssoadmin_describe_permission_set
Gets the details of the permission set
securityhub_list_tags_for_resource
Returns a list of tags associated with a resource
securityhub_untag_resource
Removes one or more tags from a resource
securityhub_enable_organization_admin_account
Designates the Security Hub administrator account for an organization
securityhub_delete_insight
Deletes the insight specified by the InsightArn
shield_create_protection_group
Creates a grouping of protected resources so they can be handled as a
collective
ram_promote_permission_created_from_policy
When you attach a resource-based policy to a resource, RAM automatically
creates a resource share of featureSet=CREATED_FROM_POLICY with a
managed permission that has the same IAM permissions as the original
resource-based policy
securityhub_batch_disable_standards
Disables the standards specified by the provided
StandardsSubscriptionArns
securitylake_deregister_data_lake_delegated_administrator
Deletes the Amazon Security Lake delegated administrator account for the
organization
securitylake_get_data_lake_exception_subscription
Retrieves the details of exception notifications for the account in
Amazon Security Lake
shield_disable_proactive_engagement
Removes authorization from the Shield Response Team (SRT) to notify
contacts about escalations to the SRT and to initiate proactive customer
support
securitylake_update_data_lake
Specifies where to store your security data and for how long
securityhub_batch_import_findings
Imports security findings generated by a finding provider into Security
Hub
securityhub_describe_standards
Returns a list of the available standards in Security Hub
securityhub_get_finding_aggregator
Returns the current finding aggregation configuration
securityhub_get_insight_results
Lists the results of the Security Hub insight specified by the insight
ARN
secretsmanager_update_secret
Modifies the details of a secret, including metadata and the secret
value
secretsmanager_stop_replication_to_replica
Removes the link between the replica secret and the primary secret and
promotes the replica to a primary secret in the replica Region
securityhub_update_security_hub_configuration
Updates configuration options for Security Hub
securityhub_get_finding_history
Returns history for a Security Hub finding in the last 90 days
securityhub_disassociate_members
Disassociates the specified member accounts from the associated
administrator account
secretsmanager_update_secret_version_stage
Modifies the staging labels attached to a version of a secret
Deletes the instance of IAM Identity Center
securitylake_create_subscriber
Creates a subscription permission for accounts that are already enabled
in Amazon Security Lake
securityhub_describe_standards_controls
Returns a list of security standards controls
securitylake_update_data_lake_exception_subscription
Updates the specified notification subscription in Amazon Security Lake
for the organization you specify
securitylake_create_aws_log_source
Adds a natively supported Amazon Web Service as an Amazon Security Lake
source
securitylake_register_data_lake_delegated_administrator
Designates the Amazon Security Lake delegated administrator account for
the organization
securityhub_list_configuration_policies
Lists the configuration policies that the Security Hub delegated
administrator has created for your organization
securityhub_describe_organization_configuration
Returns information about the way your organization is configured in
Security Hub
securityhub_start_configuration_policy_association
Associates a target account, organizational unit, or the root with a
specified configuration
securityhub_list_finding_aggregators
If finding aggregation is enabled, then ListFindingAggregators returns
the ARN of the finding aggregator
securitylake_create_data_lake
Initializes an Amazon Security Lake instance with the provided (or
default) configuration
securityhub_update_finding_aggregator
Updates the finding aggregation configuration
This is AWS WAF Classic documentation
Lists and describes insights for the specified insight ARNs
ssoadmin_delete_instance_access_control_attribute_configuration
Disables the attributes-based access control (ABAC) feature for the
specified IAM Identity Center instance and deletes all of the attribute
mappings that have been configured
Deletes an Shield Advanced Protection
securityhub_list_enabled_products_for_import
Lists all findings-generating solutions (products) that you are
subscribed to receive findings from in Security Hub
ssoadmin_create_permission_set
Creates a permission set within a specified IAM Identity Center instance
securityhub_list_security_control_definitions
Lists all of the security controls that apply to a specified standard
securityhub_create_insight
Creates a custom insight in Security Hub
securityhub_get_administrator_account
Provides the details for the Security Hub administrator account for the
current member account
Lists details about all member accounts for the current Security Hub
administrator account
securityhub_get_configuration_policy
Provides information about a configuration policy
securitylake_list_tags_for_resource
Retrieves the tags (keys and values) that are associated with an Amazon
Security Lake resource: a subscriber, or the data lake configuration for
your Amazon Web Services account in a particular Amazon Web Services
Region
securityhub_update_findings
UpdateFindings is deprecated
shield_enable_application_layer_automatic_response
Enable the Shield Advanced automatic application layer DDoS mitigation
for the protected resource
securitylake_delete_subscriber
Deletes the subscription permission and all notification settings for
accounts that are already enabled in Amazon Security Lake
securityhub_decline_invitations
Declines invitations to become a member account
securityhub_update_standards_control
Used to control whether an individual security standard control is
enabled or disabled
securityhub_invite_members
Invites other Amazon Web Services accounts to become member accounts for
the Security Hub administrator account that the invitation is sent from
Lists all roles that are assigned to the user for a given AWS account
shield_disassociate_drt_role
Removes the Shield Response Team's (SRT) access to your Amazon Web
Services account
shield_create_subscription
Activates Shield Advanced for an account
ssoadmin_create_trusted_token_issuer
Creates a connection to a trusted token issuer in an instance of IAM
Identity Center
securitylake_list_data_lakes
Retrieves the Amazon Security Lake configuration object for the
specified Amazon Web Services Regions
securitylake_delete_subscriber_notification
Deletes the specified notification subscription in Amazon Security Lake
for the organization you specify
securitylake_delete_data_lake_organization_configuration
Turns off automatic enablement of Amazon Security Lake for member
accounts that are added to an organization in Organizations
shield_disassociate_health_check
Removes health-based detection from the Shield Advanced protection for a
resource
secretsmanager_untag_resource
Removes specific tags from a secret
securityhub_disassociate_from_administrator_account
Disassociates the current Security Hub member account from the
associated administrator account
securityhub_batch_update_automation_rules
Updates one or more automation rules based on rule Amazon Resource Names
(ARNs) and input parameters
shield_describe_drt_access
Returns the current role and list of Amazon S3 log buckets used by the
Shield Response Team (SRT) to access your Amazon Web Services account
while assisting with attack mitigation
Removes the locally stored SSO tokens from the client-side cache and
sends an API call to the IAM Identity Center service to invalidate the
corresponding server-side IAM Identity Center sign in session
securityhub_disable_organization_admin_account
Disables a Security Hub administrator account
securityhub_batch_update_findings
Used by Security Hub customers to update information about their
investigation into a finding
securitylake_tag_resource
Adds or updates one or more tags that are associated with an Amazon
Security Lake resource: a subscriber, or the data lake configuration for
your Amazon Web Services account in a particular Amazon Web Services
Region
shield_disassociate_drt_log_bucket
Removes the Shield Response Team's (SRT) access to the specified Amazon
S3 bucket containing the logs that you shared previously
ssoadmin_describe_permission_set_provisioning_status
Describes the status for the given permission set provisioning request
securitylake_untag_resource
Removes one or more tags (keys and values) from an Amazon Security Lake
resource: a subscriber, or the data lake configuration for your Amazon
Web Services account in a particular Amazon Web Services Region
securityhub_start_configuration_policy_disassociation
Disassociates a target account, organizational unit, or the root from a
specified configuration
securityhub_enable_import_findings_for_product
Enables the integration of a partner product with Security Hub
securitylake_get_subscriber
Retrieves the subscription information for the specified subscription ID
ssoadmin_detach_managed_policy_from_permission_set
Detaches the attached Amazon Web Services managed policy ARN from the
specified permission set
securitylake_delete_data_lake
When you disable Amazon Security Lake from your account, Security Lake
is disabled in all Amazon Web Services Regions and it stops collecting
data from your sources
securitylake_list_data_lake_exceptions
Lists the Amazon Security Lake exceptions that you can use to find the
source of problems and fix them
Returns details about the Hub resource in your account, including the
HubArn and the time when you enabled Security Hub
securitylake_delete_data_lake_exception_subscription
Deletes the specified notification subscription in Amazon Security Lake
for the organization you specify
ssoadmin_create_application_assignment
Grant application access to a user or group
ssoadmin_delete_application
Deletes the association with the application
Returns the details for the Security Hub member accounts for the
specified account IDs
securityhub_disable_security_hub
Disables Security Hub in your account only in the current Amazon Web
Services Region
ssoadmin_list_permission_set_provisioning_status
Lists the status of the permission set provisioning requests for a
specified IAM Identity Center instance
securityhub_update_configuration_policy
Updates a configuration policy
shield_enable_proactive_engagement
Authorizes the Shield Response Team (SRT) to use email and phone to
notify contacts about escalations to the SRT and to initiate proactive
customer support
ssoadmin_describe_application
Retrieves the details of an application associated with an instance of
IAM Identity Center
securityhub_list_standards_control_associations
Specifies whether a control is currently enabled or disabled in each
enabled standard in the calling account
Lists all AWS accounts assigned to the user
shield_update_application_layer_automatic_response
Updates an existing Shield Advanced automatic application layer DDoS
mitigation configuration for the specified resource
securityhub_update_organization_configuration
Updates the configuration of your organization in Security Hub
securitylake_create_data_lake_exception_subscription
Creates the specified notification subscription in Amazon Security Lake
for the organization you specify
AWS Single Sign-On Admin
AWS Shield
securityhub_get_master_account
This method is deprecated
shield_describe_protection
Lists the details of a Protection object
shield_get_subscription_state
Returns the SubscriptionState, either Active or Inactive
shield_update_emergency_contact_settings
Updates the details of the list of email addresses and phone numbers
that the Shield Response Team (SRT) can use to contact you if you have
proactive engagement enabled, for escalations to the SRT and to initiate
proactive customer support
securityhub_get_security_control_definition
Retrieves the definition of a security control
securityhub_list_automation_rules
A list of automation rules and their metadata for the calling account
ssoadmin_update_trusted_token_issuer
Updates the name of the trusted token issuer, or the path of a source
attribute or destination attribute for a trusted token issuer
configuration
verifiedpermissions_create_policy_store
Creates a policy store
securityhub_get_invitations_count
Returns the count of all Security Hub membership invitations that were
sent to the current member account, not including the currently accepted
invitation
securitylake_delete_aws_log_source
Removes a natively supported Amazon Web Service as an Amazon Security
Lake source
AWS Security Token Service
ssoadmin_update_application
Updates application properties
shield_describe_emergency_contact_settings
A list of email addresses and phone numbers that the Shield Response
Team (SRT) can use to contact you if you have proactive engagement
enabled, for escalations to the SRT and to initiate proactive customer
support
securitylake_delete_custom_log_source
Removes a custom log source from Amazon Security Lake, to stop sending
data from the custom source to Security Lake
Returns a set of temporary security credentials that you can use to
access Amazon Web Services resources
securitylake_create_subscriber_notification
Notifies the subscriber when new data is written to the data lake for
the sources that the subscriber consumes in Security Lake
securitylake_create_custom_log_source
Adds a third-party custom source in Amazon Security Lake, from the
Amazon Web Services Region where you want to create a custom source
ssoadmin_list_applications
Lists all applications associated with the instance of IAM Identity
Center
securitylake_list_subscribers
List all subscribers for the specific Amazon Security Lake account ID
securitylake_update_subscriber_notification
Updates an existing notification method for the subscription (SQS or
HTTPs endpoint) or switches the notification subscription endpoint for a
subscriber
shield_associate_drt_log_bucket
Authorizes the Shield Response Team (SRT) to access the specified Amazon
S3 bucket containing log data such as Application Load Balancer access
logs, CloudFront logs, or logs from third party sources
Returns a list of findings that match the specified criteria
securityhub_list_configuration_policy_associations
Provides information about the associations for your configuration
policies and self-managed behavior
ssoadmin_create_instance_access_control_attribute_configuration
Enables the attributes-based access control (ABAC) feature for the
specified IAM Identity Center instance
ssoadmin_list_account_assignments_for_principal
Retrieves a list of the IAM Identity Center associated Amazon Web
Services accounts that the principal has access to
securityhub_update_insight
Updates the Security Hub insight identified by the specified insight ARN
ssoadmin_describe_application_assignment
Retrieves a direct assignment of a user or group to an application
This is AWS WAF Classic documentation
shield_associate_proactive_engagement_details
Initializes proactive engagement and sets the list of contacts for the
Shield Response Team (SRT) to use
ssoadmin_list_application_assignments_for_principal
Lists the applications to which a specified principal is assigned
ssoadmin_list_customer_managed_policy_references_in_permission_set
Lists all customer managed policies attached to a specified
PermissionSet
Returns all ongoing DDoS attacks or all DDoS attacks during a specified
time period
shield_associate_drt_role
Authorizes the Shield Response Team (SRT) using the specified role, to
access your Amazon Web Services account to assist with DDoS attack
mitigation during potential attacks
shield_associate_health_check
Adds health-based detection to the Shield Advanced protection for a
resource
ssoadmin_create_account_assignment
Assigns access to a principal for a specified Amazon Web Services
account using a specified permission set
ssoadmin_attach_managed_policy_to_permission_set
Attaches an Amazon Web Services managed policy ARN to a permission set
Lists the details of the organization and account instances of IAM
Identity Center that were created in or visible to the account calling
this API
AWS Single Sign-On
ssoadmin_get_application_access_scope
Retrieves the authorized targets for an IAM Identity Center access scope
for an application
shield_describe_protection_group
Returns the specification for the specified protection group
ssoadmin_delete_account_assignment
Deletes a principal's access from a specified Amazon Web Services
account using a specified permission set
securitylake_get_data_lake_sources
Retrieves a snapshot of the current Region, including whether Amazon
Security Lake is enabled for those accounts and which sources Security
Lake is collecting data from
ssoadmin_describe_account_assignment_creation_status
Describes the status of the assignment creation request
ssoadmin_delete_application_access_scope
Deletes an IAM Identity Center access scope from an application
Returns the STS short-term credentials for a given role name that is
assigned to the user
Returns a set of temporary credentials for an Amazon Web Services
account or IAM user
ssoadmin_describe_instance
Returns the details of an instance of IAM Identity Center
ssoadmin_describe_account_assignment_deletion_status
Describes the status of the assignment deletion request
Creates an instance of IAM Identity Center for a standalone Amazon Web
Services account that is not managed by Organizations or a member Amazon
Web Services account in an organization
ssoadmin_list_accounts_for_provisioned_permission_set
Lists all the Amazon Web Services accounts where the specified
permission set is provisioned
ssoadmin_attach_customer_managed_policy_reference_to_permission_set
Attaches the specified customer managed policy to the specified
PermissionSet
securitylake_get_data_lake_organization_configuration
Retrieves the configuration that will be automatically set up for
accounts added to the organization after the organization has onboarded
to Amazon Security Lake
ssoadmin_get_application_grant
Retrieves details about an application grant
Describes the details of a DDoS attack
shield_delete_protection_group
Removes the specified protection group
ssoadmin_create_application
Creates an application in IAM Identity Center for the given application
provider
securityhub_update_action_target
Updates the name and description of a custom action target in Security
Hub
securitylake_list_log_sources
Retrieves the log sources in the current Amazon Web Services Region
shield_update_protection_group
Updates an existing protection group
shield_list_resources_in_protection_group
Retrieves the resources that are included in the protection group
shield_disable_application_layer_automatic_response
Disable the Shield Advanced automatic application layer DDoS mitigation
feature for the protected resource
shield_delete_subscription
Removes Shield Advanced from an account
ssoadmin_list_application_authentication_methods
Lists all of the authentication methods supported by the specified
application
ssoadmin_delete_application_assignment
Revoke application access to an application by deleting application
assignments for a user or group
verifiedpermissions_update_policy_template
Updates the specified policy template
ssoadmin_update_instance_access_control_attribute_configuration
Updates the IAM Identity Center identity store attributes that you can
use with the IAM Identity Center instance for attributes-based access
control (ABAC)
ssoadmin_describe_application_provider
Retrieves details about a provider that can be used to connect an Amazon
Web Services managed application or customer managed application to IAM
Identity Center
verifiedpermissions_put_schema
Creates or updates the policy schema in the specified policy store
sts_assume_role_with_saml
Returns a set of temporary security credentials for users who have been
authenticated via a SAML authentication response
ssoadmin_delete_application_grant
Deletes a grant from an application
ssoadmin_get_inline_policy_for_permission_set
Obtains the inline policy assigned to the permission set
shield_describe_subscription
Provides details about the Shield Advanced subscription for an account
shield_list_tags_for_resource
Gets information about Amazon Web Services tags for a specified Amazon
Resource Name (ARN) in Shield
Registers a client with IAM Identity Center
ssooidc_start_device_authorization
Initiates device authorization by requesting a pair of verification
codes from the authorization service
This is AWS WAF Classic documentation
Amazon Verified Permissions
ssooidc_create_token_with_iam
Creates and returns access and refresh tokens for clients and
applications that are authenticated using IAM entities
ssoadmin_list_managed_policies_in_permission_set
Lists the Amazon Web Services managed policy that is attached to a
specified permission set
ssoadmin_put_application_assignment_configuration
Configure how users gain access to an application
ssoadmin_list_permission_sets
Lists the PermissionSets in an IAM Identity Center instance
shield_describe_attack_statistics
Provides information about the number and type of attacks Shield has
detected in the last year for all resources that belong to your account,
regardless of whether you've defined Shield protections for them
waf_get_permission_policy
This is AWS WAF Classic documentation
verifiedpermissions_get_policy_template
Retrieve the details for the specified policy template in the specified
policy store
verifiedpermissions_get_policy
Retrieves information about the specified policy
verifiedpermissions_delete_policy
Deletes the specified policy from the policy store
ssoadmin_update_permission_set
Updates an existing permission set
ssoadmin_delete_permissions_boundary_from_permission_set
Deletes the permissions boundary from a specified PermissionSet
AWS SSO OIDC
This is AWS WAF Classic documentation
waf_delete_sql_injection_match_set
This is AWS WAF Classic documentation
waf_delete_rate_based_rule
This is AWS WAF Classic documentation
AWS WAF
waf_get_change_token_status
This is AWS WAF Classic documentation
waf_delete_regex_match_set
This is AWS WAF Classic documentation
securitylake_update_subscriber
Updates an existing subscription for the given Amazon Security Lake
account ID
waf_create_web_acl_migration_stack
Creates an AWS CloudFormation WAFV2 template for the specified web ACL
in the specified Amazon S3 bucket
verifiedpermissions_update_identity_source
Updates the specified identity source to use a new identity provider
(IdP) source, or to change the mapping of identities from the IdP to a
different principal entity type
sts_assume_role_with_web_identity
Returns a set of temporary security credentials for users who have been
authenticated in a mobile or web application with a web identity
provider
ssoadmin_get_application_assignment_configuration
Retrieves the configuration of PutApplicationAssignmentConfiguration
Returns details about the IAM user or role whose credentials are used to
call the operation
waf_get_size_constraint_set
This is AWS WAF Classic documentation
ssoadmin_list_application_grants
List the grants associated with an application
ssoadmin_put_inline_policy_to_permission_set
Attaches an inline policy to a permission set
This is AWS WAF Classic documentation
verifiedpermissions_create_policy
Creates a Cedar policy and saves it in the specified policy store
ssoadmin_get_application_authentication_method
Retrieves details about an authentication method used by an application
waf_create_regex_pattern_set
This is AWS WAF Classic documentation
ssoadmin_delete_permission_set
Deletes the specified permission set
verifiedpermissions_delete_policy_store
Deletes the specified policy store
shield_list_protection_groups
Retrieves ProtectionGroup objects for the account
ssoadmin_list_account_assignment_deletion_status
Lists the status of the Amazon Web Services account assignment deletion
requests for a specified IAM Identity Center instance
This is AWS WAF Classic documentation
ssoadmin_put_application_access_scope
Adds or updates the list of authorized targets for an IAM Identity
Center access scope for an application
waf_update_regex_pattern_set
This is AWS WAF Classic documentation
wafv2_create_regex_pattern_set
Creates a RegexPatternSet, which you reference in a
RegexPatternSetReferenceStatement, to have WAF inspect a web request
component for the specified patterns
verifiedpermissions_update_policy_store
Modifies the validation setting for a policy store
ssoadmin_put_permissions_boundary_to_permission_set
Attaches an Amazon Web Services managed or customer managed policy to
the specified PermissionSet as a permissions boundary
verifiedpermissions_get_schema
Retrieve the details for the specified schema in the specified policy
store
waf_delete_byte_match_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
verifiedpermissions_update_policy
Modifies a Cedar static policy in the specified policy store
waf_list_subscribed_rule_groups
This is AWS WAF Classic documentation
ssoadmin_delete_application_authentication_method
Deletes an authentication method from an application
Creates and returns access and refresh tokens for clients that are
authenticated using client secrets
ssoadmin_describe_trusted_token_issuer
Retrieves details about a trusted token issuer configuration stored in
an instance of IAM Identity Center
ssoadmin_delete_inline_policy_from_permission_set
Deletes the inline policy from a specified permission set
This is AWS WAF Classic documentation
waf_create_regex_match_set
This is AWS WAF Classic documentation
ssoadmin_put_application_grant
Adds a grant to an application
shield_update_subscription
Updates the details of an existing subscription
waf_create_byte_match_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
ssoadmin_list_account_assignment_creation_status
Lists the status of the Amazon Web Services account assignment creation
requests for a specified IAM Identity Center instance
ssoadmin_list_trusted_token_issuers
Lists all the trusted token issuers configured in an instance of IAM
Identity Center
ssoadmin_detach_customer_managed_policy_reference_from_permission_set
Detaches the specified customer managed policy from the specified
PermissionSet
verifiedpermissions_create_identity_source
Creates a reference to an Amazon Cognito user pool as an external
identity provider (IdP)
ssoadmin_get_permissions_boundary_for_permission_set
Obtains the permissions boundary for a specified PermissionSet
ssoadmin_delete_trusted_token_issuer
Deletes a trusted token issuer configuration from an instance of IAM
Identity Center
This is AWS WAF Classic documentation
ssoadmin_list_permission_sets_provisioned_to_account
Lists all the permission sets that are provisioned to a specified Amazon
Web Services account
ssoadmin_list_account_assignments
Lists the assignee of the specified Amazon Web Services account with the
specified permission set
Removes tags from a resource in Shield
ssoadmin_list_application_access_scopes
Lists the access scopes and authorized targets associated with an
application
waf_delete_permission_policy
This is AWS WAF Classic documentation
waf_create_rate_based_rule
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
Associates a set of tags with a specified resource
ssoadmin_put_application_authentication_method
Adds or updates an authentication method for an application
ssoadmin_list_tags_for_resource
Lists the tags that are attached to a specified resource
Adds or updates tags for a resource in Shield
This is AWS WAF Classic documentation
verifiedpermissions_list_policy_stores
Returns a paginated list of all policy stores in the calling Amazon Web
Services account
ssoadmin_describe_instance_access_control_attribute_configuration
Returns the list of IAM Identity Center identity store attributes that
have been configured to work with attributes-based access control (ABAC)
for the specified IAM Identity Center instance
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
ssoadmin_list_application_providers
Lists the application providers configured in the IAM Identity Center
identity store
sts_decode_authorization_message
Decodes additional information about the authorization status of a
request from an encoded message returned in response to an Amazon Web
Services request
waf_create_sql_injection_match_set
This is AWS WAF Classic documentation
ssoadmin_list_application_assignments
Lists Amazon Web Services account users that are assigned to an
application
verifiedpermissions_delete_policy_template
Deletes the specified policy template from the policy store
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
Disassociates a set of tags from a specified resource
waf_list_tags_for_resource
This is AWS WAF Classic documentation
verifiedpermissions_batch_is_authorized
Makes a series of decisions about multiple authorization requests for
one principal or resource
This is AWS WAF Classic documentation
waf_list_activated_rules_in_rule_group
This is AWS WAF Classic documentation
verifiedpermissions_get_policy_store
Retrieves details about a policy store
verifiedpermissions_delete_identity_source
Deletes an identity source that references an identity provider (IdP)
such as Amazon Cognito
wafregional_delete_geo_match_set
This is AWS WAF Classic documentation
verifiedpermissions_list_policy_templates
Returns a paginated list of all policy templates in the specified policy
store
This is AWS WAF Classic documentation
Update the details for the instance of IAM Identity Center that is owned
by the Amazon Web Services account
This is AWS WAF Classic documentation
wafregional_get_xss_match_set
This is AWS WAF Classic documentation
waf_delete_size_constraint_set
This is AWS WAF Classic documentation
waf_create_size_constraint_set
This is AWS WAF Classic documentation
verifiedpermissions_create_policy_template
Creates a policy template
verifiedpermissions_list_identity_sources
Returns a paginated list of all of the identity sources defined in the
specified policy store
Returns the account identifier for the specified access key ID
This is AWS WAF Classic documentation
ssoadmin_provision_permission_set
The process by which a specified permission set is provisioned to the
specified target
wafregional_delete_logging_configuration
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_create_rate_based_rule
This is AWS WAF Classic documentation
waf_list_sql_injection_match_sets
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_put_logging_configuration
This is AWS WAF Classic documentation
waf_get_sql_injection_match_set
This is AWS WAF Classic documentation
Associates a web ACL with a regional application resource, to protect
the resource
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_get_web_acl_for_resource
This is AWS WAF Classic Regional documentation
waf_delete_logging_configuration
This is AWS WAF Classic documentation
wafregional_associate_web_acl
This is AWS WAF Classic Regional documentation
waf_get_regex_pattern_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_update_sql_injection_match_set
This is AWS WAF Classic documentation
wafregional_delete_xss_match_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_list_rate_based_rules
This is AWS WAF Classic documentation
verifiedpermissions_list_policies
Returns a paginated list of all policies stored in the specified policy
store
wafregional_get_change_token
This is AWS WAF Classic documentation
wafregional_update_size_constraint_set
This is AWS WAF Classic documentation
waf_list_size_constraint_sets
This is AWS WAF Classic documentation
wafregional_disassociate_web_acl
This is AWS WAF Classic Regional documentation
waf_update_byte_match_set
This is AWS WAF Classic documentation
waf_get_rate_based_rule_managed_keys
This is AWS WAF Classic documentation
Creates a RuleGroup per the specifications provided
waf_list_regex_pattern_sets
This is AWS WAF Classic documentation
AWS WAF Regional
waf_list_regex_match_sets
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_create_regex_match_set
This is AWS WAF Classic documentation
wafregional_delete_byte_match_set
This is AWS WAF Classic documentation
wafregional_list_rate_based_rules
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_delete_web_acl
This is AWS WAF Classic documentation
verifiedpermissions_get_identity_source
Retrieves the details about the specified identity source
Returns a set of temporary security credentials (consisting of an access
key ID, a secret access key, and a security token) for a user
wafregional_get_regex_pattern_set
This is AWS WAF Classic documentation
wafregional_create_byte_match_set
This is AWS WAF Classic documentation
wafregional_put_logging_configuration
This is AWS WAF Classic documentation
wafregional_delete_ip_set
This is AWS WAF Classic documentation
wafregional_create_geo_match_set
This is AWS WAF Classic documentation
wafregional_create_ip_set
This is AWS WAF Classic documentation
wafregional_list_subscribed_rule_groups
This is AWS WAF Classic documentation
wafregional_create_sql_injection_match_set
This is AWS WAF Classic documentation
wafregional_update_rate_based_rule
This is AWS WAF Classic documentation
wafregional_list_byte_match_sets
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_list_logging_configurations
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_get_rule_group
This is AWS WAF Classic documentation
wafregional_get_geo_match_set
This is AWS WAF Classic documentation
wafregional_list_geo_match_sets
This is AWS WAF Classic documentation
wafregional_get_regex_match_set
This is AWS WAF Classic documentation
waf_update_size_constraint_set
This is AWS WAF Classic documentation
wafregional_create_web_acl
This is AWS WAF Classic documentation
Updates the specified IPSet
This is AWS WAF Classic documentation
waf_get_logging_configuration
This is AWS WAF Classic documentation
wafv2_describe_all_managed_products
Provides high-level information for the Amazon Web Services Managed
Rules rule groups and Amazon Web Services Marketplace managed rule
groups
wafregional_list_activated_rules_in_rule_group
This is AWS WAF Classic documentation
wafregional_create_web_acl_migration_stack
Creates an AWS CloudFormation WAFV2 template for the specified web ACL
in the specified Amazon S3 bucket
wafregional_get_byte_match_set
This is AWS WAF Classic documentation
wafregional_get_size_constraint_set
This is AWS WAF Classic documentation
Retrieves an array of WebACLSummary objects for the web ACLs that you
manage
waf_delete_regex_pattern_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_delete_permission_policy
This is AWS WAF Classic documentation
wafv2_describe_managed_rule_group
Provides high-level information for a managed rule group, including
descriptions of the rules
This is AWS WAF Classic documentation
wafregional_delete_rule_group
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_update_rule_group
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_list_xss_match_sets
This is AWS WAF Classic documentation
wafregional_update_sql_injection_match_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_list_regex_pattern_sets
This is AWS WAF Classic documentation
wafregional_delete_regex_match_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_get_sampled_requests
This is AWS WAF Classic documentation
waf_list_logging_configurations
This is AWS WAF Classic documentation
wafregional_create_xss_match_set
This is AWS WAF Classic documentation
wafregional_get_change_token_status
This is AWS WAF Classic documentation
wafregional_get_rate_based_rule
This is AWS WAF Classic documentation
wafregional_list_regex_match_sets
This is AWS WAF Classic documentation
Retrieves an array of RuleGroupSummary objects for the rule groups that
you manage
verifiedpermissions_is_authorized_with_token
Makes an authorization decision about a service request described in the
parameters
wafregional_delete_rate_based_rule
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_delete_regex_pattern_set
This is AWS WAF Classic documentation
Retrieves the specified IPSet
verifiedpermissions_is_authorized
Makes an authorization decision about a service request described in the
parameters
wafregional_create_regex_pattern_set
This is AWS WAF Classic documentation
wafv2_get_logging_configuration
Returns the LoggingConfiguration for the specified web ACL
wafregional_list_size_constraint_sets
This is AWS WAF Classic documentation
wafv2_delete_logging_configuration
Deletes the LoggingConfiguration from the specified web ACL
waf_put_permission_policy
This is AWS WAF Classic documentation
wafregional_get_sql_injection_match_set
This is AWS WAF Classic documentation
wafv2_delete_firewall_manager_rule_groups
Deletes all rule groups that are managed by Firewall Manager for the
specified web ACL
wafregional_update_byte_match_set
This is AWS WAF Classic documentation
Retrieves an array of IPSetSummary objects for the IP sets that you
manage
This is AWS WAF Classic documentation
wafv2_list_regex_pattern_sets
Retrieves an array of RegexPatternSetSummary objects for the regex
pattern sets that you manage
wafv2_put_logging_configuration
Enables the specified LoggingConfiguration, to start logging from a web
ACL, according to the configuration provided
wafv2_disassociate_web_acl
Disassociates the specified regional application resource from any
existing web ACL association
wafv2_describe_managed_products_by_vendor
Provides high-level information for the managed rule groups owned by a
specific vendor
wafregional_put_permission_policy
This is AWS WAF Classic documentation
waf_update_rate_based_rule
This is AWS WAF Classic documentation
wafregional_update_geo_match_set
This is AWS WAF Classic documentation
wafv2_list_resources_for_web_acl
Retrieves an array of the Amazon Resource Names (ARNs) for the regional
resources that are associated with the specified web ACL
wafregional_update_xss_match_set
This is AWS WAF Classic documentation
wafv2_list_tags_for_resource
Retrieves the TagInfoForResource for the specified resource
waf_update_regex_match_set
This is AWS WAF Classic documentation
wafregional_update_regex_match_set
This is AWS WAF Classic documentation
wafregional_list_sql_injection_match_sets
This is AWS WAF Classic documentation
wafv2_get_sampled_requests
Gets detailed information about a specified number of requests--a
sample--that WAF randomly selects from among the first 5,000 requests
that your Amazon Web Services resource received during a time range that
you choose
Creates a WebACL per the specifications provided
wafregional_create_size_constraint_set
This is AWS WAF Classic documentation
wafregional_get_rate_based_rule_managed_keys
This is AWS WAF Classic documentation
Deletes the specified IPSet
AWS WAFV2
wafv2_list_logging_configurations
Retrieves an array of your LoggingConfiguration objects
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafv2_get_managed_rule_set
Retrieves the specified managed rule set
Deletes the specified RuleGroup
Retrieves the specified WebACL
wafregional_update_regex_pattern_set
This is AWS WAF Classic documentation
wafv2_delete_permission_policy
Permanently deletes an IAM policy from the specified rule group
Returns the web ACL capacity unit (WCU) requirements for a specified
scope and set of rules
wafregional_list_tags_for_resource
This is AWS WAF Classic documentation
wafv2_get_web_acl_for_resource
Retrieves the WebACL for the specified resource
wafregional_list_web_ac_ls
This is AWS WAF Classic documentation
Updates the specified RuleGroup
wafregional_untag_resource
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_create_rule_group
This is AWS WAF Classic documentation
wafv2_get_regex_pattern_set
Retrieves the specified RegexPatternSet
Creates an IPSet, which you use to identify web requests that originate
from specific IP addresses or ranges of IP addresses
wafv2_put_managed_rule_set_versions
Defines the versions of your managed rule set that you are offering to
the customers
wafregional_delete_size_constraint_set
This is AWS WAF Classic documentation
wafregional_delete_sql_injection_match_set
This is AWS WAF Classic documentation
wafv2_delete_regex_pattern_set
Deletes the specified RegexPatternSet
wafv2_generate_mobile_sdk_release_url
Generates a presigned download URL for the specified release of the
mobile SDK
wafv2_get_mobile_sdk_release
Retrieves information for the specified mobile SDK release, including
release notes and tags
wafv2_get_decrypted_api_key
Returns your API key in decrypted form
Creates an API key that contains a set of token domains
Retrieves the specified RuleGroup
wafregional_get_permission_policy
This is AWS WAF Classic documentation
wafv2_update_regex_pattern_set
Updates the specified RegexPatternSet
wafv2_get_permission_policy
Returns the IAM policy that is attached to the specified rule group
wafregional_list_rule_groups
This is AWS WAF Classic documentation
wafregional_update_ip_set
This is AWS WAF Classic documentation
wafregional_get_logging_configuration
This is AWS WAF Classic documentation
wafv2_update_managed_rule_set_version_expiry_date
Updates the expiration information for your managed rule set
Retrieves a list of the API keys that you've defined for the specified
scope
Associates tags with the specified Amazon Web Services resource
wafregional_list_resources_for_web_acl
This is AWS WAF Classic Regional documentation
Deletes the specified WebACL
wafregional_update_web_acl
This is AWS WAF Classic documentation
Updates the specified WebACL
wafv2_list_available_managed_rule_group_versions
Returns a list of the available versions for the specified managed rule
group
wafv2_put_permission_policy
Attaches an IAM policy to the specified resource
wafv2_list_available_managed_rule_groups
Retrieves an array of managed rule groups that are available for you to
use
wafv2_list_mobile_sdk_releases
Retrieves a list of the available releases for the mobile SDK and the
specified device platform
wafv2_list_managed_rule_sets
Retrieves the managed rule sets that you own
wafv2_get_rate_based_statement_managed_keys
Retrieves the IP addresses that are currently blocked by a rate-based
rule instance
Disassociates tags from an Amazon Web Services resource