accessanalyzer_delete_archive_rule
Deletes the specified archive rule
Access Analyzer
accessanalyzer_get_analyzed_resource
Retrieves information about a resource that was analyzed
accessanalyzer_create_analyzer
Creates an analyzer for your account
accessanalyzer_get_access_preview
Retrieves information about an access preview for the specified analyzer
accessanalyzer_create_archive_rule
Creates an archive rule for the specified analyzer
accessanalyzer_delete_analyzer
Deletes the specified analyzer
accessanalyzer_get_finding
Retrieves information about the specified finding
accessanalyzer_create_access_preview
Creates an access preview that allows you to preview IAM Access Analyzer
findings for your resource before deploying resource permissions
accessanalyzer_cancel_policy_generation
Cancels the requested policy generation
accessanalyzer_list_analyzers
Retrieves a list of analyzers
accessanalyzer_list_access_preview_findings
Retrieves a list of access preview findings generated by the specified
access preview
AWS Account
accessanalyzer_list_access_previews
Retrieves a list of access previews for the specified analyzer
accessanalyzer_get_analyzer
Retrieves information about the specified analyzer
accessanalyzer_list_archive_rules
Retrieves a list of archive rules created for the specified analyzer
accessanalyzer_list_analyzed_resources
Retrieves a list of resources of the specified type that have been
analyzed by the specified analyzer
accessanalyzer_get_archive_rule
Retrieves information about an archive rule
accessanalyzer_update_findings
Updates the status for the specified findings
accessanalyzer_list_tags_for_resource
Retrieves a list of tags applied to the specified resource
accessanalyzer_tag_resource
Adds a tag to the specified resource
accessanalyzer_apply_archive_rule
Retroactively applies the archive rule to existing findings that meet
the archive rule criteria
accessanalyzer_start_policy_generation
Starts the policy generation request
accessanalyzer_validate_policy
Requests the validation of a policy and returns a list of findings
accessanalyzer_get_generated_policy
Retrieves the policy that was generated using StartPolicyGeneration
accessanalyzer_start_resource_scan
Immediately starts a scan of the policies applied to the specified
resource
accessanalyzer_list_findings
Retrieves a list of findings generated by the specified analyzer
accessanalyzer_untag_resource
Removes a tag from the specified resource
accessanalyzer_list_policy_generations
Lists all of the policy generations requested in the last seven days
account_delete_alternate_contact
Deletes the specified alternate contact from an Amazon Web Services
account
accessanalyzer_update_archive_rule
Updates the criteria and values for the specified archive rule
AWS Certificate Manager
account_put_contact_information
Updates the primary contact information of an Amazon Web Services
account
Enables (opts-in) a particular Region for an account
account_put_alternate_contact
Modifies the specified alternate contact attached to an Amazon Web
Services account
Lists all the Regions for a given account and their respective opt-in
statuses
account_get_contact_information
Retrieves the primary contact information of an Amazon Web Services
account
Returns detailed metadata about the specified ACM certificate
account_get_alternate_contact
Retrieves the specified alternate contact attached to an Amazon Web
Services account
Retrieves a list of certificate ARNs and domain names
acm_add_tags_to_certificate
Adds one or more tags to an ACM certificate
Disables (opts-out) a particular Region for an account
acm_list_tags_for_certificate
Lists the tags that have been applied to the ACM certificate
account_get_region_opt_status
Retrieves the opt-in status of a particular Region
Exports a private certificate issued by a private certificate authority
(CA) for use anywhere
Deletes a certificate and its associated private key
Imports a certificate into Certificate Manager (ACM) to use with
services that are integrated with ACM
acm_put_account_configuration
Adds or modifies account-level configurations in ACM
acm_get_account_configuration
Returns the account configuration options associated with an Amazon Web
Services account
AWS Certificate Manager Private Certificate Authority
Retrieves an Amazon-issued certificate and its certificate chain
Grants one or more permissions on a private CA to the Certificate
Manager (ACM) service principal (acm
Renews an eligible ACM certificate
acm_remove_tags_from_certificate
Remove one or more tags from an ACM certificate
Requests an ACM certificate for use with other Amazon Web Services
services
acmpca_create_certificate_authority
Creates a root or subordinate private certificate authority (CA)
acmpca_delete_certificate_authority
Deletes a private certificate authority (CA)
acmpca_create_certificate_authority_audit_report
Creates an audit report that lists every time that your CA private key
is used
acm_resend_validation_email
Resends the email that requests domain ownership validation
acmpca_describe_certificate_authority
Lists information about your private certificate authority (CA) or one
that has been shared with you
acmpca_get_certificate_authority_certificate
Retrieves the certificate and certificate chain for your private
certificate authority (CA) or one that has been shared with you
Retrieves a certificate from your private CA or one that has been shared
with you
acm_update_certificate_options
Updates a certificate
Retrieves the resource-based policy attached to a private CA
Deletes the resource-based policy attached to a private CA
Uses your private certificate authority (CA), or one that has been
shared with you, to issue a client certificate
acmpca_get_certificate_authority_csr
Retrieves the certificate signing request (CSR) for your private
certificate authority (CA)
acmpca_import_certificate_authority_certificate
Imports a signed private CA certificate into Amazon Web Services Private
CA
Revokes permissions on a private CA granted to the Certificate Manager
(ACM) service principal (acm
acmpca_tag_certificate_authority
Adds one or more tags to your private CA
acmpca_untag_certificate_authority
Remove one or more tags from your private CA
acmpca_describe_certificate_authority_audit_report
Lists information about a specific audit report created by calling the
CreateCertificateAuthorityAuditReport action
acmpca_list_certificate_authorities
Lists the private certificate authorities that you created by using the
CreateCertificateAuthority action
Amazon CloudDirectory
Attaches a resource-based policy to a private CA
List all permissions on a private CA, if any, granted to the Certificate
Manager (ACM) service principal (acm
acmpca_revoke_certificate
Revokes a certificate that was issued inside Amazon Web Services Private
CA
Lists the tags, if any, that are associated with your private CA or one
that has been shared with you
clouddirectory_attach_object
Attaches an existing object to another object
acmpca_restore_certificate_authority
Restores a certificate authority (CA) that is in the DELETED state
acmpca_update_certificate_authority
Updates the status or configuration of a private certificate authority
(CA)
clouddirectory_apply_schema
Copies the input published schema, at the specified version, into the
Directory with the same name and version as that of the published schema
clouddirectory_attach_policy
Attaches a policy object to a regular object
clouddirectory_batch_write
Performs all the write operations in a batch
clouddirectory_create_directory
Creates a Directory by copying the published schema into the directory
clouddirectory_batch_read
Performs all the read operations in a batch
clouddirectory_add_facet_to_object
Adds a new Facet to an object
clouddirectory_attach_to_index
Attaches the specified object to the specified index
clouddirectory_attach_typed_link
Attaches a typed link to a specified source and target object
clouddirectory_create_facet
Creates a new Facet in a schema
clouddirectory_delete_object
Deletes an object and its associated attributes
clouddirectory_create_index
Creates an index object
clouddirectory_create_typed_link_facet
Creates a TypedLinkFacet
clouddirectory_delete_directory
Deletes a directory
clouddirectory_create_schema
Creates a new schema in a development state
clouddirectory_delete_facet
Deletes a given Facet
clouddirectory_delete_schema
Deletes a given schema
clouddirectory_create_object
Creates an object in a Directory
clouddirectory_delete_typed_link_facet
Deletes a TypedLinkFacet
clouddirectory_detach_from_index
Detaches the specified object from the specified index
clouddirectory_get_directory
Retrieves metadata about a directory
clouddirectory_detach_object
Detaches a given object from the parent object
clouddirectory_get_link_attributes
Retrieves attributes that are associated with a typed link
Gets details of the Facet, such as facet name, attributes, Rules, or
ObjectType
clouddirectory_get_applied_schema_version
Returns current applied schema version ARN, including the minor version
in use
clouddirectory_detach_typed_link
Detaches a typed link from a specified source and target object
clouddirectory_enable_directory
Enables the specified directory
clouddirectory_detach_policy
Detaches a policy from an object
clouddirectory_get_object_attributes
Retrieves attributes within a facet that are associated with an object
clouddirectory_disable_directory
Disables the specified directory
clouddirectory_list_applied_schema_arns
Lists schema major versions applied to a directory
clouddirectory_get_schema_as_json
Retrieves a JSON representation of the schema
clouddirectory_get_object_information
Retrieves metadata about an object
clouddirectory_list_development_schema_arns
Retrieves each Amazon Resource Name (ARN) of schemas in the development
state
clouddirectory_list_incoming_typed_links
Returns a paginated list of all the incoming TypedLinkSpecifier
information for an object
clouddirectory_list_facet_names
Retrieves the names of facets that exist in a schema
clouddirectory_list_attached_indices
Lists indices attached to the specified object
clouddirectory_list_facet_attributes
Retrieves attributes attached to the facet
clouddirectory_list_directories
Lists directories created within an account
clouddirectory_get_typed_link_facet_information
Returns the identity attribute order for a specific TypedLinkFacet
clouddirectory_list_object_policies
Returns policies attached to an object in pagination fashion
clouddirectory_list_outgoing_typed_links
Returns a paginated list of all the outgoing TypedLinkSpecifier
information for an object
clouddirectory_list_object_attributes
Lists all attributes that are associated with an object
clouddirectory_list_object_parents
Lists parent objects that are associated with a given object in
pagination fashion
clouddirectory_list_managed_schema_arns
Lists the major version families of each managed schema
clouddirectory_list_index
Lists objects attached to the specified index
clouddirectory_list_policy_attachments
Returns all of the ObjectIdentifiers to which a given policy is attached
clouddirectory_list_object_parent_paths
Retrieves all available parent paths for any object type such as node,
leaf node, policy node, and index node objects
clouddirectory_list_object_children
Returns a paginated list of child objects that are associated with a
given object
clouddirectory_list_published_schema_arns
Lists the major version families of each published schema
clouddirectory_list_tags_for_resource
Returns tags for a resource
clouddirectory_put_schema_from_json
Allows a schema to be updated using JSON upload
clouddirectory_lookup_policy
Lists all policies from the root of the Directory to the object
specified
clouddirectory_tag_resource
An API operation for adding tags to a resource
clouddirectory_remove_facet_from_object
Removes the specified facet from the specified object
clouddirectory_list_typed_link_facet_names
Returns a paginated list of TypedLink facet names for a particular
schema
clouddirectory_untag_resource
An API operation for removing tags from a resource
clouddirectory_update_facet
Does the following:
clouddirectory_list_typed_link_facet_attributes
Returns a paginated list of all attribute definitions for a particular
TypedLinkFacet
clouddirectory_publish_schema
Publishes a development schema with a major version and a recommended
minor version
clouddirectory_update_typed_link_facet
Updates a TypedLinkFacet
clouddirectory_update_link_attributes
Updates a given typed link’s attributes
Amazon CloudHSM
This is documentation for AWS CloudHSM Classic
clouddirectory_update_schema
Updates the schema name with a new name
This is documentation for AWS CloudHSM Classic
clouddirectory_upgrade_applied_schema
Upgrades a single directory in-place using the PublishedSchemaArn with
schema updates found in MinorVersion
cloudhsm_add_tags_to_resource
This is documentation for AWS CloudHSM Classic
clouddirectory_upgrade_published_schema
Upgrades a published schema under a new minor version revision using the
current contents of DevelopmentSchemaArn
cloudhsm_create_luna_client
This is documentation for AWS CloudHSM Classic
This is documentation for AWS CloudHSM Classic
clouddirectory_update_object_attributes
Updates a given object's attributes
cloudhsm_describe_luna_client
This is documentation for AWS CloudHSM Classic
cloudhsm_list_available_zones
This is documentation for AWS CloudHSM Classic
cloudhsm_delete_luna_client
This is documentation for AWS CloudHSM Classic
This is documentation for AWS CloudHSM Classic
This is documentation for AWS CloudHSM Classic
This is documentation for AWS CloudHSM Classic
This is documentation for AWS CloudHSM Classic
This is documentation for AWS CloudHSM Classic
AWS CloudHSM V2
This is documentation for AWS CloudHSM Classic
cloudhsm_list_luna_clients
This is documentation for AWS CloudHSM Classic
cloudhsmv2_create_cluster
Creates a new AWS CloudHSM cluster
cloudhsmv2_copy_backup_to_region
Copy an AWS CloudHSM cluster backup to a different region
This is documentation for AWS CloudHSM Classic
This is documentation for AWS CloudHSM Classic
cloudhsm_remove_tags_from_resource
This is documentation for AWS CloudHSM Classic
cloudhsm_modify_luna_client
This is documentation for AWS CloudHSM Classic
cloudhsm_list_tags_for_resource
This is documentation for AWS CloudHSM Classic
cloudhsmv2_modify_cluster
Modifies AWS CloudHSM cluster
Gets a list of tags for the specified AWS CloudHSM cluster
Deletes a specified AWS CloudHSM backup
cloudhsmv2_modify_backup_attributes
Modifies attributes for AWS CloudHSM backup
cloudhsmv2_delete_cluster
Deletes the specified AWS CloudHSM cluster
cloudhsmv2_initialize_cluster
Claims an AWS CloudHSM cluster by submitting the cluster certificate
issued by your issuing certificate authority (CA) and the CA's root
certificate
Creates a new hardware security module (HSM) in the specified AWS
CloudHSM cluster
cloudhsmv2_describe_backups
Gets information about backups of AWS CloudHSM clusters
cloudhsmv2_describe_clusters
Gets information about AWS CloudHSM clusters
Deletes the specified HSM
Amazon Cognito Identity
cognitoidentity_create_identity_pool
Creates a new identity pool
cognitoidentity_delete_identities
Deletes identities from an identity pool
cloudhsmv2_restore_backup
Restores a specified AWS CloudHSM backup that is in the PENDING_DELETION
state
cognitoidentity_delete_identity_pool
Deletes an identity pool
Adds or overwrites one or more tags for the specified AWS CloudHSM
cluster
cognitoidentity_describe_identity_pool
Gets details about a particular identity pool, including the pool name,
ID description, creation date, and current number of users
cloudhsmv2_untag_resource
Removes the specified tag or tags from the specified AWS CloudHSM
cluster
cognitoidentity_describe_identity
Returns metadata related to the given identity, including when the
identity was created and any associated linked logins
cognitoidentity_get_credentials_for_identity
Returns credentials for the provided identity ID
cognitoidentity_lookup_developer_identity
Retrieves the IdentityID associated with a DeveloperUserIdentifier or
the list of DeveloperUserIdentifier values associated with an IdentityId
for an existing identity
cognitoidentity_get_identity_pool_roles
Gets the roles for an identity pool
cognitoidentity_get_principal_tag_attribute_map
Use GetPrincipalTagAttributeMap to list all mappings between
PrincipalTags and user attributes
Generates (or retrieves) a Cognito ID
cognitoidentity_merge_developer_identities
Merges two users having different IdentityIds, existing in the same
identity pool, and identified by the same developer provider
cognitoidentity_list_tags_for_resource
Lists the tags that are assigned to an Amazon Cognito identity pool
cognitoidentity_get_open_id_token_for_developer_identity
Registers (or retrieves) a Cognito IdentityId and an OpenID Connect
token for a user authenticated by your backend authentication process
cognitoidentity_list_identity_pools
Lists all of the Cognito identity pools registered for your account
cognitoidentity_list_identities
Lists the identities in an identity pool
cognitoidentity_get_open_id_token
Gets an OpenID token, using a known Cognito ID
cognitoidentity_update_identity_pool
Updates an identity pool
cognitoidentity_unlink_identity
Unlinks a federated identity from an existing account
Amazon Cognito Identity Provider
cognitoidentity_set_principal_tag_attribute_map
You can use this operation to use default (username and clientID)
attribute or custom attribute mappings
cognitoidentity_tag_resource
Assigns a set of tags to the specified Amazon Cognito identity pool
cognitoidentityprovider_admin_add_user_to_group
Adds the specified user to the specified group
cognitoidentityprovider_add_custom_attributes
Adds additional user attributes to the user pool schema
cognitoidentity_untag_resource
Removes the specified tags from the specified Amazon Cognito identity
pool
cognitoidentity_unlink_developer_identity
Unlinks a DeveloperUserIdentifier from an existing identity
cognitoidentity_set_identity_pool_roles
Sets the roles for an identity pool
cognitoidentityprovider_admin_get_device
Gets the device, as an administrator
cognitoidentityprovider_admin_forget_device
Forgets the device, as an administrator
cognitoidentityprovider_admin_delete_user_attributes
Deletes the user attributes in a user pool as an administrator
cognitoidentityprovider_admin_disable_user
Deactivates a user and revokes all access tokens for the user
cognitoidentityprovider_admin_delete_user
Deletes a user as an administrator
cognitoidentityprovider_admin_enable_user
Enables the specified user as an administrator
cognitoidentityprovider_admin_confirm_sign_up
Confirms user registration as an admin without using a confirmation code
cognitoidentityprovider_admin_get_user
Gets the specified user by user name in a user pool as an administrator
cognitoidentityprovider_admin_create_user
Creates a new user in the specified user pool
cognitoidentityprovider_admin_disable_provider_for_user
Prevents the user from signing in with the specified external (SAML or
social) identity provider (IdP)
cognitoidentityprovider_admin_initiate_auth
Initiates the authentication flow, as an administrator
cognitoidentityprovider_admin_list_groups_for_user
Lists the groups that the user belongs to
cognitoidentityprovider_admin_set_user_mfa_preference
The user's multi-factor authentication (MFA) preference, including which
MFA options are activated, and if any are preferred
cognitoidentityprovider_admin_list_devices
Lists devices, as an administrator
cognitoidentityprovider_admin_set_user_password
Sets the specified user's password in a user pool as an administrator
cognitoidentityprovider_admin_respond_to_auth_challenge
Responds to an authentication challenge, as an administrator
cognitoidentityprovider_admin_list_user_auth_events
A history of user activity and any risks detected as part of Amazon
Cognito advanced security
cognitoidentityprovider_admin_link_provider_for_user
Links an existing user account in a user pool (DestinationUser) to an
identity from an external IdP (SourceUser) based on a specified
attribute name and value from the external IdP
cognitoidentityprovider_admin_remove_user_from_group
Removes the specified user from the specified group
cognitoidentityprovider_admin_reset_user_password
Resets the specified user's password in a user pool as an administrator
cognitoidentityprovider_admin_update_device_status
Updates the device status as an administrator
cognitoidentityprovider_confirm_forgot_password
Allows a user to enter a confirmation code to reset a forgotten password
cognitoidentityprovider_confirm_device
Confirms tracking of the device
cognitoidentityprovider_confirm_sign_up
Confirms registration of a new user
cognitoidentityprovider_associate_software_token
Begins setup of time-based one-time password (TOTP) multi-factor
authentication (MFA) for a user, with a unique private key that Amazon
Cognito generates and returns in the API response
cognitoidentityprovider_admin_set_user_settings
This action is no longer supported
cognitoidentityprovider_change_password
Changes the password for a specified user in a user pool
cognitoidentityprovider_admin_user_global_sign_out
Signs out a user from all devices
cognitoidentityprovider_admin_update_auth_event_feedback
Provides feedback for an authentication event indicating if it was from
a valid user
cognitoidentityprovider_admin_update_user_attributes
This action might generate an SMS text message
cognitoidentityprovider_delete_identity_provider
Deletes an IdP for a user pool
cognitoidentityprovider_delete_group
Deletes a group
cognitoidentityprovider_create_resource_server
Creates a new OAuth2
cognitoidentityprovider_delete_resource_server
Deletes a resource server
cognitoidentityprovider_create_user_import_job
Creates a user import job
cognitoidentityprovider_create_user_pool
This action might generate an SMS text message
cognitoidentityprovider_create_identity_provider
Creates an IdP for a user pool
cognitoidentityprovider_create_user_pool_domain
Creates a new domain for a user pool
cognitoidentityprovider_create_group
Creates a new group in the specified user pool
cognitoidentityprovider_create_user_pool_client
Creates the user pool client
cognitoidentityprovider_delete_user_pool_domain
Deletes a domain for a user pool
cognitoidentityprovider_describe_user_pool
Returns the configuration information and metadata of the specified user
pool
cognitoidentityprovider_describe_user_import_job
Describes the user import job
cognitoidentityprovider_delete_user_attributes
Deletes the attributes for a user
cognitoidentityprovider_describe_resource_server
Describes a resource server
cognitoidentityprovider_delete_user_pool_client
Allows the developer to delete the user pool client
cognitoidentityprovider_describe_identity_provider
Gets information about a specific IdP
cognitoidentityprovider_describe_risk_configuration
Describes the risk configuration
cognitoidentityprovider_delete_user_pool
Deletes the specified Amazon Cognito user pool
cognitoidentityprovider_delete_user
Allows a user to delete their own user profile
cognitoidentityprovider_describe_user_pool_client
Client method for returning the configuration information and metadata
of the specified user pool app client
cognitoidentityprovider_get_signing_certificate
This method takes a user pool ID, and returns the signing certificate
cognitoidentityprovider_get_csv_header
Gets the header information for the comma-separated value (CSV) file to
be used as input for the user import job
cognitoidentityprovider_get_device
Gets the device
cognitoidentityprovider_forget_device
Forgets the specified device
cognitoidentityprovider_get_group
Gets a group
cognitoidentityprovider_describe_user_pool_domain
Gets information about a domain
cognitoidentityprovider_get_log_delivery_configuration
Gets the detailed activity logging configuration for a user pool
cognitoidentityprovider_get_identity_provider_by_identifier
Gets the specified IdP
cognitoidentityprovider_forgot_password
Calling this API causes a message to be sent to the end user with a
confirmation code that is required to change the user's password
cognitoidentityprovider_get_user_attribute_verification_code
Generates a user attribute verification code for the specified attribute
name
cognitoidentityprovider_get_ui_customization
Gets the user interface (UI) Customization information for a particular
app client's app UI, if any such information exists for the client
cognitoidentityprovider_list_devices
Lists the sign-in devices that Amazon Cognito has registered to the
current user
cognitoidentityprovider_list_identity_providers
Lists information about all IdPs for a user pool
cognitoidentityprovider_initiate_auth
Initiates sign-in for a user in the Amazon Cognito user directory
cognitoidentityprovider_get_user_pool_mfa_config
Gets the user pool multi-factor authentication (MFA) configuration
cognitoidentityprovider_get_user
Gets the user attributes and metadata for a user
cognitoidentityprovider_list_resource_servers
Lists the resource servers for a user pool
cognitoidentityprovider_global_sign_out
Signs out a user from all devices
cognitoidentityprovider_list_groups
Lists the groups associated with a user pool
cognitoidentityprovider_resend_confirmation_code
Resends the confirmation (for confirmation of registration) to a
specific user in the user pool
cognitoidentityprovider_list_tags_for_resource
Lists the tags that are assigned to an Amazon Cognito user pool
cognitoidentityprovider_list_user_pool_clients
Lists the clients that have been created for the specified user pool
cognitoidentityprovider_revoke_token
Revokes all of the access tokens generated by, and at the same time as,
the specified refresh token
cognitoidentityprovider_list_user_pools
Lists the user pools associated with an Amazon Web Services account
cognitoidentityprovider_list_user_import_jobs
Lists user import jobs for a user pool
cognitoidentityprovider_list_users
Lists users and their basic details in a user pool
cognitoidentityprovider_respond_to_auth_challenge
Responds to the authentication challenge
cognitoidentityprovider_list_users_in_group
Lists the users in the specified group
cognitoidentityprovider_set_log_delivery_configuration
Sets up or modifies the detailed activity logging configuration of a
user pool
cognitoidentityprovider_tag_resource
Assigns a set of tags to an Amazon Cognito user pool
cognitoidentityprovider_start_user_import_job
Starts the user import
cognitoidentityprovider_set_user_mfa_preference
Set the user's multi-factor authentication (MFA) method preference,
including which MFA factors are activated and if any are preferred
cognitoidentityprovider_set_user_settings
This action is no longer supported
cognitoidentityprovider_stop_user_import_job
Stops the user import job
cognitoidentityprovider_sign_up
Registers the user in the specified user pool and creates a user name,
password, and user attributes
cognitoidentityprovider_set_risk_configuration
Configures actions on detected risks
cognitoidentityprovider_untag_resource
Removes the specified tags from an Amazon Cognito user pool
cognitoidentityprovider_set_user_pool_mfa_config
Sets the user pool multi-factor authentication (MFA) configuration
cognitoidentityprovider_set_ui_customization
Sets the user interface (UI) customization information for a user pool's
built-in app UI
cognitoidentityprovider_update_auth_event_feedback
Provides the feedback for an authentication event, whether it was from a
valid user or not
cognitoidentityprovider_update_device_status
Updates the device status
cognitoidentityprovider_update_resource_server
Updates the name and scopes of resource server
cognitoidentityprovider_update_identity_provider
Updates IdP information for a user pool
cognitoidentityprovider_update_user_pool_domain
Updates the Secure Sockets Layer (SSL) certificate for the custom domain
for your user pool
cognitoidentityprovider_update_user_attributes
Allows a user to update a specific attribute (one at a time)
cognitoidentityprovider_update_group
Updates the specified group with the specified attributes
cognitoidentityprovider_update_user_pool_client
Updates the specified user pool app client with the specified attributes
cognitoidentityprovider_update_user_pool
This action might generate an SMS text message
cognitoidentityprovider_verify_software_token
Use this API to register a user's entered time-based one-time password
(TOTP) code and mark the user's software token MFA status as "verified"
if successful
cognitosync_describe_identity_usage
Gets usage information for an identity, including number of datasets and
data usage
Amazon Cognito Sync
cognitosync_delete_dataset
Deletes the specific dataset
Initiates a bulk publish of all existing datasets for an Identity Pool
to the configured stream
cognitosync_get_bulk_publish_details
Get the status of the last BulkPublish operation for an identity pool
cognitosync_get_identity_pool_configuration
Gets the configuration settings of an identity pool
cognitosync_describe_dataset
Gets meta data about a dataset by identity and dataset name
cognitoidentityprovider_verify_user_attribute
Verifies the specified user attributes in the user pool
cognitosync_get_cognito_events
Gets the events and the corresponding Lambda functions associated with
an identity pool
cognitosync_describe_identity_pool_usage
Gets usage details (for example, data storage) about a particular
identity pool
cognitosync_set_cognito_events
Sets the AWS Lambda function for a given event type for an identity pool
cognitosync_set_identity_pool_configuration
Sets the necessary configuration for push sync
cognitosync_list_datasets
Lists datasets for an identity
Gets paginated records, optionally changed after a particular sync count
for a dataset and identity
cognitosync_unsubscribe_from_dataset
Unsubscribes from receiving notifications when a dataset is modified by
another device
cognitosync_subscribe_to_dataset
Subscribes to receive notifications when a dataset is modified by
another device
detective_batch_get_membership_datasources
Gets information on the data source package history for an account
Amazon Detective
detective_describe_organization_configuration
Returns information about the configuration for the organization
behavior graph
Removes the specified member accounts from the behavior graph
Disables the specified behavior graph and queues it to be deleted
detective_accept_invitation
Accepts an invitation for the member account to contribute data to a
behavior graph
CreateMembers is used to send invitations to accounts
detective_batch_get_graph_member_datasources
Gets data source package information for the behavior graph
detective_disable_organization_admin_account
Removes the Detective administrator account in the current Region
cognitosync_update_records
Posts updates to records and adds and deletes records for a dataset and
user
detective_disassociate_membership
Removes the member account from the specified behavior graph
Creates a new behavior graph for the calling account, and sets that
account as the administrator account
cognitosync_list_identity_pool_usage
Gets a list of identity pools registered with Cognito
cognitosync_register_device
Registers a device to receive push sync notifications
detective_list_organization_admin_accounts
Returns information about the Detective administrator account for an
organization
detective_enable_organization_admin_account
Designates the Detective administrator account for the organization in
the current Region
detective_reject_invitation
Rejects an invitation to contribute the account data to a behavior graph
detective_list_invitations
Retrieves the list of open and accepted behavior graph invitations for
the member account
detective_list_datasource_packages
Lists data source packages in the behavior graph
detective_start_monitoring_member
Sends a request to enable data ingest for a member account that has a
status of ACCEPTED_BUT_DISABLED
Returns the membership details for specified member accounts for a
behavior graph
detective_list_tags_for_resource
Returns the tag values that are assigned to a behavior graph
Retrieves the list of member accounts for a behavior graph
Returns the list of behavior graphs that the calling account is an
administrator account of
directoryservice_add_ip_routes
If the DNS server for your self-managed domain uses a publicly
addressable IP address, you must add a CIDR address block to correctly
route traffic to and from your Microsoft AD on Amazon Web Services
AWS Directory Service
directoryservice_accept_shared_directory
Accepts a directory sharing request that was sent from the directory
owner account
detective_update_datasource_packages
Starts a data source packages for the behavior graph
Removes tags from a behavior graph
Applies tag values to a behavior graph
directoryservice_add_region
Adds two domain controllers in the specified Region for the specified
directory
directoryservice_cancel_schema_extension
Cancels an in-progress schema extension to a Microsoft AD directory
directoryservice_add_tags_to_resource
Adds or overwrites one or more tags for the specified directory
detective_update_organization_configuration
Updates the configuration for the Organizations integration in the
current Region
directoryservice_create_trust
Directory Service for Microsoft Active Directory allows you to configure
trust relationships
directoryservice_create_conditional_forwarder
Creates a conditional forwarder associated with your Amazon Web Services
directory
directoryservice_create_directory
Creates a Simple AD directory
directoryservice_create_microsoft_ad
Creates a Microsoft AD directory in the Amazon Web Services Cloud
directoryservice_create_computer
Creates an Active Directory computer object in the specified directory
directoryservice_delete_conditional_forwarder
Deletes a conditional forwarder that has been set up for your Amazon Web
Services directory
directoryservice_create_alias
Creates an alias for a directory and assigns the alias to the directory
directoryservice_create_log_subscription
Creates a subscription to forward real-time Directory Service domain
controller security logs to the specified Amazon CloudWatch log group in
your Amazon Web Services account
directoryservice_create_snapshot
Creates a snapshot of a Simple AD or Microsoft AD directory in the
Amazon Web Services cloud
directoryservice_connect_directory
Creates an AD Connector to connect to a self-managed directory
directoryservice_delete_directory
Deletes an Directory Service directory
directoryservice_delete_trust
Deletes an existing trust relationship between your Managed Microsoft AD
directory and an external domain
directoryservice_delete_snapshot
Deletes a directory snapshot
directoryservice_describe_certificate
Displays information about the certificate registered for secure LDAP or
client certificate authentication
directoryservice_describe_directories
Obtains information about the directories that belong to this account
directoryservice_describe_conditional_forwarders
Obtains information about the conditional forwarders for this account
directoryservice_deregister_event_topic
Removes the specified directory as a publisher to the specified Amazon
SNS topic
directoryservice_deregister_certificate
Deletes from the system the certificate that was registered for secure
LDAP or client certificate authentication
directoryservice_delete_log_subscription
Deletes the specified log subscription
directoryservice_describe_client_authentication_settings
Retrieves information about the type of client authentication for the
specified directory, if the type is specified
directoryservice_describe_shared_directories
Returns the shared directories in your account
directoryservice_describe_domain_controllers
Provides information about any domain controllers in your directory
directoryservice_describe_event_topics
Obtains information about which Amazon SNS topics receive status
messages from the specified directory
directoryservice_disable_client_authentication
Disables alternative client authentication methods for the specified
directory
directoryservice_describe_ldaps_settings
Describes the status of LDAP security for the specified directory
directoryservice_describe_update_directory
Describes the updates of a directory for a particular update type
directoryservice_describe_snapshots
Obtains information about the directory snapshots that belong to this
account
directoryservice_describe_settings
Retrieves information about the configurable settings for the specified
directory
directoryservice_describe_trusts
Obtains information about the trust relationships for this account
directoryservice_describe_regions
Provides information about the Regions that are configured for
multi-Region replication
directoryservice_enable_client_authentication
Enables alternative client authentication methods for the specified
directory
directoryservice_get_snapshot_limits
Obtains the manual snapshot limits for a directory
directoryservice_disable_radius
Disables multi-factor authentication (MFA) with the Remote
Authentication Dial In User Service (RADIUS) server for an AD Connector
or Microsoft AD directory
directoryservice_list_certificates
For the specified directory, lists all the certificates registered for a
secure LDAP or client certificate authentication
directoryservice_disable_sso
Disables single-sign on for a directory
directoryservice_enable_radius
Enables multi-factor authentication (MFA) with the Remote Authentication
Dial In User Service (RADIUS) server for an AD Connector or Microsoft AD
directory
directoryservice_get_directory_limits
Obtains directory limit information for the current Region
directoryservice_enable_sso
Enables single sign-on for a directory
directoryservice_disable_ldaps
Deactivates LDAP secure calls for the specified directory
directoryservice_enable_ldaps
Activates the switch for the specific directory to always use LDAP
secure calls
directoryservice_reject_shared_directory
Rejects a directory sharing request that was sent from the directory
owner account
directoryservice_list_schema_extensions
Lists all schema extensions applied to a Microsoft AD Directory
directoryservice_remove_ip_routes
Removes IP address blocks from a directory
directoryservice_list_log_subscriptions
Lists the active log subscriptions for the Amazon Web Services account
directoryservice_remove_tags_from_resource
Removes tags from a directory
directoryservice_remove_region
Stops all replication and removes the domain controllers from the
specified Region
directoryservice_register_event_topic
Associates a directory with an Amazon SNS topic
directoryservice_list_ip_routes
Lists the address blocks that you have added to a directory
directoryservice_list_tags_for_resource
Lists all tags on a directory
directoryservice_register_certificate
Registers a certificate for a secure LDAP or client certificate
authentication
directoryservice_update_settings
Updates the configurable settings for the specified directory
directoryservice_update_radius
Updates the Remote Authentication Dial In User Service (RADIUS) server
information for an AD Connector or Microsoft AD directory
directoryservice_restore_from_snapshot
Restores a directory using an existing directory snapshot
directoryservice_unshare_directory
Stops the directory sharing between the directory owner and consumer
accounts
directoryservice_share_directory
Shares a specified directory (DirectoryId) in your Amazon Web Services
account (directory owner) with another Amazon Web Services account
(directory consumer)
directoryservice_update_directory_setup
Updates the directory for a particular update type
directoryservice_start_schema_extension
Applies a schema extension to a Microsoft AD directory
directoryservice_update_conditional_forwarder
Updates a conditional forwarder that has been set up for your Amazon Web
Services directory
directoryservice_update_number_of_domain_controllers
Adds or removes domain controllers to or from the directory
directoryservice_reset_user_password
Resets the password for any user in your Managed Microsoft AD or Simple
AD directory
Firewall Management Service
fms_associate_admin_account
Sets a Firewall Manager default administrator account
Permanently deletes an Firewall Manager applications list
fms_batch_associate_resource
Associate resources to a Firewall Manager resource set
Permanently deletes an Firewall Manager policy
directoryservice_verify_trust
Directory Service for Microsoft Active Directory allows you to configure
and verify trust relationships
fms_batch_disassociate_resource
Disassociates resources from a Firewall Manager resource set
fms_delete_notification_channel
Deletes an Firewall Manager association with the IAM role and the Amazon
Simple Notification Service (SNS) topic that is used to record Firewall
Manager SNS logs
directoryservice_update_trust
Updates the trust that has been set up between your Managed Microsoft AD
directory and an self-managed Active Directory
fms_associate_third_party_firewall
Sets the Firewall Manager policy administrator as a tenant administrator
of a third-party firewall service
fms_disassociate_admin_account
Disassociates an Firewall Manager administrator account
Returns the Organizations account that is associated with Firewall
Manager as the Firewall Manager default administrator
fms_get_compliance_detail
Returns detailed compliance information about the specified member
account
Returns information about the specified Firewall Manager policy
fms_delete_protocols_list
Permanently deletes an Firewall Manager protocols list
Returns information about the specified account's administrative scope
Deletes the specified ResourceSet
fms_disassociate_third_party_firewall
Disassociates a Firewall Manager policy administrator from a third-party
firewall tenant
fms_get_notification_channel
Information about the Amazon Simple Notification Service (SNS) topic
that is used to record Firewall Manager SNS logs
Returns information about the specified Firewall Manager applications
list
fms_get_violation_details
Retrieves violations for a resource based on the specified Firewall
Manager policy and Amazon Web Services account
Returns information about the specified Firewall Manager protocols list
Returns an array of AppsListDataSummary objects
fms_list_compliance_status
Returns an array of PolicyComplianceStatus objects
fms_list_admins_managing_account
Lists the accounts that are managing the specified Organizations member
account
fms_get_third_party_firewall_association_status
The onboarding status of a Firewall Manager admin account to third-party
firewall vendor tenant
fms_list_discovered_resources
Returns an array of resources in the organization's accounts that are
available to be associated with a resource set
fms_get_protection_status
If you created a Shield Advanced policy, returns policy-level attack
summary information in the event of a potential DDoS attack
Returns an array of ResourceSetSummary objects
Gets information about a specific resource set
fms_list_admin_accounts_for_organization
Returns a AdminAccounts object that lists the Firewall Manager
administrators within the organization that are onboarded to Firewall
Manager by AssociateAdminAccount
fms_put_notification_channel
Designates the IAM role and Amazon Simple Notification Service (SNS)
topic that Firewall Manager uses to record SNS logs
Creates or updates an Firewall Manager administrator account
Creates an Firewall Manager applications list
Returns a MemberAccounts object that lists the member accounts in the
administrator's Amazon Web Services organization
fms_list_tags_for_resource
Retrieves the list of tags for the specified Amazon Web Services
resource
Returns an array of ProtocolsListDataSummary objects
fms_list_resource_set_resources
Returns an array of resources that are currently associated to a
resource set
fms_list_third_party_firewall_firewall_policies
Retrieves a list of all of the third-party firewall policies that are
associated with the third-party firewall administrator's account
Returns an array of PolicySummary objects
Adds one or more tags to an Amazon Web Services resource
Removes one or more tags from an Amazon Web Services resource
Amazon GuardDuty
guardduty_archive_findings
Archives GuardDuty findings that are specified by the list of finding
IDs
guardduty_create_detector
Creates a single Amazon GuardDuty detector
Creates an Firewall Manager protocols list
Creates the resource set
guardduty_accept_invitation
Accepts the invitation to be monitored by a GuardDuty administrator
account
guardduty_accept_administrator_invitation
Accepts the invitation to be a member account and get monitored by a
GuardDuty administrator account that sent the invitation
Creates an Firewall Manager policy
guardduty_create_sample_findings
Generates sample findings of types specified by the list of finding
types
Deletes the filter specified by the filter name
Creates member accounts of the current Amazon Web Services account by
specifying a list of Amazon Web Services account IDs
guardduty_create_threat_intel_set
Creates a new ThreatIntelSet
guardduty_create_publishing_destination
Creates a publishing destination to export findings to
guardduty_delete_invitations
Deletes invitations sent to the current member account by Amazon Web
Services accounts specified by their account IDs
Creates a new IPSet, which is called a trusted IP list in the console
user interface
guardduty_delete_detector
Deletes an Amazon GuardDuty detector that is specified by the detector
ID
guardduty_decline_invitations
Declines invitations sent to the current member account by Amazon Web
Services accounts specified by their account IDs
Creates a filter using the specified finding criteria
guardduty_disable_organization_admin_account
Disables an Amazon Web Services account within the Organization as the
GuardDuty delegated administrator
guardduty_describe_malware_scans
Returns a list of malware scans
guardduty_describe_organization_configuration
Returns information about the account selected as the delegated
administrator for GuardDuty
guardduty_disassociate_from_administrator_account
Disassociates the current GuardDuty member account from its
administrator account
Deletes the IPSet specified by the ipSetId
Deletes GuardDuty member accounts (to the current GuardDuty
administrator account) specified by the account IDs
Returns the details of the filter specified by the filter name
Retrieves the IPSet specified by the ipSetId
guardduty_disassociate_from_master_account
Disassociates the current GuardDuty member account from its
administrator account
Retrieves an Amazon GuardDuty detector specified by the detectorId
guardduty_get_coverage_statistics
Retrieves aggregated statistics for your account
guardduty_delete_publishing_destination
Deletes the publishing definition with the specified destinationId
guardduty_delete_threat_intel_set
Deletes the ThreatIntelSet specified by the ThreatIntelSet ID
Describes Amazon GuardDuty findings specified by finding IDs
guardduty_describe_publishing_destination
Returns information about the publishing destination specified by the
provided destinationId
guardduty_get_invitations_count
Returns the count of all GuardDuty membership invitations that were sent
to the current member account except the currently accepted invitation
guardduty_get_findings_statistics
Lists Amazon GuardDuty findings statistics for the specified detector ID
guardduty_get_administrator_account
Provides the details for the GuardDuty administrator account associated
with the current GuardDuty member account
guardduty_enable_organization_admin_account
Enables an Amazon Web Services account within the organization as the
GuardDuty delegated administrator
guardduty_disassociate_members
Disassociates GuardDuty member accounts (from the current administrator
account) specified by the account IDs
guardduty_get_member_detectors
Describes which data sources are enabled for the member account's
detector
Invites Amazon Web Services accounts to become members of an
organization administered by the Amazon Web Services account that
invokes this API
Lists detectorIds of all the existing Amazon GuardDuty detector
resources
Lists coverage details for your GuardDuty account
guardduty_get_remaining_free_trial_days
Provides the number of days left for each data source used in the free
trial period
guardduty_get_threat_intel_set
Retrieves the ThreatIntelSet that is specified by the ThreatIntelSet ID
guardduty_get_usage_statistics
Lists Amazon GuardDuty usage statistics over the last 30 days for the
specified detector ID
guardduty_get_master_account
Provides the details for the GuardDuty administrator account associated
with the current GuardDuty member account
guardduty_list_tags_for_resource
Lists tags for a resource
guardduty_list_threat_intel_sets
Lists the ThreatIntelSets of the GuardDuty service specified by the
detector ID
guardduty_list_organization_admin_accounts
Lists the accounts configured as GuardDuty delegated administrators
Retrieves GuardDuty member accounts (of the current GuardDuty
administrator account) specified by the account IDs
guardduty_get_malware_scan_settings
Returns the details of the malware scan settings
Lists details about all member accounts for the current GuardDuty
administrator account
Returns a paginated list of the current filters
Lists the IPSets of the GuardDuty service specified by the detector ID
guardduty_start_malware_scan
Initiates the malware scan
guardduty_list_publishing_destinations
Returns a list of publishing destinations associated with the specified
detectorId
guardduty_list_invitations
Lists all GuardDuty membership invitations that were sent to the current
Amazon Web Services account
Lists Amazon GuardDuty findings for the specified detector ID
guardduty_update_findings_feedback
Marks the specified GuardDuty findings as useful or not useful
Updates the IPSet specified by the IPSet ID
Removes tags from a resource
guardduty_start_monitoring_members
Turns on GuardDuty monitoring of the specified member accounts
Updates the filter specified by the filter name
guardduty_unarchive_findings
Unarchives GuardDuty findings specified by the findingIds
Adds tags to a resource
guardduty_update_malware_scan_settings
Updates the malware scan settings
guardduty_stop_monitoring_members
Stops GuardDuty monitoring for the specified member accounts
guardduty_update_detector
Updates the Amazon GuardDuty detector specified by the detectorId
guardduty_update_threat_intel_set
Updates the ThreatIntelSet specified by the ThreatIntelSet ID
AWS Identity and Access Management
guardduty_update_member_detectors
Contains information on member accounts to be updated
guardduty_update_organization_configuration
Configures the delegated administrator account with the provided values
guardduty_update_publishing_destination
Updates information about the publishing destination specified by the
destinationId
Adds the specified user to the specified group
iam_add_client_id_to_open_id_connect_provider
Adds a new client ID (also known as audience) to the list of client IDs
already registered for the specified IAM OpenID Connect (OIDC) provider
resource
Attaches the specified managed policy to the specified IAM role
Changes the password of the IAM user who is calling this operation
Attaches the specified managed policy to the specified IAM group
iam_create_policy_version
Creates a new version of the specified managed policy
Creates a password for the specified IAM user
iam_add_role_to_instance_profile
Adds the specified IAM role to the specified instance profile
Creates a new managed policy for your Amazon Web Services account
iam_deactivate_mfa_device
Deactivates the specified MFA device and removes it from association
with the user name for which it was originally enabled
Deletes the access key pair associated with the specified IAM user
Creates a new group
Creates an alias for your Amazon Web Services account
Creates an IAM resource that describes an identity provider (IdP) that
supports SAML 2
iam_create_instance_profile
Creates a new instance profile
Creates a new IAM user for your Amazon Web Services account
iam_create_service_linked_role
Creates an IAM role that is linked to a specific Amazon Web Services
service
Deletes the specified Amazon Web Services account alias
Attaches the specified managed policy to the specified user
iam_create_open_id_connect_provider
Creates an IAM entity to describe an identity provider (IdP) that
supports OpenID Connect (OIDC)
iam_create_virtual_mfa_device
Creates a new virtual MFA device for the Amazon Web Services account
Creates a new Amazon Web Services secret access key and corresponding
Amazon Web Services access key ID for the specified user
Creates a new role for your Amazon Web Services account
iam_delete_instance_profile
Deletes the specified instance profile
Deletes the specified inline policy that is embedded in the specified
IAM role
iam_delete_policy_version
Deletes the specified version from the specified managed policy
Deletes the specified inline policy that is embedded in the specified
IAM group
Deletes the specified managed policy
iam_delete_account_password_policy
Deletes the password policy for the Amazon Web Services account
Deletes the specified role
iam_delete_open_id_connect_provider
Deletes an OpenID Connect identity provider (IdP) resource object in IAM
Deletes the specified IAM group
Deletes the password for the specified IAM user, For more information,
see Managing passwords for IAM users
iam_delete_role_permissions_boundary
Deletes the permissions boundary for the specified IAM role
iam_create_service_specific_credential
Generates a set of credentials consisting of a user name and password
that can be used to access the service specified in the request
iam_delete_ssh_public_key
Deletes the specified SSH public key
iam_delete_signing_certificate
Deletes a signing certificate associated with the specified IAM user
iam_delete_service_specific_credential
Deletes the specified service-specific credential
Deletes a SAML provider resource in IAM
iam_delete_service_linked_role
Submits a service-linked role deletion request and returns a
DeletionTaskId, which you can use to check the status of the deletion
iam_delete_server_certificate
Deletes the specified server certificate
Deletes the specified inline policy that is embedded in the specified
IAM user
iam_delete_user_permissions_boundary
Deletes the permissions boundary for the specified IAM user
iam_delete_virtual_mfa_device
Deletes a virtual MFA device
Deletes the specified IAM user
Removes the specified managed policy from the specified IAM group
Removes the specified managed policy from the specified role
iam_get_access_key_last_used
Retrieves information about when the specified access key was last used
iam_generate_organizations_access_report
Generates a report for service last accessed data for Organizations
iam_generate_credential_report
Generates a credential report for the Amazon Web Services account
Removes the specified managed policy from the specified user
iam_get_account_password_policy
Retrieves the password policy for the Amazon Web Services account
Enables the specified MFA device and associates it with the specified
IAM user
Retrieves information about an MFA device for a specified user
iam_generate_service_last_accessed_details
Generates a report that includes details about when an IAM resource
(user, group, role, or policy) was last used in an attempt to access
Amazon Web Services services
iam_get_account_authorization_details
Retrieves information about all IAM users, groups, roles, and policies
in your Amazon Web Services account, including their relationships to
one another
iam_get_context_keys_for_principal_policy
Gets a list of all of the context keys referenced in all the IAM
policies that are attached to the specified IAM entity
Returns a list of IAM users that are in the specified IAM group
Retrieves the specified inline policy document that is embedded in the
specified IAM group
iam_get_open_id_connect_provider
Returns information about the specified OpenID Connect (OIDC) provider
resource object in IAM
iam_get_context_keys_for_custom_policy
Gets a list of all of the context keys referenced in the input policies
iam_get_credential_report
Retrieves a credential report for the Amazon Web Services account
Retrieves information about the specified instance profile, including
the instance profile's path, GUID, ARN, and role
Retrieves information about IAM entity usage and IAM quotas in the
Amazon Web Services account
Retrieves the user name for the specified IAM user
iam_get_server_certificate
Retrieves information about the specified server certificate stored in
IAM
iam_get_service_linked_role_deletion_status
Retrieves the status of your service-linked role deletion
Retrieves information about the specified version of the specified
managed policy, including the policy document
Retrieves the specified inline policy document that is embedded with the
specified IAM role
Retrieves information about the specified role, including the role's
path, GUID, ARN, and the role's trust policy that grants permission to
assume the role
Returns the SAML provider metadocument that was uploaded when the IAM
SAML provider resource object was created or updated
iam_get_service_last_accessed_details
Retrieves a service last accessed report that was created using the
GenerateServiceLastAccessedDetails operation
iam_get_organizations_access_report
Retrieves the service last accessed data report for Organizations that
was previously generated using the GenerateOrganizationsAccessReport
operation
Retrieves information about the specified managed policy, including the
policy's default version and the total number of IAM users, groups, and
roles to which the policy is attached
iam_get_service_last_accessed_details_with_entities
After you generate a group or policy report using the
GenerateServiceLastAccessedDetails operation, you can use the JobId
parameter in GetServiceLastAccessedDetailsWithEntities
iam_list_entities_for_policy
Lists all IAM users, groups, and roles that the specified managed policy
is attached to
iam_list_attached_group_policies
Lists all managed policies that are attached to the specified IAM group
Lists the names of the inline policies that are embedded in the
specified IAM group
Returns information about the access key IDs associated with the
specified IAM user
Retrieves the specified inline policy document that is embedded in the
specified IAM user
Retrieves information about the specified IAM user, including the user's
creation date, path, unique ID, and ARN
Retrieves the specified SSH public key, including metadata about the key
iam_list_attached_user_policies
Lists all managed policies that are attached to the specified IAM user
iam_list_attached_role_policies
Lists all managed policies that are attached to the specified IAM role
Lists the account alias associated with the Amazon Web Services account
(Note: you can have only one)
iam_list_open_id_connect_provider_tags
Lists the tags that are attached to the specified OpenID Connect
(OIDC)-compatible identity provider
iam_list_instance_profiles
Lists the instance profiles that have the specified path prefix
Lists all the managed policies that are available in your Amazon Web
Services account, including your own customer-defined managed policies
and all Amazon Web Services managed policies
iam_list_instance_profiles_for_role
Lists the instance profiles that have the specified associated IAM role
iam_list_instance_profile_tags
Lists the tags that are attached to the specified IAM instance profile
iam_list_open_id_connect_providers
Lists information about the IAM OpenID Connect (OIDC) provider resource
objects defined in the Amazon Web Services account
Lists the IAM groups that have the specified path prefix
Lists the MFA devices for an IAM user
Lists the tags that are attached to the specified IAM virtual
multi-factor authentication (MFA) device
Lists the IAM groups that the specified IAM user belongs to
Lists the SAML provider resource objects defined in IAM in the account
Lists the IAM roles that have the specified path prefix
Lists the names of the inline policies that are embedded in the
specified IAM role
Lists information about the versions of the specified managed policy,
including the version that is currently set as the policy's default
version
iam_list_policies_granting_service_access
Retrieves a list of policies that the IAM identity (user, group, or
role) can use to access each specified service
Lists the tags that are attached to the specified IAM customer managed
policy
iam_list_server_certificates
Lists the server certificates stored in IAM that have the specified path
prefix
iam_list_server_certificate_tags
Lists the tags that are attached to the specified IAM server certificate
iam_list_saml_provider_tags
Lists the tags that are attached to the specified Security Assertion
Markup Language (SAML) identity provider
Lists the tags that are attached to the specified role
iam_list_virtual_mfa_devices
Lists the virtual MFA devices defined in the Amazon Web Services account
by assignment status
Adds or updates an inline policy document that is embedded in the
specified IAM group
Lists the IAM users that have the specified path prefix
Lists the names of the inline policies embedded in the specified IAM
user
Lists the tags that are attached to the specified IAM user
iam_list_service_specific_credentials
Returns information about the service-specific credentials associated
with the specified IAM user
iam_list_signing_certificates
Returns information about the signing certificates associated with the
specified IAM user
Returns information about the SSH public keys associated with the
specified IAM user
Adds or updates an inline policy document that is embedded in the
specified IAM role
iam_put_role_permissions_boundary
Adds or updates the policy that is specified as the IAM role's
permissions boundary
iam_remove_client_id_from_open_id_connect_provider
Removes the specified client ID (also known as audience) from the list
of client IDs registered for the specified IAM OpenID Connect (OIDC)
provider resource object
iam_put_user_permissions_boundary
Adds or updates the policy that is specified as the IAM user's
permissions boundary
iam_set_default_policy_version
Sets the specified version of the specified policy as the policy's
default (operative) version
iam_remove_role_from_instance_profile
Removes the specified IAM role from the specified EC2 instance profile
iam_remove_user_from_group
Removes the specified user from the specified group
Synchronizes the specified MFA device with its IAM resource object on
the Amazon Web Services servers
iam_simulate_custom_policy
Simulate how a set of IAM policies and optionally a resource-based
policy works with a list of API operations and Amazon Web Services
resources to determine the policies' effective permissions
Adds or updates an inline policy document that is embedded in the
specified IAM user
iam_reset_service_specific_credential
Resets the password for a service-specific credential
iam_set_security_token_service_preferences
Sets the specified version of the global endpoint token as the token
version used for the Amazon Web Services account
Adds one or more tags to an IAM instance profile
Adds one or more tags to an IAM user
Adds one or more tags to an IAM customer managed policy
iam_untag_instance_profile
Removes the specified tags from the IAM instance profile
iam_simulate_principal_policy
Simulate how a set of IAM policies attached to an IAM entity works with
a list of API operations and Amazon Web Services resources to determine
the policies' effective permissions
Adds one or more tags to a Security Assertion Markup Language (SAML)
identity provider
Adds one or more tags to an IAM virtual multi-factor authentication
(MFA) device
iam_tag_open_id_connect_provider
Adds one or more tags to an OpenID Connect (OIDC)-compatible identity
provider
iam_tag_server_certificate
Adds one or more tags to an IAM server certificate
Adds one or more tags to an IAM role
iam_untag_open_id_connect_provider
Removes the specified tags from the specified OpenID Connect
(OIDC)-compatible identity provider in IAM
Removes the specified tags from the IAM virtual multi-factor
authentication (MFA) device
Removes the specified tags from the user
Removes the specified tags from the customer managed policy
Changes the status of the specified access key from Active to Inactive,
or vice versa
iam_untag_server_certificate
Removes the specified tags from the IAM server certificate
Removes the specified tags from the specified Security Assertion Markup
Language (SAML) identity provider in IAM
iam_update_assume_role_policy
Updates the policy that grants an IAM entity permission to assume a role
iam_update_account_password_policy
Updates the password policy settings for the Amazon Web Services account
Removes the specified tags from the role
Changes the password for the specified IAM user
Updates the description or maximum session duration setting of a role
iam_update_role_description
Use UpdateRole instead
Updates the metadata document for an existing SAML provider resource
object
iam_update_ssh_public_key
Sets the status of an IAM user's SSH public key to active or inactive
Updates the name and/or the path of the specified IAM group
iam_update_server_certificate
Updates the name and/or the path of the specified server certificate
stored in IAM
iam_update_open_id_connect_provider_thumbprint
Replaces the existing list of server certificate thumbprints associated
with an OpenID Connect (OIDC) provider resource object with a new list
of thumbprints
iam_update_signing_certificate
Changes the status of the specified user signing certificate from active
to disabled, or vice versa
iam_update_service_specific_credential
Sets the status of a service-specific credential to Active or Inactive
iam_upload_signing_certificate
Uploads an X
IAM Roles Anywhere
iamrolesanywhere_delete_trust_anchor
Deletes a trust anchor
iam_upload_ssh_public_key
Uploads an SSH public key and associates it with the specified IAM user
iamrolesanywhere_delete_crl
Deletes a certificate revocation list (CRL)
Updates the name and/or the path of the specified IAM user
iam_upload_server_certificate
Uploads a server certificate entity for the Amazon Web Services account
iamrolesanywhere_disable_trust_anchor
Disables a trust anchor
iamrolesanywhere_create_trust_anchor
Creates a trust anchor to establish trust between IAM Roles Anywhere and
your certificate authority (CA)
iamrolesanywhere_disable_crl
Disables a certificate revocation list (CRL)
iamrolesanywhere_delete_profile
Deletes a profile
iamrolesanywhere_create_profile
Creates a profile, a list of the roles that Roles Anywhere service is
trusted to assume
iamrolesanywhere_get_subject
Gets a subject, which associates a certificate identity with
authentication attempts
iamrolesanywhere_get_trust_anchor
Gets a trust anchor
iamrolesanywhere_get_profile
Gets a profile
iamrolesanywhere_enable_profile
Enables temporary credential requests for a profile
iamrolesanywhere_enable_trust_anchor
Enables a trust anchor
Gets a certificate revocation list (CRL)
iamrolesanywhere_disable_profile
Disables a profile
iamrolesanywhere_enable_crl
Enables a certificate revocation list (CRL)
iamrolesanywhere_put_notification_settings
Attaches a list of notification settings to a trust anchor
iamrolesanywhere_list_subjects
Lists the subjects in the authenticated account and Amazon Web Services
Region
iamrolesanywhere_untag_resource
Removes tags from the resource
iamrolesanywhere_reset_notification_settings
Resets the custom notification setting to IAM Roles Anywhere default
setting
iamrolesanywhere_list_profiles
Lists all profiles in the authenticated account and Amazon Web Services
Region
iamrolesanywhere_list_crls
Lists all certificate revocation lists (CRL) in the authenticated
account and Amazon Web Services Region
iamrolesanywhere_list_tags_for_resource
Lists the tags attached to the resource
iamrolesanywhere_list_trust_anchors
Lists the trust anchors in the authenticated account and Amazon Web
Services Region
iamrolesanywhere_import_crl
Imports the certificate revocation list (CRL)
iamrolesanywhere_tag_resource
Attaches tags to a resource
identitystore_delete_group_membership
Delete a membership within a group given MembershipId
AWS SSO Identity Store
iamrolesanywhere_update_trust_anchor
Updates a trust anchor
identitystore_create_group_membership
Creates a relationship between a member and a group
identitystore_delete_user
Deletes a user within an identity store given UserId
identitystore_delete_group
Delete a group within an identity store given GroupId
identitystore_create_user
Creates a user within the specified identity store
iamrolesanywhere_update_crl
Updates the certificate revocation list (CRL)
identitystore_create_group
Creates a group within the specified identity store
iamrolesanywhere_update_profile
Updates a profile, a list of the roles that IAM Roles Anywhere service
is trusted to assume
identitystore_list_group_memberships_for_member
For the specified member in the specified identity store, returns the
list of all GroupMembership objects and returns results in paginated
form
identitystore_get_group_membership_id
Retrieves the MembershipId in an identity store
identitystore_get_group_id
Retrieves GroupId in an identity store
identitystore_list_groups
Lists all groups in the identity store
identitystore_get_user_id
Retrieves the UserId in an identity store
identitystore_describe_group
Retrieves the group metadata and attributes from GroupId in an identity
store
identitystore_describe_user
Retrieves the user metadata and attributes from the UserId in an
identity store
identitystore_list_group_memberships
For the specified group in the specified identity store, returns the
list of all GroupMembership objects and returns results in paginated
form
identitystore_describe_group_membership
Retrieves membership metadata and attributes from MembershipId in an
identity store
identitystore_is_member_in_groups
Checks the user's membership in all requested groups and returns if the
member exists in all queried groups
identitystore_update_group
For the specified group in the specified identity store, updates the
group metadata and attributes
Inspector2
Amazon Inspector
inspector2_batch_get_free_trial_info
Gets free trial status for multiple Amazon Web Services accounts
inspector2_batch_get_finding_details
Gets vulnerability details for findings
inspector2_associate_member
Associates an Amazon Web Services account with an Amazon Inspector
delegated administrator
inspector2_batch_get_account_status
Retrieves the Amazon Inspector status of multiple Amazon Web Services
accounts within your environment
identitystore_update_user
For the specified user in the specified identity store, updates the user
metadata and attributes
Lists all users in the identity store
inspector2_batch_get_code_snippet
Retrieves code snippets from findings that Amazon Inspector detected
code vulnerabilities in
inspector2_create_sbom_export
Creates a software bill of materials (SBOM) report
Creates a filter resource using specified filter criteria
inspector2_create_findings_report
Creates a finding report
Disables Amazon Inspector scans for one or more Amazon Web Services
accounts
inspector2_batch_get_member_ec_2_deep_inspection_status
Retrieves Amazon Inspector deep inspection activation status of multiple
member accounts within your organization
inspector2_cancel_findings_report
Cancels the given findings report
inspector2_disable_delegated_admin_account
Disables the Amazon Inspector delegated administrator for your
organization
Gets member information for your organization
inspector2_cancel_sbom_export
Cancels a software bill of materials (SBOM) report
inspector2_describe_organization_configuration
Describe Amazon Inspector configuration settings for an Amazon Web
Services organization
inspector2_batch_update_member_ec_2_deep_inspection_status
Activates or deactivates Amazon Inspector deep inspection for the
provided member accounts in your organization
Deletes a filter resource
inspector2_disassociate_member
Disassociates a member account from an Amazon Inspector delegated
administrator
inspector2_get_findings_report_status
Gets the status of a findings report
Enables Amazon Inspector scans for one or more Amazon Web Services
accounts
inspector2_get_encryption_key
Gets an encryption key
inspector2_get_ec_2_deep_inspection_configuration
Retrieves the activation status of Amazon Inspector deep inspection and
custom paths associated with your account
inspector2_list_delegated_admin_accounts
Lists information about the Amazon Inspector delegated administrator of
your organization
inspector2_enable_delegated_admin_account
Enables the Amazon Inspector delegated administrator for your
Organizations organization
inspector2_get_delegated_admin_account
Retrieves information about the Amazon Inspector delegated administrator
for your organization
inspector2_get_configuration
Retrieves setting configurations for Inspector scans
Lists coverage details for you environment
inspector2_list_finding_aggregations
Lists aggregated finding data for your environment based on specific
criteria
List members associated with the Amazon Inspector delegated
administrator for your organization
inspector2_list_coverage_statistics
Lists Amazon Inspector coverage statistics for your environment
inspector2_list_tags_for_resource
Lists all tags attached to a given resource
Lists the filters associated with your account
inspector2_update_ec_2_deep_inspection_configuration
Activates, deactivates Amazon Inspector deep inspection, or updates
custom paths for your account
Lists findings for your environment
inspector2_untag_resource
Removes tags from a resource
inspector2_list_account_permissions
Lists the permissions an account has to configure Amazon Inspector
inspector2_get_sbom_export
Gets details of a software bill of materials (SBOM) report
inspector2_list_usage_totals
Lists the Amazon Inspector usage totals over the last 30 days
inspector2_update_org_ec_2_deep_inspection_configuration
Updates the Amazon Inspector deep inspection custom paths for your
organization
Adds tags to a resource
inspector2_update_configuration
Updates setting configurations for your Amazon Inspector account
inspector2_update_encryption_key
Updates an encryption key
inspector2_search_vulnerabilities
Lists Amazon Inspector coverage details for a specific vulnerability
inspector2_reset_encryption_key
Resets an encryption key
Specifies the action that is to be applied to the findings that match
the filter
inspector_add_attributes_to_findings
Assigns attributes (key and value pairs) to the findings that are
specified by the ARNs of the findings
inspector_delete_assessment_target
Deletes the assessment target that is specified by the ARN of the
assessment target
inspector_delete_assessment_run
Deletes the assessment run that is specified by the ARN of the
assessment run
inspector2_update_organization_configuration
Updates the configurations for your Amazon Inspector organization
inspector_create_assessment_target
Creates a new assessment target using the ARN of the resource group that
is generated by CreateResourceGroup
inspector_create_assessment_template
Creates an assessment template for the assessment target that is
specified by the ARN of the assessment target
inspector_describe_assessment_runs
Describes the assessment runs that are specified by the ARNs of the
assessment runs
inspector_delete_assessment_template
Deletes the assessment template that is specified by the ARN of the
assessment template
inspector_create_exclusions_preview
Starts the generation of an exclusions preview for the specified
assessment template
inspector_create_resource_group
Creates a resource group using the specified set of tags (key and value
pairs) that are used to select the EC2 instances to be included in an
Amazon Inspector assessment target
inspector_describe_exclusions
Describes the exclusions that are specified by the exclusions' ARNs
inspector_describe_cross_account_access_role
Describes the IAM role that enables Amazon Inspector to access your AWS
account
inspector_describe_resource_groups
Describes the resource groups that are specified by the ARNs of the
resource groups
inspector_get_exclusions_preview
Retrieves the exclusions preview (a list of ExclusionPreview objects)
specified by the preview token
inspector_describe_assessment_targets
Describes the assessment targets that are specified by the ARNs of the
assessment targets
inspector_describe_findings
Describes the findings that are specified by the ARNs of the findings
inspector_get_telemetry_metadata
Information about the data that is collected for the specified
assessment run
inspector_describe_rules_packages
Describes the rules packages that are specified by the ARNs of the rules
packages
inspector_get_assessment_report
Produces an assessment report that includes detailed and comprehensive
results of a specified assessment run
inspector_describe_assessment_templates
Describes the assessment templates that are specified by the ARNs of the
assessment templates
inspector_list_rules_packages
Lists all available Amazon Inspector rules packages
inspector_list_assessment_templates
Lists the assessment templates that correspond to the assessment targets
that are specified by the ARNs of the assessment targets
inspector_list_event_subscriptions
Lists all the event subscriptions for the assessment template that is
specified by the ARN of the assessment template
Previews the agents installed on the EC2 instances that are part of the
specified assessment target
inspector_list_tags_for_resource
Lists all tags associated with an assessment template
inspector_list_assessment_runs
Lists the assessment runs that correspond to the assessment templates
that are specified by the ARNs of the assessment templates
inspector_list_assessment_targets
Lists the ARNs of the assessment targets within this AWS account
Lists findings that are generated by the assessment runs that are
specified by the ARNs of the assessment runs
inspector_list_exclusions
List exclusions that are generated by the assessment run
inspector_list_assessment_run_agents
Lists the agents of the assessment runs that are specified by the ARNs
of the assessment runs
inspector_set_tags_for_resource
Sets tags (key and value pairs) to the assessment template that is
specified by the ARN of the assessment template
inspector_update_assessment_target
Updates the assessment target that is specified by the ARN of the
assessment target
AWS Key Management Service
inspector_remove_attributes_from_findings
Removes entire attributes (key and value pairs) from the findings that
are specified by the ARNs of the findings where an attribute with the
specified key exists
inspector_stop_assessment_run
Stops the assessment run that is specified by the ARN of the assessment
run
inspector_register_cross_account_access_role
Registers the IAM role that grants Amazon Inspector access to AWS
Services needed to perform security assessments
Cancels the deletion of a KMS key
inspector_start_assessment_run
Starts the assessment run specified by the ARN of the assessment
template
inspector_subscribe_to_event
Enables the process of sending Amazon Simple Notification Service (SNS)
notifications about a specified event to a specified SNS topic
inspector_unsubscribe_from_event
Disables the process of sending Amazon Simple Notification Service (SNS)
notifications about a specified event to a specified SNS topic
kms_describe_custom_key_stores
Gets information about custom key stores in the account and Region
kms_connect_custom_key_store
Connects or reconnects a custom key store to its backing key store
Decrypts ciphertext that was encrypted by a KMS key using any of the
following operations:
Creates a friendly name for a KMS key
Deletes the specified alias
kms_delete_imported_key_material
Deletes key material that was previously imported
Adds a grant to a KMS key
kms_delete_custom_key_store
Deletes a custom key store
kms_create_custom_key_store
Creates a custom key store backed by a key store that you own and manage
Creates a unique customer managed KMS key in your Amazon Web Services
account and Region
kms_generate_data_key_pair
Returns a unique asymmetric data key pair for use outside of KMS
Enables automatic rotation of the key material of the specified
symmetric encryption KMS key
kms_disconnect_custom_key_store
Disconnects the custom key store from its backing key store
Provides detailed information about a KMS key
Sets the key state of a KMS key to enabled
Encrypts plaintext of up to 4,096 bytes using a KMS key
Disables automatic rotation of the key material of the specified
symmetric encryption KMS key
kms_generate_data_key_pair_without_plaintext
Returns a unique asymmetric data key pair for use outside of KMS
Sets the state of a KMS key to disabled
Returns a unique symmetric data key for use outside of KMS
Imports or reimports key material into an existing KMS key that was
created without key material
Gets a list of aliases in the caller's Amazon Web Services account and
region
Gets a list of all grants for the specified KMS key
Returns a random byte string that is cryptographically secure
kms_generate_data_key_without_plaintext
Returns a unique symmetric data key for use outside of KMS
kms_get_parameters_for_import
Returns the public key and an import token you need to import or
reimport key material for a KMS key
kms_get_key_rotation_status
Gets a Boolean value that indicates whether automatic rotation of the
key material is enabled for the specified KMS key
Generates a hash-based message authentication code (HMAC) for a message
using an HMAC KMS key and a MAC algorithm that the key supports
Returns the public key of an asymmetric KMS key
Gets a key policy attached to the specified KMS key
Returns all tags on the specified KMS key
kms_list_retirable_grants
Returns information about all grants in the Amazon Web Services account
and Region that have the specified retiring principal
kms_schedule_key_deletion
Schedules the deletion of a KMS key
Deletes the specified grant
Attaches a key policy to the specified KMS key
Gets the names of the key policies that are attached to a KMS key
Deletes a grant
Decrypts ciphertext and then reencrypts it entirely within KMS
Gets a list of all KMS keys in the caller's Amazon Web Services account
and Region
kms_update_custom_key_store
Changes the properties of a custom key store
Replicates a multi-Region key into the specified Region
Amazon Macie
Verifies the hash-based message authentication code (HMAC) for a
specified message, HMAC KMS key, and MAC algorithm
kms_update_primary_region
Changes the primary key of a multi-Region key
Deletes tags from a customer managed key
Associates an existing KMS alias with a different KMS key
Adds or edits tags on a customer managed key
Verifies a digital signature that was generated by the Sign operation
Creates a digital signature for a message or message digest by using the
private key in an asymmetric signing KMS key
kms_update_key_description
Updates the description of a KMS key
macie2_batch_get_custom_data_identifiers
Retrieves information about one or more custom data identifiers
Amazon Macie 2
Associates an account with an Amazon Macie administrator account
macie2_create_invitations
Sends an Amazon Macie membership invitation to one or more accounts
macie2_create_classification_job
Creates and defines the settings for a classification job
macie2_create_sample_findings
Creates sample findings
Creates and defines the settings for an allow list
macie2_create_custom_data_identifier
Creates and defines the criteria and other settings for a custom data
identifier
Accepts an Amazon Macie membership invitation that was received from a
specific account
macie2_create_findings_filter
Creates and defines the criteria and other settings for a findings
filter
macie2_describe_organization_configuration
Retrieves the Amazon Macie configuration settings for an organization in
Organizations
macie2_delete_invitations
Deletes Amazon Macie membership invitations that were received from
specific accounts
Deletes an allow list
macie2_delete_custom_data_identifier
Soft deletes a custom data identifier
macie2_decline_invitations
Declines Amazon Macie membership invitations that were received from
specific accounts
Retrieves (queries) statistical data and other information about one or
more S3 buckets that Amazon Macie monitors and analyzes for an account
macie2_delete_findings_filter
Deletes a findings filter
Deletes the association between an Amazon Macie administrator account
and an account
macie2_describe_classification_job
Retrieves the status and settings for a classification job
macie2_disassociate_member
Disassociates an Amazon Macie administrator account from a member
account
Enables Amazon Macie and specifies the configuration settings for a
Macie account
Disables Amazon Macie and deletes all settings and resources for a Macie
account
macie2_disable_organization_admin_account
Disables an account as the delegated Amazon Macie administrator account
for an organization in Organizations
macie2_get_bucket_statistics
Retrieves (queries) aggregated statistical data about all the S3 buckets
that Amazon Macie monitors and analyzes for an account
macie2_get_administrator_account
Retrieves information about the Amazon Macie administrator account for
an account
macie2_disassociate_from_administrator_account
Disassociates a member account from its Amazon Macie administrator
account
macie2_get_automated_discovery_configuration
Retrieves the configuration settings and status of automated sensitive
data discovery for an account
Retrieves the settings and status of an allow list
macie2_enable_organization_admin_account
Designates an account as the delegated Amazon Macie administrator
account for an organization in Organizations
macie2_disassociate_from_master_account
(Deprecated) Disassociates a member account from its Amazon Macie
administrator account
macie2_get_classification_export_configuration
Retrieves the configuration settings for storing data classification
results
macie2_get_classification_scope
Retrieves the classification scope settings for an account
macie2_get_findings_filter
Retrieves the criteria and other settings for a findings filter
macie2_get_invitations_count
Retrieves the count of Amazon Macie membership invitations that were
received by an account
macie2_get_custom_data_identifier
Retrieves the criteria and other settings for a custom data identifier
macie2_get_master_account
(Deprecated) Retrieves information about the Amazon Macie administrator
account for an account
Retrieves the status and configuration settings for an Amazon Macie
account
Retrieves the details of one or more findings
macie2_get_finding_statistics
Retrieves (queries) aggregated statistical data about findings
macie2_get_findings_publication_configuration
Retrieves the configuration settings for publishing findings to Security
Hub
macie2_get_reveal_configuration
Retrieves the status and configuration settings for retrieving
occurrences of sensitive data reported by findings
macie2_list_findings_filters
Retrieves a subset of information about all the findings filters for an
account
macie2_get_sensitive_data_occurrences_availability
Checks whether occurrences of sensitive data can be retrieved for a
finding
macie2_get_resource_profile
Retrieves (queries) sensitive data discovery statistics and the
sensitivity score for an S3 bucket
macie2_list_classification_jobs
Retrieves a subset of information about one or more classification jobs
Retrieves a subset of information about all the allow lists for an
account
Retrieves information about an account that's associated with an Amazon
Macie administrator account
macie2_get_usage_statistics
Retrieves (queries) quotas and aggregated usage data for one or more
accounts
macie2_list_custom_data_identifiers
Retrieves a subset of information about all the custom data identifiers
for an account
macie2_get_sensitive_data_occurrences
Retrieves occurrences of sensitive data reported by a finding
Retrieves (queries) aggregated usage data for an account
macie2_get_sensitivity_inspection_template
Retrieves the settings for the sensitivity inspection template for an
account
Retrieves a subset of information about one or more findings
macie2_list_managed_data_identifiers
Retrieves information about all the managed data identifiers that Amazon
Macie currently provides
macie2_list_classification_scopes
Retrieves a subset of information about the classification scope for an
account
macie2_update_automated_discovery_configuration
Enables or disables automated sensitive data discovery for an account
Adds or updates one or more tags (keys and values) that are associated
with an Amazon Macie resource
macie2_list_organization_admin_accounts
Retrieves information about the delegated Amazon Macie administrator
account for an organization in Organizations
Retrieves information about the Amazon Macie membership invitations that
were received by an account
Retrieves information about the accounts that are associated with an
Amazon Macie administrator account
macie2_list_sensitivity_inspection_templates
Retrieves a subset of information about the sensitivity inspection
template for an account
macie2_put_classification_export_configuration
Creates or updates the configuration settings for storing data
classification results
macie2_list_resource_profile_detections
Retrieves information about the types and amount of sensitive data that
Amazon Macie found in an S3 bucket
Retrieves (queries) statistical data and other information about Amazon
Web Services resources that Amazon Macie monitors and analyzes
macie2_test_custom_data_identifier
Tests a custom data identifier
Removes one or more tags (keys and values) from an Amazon Macie resource
macie2_put_findings_publication_configuration
Updates the configuration settings for publishing findings to Security
Hub
Updates the settings for an allow list
macie2_list_resource_profile_artifacts
Retrieves information about objects that were selected from an S3 bucket
for automated sensitive data discovery
macie2_list_tags_for_resource
Retrieves the tags (keys and values) that are associated with an Amazon
Macie resource
macie2_update_resource_profile
Updates the sensitivity score for an S3 bucket
macie2_update_findings_filter
Updates the criteria and other settings for a findings filter
macie2_update_member_session
Enables an Amazon Macie administrator to suspend or re-enable Macie for
a member account
macie2_update_resource_profile_detections
Updates the sensitivity scoring settings for an S3 bucket
macie2_update_classification_scope
Updates the classification scope settings for an account
macie2_update_classification_job
Changes the status of a classification job
macie2_update_sensitivity_inspection_template
Updates the settings for the sensitivity inspection template for an
account
macie2_update_reveal_configuration
Updates the status and configuration settings for retrieving occurrences
of sensitive data reported by findings
macie2_update_organization_configuration
Updates the Amazon Macie configuration settings for an organization in
Organizations
macie2_update_macie_session
Suspends or re-enables Amazon Macie, or updates the configuration
settings for a Macie account
macie_associate_member_account
(Discontinued) Associates a specified Amazon Web Services account with
Amazon Macie Classic as a member account
macie_disassociate_s3_resources
(Discontinued) Removes specified S3 resources from being monitored by
Amazon Macie Classic
macie_associate_s3_resources
(Discontinued) Associates specified S3 resources with Amazon Macie
Classic for monitoring and data classification
(Discontinued) Lists all the S3 resources associated with Amazon Macie
Classic
macie_list_member_accounts
(Discontinued) Lists all Amazon Macie Classic member accounts for the
current Macie Classic administrator account
macie_disassociate_member_account
(Discontinued) Removes the specified member account from Amazon Macie
Classic
macie_update_s3_resources
(Discontinued) Updates the classification types for the specified S3
resources
ram_accept_resource_share_invitation
Accepts an invitation to a resource share from another Amazon Web
Services account
AWS Resource Access Manager
ram_associate_resource_share
Adds the specified list of principals and list of resources to a
resource share
ram_delete_permission_version
Deletes one version of a customer managed permission
ram_enable_sharing_with_aws_organization
Enables resource sharing within your organization in Organizations
ram_associate_resource_share_permission
Adds or replaces the RAM permission for a resource type included in a
resource share
ram_delete_resource_share
Deletes the specified resource share
Deletes the specified customer managed permission in the Amazon Web
Services Region in which you call this operation
ram_create_resource_share
Creates a resource share
ram_disassociate_resource_share_permission
Removes a managed permission from a resource share
Creates a customer managed permission for a specified resource type that
you can attach to resource shares
ram_create_permission_version
Creates a new version of the specified customer managed permission
ram_disassociate_resource_share
Removes the specified principals or resources from participating in the
specified resource share
ram_get_resource_share_invitations
Retrieves details about invitations that you have received for resource
shares
ram_list_pending_invitation_resources
Lists the resources in a resource share that is shared with you but for
which the invitation is still PENDING
Retrieves the contents of a managed permission in JSON format
Retrieves details about the resource shares that you own or that are
shared with you
ram_get_resource_policies
Retrieves the resource policies for the specified resources that you own
and have shared
Retrieves a list of available RAM permissions that you can use for the
supported resource types
ram_get_resource_share_associations
Retrieves the lists of resources and principals that associated for
resource shares that you own
ram_list_permission_versions
Lists the available versions of the specified RAM permission
ram_list_permission_associations
Lists information about the managed permission and its associations to
any resource shares that use this managed permission
Lists the principals that you are sharing resources with or that are
sharing resources with you
ram_promote_resource_share_created_from_policy
When you attach a resource-based policy to a resource, RAM automatically
creates a resource share of featureSet=CREATED_FROM_POLICY with a
managed permission that has the same IAM permissions as the original
resource-based policy
ram_list_replace_permission_associations_work
Retrieves the current status of the asynchronous tasks performed by RAM
when you perform the ReplacePermissionAssociationsWork operation
ram_reject_resource_share_invitation
Rejects an invitation to a resource share from another Amazon Web
Services account
Adds the specified tag keys and values to a resource share or managed
permission
ram_promote_permission_created_from_policy
When you attach a resource-based policy to a resource, RAM automatically
creates a resource share of featureSet=CREATED_FROM_POLICY with a
managed permission that has the same IAM permissions as the original
resource-based policy
Lists the resource types that can be shared by RAM
ram_replace_permission_associations
Updates all resource shares that use a managed permission to a different
managed permission
Lists the resources that you added to a resource share or the resources
that are shared with you
ram_list_resource_share_permissions
Lists the RAM permissions that are associated with a resource share
ram_set_default_permission_version
Designates the specified version number as the default version for the
specified customer managed permission
Removes the specified tag key and value pairs from the specified
resource share or managed permission
secretsmanager_cancel_rotate_secret
Turns off automatic rotation, and if a rotation is currently in
progress, cancels the rotation
AWS Secrets Manager
secretsmanager_delete_secret
Deletes a secret and all of its versions
secretsmanager_describe_secret
Retrieves the details of a secret
secretsmanager_get_random_password
Generates a random password
ram_update_resource_share
Modifies some of the properties of the specified resource share
secretsmanager_create_secret
Creates a new secret
Objects exported from other packages
secretsmanager_delete_resource_policy
Deletes the resource-based permission policy attached to the secret
secretsmanager_put_resource_policy
Attaches a resource-based permission policy to a secret
secretsmanager_replicate_secret_to_regions
Replicates the secret to a new Regions
secretsmanager_get_secret_value
Retrieves the contents of the encrypted fields SecretString or
SecretBinary from the specified version of a secret, whichever contains
content
secretsmanager_remove_regions_from_replication
For a secret that is replicated to other Regions, deletes the secret
replicas from the Regions you specify
secretsmanager_rotate_secret
Configures and starts the asynchronous process of rotating the secret
secretsmanager_list_secrets
Lists the secrets that are stored by Secrets Manager in the Amazon Web
Services account, not including secrets that are marked for deletion
secretsmanager_restore_secret
Cancels the scheduled deletion of a secret by removing the DeletedDate
time stamp
secretsmanager_get_resource_policy
Retrieves the JSON text of the resource-based policy document attached
to the secret
secretsmanager_list_secret_version_ids
Lists the versions of a secret
secretsmanager_put_secret_value
Creates a new version with a new encrypted secret value and attaches it
to the secret
secretsmanager_update_secret
Modifies the details of a secret, including metadata and the secret
value
AWS SecurityHub
securityhub_accept_administrator_invitation
Accepts the invitation to be a member account and be monitored by the
Security Hub administrator account that the invitation was sent from
secretsmanager_tag_resource
Attaches tags to a secret
secretsmanager_untag_resource
Removes specific tags from a secret
secretsmanager_validate_resource_policy
Validates that a resource policy does not grant a wide range of
principals access to your secret
secretsmanager_update_secret_version_stage
Modifies the staging labels attached to a version of a secret
secretsmanager_stop_replication_to_replica
Removes the link between the replica secret and the primary secret and
promotes the replica to a primary secret in the replica Region
securityhub_batch_delete_automation_rules
Deletes one or more automation rules
securityhub_accept_invitation
This method is deprecated
securityhub_batch_update_automation_rules
Updates one or more automation rules based on rule Amazon Resource Names
(ARNs) and input parameters
securityhub_batch_get_automation_rules
Retrieves a list of details for automation rules based on rule Amazon
Resource Names (ARNs)
securityhub_batch_import_findings
Imports security findings generated by a finding provider into Security
Hub
securityhub_batch_get_standards_control_associations
For a batch of security controls and standards, identifies whether each
control is currently enabled or disabled in a standard
securityhub_batch_enable_standards
Enables the standards specified by the provided StandardsArn
securityhub_batch_update_standards_control_associations
For a batch of security controls and standards, this operation updates
the enablement status of a control in a standard
securityhub_batch_get_security_controls
Provides details about a batch of security controls for the current
Amazon Web Services account and Amazon Web Services Region
securityhub_create_action_target
Creates a custom action target in Security Hub
securityhub_batch_update_findings
Used by Security Hub customers to update information about their
investigation into a finding
securityhub_delete_finding_aggregator
Deletes a finding aggregator
securityhub_delete_action_target
Deletes a custom action target from Security Hub
securityhub_create_automation_rule
Creates an automation rule based on input parameters
securityhub_create_members
Creates a member association in Security Hub between the specified
accounts and the account used to make the request, which is the
administrator account
securityhub_delete_insight
Deletes the insight specified by the InsightArn
securityhub_batch_disable_standards
Disables the standards specified by the provided
StandardsSubscriptionArns
securityhub_create_finding_aggregator
Used to enable finding aggregation
securityhub_decline_invitations
Declines invitations to become a member account
securityhub_delete_members
Deletes the specified member accounts from Security Hub
securityhub_delete_invitations
Deletes invitations received by the Amazon Web Services account to
become a member account
securityhub_create_insight
Creates a custom insight in Security Hub
securityhub_disassociate_from_administrator_account
Disassociates the current Security Hub member account from the
associated administrator account
securityhub_describe_standards_controls
Returns a list of security standards controls
securityhub_describe_standards
Returns a list of the available standards in Security Hub
securityhub_disable_import_findings_for_product
Disables the integration of the specified product with Security Hub
securityhub_disable_organization_admin_account
Disables a Security Hub administrator account
securityhub_disable_security_hub
Disables Security Hub in your account only in the current Amazon Web
Services Region
Returns details about the Hub resource in your account, including the
HubArn and the time when you enabled Security Hub
securityhub_describe_organization_configuration
Returns information about the Organizations configuration for Security
Hub
securityhub_describe_action_targets
Returns a list of the custom action targets in Security Hub in your
account
securityhub_describe_products
Returns information about product integrations in Security Hub
securityhub_get_finding_aggregator
Returns the current finding aggregation configuration
securityhub_get_administrator_account
Provides the details for the Security Hub administrator account for the
current member account
Returns a list of findings that match the specified criteria
securityhub_disassociate_from_master_account
This method is deprecated
securityhub_enable_import_findings_for_product
Enables the integration of a partner product with Security Hub
securityhub_get_enabled_standards
Returns a list of the standards that are currently enabled
securityhub_disassociate_members
Disassociates the specified member accounts from the associated
administrator account
securityhub_get_finding_history
Returns history for a Security Hub finding in the last 90 days
securityhub_enable_organization_admin_account
Designates the Security Hub administrator account for an organization
securityhub_enable_security_hub
Enables Security Hub for your account in the current Region or the
Region you specify in the request
securityhub_list_enabled_products_for_import
Lists all findings-generating solutions (products) that you are
subscribed to receive findings from in Security Hub
securityhub_list_finding_aggregators
If finding aggregation is enabled, then ListFindingAggregators returns
the ARN of the finding aggregator
securityhub_invite_members
Invites other Amazon Web Services accounts to become member accounts for
the Security Hub administrator account that the invitation is sent from
Returns the details for the Security Hub member accounts for the
specified account IDs
securityhub_get_insight_results
Lists the results of the Security Hub insight specified by the insight
ARN
securityhub_list_automation_rules
A list of automation rules and their metadata for the calling account
securityhub_get_master_account
This method is deprecated
securityhub_get_invitations_count
Returns the count of all Security Hub membership invitations that were
sent to the current member account, not including the currently accepted
invitation
securityhub_list_invitations
Lists all Security Hub membership invitations that were sent to the
current Amazon Web Services account
Lists and describes insights for the specified insight ARNs
securityhub_update_findings
UpdateFindings is deprecated
securityhub_update_finding_aggregator
Updates the finding aggregation configuration
securityhub_list_tags_for_resource
Returns a list of tags associated with a resource
Adds one or more tags to a resource
securityhub_list_standards_control_associations
Specifies whether a control is currently enabled or disabled in each
enabled standard in the calling account
securityhub_update_action_target
Updates the name and description of a custom action target in Security
Hub
securityhub_list_organization_admin_accounts
Lists the Security Hub administrator accounts
securityhub_list_security_control_definitions
Lists all of the security controls that apply to a specified standard
securityhub_untag_resource
Removes one or more tags from a resource
Lists details about all member accounts for the current Security Hub
administrator account
shield_associate_drt_log_bucket
Authorizes the Shield Response Team (SRT) to access the specified Amazon
S3 bucket containing log data such as Application Load Balancer access
logs, CloudFront logs, or logs from third party sources
AWS Shield
shield_associate_drt_role
Authorizes the Shield Response Team (SRT) using the specified role, to
access your Amazon Web Services account to assist with DDoS attack
mitigation during potential attacks
Enables Shield Advanced for a specific Amazon Web Services resource
securityhub_update_insight
Updates the Security Hub insight identified by the specified insight ARN
securityhub_update_standards_control
Used to control whether an individual security standard control is
enabled or disabled
securityhub_update_security_hub_configuration
Updates configuration options for Security Hub
shield_associate_health_check
Adds health-based detection to the Shield Advanced protection for a
resource
shield_associate_proactive_engagement_details
Initializes proactive engagement and sets the list of contacts for the
Shield Response Team (SRT) to use
securityhub_update_organization_configuration
Used to update the configuration related to Organizations
shield_describe_protection
Lists the details of a Protection object
Deletes an Shield Advanced Protection
shield_create_protection_group
Creates a grouping of protected resources so they can be handled as a
collective
shield_delete_subscription
Removes Shield Advanced from an account
shield_describe_attack_statistics
Provides information about the number and type of attacks Shield has
detected in the last year for all resources that belong to your account,
regardless of whether you've defined Shield protections for them
shield_delete_protection_group
Removes the specified protection group
Describes the details of a DDoS attack
shield_describe_drt_access
Returns the current role and list of Amazon S3 log buckets used by the
Shield Response Team (SRT) to access your Amazon Web Services account
while assisting with attack mitigation
shield_create_subscription
Activates Shield Advanced for an account
shield_describe_emergency_contact_settings
A list of email addresses and phone numbers that the Shield Response
Team (SRT) can use to contact you if you have proactive engagement
enabled, for escalations to the SRT and to initiate proactive customer
support
shield_disassociate_health_check
Removes health-based detection from the Shield Advanced protection for a
resource
shield_enable_proactive_engagement
Authorizes the Shield Response Team (SRT) to use email and phone to
notify contacts about escalations to the SRT and to initiate proactive
customer support
shield_enable_application_layer_automatic_response
Enable the Shield Advanced automatic application layer DDoS mitigation
for the protected resource
shield_disable_application_layer_automatic_response
Disable the Shield Advanced automatic application layer DDoS mitigation
feature for the protected resource
shield_disable_proactive_engagement
Removes authorization from the Shield Response Team (SRT) to notify
contacts about escalations to the SRT and to initiate proactive customer
support
shield_get_subscription_state
Returns the SubscriptionState, either Active or Inactive
shield_describe_protection_group
Returns the specification for the specified protection group
shield_disassociate_drt_role
Removes the Shield Response Team's (SRT) access to your Amazon Web
Services account
shield_disassociate_drt_log_bucket
Removes the Shield Response Team's (SRT) access to the specified Amazon
S3 bucket containing the logs that you shared previously
shield_describe_subscription
Provides details about the Shield Advanced subscription for an account
Removes tags from a resource in Shield
shield_list_tags_for_resource
Gets information about Amazon Web Services tags for a specified Amazon
Resource Name (ARN) in Shield
shield_update_protection_group
Updates an existing protection group
shield_update_emergency_contact_settings
Updates the details of the list of email addresses and phone numbers
that the Shield Response Team (SRT) can use to contact you if you have
proactive engagement enabled, for escalations to the SRT and to initiate
proactive customer support
Retrieves Protection objects for the account
shield_list_resources_in_protection_group
Retrieves the resources that are included in the protection group
Returns all ongoing DDoS attacks or all DDoS attacks during a specified
time period
shield_update_application_layer_automatic_response
Updates an existing Shield Advanced automatic application layer DDoS
mitigation configuration for the specified resource
shield_list_protection_groups
Retrieves ProtectionGroup objects for the account
Adds or updates tags for a resource in Shield
Lists all AWS accounts assigned to the user
AWS Single Sign-On Admin
AWS Single Sign-On
Lists all roles that are assigned to the user for a given AWS account
ssoadmin_attach_customer_managed_policy_reference_to_permission_set
Attaches the specified customer managed policy to the specified
PermissionSet
ssoadmin_create_account_assignment
Assigns access to a principal for a specified AWS account using a
specified permission set
Returns the STS short-term credentials for a given role name that is
assigned to the user
shield_update_subscription
Updates the details of an existing subscription
Removes the locally stored SSO tokens from the client-side cache and
sends an API call to the IAM Identity Center service to invalidate the
corresponding server-side IAM Identity Center sign in session
ssoadmin_attach_managed_policy_to_permission_set
Attaches an AWS managed policy ARN to a permission set
ssoadmin_delete_permission_set
Deletes the specified permission set
ssoadmin_describe_account_assignment_deletion_status
Describes the status of the assignment deletion request
ssoadmin_get_permissions_boundary_for_permission_set
Obtains the permissions boundary for a specified PermissionSet
ssoadmin_delete_instance_access_control_attribute_configuration
Disables the attributes-based access control (ABAC) feature for the
specified IAM Identity Center instance and deletes all of the attribute
mappings that have been configured
ssoadmin_create_instance_access_control_attribute_configuration
Enables the attributes-based access control (ABAC) feature for the
specified IAM Identity Center instance
ssoadmin_delete_permissions_boundary_from_permission_set
Deletes the permissions boundary from a specified PermissionSet
ssoadmin_describe_instance_access_control_attribute_configuration
Returns the list of IAM Identity Center identity store attributes that
have been configured to work with attributes-based access control (ABAC)
for the specified IAM Identity Center instance
ssoadmin_delete_inline_policy_from_permission_set
Deletes the inline policy from a specified permission set
ssoadmin_get_inline_policy_for_permission_set
Obtains the inline policy assigned to the permission set
ssoadmin_detach_customer_managed_policy_reference_from_permission_set
Detaches the specified customer managed policy from the specified
PermissionSet
ssoadmin_delete_account_assignment
Deletes a principal's access from a specified AWS account using a
specified permission set
ssoadmin_describe_permission_set_provisioning_status
Describes the status for the given permission set provisioning request
ssoadmin_list_accounts_for_provisioned_permission_set
Lists all the AWS accounts where the specified permission set is
provisioned
ssoadmin_describe_account_assignment_creation_status
Describes the status of the assignment creation request
ssoadmin_describe_permission_set
Gets the details of the permission set
ssoadmin_list_account_assignment_creation_status
Lists the status of the AWS account assignment creation requests for a
specified IAM Identity Center instance
ssoadmin_list_account_assignments
Lists the assignee of the specified AWS account with the specified
permission set
ssoadmin_detach_managed_policy_from_permission_set
Detaches the attached AWS managed policy ARN from the specified
permission set
ssoadmin_create_permission_set
Creates a permission set within a specified IAM Identity Center instance
ssoadmin_list_account_assignment_deletion_status
Lists the status of the AWS account assignment deletion requests for a
specified IAM Identity Center instance
ssoadmin_list_managed_policies_in_permission_set
Lists the AWS managed policy that is attached to a specified permission
set
ssoadmin_provision_permission_set
The process by which a specified permission set is provisioned to the
specified target
ssoadmin_list_permission_sets_provisioned_to_account
Lists all the permission sets that are provisioned to a specified AWS
account
ssoadmin_put_inline_policy_to_permission_set
Attaches an inline policy to a permission set
ssoadmin_list_tags_for_resource
Lists the tags that are attached to a specified resource
Lists the IAM Identity Center instances that the caller has access to
ssoadmin_put_permissions_boundary_to_permission_set
Attaches an AWS managed or customer managed policy to the specified
PermissionSet as a permissions boundary
ssoadmin_list_permission_sets
Lists the PermissionSets in an IAM Identity Center instance
ssoadmin_list_permission_set_provisioning_status
Lists the status of the permission set provisioning requests for a
specified IAM Identity Center instance
ssoadmin_list_customer_managed_policy_references_in_permission_set
Lists all customer managed policies attached to a specified
PermissionSet
Returns a set of temporary security credentials that you can use to
access Amazon Web Services resources
AWS SSO OIDC
Disassociates a set of tags from a specified resource
Associates a set of tags with a specified resource
AWS Security Token Service
Creates and returns an access token for the authorized client
ssooidc_start_device_authorization
Initiates device authorization by requesting a pair of verification
codes from the authorization service
Registers a client with IAM Identity Center
ssoadmin_update_instance_access_control_attribute_configuration
Updates the IAM Identity Center identity store attributes that you can
use with the IAM Identity Center instance for attributes-based access
control (ABAC)
ssoadmin_update_permission_set
Updates an existing permission set
Returns a set of temporary credentials for an Amazon Web Services
account or IAM user
AWS WAF
This is AWS WAF Classic documentation
waf_create_byte_match_set
This is AWS WAF Classic documentation
sts_assume_role_with_saml
Returns a set of temporary security credentials for users who have been
authenticated via a SAML authentication response
sts_assume_role_with_web_identity
Returns a set of temporary security credentials for users who have been
authenticated in a mobile or web application with a web identity
provider
Returns details about the IAM user or role whose credentials are used to
call the operation
This is AWS WAF Classic documentation
waf_create_web_acl_migration_stack
Creates an AWS CloudFormation WAFV2 template for the specified web ACL
in the specified Amazon S3 bucket
Returns a set of temporary security credentials (consisting of an access
key ID, a secret access key, and a security token) for a user
waf_create_rate_based_rule
This is AWS WAF Classic documentation
Returns the account identifier for the specified access key ID
sts_decode_authorization_message
Decodes additional information about the authorization status of a
request from an encoded message returned in response to an Amazon Web
Services request
waf_create_sql_injection_match_set
This is AWS WAF Classic documentation
waf_create_regex_match_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_delete_logging_configuration
This is AWS WAF Classic documentation
waf_create_size_constraint_set
This is AWS WAF Classic documentation
waf_create_regex_pattern_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_delete_regex_pattern_set
This is AWS WAF Classic documentation
waf_delete_permission_policy
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_delete_byte_match_set
This is AWS WAF Classic documentation
waf_delete_regex_match_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_delete_rate_based_rule
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_delete_size_constraint_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_get_change_token_status
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_delete_sql_injection_match_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_get_logging_configuration
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_get_permission_policy
This is AWS WAF Classic documentation
waf_get_rate_based_rule_managed_keys
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_get_size_constraint_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_get_regex_pattern_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_get_sql_injection_match_set
This is AWS WAF Classic documentation
waf_list_rate_based_rules
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_list_logging_configurations
This is AWS WAF Classic documentation
waf_list_regex_match_sets
This is AWS WAF Classic documentation
waf_list_activated_rules_in_rule_group
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_list_subscribed_rule_groups
This is AWS WAF Classic documentation
waf_list_regex_pattern_sets
This is AWS WAF Classic documentation
waf_list_tags_for_resource
This is AWS WAF Classic documentation
waf_list_sql_injection_match_sets
This is AWS WAF Classic documentation
waf_list_size_constraint_sets
This is AWS WAF Classic documentation
waf_put_logging_configuration
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_update_regex_match_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_put_permission_policy
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_update_regex_pattern_set
This is AWS WAF Classic documentation
waf_update_byte_match_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
waf_update_rate_based_rule
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
AWS WAF Regional
wafregional_create_ip_set
This is AWS WAF Classic documentation
waf_update_sql_injection_match_set
This is AWS WAF Classic documentation
wafregional_create_byte_match_set
This is AWS WAF Classic documentation
wafregional_create_geo_match_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_associate_web_acl
This is AWS WAF Classic Regional documentation
waf_update_size_constraint_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_create_regex_match_set
This is AWS WAF Classic documentation
wafregional_create_web_acl
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_create_rule_group
This is AWS WAF Classic documentation
wafregional_create_sql_injection_match_set
This is AWS WAF Classic documentation
wafregional_create_web_acl_migration_stack
Creates an AWS CloudFormation WAFV2 template for the specified web ACL
in the specified Amazon S3 bucket
wafregional_create_size_constraint_set
This is AWS WAF Classic documentation
wafregional_create_rate_based_rule
This is AWS WAF Classic documentation
wafregional_create_regex_pattern_set
This is AWS WAF Classic documentation
wafregional_create_xss_match_set
This is AWS WAF Classic documentation
wafregional_delete_byte_match_set
This is AWS WAF Classic documentation
wafregional_delete_logging_configuration
This is AWS WAF Classic documentation
wafregional_delete_permission_policy
This is AWS WAF Classic documentation
wafregional_delete_geo_match_set
This is AWS WAF Classic documentation
wafregional_delete_ip_set
This is AWS WAF Classic documentation
wafregional_delete_regex_match_set
This is AWS WAF Classic documentation
wafregional_delete_rule_group
This is AWS WAF Classic documentation
wafregional_delete_regex_pattern_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_delete_rate_based_rule
This is AWS WAF Classic documentation
wafregional_delete_size_constraint_set
This is AWS WAF Classic documentation
wafregional_delete_web_acl
This is AWS WAF Classic documentation
wafregional_get_change_token
This is AWS WAF Classic documentation
wafregional_get_geo_match_set
This is AWS WAF Classic documentation
wafregional_get_change_token_status
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_delete_xss_match_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_get_rate_based_rule
This is AWS WAF Classic documentation
wafregional_disassociate_web_acl
This is AWS WAF Classic Regional documentation
wafregional_get_regex_match_set
This is AWS WAF Classic documentation
wafregional_get_byte_match_set
This is AWS WAF Classic documentation
wafregional_get_regex_pattern_set
This is AWS WAF Classic documentation
wafregional_get_sampled_requests
This is AWS WAF Classic documentation
wafregional_get_rule_group
This is AWS WAF Classic documentation
wafregional_get_size_constraint_set
This is AWS WAF Classic documentation
wafregional_delete_sql_injection_match_set
This is AWS WAF Classic documentation
wafregional_get_logging_configuration
This is AWS WAF Classic documentation
wafregional_get_rate_based_rule_managed_keys
This is AWS WAF Classic documentation
wafregional_list_activated_rules_in_rule_group
This is AWS WAF Classic documentation
wafregional_list_byte_match_sets
This is AWS WAF Classic documentation
wafregional_get_permission_policy
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_get_web_acl_for_resource
This is AWS WAF Classic Regional documentation
wafregional_list_logging_configurations
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_list_geo_match_sets
This is AWS WAF Classic documentation
wafregional_list_rate_based_rules
This is AWS WAF Classic documentation
wafregional_get_xss_match_set
This is AWS WAF Classic documentation
wafregional_get_sql_injection_match_set
This is AWS WAF Classic documentation
wafregional_list_sql_injection_match_sets
This is AWS WAF Classic documentation
wafregional_list_size_constraint_sets
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_list_resources_for_web_acl
This is AWS WAF Classic Regional documentation
wafregional_list_rule_groups
This is AWS WAF Classic documentation
wafregional_list_regex_match_sets
This is AWS WAF Classic documentation
wafregional_list_regex_pattern_sets
This is AWS WAF Classic documentation
wafregional_list_web_ac_ls
This is AWS WAF Classic documentation
wafregional_put_permission_policy
This is AWS WAF Classic documentation
wafregional_list_tags_for_resource
This is AWS WAF Classic documentation
wafregional_update_ip_set
This is AWS WAF Classic documentation
This is AWS WAF Classic documentation
wafregional_update_geo_match_set
This is AWS WAF Classic documentation
wafregional_list_xss_match_sets
This is AWS WAF Classic documentation
wafregional_update_byte_match_set
This is AWS WAF Classic documentation
wafregional_put_logging_configuration
This is AWS WAF Classic documentation
wafregional_update_regex_match_set
This is AWS WAF Classic documentation
wafregional_update_rate_based_rule
This is AWS WAF Classic documentation
wafregional_list_subscribed_rule_groups
This is AWS WAF Classic documentation
wafregional_untag_resource
This is AWS WAF Classic documentation
wafregional_update_rule_group
This is AWS WAF Classic documentation
wafregional_update_xss_match_set
This is AWS WAF Classic documentation
Associates a web ACL with a regional application resource, to protect
the resource
wafregional_update_sql_injection_match_set
This is AWS WAF Classic documentation
AWS WAFV2
This is AWS WAF Classic documentation
wafregional_update_regex_pattern_set
This is AWS WAF Classic documentation
Returns the web ACL capacity unit (WCU) requirements for a specified
scope and set of rules
wafregional_update_web_acl
This is AWS WAF Classic documentation
wafregional_update_size_constraint_set
This is AWS WAF Classic documentation
Creates a WebACL per the specifications provided
wafv2_delete_regex_pattern_set
Deletes the specified RegexPatternSet
Creates an API key that contains a set of token domains
Creates a RuleGroup per the specifications provided
Creates an IPSet, which you use to identify web requests that originate
from specific IP addresses or ranges of IP addresses
wafv2_delete_permission_policy
Permanently deletes an IAM policy from the specified rule group
wafv2_delete_firewall_manager_rule_groups
Deletes all rule groups that are managed by Firewall Manager for the
specified web ACL
wafv2_delete_logging_configuration
Deletes the LoggingConfiguration from the specified web ACL
wafv2_create_regex_pattern_set
Creates a RegexPatternSet, which you reference in a
RegexPatternSetReferenceStatement, to have WAF inspect a web request
component for the specified patterns
wafv2_describe_managed_rule_group
Provides high-level information for a managed rule group, including
descriptions of the rules
Deletes the specified RuleGroup
Deletes the specified IPSet
wafv2_get_logging_configuration
Returns the LoggingConfiguration for the specified web ACL
wafv2_disassociate_web_acl
Disassociates the specified regional application resource from any
existing web ACL association
Deletes the specified WebACL
Retrieves the specified IPSet
wafv2_generate_mobile_sdk_release_url
Generates a presigned download URL for the specified release of the
mobile SDK
wafv2_get_decrypted_api_key
Returns your API key in decrypted form
wafv2_describe_managed_products_by_vendor
Provides high-level information for the managed rule groups owned by a
specific vendor
wafv2_describe_all_managed_products
Provides high-level information for the Amazon Web Services Managed
Rules rule groups and Amazon Web Services Marketplace managed rule
groups
Retrieves the specified RuleGroup
wafv2_get_permission_policy
Returns the IAM policy that is attached to the specified rule group
wafv2_get_regex_pattern_set
Retrieves the specified RegexPatternSet
wafv2_get_rate_based_statement_managed_keys
Retrieves the IP addresses that are currently blocked by a rate-based
rule instance
wafv2_get_sampled_requests
Gets detailed information about a specified number of requests--a
sample--that WAF randomly selects from among the first 5,000 requests
that your Amazon Web Services resource received during a time range that
you choose
wafv2_get_mobile_sdk_release
Retrieves information for the specified mobile SDK release, including
release notes and tags
Retrieves the specified WebACL
Retrieves a list of the API keys that you've defined for the specified
scope
wafv2_get_managed_rule_set
Retrieves the specified managed rule set
wafv2_list_mobile_sdk_releases
Retrieves a list of the available releases for the mobile SDK and the
specified device platform
wafv2_get_web_acl_for_resource
Retrieves the WebACL for the specified resource
wafv2_list_managed_rule_sets
Retrieves the managed rule sets that you own
wafv2_list_available_managed_rule_groups
Retrieves an array of managed rule groups that are available for you to
use
wafv2_list_regex_pattern_sets
Retrieves an array of RegexPatternSetSummary objects for the regex
pattern sets that you manage
Retrieves an array of IPSetSummary objects for the IP sets that you
manage
wafv2_list_logging_configurations
Retrieves an array of your LoggingConfiguration objects
wafv2_list_available_managed_rule_group_versions
Returns a list of the available versions for the specified managed rule
group
wafv2_list_tags_for_resource
Retrieves the TagInfoForResource for the specified resource
Retrieves an array of RuleGroupSummary objects for the rule groups that
you manage
wafv2_list_resources_for_web_acl
Retrieves an array of the Amazon Resource Names (ARNs) for the regional
resources that are associated with the specified web ACL
Disassociates tags from an Amazon Web Services resource
wafv2_update_regex_pattern_set
Updates the specified RegexPatternSet
wafv2_update_managed_rule_set_version_expiry_date
Updates the expiration information for your managed rule set
Updates the specified RuleGroup
Updates the specified IPSet
Associates tags with the specified Amazon Web Services resource
wafv2_put_permission_policy
Attaches an IAM policy to the specified resource
wafv2_put_managed_rule_set_versions
Defines the versions of your managed rule set that you are offering to
the customers
wafv2_put_logging_configuration
Enables the specified LoggingConfiguration, to start logging from a web
ACL, according to the configuration provided
Retrieves an array of WebACLSummary objects for the web ACLs that you
manage
Updates the specified WebACL