IAM#
Client#
- class IAM.Client#
A low-level client representing AWS Identity and Access Management (IAM)
Identity and Access Management (IAM) is a web service for securely controlling access to Amazon Web Services services. With IAM, you can centrally manage users, security credentials such as access keys, and permissions that control which Amazon Web Services resources users and applications can access. For more information about IAM, see Identity and Access Management (IAM) and the Identity and Access Management User Guide.
import boto3 client = boto3.client('iam')
These are the available methods:
- add_client_id_to_open_id_connect_provider
- add_role_to_instance_profile
- add_user_to_group
- attach_group_policy
- attach_role_policy
- attach_user_policy
- can_paginate
- change_password
- close
- create_access_key
- create_account_alias
- create_group
- create_instance_profile
- create_login_profile
- create_open_id_connect_provider
- create_policy
- create_policy_version
- create_role
- create_saml_provider
- create_service_linked_role
- create_service_specific_credential
- create_user
- create_virtual_mfa_device
- deactivate_mfa_device
- delete_access_key
- delete_account_alias
- delete_account_password_policy
- delete_group
- delete_group_policy
- delete_instance_profile
- delete_login_profile
- delete_open_id_connect_provider
- delete_policy
- delete_policy_version
- delete_role
- delete_role_permissions_boundary
- delete_role_policy
- delete_saml_provider
- delete_server_certificate
- delete_service_linked_role
- delete_service_specific_credential
- delete_signing_certificate
- delete_ssh_public_key
- delete_user
- delete_user_permissions_boundary
- delete_user_policy
- delete_virtual_mfa_device
- detach_group_policy
- detach_role_policy
- detach_user_policy
- disable_organizations_root_credentials_management
- disable_organizations_root_sessions
- enable_mfa_device
- enable_organizations_root_credentials_management
- enable_organizations_root_sessions
- generate_credential_report
- generate_organizations_access_report
- generate_service_last_accessed_details
- get_access_key_last_used
- get_account_authorization_details
- get_account_password_policy
- get_account_summary
- get_context_keys_for_custom_policy
- get_context_keys_for_principal_policy
- get_credential_report
- get_group
- get_group_policy
- get_instance_profile
- get_login_profile
- get_mfa_device
- get_open_id_connect_provider
- get_organizations_access_report
- get_paginator
- get_policy
- get_policy_version
- get_role
- get_role_policy
- get_saml_provider
- get_server_certificate
- get_service_last_accessed_details
- get_service_last_accessed_details_with_entities
- get_service_linked_role_deletion_status
- get_ssh_public_key
- get_user
- get_user_policy
- get_waiter
- list_access_keys
- list_account_aliases
- list_attached_group_policies
- list_attached_role_policies
- list_attached_user_policies
- list_entities_for_policy
- list_group_policies
- list_groups
- list_groups_for_user
- list_instance_profile_tags
- list_instance_profiles
- list_instance_profiles_for_role
- list_mfa_device_tags
- list_mfa_devices
- list_open_id_connect_provider_tags
- list_open_id_connect_providers
- list_organizations_features
- list_policies
- list_policies_granting_service_access
- list_policy_tags
- list_policy_versions
- list_role_policies
- list_role_tags
- list_roles
- list_saml_provider_tags
- list_saml_providers
- list_server_certificate_tags
- list_server_certificates
- list_service_specific_credentials
- list_signing_certificates
- list_ssh_public_keys
- list_user_policies
- list_user_tags
- list_users
- list_virtual_mfa_devices
- put_group_policy
- put_role_permissions_boundary
- put_role_policy
- put_user_permissions_boundary
- put_user_policy
- remove_client_id_from_open_id_connect_provider
- remove_role_from_instance_profile
- remove_user_from_group
- reset_service_specific_credential
- resync_mfa_device
- set_default_policy_version
- set_security_token_service_preferences
- simulate_custom_policy
- simulate_principal_policy
- tag_instance_profile
- tag_mfa_device
- tag_open_id_connect_provider
- tag_policy
- tag_role
- tag_saml_provider
- tag_server_certificate
- tag_user
- untag_instance_profile
- untag_mfa_device
- untag_open_id_connect_provider
- untag_policy
- untag_role
- untag_saml_provider
- untag_server_certificate
- untag_user
- update_access_key
- update_account_password_policy
- update_assume_role_policy
- update_group
- update_login_profile
- update_open_id_connect_provider_thumbprint
- update_role
- update_role_description
- update_saml_provider
- update_server_certificate
- update_service_specific_credential
- update_signing_certificate
- update_ssh_public_key
- update_user
- upload_server_certificate
- upload_signing_certificate
- upload_ssh_public_key
Client Exceptions#
Client exceptions are available on a client instance via the exceptions
property. For more detailed instructions and examples on the exact usage of client exceptions, see the error handling user guide.
The available client exceptions are:
- AccountNotManagementOrDelegatedAdministratorException
- CallerIsNotManagementAccountException
- ConcurrentModificationException
- CredentialReportExpiredException
- CredentialReportNotPresentException
- CredentialReportNotReadyException
- DeleteConflictException
- DuplicateCertificateException
- DuplicateSSHPublicKeyException
- EntityAlreadyExistsException
- EntityTemporarilyUnmodifiableException
- InvalidAuthenticationCodeException
- InvalidCertificateException
- InvalidInputException
- InvalidPublicKeyException
- InvalidUserTypeException
- KeyPairMismatchException
- LimitExceededException
- MalformedCertificateException
- MalformedPolicyDocumentException
- NoSuchEntityException
- OpenIdIdpCommunicationErrorException
- OrganizationNotFoundException
- OrganizationNotInAllFeaturesModeException
- PasswordPolicyViolationException
- PolicyEvaluationException
- PolicyNotAttachableException
- ReportGenerationLimitExceededException
- ServiceAccessNotEnabledException
- ServiceFailureException
- ServiceNotSupportedException
- UnmodifiableEntityException
- UnrecognizedPublicKeyEncodingException
Paginators#
Paginators are available on a client instance via the get_paginator
method. For more detailed instructions and examples on the usage of paginators, see the paginators user guide.
The available paginators are:
- GetAccountAuthorizationDetails
- GetGroup
- ListAccessKeys
- ListAccountAliases
- ListAttachedGroupPolicies
- ListAttachedRolePolicies
- ListAttachedUserPolicies
- ListEntitiesForPolicy
- ListGroupPolicies
- ListGroups
- ListGroupsForUser
- ListInstanceProfileTags
- ListInstanceProfiles
- ListInstanceProfilesForRole
- ListMFADeviceTags
- ListMFADevices
- ListOpenIDConnectProviderTags
- ListPolicies
- ListPolicyTags
- ListPolicyVersions
- ListRolePolicies
- ListRoleTags
- ListRoles
- ListSAMLProviderTags
- ListSSHPublicKeys
- ListServerCertificateTags
- ListServerCertificates
- ListSigningCertificates
- ListUserPolicies
- ListUserTags
- ListUsers
- ListVirtualMFADevices
- SimulateCustomPolicy
- SimulatePrincipalPolicy
Waiters#
Waiters are available on a client instance via the get_waiter
method. For more detailed instructions and examples on the usage or waiters, see the waiters user guide.
The available waiters are:
Resources#
Resources are available in boto3 via the resource
method. For more detailed instructions and examples on the usage of resources, see the resources user guide.
The available resources are: