Skip to content

IAMClient#

Index > IAM > IAMClient

Auto-generated documentation for IAM type annotations stubs module mypy-boto3-iam.

IAMClient#

Type annotations and code completion for boto3.client("iam"). boto3 documentation

# IAMClient usage example

from boto3.session import Session
from mypy_boto3_iam.client import IAMClient

def get_iam_client() -> IAMClient:
    return Session().client("iam")

Exceptions#

boto3 client exceptions are generated in runtime. This class provides code completion for boto3.client("iam").exceptions structure.

# Exceptions.exceptions usage example

client = boto3.client("iam")

try:
    do_something(client)
except (
    client.exceptions.ClientError,
    client.exceptions.ConcurrentModificationException,
    client.exceptions.CredentialReportExpiredException,
    client.exceptions.CredentialReportNotPresentException,
    client.exceptions.CredentialReportNotReadyException,
    client.exceptions.DeleteConflictException,
    client.exceptions.DuplicateCertificateException,
    client.exceptions.DuplicateSSHPublicKeyException,
    client.exceptions.EntityAlreadyExistsException,
    client.exceptions.EntityTemporarilyUnmodifiableException,
    client.exceptions.InvalidAuthenticationCodeException,
    client.exceptions.InvalidCertificateException,
    client.exceptions.InvalidInputException,
    client.exceptions.InvalidPublicKeyException,
    client.exceptions.InvalidUserTypeException,
    client.exceptions.KeyPairMismatchException,
    client.exceptions.LimitExceededException,
    client.exceptions.MalformedCertificateException,
    client.exceptions.MalformedPolicyDocumentException,
    client.exceptions.NoSuchEntityException,
    client.exceptions.PasswordPolicyViolationException,
    client.exceptions.PolicyEvaluationException,
    client.exceptions.PolicyNotAttachableException,
    client.exceptions.ReportGenerationLimitExceededException,
    client.exceptions.ServiceFailureException,
    client.exceptions.ServiceNotSupportedException,
    client.exceptions.UnmodifiableEntityException,
    client.exceptions.UnrecognizedPublicKeyEncodingException,
) as e:
    print(e)
# Exceptions.exceptions type checking example

from mypy_boto3_iam.client import Exceptions

def handle_error(exc: Exceptions.ClientError) -> None:
    ...

Methods#

add_client_id_to_open_id_connect_provider#

Adds a new client ID (also known as audience) to the list of client IDs already registered for the specified IAM OpenID Connect (OIDC) provider resource.

Type annotations and code completion for boto3.client("iam").add_client_id_to_open_id_connect_provider method. boto3 documentation

# add_client_id_to_open_id_connect_provider method definition

def add_client_id_to_open_id_connect_provider(
    self,
    *,
    OpenIDConnectProviderArn: str,
    ClientID: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# add_client_id_to_open_id_connect_provider method usage example with argument unpacking

kwargs: AddClientIDToOpenIDConnectProviderRequestRequestTypeDef = {  # (1)
    "OpenIDConnectProviderArn": ...,
    "ClientID": ...,
}

parent.add_client_id_to_open_id_connect_provider(**kwargs)
  1. See AddClientIDToOpenIDConnectProviderRequestRequestTypeDef

add_role_to_instance_profile#

Adds the specified IAM role to the specified instance profile.

Type annotations and code completion for boto3.client("iam").add_role_to_instance_profile method. boto3 documentation

# add_role_to_instance_profile method definition

def add_role_to_instance_profile(
    self,
    *,
    InstanceProfileName: str,
    RoleName: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# add_role_to_instance_profile method usage example with argument unpacking

kwargs: AddRoleToInstanceProfileRequestRequestTypeDef = {  # (1)
    "InstanceProfileName": ...,
    "RoleName": ...,
}

parent.add_role_to_instance_profile(**kwargs)
  1. See AddRoleToInstanceProfileRequestRequestTypeDef

add_user_to_group#

Adds the specified user to the specified group.

Type annotations and code completion for boto3.client("iam").add_user_to_group method. boto3 documentation

# add_user_to_group method definition

def add_user_to_group(
    self,
    *,
    GroupName: str,
    UserName: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# add_user_to_group method usage example with argument unpacking

kwargs: AddUserToGroupRequestRequestTypeDef = {  # (1)
    "GroupName": ...,
    "UserName": ...,
}

parent.add_user_to_group(**kwargs)
  1. See AddUserToGroupRequestRequestTypeDef

attach_group_policy#

Attaches the specified managed policy to the specified IAM group.

Type annotations and code completion for boto3.client("iam").attach_group_policy method. boto3 documentation

# attach_group_policy method definition

def attach_group_policy(
    self,
    *,
    GroupName: str,
    PolicyArn: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# attach_group_policy method usage example with argument unpacking

kwargs: AttachGroupPolicyRequestRequestTypeDef = {  # (1)
    "GroupName": ...,
    "PolicyArn": ...,
}

parent.attach_group_policy(**kwargs)
  1. See AttachGroupPolicyRequestRequestTypeDef

attach_role_policy#

Attaches the specified managed policy to the specified IAM role.

Type annotations and code completion for boto3.client("iam").attach_role_policy method. boto3 documentation

# attach_role_policy method definition

def attach_role_policy(
    self,
    *,
    RoleName: str,
    PolicyArn: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# attach_role_policy method usage example with argument unpacking

kwargs: AttachRolePolicyRequestRequestTypeDef = {  # (1)
    "RoleName": ...,
    "PolicyArn": ...,
}

parent.attach_role_policy(**kwargs)
  1. See AttachRolePolicyRequestRequestTypeDef

attach_user_policy#

Attaches the specified managed policy to the specified user.

Type annotations and code completion for boto3.client("iam").attach_user_policy method. boto3 documentation

# attach_user_policy method definition

def attach_user_policy(
    self,
    *,
    UserName: str,
    PolicyArn: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# attach_user_policy method usage example with argument unpacking

kwargs: AttachUserPolicyRequestRequestTypeDef = {  # (1)
    "UserName": ...,
    "PolicyArn": ...,
}

parent.attach_user_policy(**kwargs)
  1. See AttachUserPolicyRequestRequestTypeDef

can_paginate#

Check if an operation can be paginated.

Type annotations and code completion for boto3.client("iam").can_paginate method. boto3 documentation

# can_paginate method definition

def can_paginate(
    self,
    operation_name: str,
) -> bool:
    ...

change_password#

Changes the password of the IAM user who is calling this operation.

Type annotations and code completion for boto3.client("iam").change_password method. boto3 documentation

# change_password method definition

def change_password(
    self,
    *,
    OldPassword: str,
    NewPassword: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# change_password method usage example with argument unpacking

kwargs: ChangePasswordRequestRequestTypeDef = {  # (1)
    "OldPassword": ...,
    "NewPassword": ...,
}

parent.change_password(**kwargs)
  1. See ChangePasswordRequestRequestTypeDef

close#

Closes underlying endpoint connections.

Type annotations and code completion for boto3.client("iam").close method. boto3 documentation

# close method definition

def close(
    self,
) -> None:
    ...

create_access_key#

Creates a new Amazon Web Services secret access key and corresponding Amazon Web Services access key ID for the specified user.

Type annotations and code completion for boto3.client("iam").create_access_key method. boto3 documentation

# create_access_key method definition

def create_access_key(
    self,
    *,
    UserName: str = ...,
) -> CreateAccessKeyResponseTypeDef:  # (1)
    ...
  1. See CreateAccessKeyResponseTypeDef
# create_access_key method usage example with argument unpacking

kwargs: CreateAccessKeyRequestRequestTypeDef = {  # (1)
    "UserName": ...,
}

parent.create_access_key(**kwargs)
  1. See CreateAccessKeyRequestRequestTypeDef

create_account_alias#

Creates an alias for your Amazon Web Services account.

Type annotations and code completion for boto3.client("iam").create_account_alias method. boto3 documentation

# create_account_alias method definition

def create_account_alias(
    self,
    *,
    AccountAlias: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# create_account_alias method usage example with argument unpacking

kwargs: CreateAccountAliasRequestRequestTypeDef = {  # (1)
    "AccountAlias": ...,
}

parent.create_account_alias(**kwargs)
  1. See CreateAccountAliasRequestRequestTypeDef

create_group#

Creates a new group.

Type annotations and code completion for boto3.client("iam").create_group method. boto3 documentation

# create_group method definition

def create_group(
    self,
    *,
    GroupName: str,
    Path: str = ...,
) -> CreateGroupResponseTypeDef:  # (1)
    ...
  1. See CreateGroupResponseTypeDef
# create_group method usage example with argument unpacking

kwargs: CreateGroupRequestRequestTypeDef = {  # (1)
    "GroupName": ...,
}

parent.create_group(**kwargs)
  1. See CreateGroupRequestRequestTypeDef

create_instance_profile#

Creates a new instance profile.

Type annotations and code completion for boto3.client("iam").create_instance_profile method. boto3 documentation

# create_instance_profile method definition

def create_instance_profile(
    self,
    *,
    InstanceProfileName: str,
    Path: str = ...,
    Tags: Sequence[TagTypeDef] = ...,  # (1)
) -> CreateInstanceProfileResponseTypeDef:  # (2)
    ...
  1. See TagTypeDef
  2. See CreateInstanceProfileResponseTypeDef
# create_instance_profile method usage example with argument unpacking

kwargs: CreateInstanceProfileRequestRequestTypeDef = {  # (1)
    "InstanceProfileName": ...,
}

parent.create_instance_profile(**kwargs)
  1. See CreateInstanceProfileRequestRequestTypeDef

create_login_profile#

Creates a password for the specified IAM user.

Type annotations and code completion for boto3.client("iam").create_login_profile method. boto3 documentation

# create_login_profile method definition

def create_login_profile(
    self,
    *,
    UserName: str,
    Password: str,
    PasswordResetRequired: bool = ...,
) -> CreateLoginProfileResponseTypeDef:  # (1)
    ...
  1. See CreateLoginProfileResponseTypeDef
# create_login_profile method usage example with argument unpacking

kwargs: CreateLoginProfileRequestRequestTypeDef = {  # (1)
    "UserName": ...,
    "Password": ...,
}

parent.create_login_profile(**kwargs)
  1. See CreateLoginProfileRequestRequestTypeDef

create_open_id_connect_provider#

Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC) <http://openid.net/connect/>__.

Type annotations and code completion for boto3.client("iam").create_open_id_connect_provider method. boto3 documentation

# create_open_id_connect_provider method definition

def create_open_id_connect_provider(
    self,
    *,
    Url: str,
    ThumbprintList: Sequence[str],
    ClientIDList: Sequence[str] = ...,
    Tags: Sequence[TagTypeDef] = ...,  # (1)
) -> CreateOpenIDConnectProviderResponseTypeDef:  # (2)
    ...
  1. See TagTypeDef
  2. See CreateOpenIDConnectProviderResponseTypeDef
# create_open_id_connect_provider method usage example with argument unpacking

kwargs: CreateOpenIDConnectProviderRequestRequestTypeDef = {  # (1)
    "Url": ...,
    "ThumbprintList": ...,
}

parent.create_open_id_connect_provider(**kwargs)
  1. See CreateOpenIDConnectProviderRequestRequestTypeDef

create_policy#

Creates a new managed policy for your Amazon Web Services account.

Type annotations and code completion for boto3.client("iam").create_policy method. boto3 documentation

# create_policy method definition

def create_policy(
    self,
    *,
    PolicyName: str,
    PolicyDocument: str,
    Path: str = ...,
    Description: str = ...,
    Tags: Sequence[TagTypeDef] = ...,  # (1)
) -> CreatePolicyResponseTypeDef:  # (2)
    ...
  1. See TagTypeDef
  2. See CreatePolicyResponseTypeDef
# create_policy method usage example with argument unpacking

kwargs: CreatePolicyRequestRequestTypeDef = {  # (1)
    "PolicyName": ...,
    "PolicyDocument": ...,
}

parent.create_policy(**kwargs)
  1. See CreatePolicyRequestRequestTypeDef

create_policy_version#

Creates a new version of the specified managed policy.

Type annotations and code completion for boto3.client("iam").create_policy_version method. boto3 documentation

# create_policy_version method definition

def create_policy_version(
    self,
    *,
    PolicyArn: str,
    PolicyDocument: str,
    SetAsDefault: bool = ...,
) -> CreatePolicyVersionResponseTypeDef:  # (1)
    ...
  1. See CreatePolicyVersionResponseTypeDef
# create_policy_version method usage example with argument unpacking

kwargs: CreatePolicyVersionRequestRequestTypeDef = {  # (1)
    "PolicyArn": ...,
    "PolicyDocument": ...,
}

parent.create_policy_version(**kwargs)
  1. See CreatePolicyVersionRequestRequestTypeDef

create_role#

Creates a new role for your Amazon Web Services account.

Type annotations and code completion for boto3.client("iam").create_role method. boto3 documentation

# create_role method definition

def create_role(
    self,
    *,
    RoleName: str,
    AssumeRolePolicyDocument: str,
    Path: str = ...,
    Description: str = ...,
    MaxSessionDuration: int = ...,
    PermissionsBoundary: str = ...,
    Tags: Sequence[TagTypeDef] = ...,  # (1)
) -> CreateRoleResponseTypeDef:  # (2)
    ...
  1. See TagTypeDef
  2. See CreateRoleResponseTypeDef
# create_role method usage example with argument unpacking

kwargs: CreateRoleRequestRequestTypeDef = {  # (1)
    "RoleName": ...,
    "AssumeRolePolicyDocument": ...,
}

parent.create_role(**kwargs)
  1. See CreateRoleRequestRequestTypeDef

create_saml_provider#

Creates an IAM resource that describes an identity provider (IdP) that supports SAML 2.0.

Type annotations and code completion for boto3.client("iam").create_saml_provider method. boto3 documentation

# create_saml_provider method definition

def create_saml_provider(
    self,
    *,
    SAMLMetadataDocument: str,
    Name: str,
    Tags: Sequence[TagTypeDef] = ...,  # (1)
) -> CreateSAMLProviderResponseTypeDef:  # (2)
    ...
  1. See TagTypeDef
  2. See CreateSAMLProviderResponseTypeDef
# create_saml_provider method usage example with argument unpacking

kwargs: CreateSAMLProviderRequestRequestTypeDef = {  # (1)
    "SAMLMetadataDocument": ...,
    "Name": ...,
}

parent.create_saml_provider(**kwargs)
  1. See CreateSAMLProviderRequestRequestTypeDef

create_service_linked_role#

Creates an IAM role that is linked to a specific Amazon Web Services service.

Type annotations and code completion for boto3.client("iam").create_service_linked_role method. boto3 documentation

# create_service_linked_role method definition

def create_service_linked_role(
    self,
    *,
    AWSServiceName: str,
    Description: str = ...,
    CustomSuffix: str = ...,
) -> CreateServiceLinkedRoleResponseTypeDef:  # (1)
    ...
  1. See CreateServiceLinkedRoleResponseTypeDef
# create_service_linked_role method usage example with argument unpacking

kwargs: CreateServiceLinkedRoleRequestRequestTypeDef = {  # (1)
    "AWSServiceName": ...,
}

parent.create_service_linked_role(**kwargs)
  1. See CreateServiceLinkedRoleRequestRequestTypeDef

create_service_specific_credential#

Generates a set of credentials consisting of a user name and password that can be used to access the service specified in the request.

Type annotations and code completion for boto3.client("iam").create_service_specific_credential method. boto3 documentation

# create_service_specific_credential method definition

def create_service_specific_credential(
    self,
    *,
    UserName: str,
    ServiceName: str,
) -> CreateServiceSpecificCredentialResponseTypeDef:  # (1)
    ...
  1. See CreateServiceSpecificCredentialResponseTypeDef
# create_service_specific_credential method usage example with argument unpacking

kwargs: CreateServiceSpecificCredentialRequestRequestTypeDef = {  # (1)
    "UserName": ...,
    "ServiceName": ...,
}

parent.create_service_specific_credential(**kwargs)
  1. See CreateServiceSpecificCredentialRequestRequestTypeDef

create_user#

Creates a new IAM user for your Amazon Web Services account.

Type annotations and code completion for boto3.client("iam").create_user method. boto3 documentation

# create_user method definition

def create_user(
    self,
    *,
    UserName: str,
    Path: str = ...,
    PermissionsBoundary: str = ...,
    Tags: Sequence[TagTypeDef] = ...,  # (1)
) -> CreateUserResponseTypeDef:  # (2)
    ...
  1. See TagTypeDef
  2. See CreateUserResponseTypeDef
# create_user method usage example with argument unpacking

kwargs: CreateUserRequestRequestTypeDef = {  # (1)
    "UserName": ...,
}

parent.create_user(**kwargs)
  1. See CreateUserRequestRequestTypeDef

create_virtual_mfa_device#

Creates a new virtual MFA device for the Amazon Web Services account.

Type annotations and code completion for boto3.client("iam").create_virtual_mfa_device method. boto3 documentation

# create_virtual_mfa_device method definition

def create_virtual_mfa_device(
    self,
    *,
    VirtualMFADeviceName: str,
    Path: str = ...,
    Tags: Sequence[TagTypeDef] = ...,  # (1)
) -> CreateVirtualMFADeviceResponseTypeDef:  # (2)
    ...
  1. See TagTypeDef
  2. See CreateVirtualMFADeviceResponseTypeDef
# create_virtual_mfa_device method usage example with argument unpacking

kwargs: CreateVirtualMFADeviceRequestRequestTypeDef = {  # (1)
    "VirtualMFADeviceName": ...,
}

parent.create_virtual_mfa_device(**kwargs)
  1. See CreateVirtualMFADeviceRequestRequestTypeDef

deactivate_mfa_device#

Deactivates the specified MFA device and removes it from association with the user name for which it was originally enabled.

Type annotations and code completion for boto3.client("iam").deactivate_mfa_device method. boto3 documentation

# deactivate_mfa_device method definition

def deactivate_mfa_device(
    self,
    *,
    UserName: str,
    SerialNumber: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# deactivate_mfa_device method usage example with argument unpacking

kwargs: DeactivateMFADeviceRequestRequestTypeDef = {  # (1)
    "UserName": ...,
    "SerialNumber": ...,
}

parent.deactivate_mfa_device(**kwargs)
  1. See DeactivateMFADeviceRequestRequestTypeDef

delete_access_key#

Deletes the access key pair associated with the specified IAM user.

Type annotations and code completion for boto3.client("iam").delete_access_key method. boto3 documentation

# delete_access_key method definition

def delete_access_key(
    self,
    *,
    AccessKeyId: str,
    UserName: str = ...,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_access_key method usage example with argument unpacking

kwargs: DeleteAccessKeyRequestRequestTypeDef = {  # (1)
    "AccessKeyId": ...,
}

parent.delete_access_key(**kwargs)
  1. See DeleteAccessKeyRequestRequestTypeDef

delete_account_alias#

Deletes the specified Amazon Web Services account alias.

Type annotations and code completion for boto3.client("iam").delete_account_alias method. boto3 documentation

# delete_account_alias method definition

def delete_account_alias(
    self,
    *,
    AccountAlias: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_account_alias method usage example with argument unpacking

kwargs: DeleteAccountAliasRequestRequestTypeDef = {  # (1)
    "AccountAlias": ...,
}

parent.delete_account_alias(**kwargs)
  1. See DeleteAccountAliasRequestRequestTypeDef

delete_account_password_policy#

Deletes the password policy for the Amazon Web Services account.

Type annotations and code completion for boto3.client("iam").delete_account_password_policy method. boto3 documentation

# delete_account_password_policy method definition

def delete_account_password_policy(
    self,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef

delete_group#

Deletes the specified IAM group.

Type annotations and code completion for boto3.client("iam").delete_group method. boto3 documentation

# delete_group method definition

def delete_group(
    self,
    *,
    GroupName: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_group method usage example with argument unpacking

kwargs: DeleteGroupRequestRequestTypeDef = {  # (1)
    "GroupName": ...,
}

parent.delete_group(**kwargs)
  1. See DeleteGroupRequestRequestTypeDef

delete_group_policy#

Deletes the specified inline policy that is embedded in the specified IAM group.

Type annotations and code completion for boto3.client("iam").delete_group_policy method. boto3 documentation

# delete_group_policy method definition

def delete_group_policy(
    self,
    *,
    GroupName: str,
    PolicyName: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_group_policy method usage example with argument unpacking

kwargs: DeleteGroupPolicyRequestRequestTypeDef = {  # (1)
    "GroupName": ...,
    "PolicyName": ...,
}

parent.delete_group_policy(**kwargs)
  1. See DeleteGroupPolicyRequestRequestTypeDef

delete_instance_profile#

Deletes the specified instance profile.

Type annotations and code completion for boto3.client("iam").delete_instance_profile method. boto3 documentation

# delete_instance_profile method definition

def delete_instance_profile(
    self,
    *,
    InstanceProfileName: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_instance_profile method usage example with argument unpacking

kwargs: DeleteInstanceProfileRequestRequestTypeDef = {  # (1)
    "InstanceProfileName": ...,
}

parent.delete_instance_profile(**kwargs)
  1. See DeleteInstanceProfileRequestRequestTypeDef

delete_login_profile#

Deletes the password for the specified IAM user, For more information, see Managing passwords for IAM users_.

Type annotations and code completion for boto3.client("iam").delete_login_profile method. boto3 documentation

# delete_login_profile method definition

def delete_login_profile(
    self,
    *,
    UserName: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_login_profile method usage example with argument unpacking

kwargs: DeleteLoginProfileRequestRequestTypeDef = {  # (1)
    "UserName": ...,
}

parent.delete_login_profile(**kwargs)
  1. See DeleteLoginProfileRequestRequestTypeDef

delete_open_id_connect_provider#

Deletes an OpenID Connect identity provider (IdP) resource object in IAM.

Type annotations and code completion for boto3.client("iam").delete_open_id_connect_provider method. boto3 documentation

# delete_open_id_connect_provider method definition

def delete_open_id_connect_provider(
    self,
    *,
    OpenIDConnectProviderArn: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_open_id_connect_provider method usage example with argument unpacking

kwargs: DeleteOpenIDConnectProviderRequestRequestTypeDef = {  # (1)
    "OpenIDConnectProviderArn": ...,
}

parent.delete_open_id_connect_provider(**kwargs)
  1. See DeleteOpenIDConnectProviderRequestRequestTypeDef

delete_policy#

Deletes the specified managed policy.

Type annotations and code completion for boto3.client("iam").delete_policy method. boto3 documentation

# delete_policy method definition

def delete_policy(
    self,
    *,
    PolicyArn: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_policy method usage example with argument unpacking

kwargs: DeletePolicyRequestRequestTypeDef = {  # (1)
    "PolicyArn": ...,
}

parent.delete_policy(**kwargs)
  1. See DeletePolicyRequestRequestTypeDef

delete_policy_version#

Deletes the specified version from the specified managed policy.

Type annotations and code completion for boto3.client("iam").delete_policy_version method. boto3 documentation

# delete_policy_version method definition

def delete_policy_version(
    self,
    *,
    PolicyArn: str,
    VersionId: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_policy_version method usage example with argument unpacking

kwargs: DeletePolicyVersionRequestRequestTypeDef = {  # (1)
    "PolicyArn": ...,
    "VersionId": ...,
}

parent.delete_policy_version(**kwargs)
  1. See DeletePolicyVersionRequestRequestTypeDef

delete_role#

Deletes the specified role.

Type annotations and code completion for boto3.client("iam").delete_role method. boto3 documentation

# delete_role method definition

def delete_role(
    self,
    *,
    RoleName: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_role method usage example with argument unpacking

kwargs: DeleteRoleRequestRequestTypeDef = {  # (1)
    "RoleName": ...,
}

parent.delete_role(**kwargs)
  1. See DeleteRoleRequestRequestTypeDef

delete_role_permissions_boundary#

Deletes the permissions boundary for the specified IAM role.

Type annotations and code completion for boto3.client("iam").delete_role_permissions_boundary method. boto3 documentation

# delete_role_permissions_boundary method definition

def delete_role_permissions_boundary(
    self,
    *,
    RoleName: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_role_permissions_boundary method usage example with argument unpacking

kwargs: DeleteRolePermissionsBoundaryRequestRequestTypeDef = {  # (1)
    "RoleName": ...,
}

parent.delete_role_permissions_boundary(**kwargs)
  1. See DeleteRolePermissionsBoundaryRequestRequestTypeDef

delete_role_policy#

Deletes the specified inline policy that is embedded in the specified IAM role.

Type annotations and code completion for boto3.client("iam").delete_role_policy method. boto3 documentation

# delete_role_policy method definition

def delete_role_policy(
    self,
    *,
    RoleName: str,
    PolicyName: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_role_policy method usage example with argument unpacking

kwargs: DeleteRolePolicyRequestRequestTypeDef = {  # (1)
    "RoleName": ...,
    "PolicyName": ...,
}

parent.delete_role_policy(**kwargs)
  1. See DeleteRolePolicyRequestRequestTypeDef

delete_saml_provider#

Deletes a SAML provider resource in IAM.

Type annotations and code completion for boto3.client("iam").delete_saml_provider method. boto3 documentation

# delete_saml_provider method definition

def delete_saml_provider(
    self,
    *,
    SAMLProviderArn: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_saml_provider method usage example with argument unpacking

kwargs: DeleteSAMLProviderRequestRequestTypeDef = {  # (1)
    "SAMLProviderArn": ...,
}

parent.delete_saml_provider(**kwargs)
  1. See DeleteSAMLProviderRequestRequestTypeDef

delete_server_certificate#

Deletes the specified server certificate.

Type annotations and code completion for boto3.client("iam").delete_server_certificate method. boto3 documentation

# delete_server_certificate method definition

def delete_server_certificate(
    self,
    *,
    ServerCertificateName: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_server_certificate method usage example with argument unpacking

kwargs: DeleteServerCertificateRequestRequestTypeDef = {  # (1)
    "ServerCertificateName": ...,
}

parent.delete_server_certificate(**kwargs)
  1. See DeleteServerCertificateRequestRequestTypeDef

delete_service_linked_role#

Submits a service-linked role deletion request and returns a DeletionTaskId, which you can use to check the status of the deletion.

Type annotations and code completion for boto3.client("iam").delete_service_linked_role method. boto3 documentation

# delete_service_linked_role method definition

def delete_service_linked_role(
    self,
    *,
    RoleName: str,
) -> DeleteServiceLinkedRoleResponseTypeDef:  # (1)
    ...
  1. See DeleteServiceLinkedRoleResponseTypeDef
# delete_service_linked_role method usage example with argument unpacking

kwargs: DeleteServiceLinkedRoleRequestRequestTypeDef = {  # (1)
    "RoleName": ...,
}

parent.delete_service_linked_role(**kwargs)
  1. See DeleteServiceLinkedRoleRequestRequestTypeDef

delete_service_specific_credential#

Deletes the specified service-specific credential.

Type annotations and code completion for boto3.client("iam").delete_service_specific_credential method. boto3 documentation

# delete_service_specific_credential method definition

def delete_service_specific_credential(
    self,
    *,
    ServiceSpecificCredentialId: str,
    UserName: str = ...,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_service_specific_credential method usage example with argument unpacking

kwargs: DeleteServiceSpecificCredentialRequestRequestTypeDef = {  # (1)
    "ServiceSpecificCredentialId": ...,
}

parent.delete_service_specific_credential(**kwargs)
  1. See DeleteServiceSpecificCredentialRequestRequestTypeDef

delete_signing_certificate#

Deletes a signing certificate associated with the specified IAM user.

Type annotations and code completion for boto3.client("iam").delete_signing_certificate method. boto3 documentation

# delete_signing_certificate method definition

def delete_signing_certificate(
    self,
    *,
    CertificateId: str,
    UserName: str = ...,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_signing_certificate method usage example with argument unpacking

kwargs: DeleteSigningCertificateRequestRequestTypeDef = {  # (1)
    "CertificateId": ...,
}

parent.delete_signing_certificate(**kwargs)
  1. See DeleteSigningCertificateRequestRequestTypeDef

delete_ssh_public_key#

Deletes the specified SSH public key.

Type annotations and code completion for boto3.client("iam").delete_ssh_public_key method. boto3 documentation

# delete_ssh_public_key method definition

def delete_ssh_public_key(
    self,
    *,
    UserName: str,
    SSHPublicKeyId: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_ssh_public_key method usage example with argument unpacking

kwargs: DeleteSSHPublicKeyRequestRequestTypeDef = {  # (1)
    "UserName": ...,
    "SSHPublicKeyId": ...,
}

parent.delete_ssh_public_key(**kwargs)
  1. See DeleteSSHPublicKeyRequestRequestTypeDef

delete_user#

Deletes the specified IAM user.

Type annotations and code completion for boto3.client("iam").delete_user method. boto3 documentation

# delete_user method definition

def delete_user(
    self,
    *,
    UserName: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_user method usage example with argument unpacking

kwargs: DeleteUserRequestRequestTypeDef = {  # (1)
    "UserName": ...,
}

parent.delete_user(**kwargs)
  1. See DeleteUserRequestRequestTypeDef

delete_user_permissions_boundary#

Deletes the permissions boundary for the specified IAM user.

Type annotations and code completion for boto3.client("iam").delete_user_permissions_boundary method. boto3 documentation

# delete_user_permissions_boundary method definition

def delete_user_permissions_boundary(
    self,
    *,
    UserName: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_user_permissions_boundary method usage example with argument unpacking

kwargs: DeleteUserPermissionsBoundaryRequestRequestTypeDef = {  # (1)
    "UserName": ...,
}

parent.delete_user_permissions_boundary(**kwargs)
  1. See DeleteUserPermissionsBoundaryRequestRequestTypeDef

delete_user_policy#

Deletes the specified inline policy that is embedded in the specified IAM user.

Type annotations and code completion for boto3.client("iam").delete_user_policy method. boto3 documentation

# delete_user_policy method definition

def delete_user_policy(
    self,
    *,
    UserName: str,
    PolicyName: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_user_policy method usage example with argument unpacking

kwargs: DeleteUserPolicyRequestRequestTypeDef = {  # (1)
    "UserName": ...,
    "PolicyName": ...,
}

parent.delete_user_policy(**kwargs)
  1. See DeleteUserPolicyRequestRequestTypeDef

delete_virtual_mfa_device#

Deletes a virtual MFA device.

Type annotations and code completion for boto3.client("iam").delete_virtual_mfa_device method. boto3 documentation

# delete_virtual_mfa_device method definition

def delete_virtual_mfa_device(
    self,
    *,
    SerialNumber: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# delete_virtual_mfa_device method usage example with argument unpacking

kwargs: DeleteVirtualMFADeviceRequestRequestTypeDef = {  # (1)
    "SerialNumber": ...,
}

parent.delete_virtual_mfa_device(**kwargs)
  1. See DeleteVirtualMFADeviceRequestRequestTypeDef

detach_group_policy#

Removes the specified managed policy from the specified IAM group.

Type annotations and code completion for boto3.client("iam").detach_group_policy method. boto3 documentation

# detach_group_policy method definition

def detach_group_policy(
    self,
    *,
    GroupName: str,
    PolicyArn: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# detach_group_policy method usage example with argument unpacking

kwargs: DetachGroupPolicyRequestRequestTypeDef = {  # (1)
    "GroupName": ...,
    "PolicyArn": ...,
}

parent.detach_group_policy(**kwargs)
  1. See DetachGroupPolicyRequestRequestTypeDef

detach_role_policy#

Removes the specified managed policy from the specified role.

Type annotations and code completion for boto3.client("iam").detach_role_policy method. boto3 documentation

# detach_role_policy method definition

def detach_role_policy(
    self,
    *,
    RoleName: str,
    PolicyArn: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# detach_role_policy method usage example with argument unpacking

kwargs: DetachRolePolicyRequestRequestTypeDef = {  # (1)
    "RoleName": ...,
    "PolicyArn": ...,
}

parent.detach_role_policy(**kwargs)
  1. See DetachRolePolicyRequestRequestTypeDef

detach_user_policy#

Removes the specified managed policy from the specified user.

Type annotations and code completion for boto3.client("iam").detach_user_policy method. boto3 documentation

# detach_user_policy method definition

def detach_user_policy(
    self,
    *,
    UserName: str,
    PolicyArn: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# detach_user_policy method usage example with argument unpacking

kwargs: DetachUserPolicyRequestRequestTypeDef = {  # (1)
    "UserName": ...,
    "PolicyArn": ...,
}

parent.detach_user_policy(**kwargs)
  1. See DetachUserPolicyRequestRequestTypeDef

enable_mfa_device#

Enables the specified MFA device and associates it with the specified IAM user.

Type annotations and code completion for boto3.client("iam").enable_mfa_device method. boto3 documentation

# enable_mfa_device method definition

def enable_mfa_device(
    self,
    *,
    UserName: str,
    SerialNumber: str,
    AuthenticationCode1: str,
    AuthenticationCode2: str,
) -> EmptyResponseMetadataTypeDef:  # (1)
    ...
  1. See EmptyResponseMetadataTypeDef
# enable_mfa_device method usage example with argument unpacking

kwargs: EnableMFADeviceRequestRequestTypeDef = {  # (1)
    "UserName": ...,
    "SerialNumber": ...,
    "AuthenticationCode1": ...,
    "AuthenticationCode2": ...,
}

parent.enable_mfa_device(**kwargs)
  1. See EnableMFADeviceRequestRequestTypeDef

generate_credential_report#

Generates a credential report for the Amazon Web Services account.

Type annotations and code completion for boto3.client("iam").generate_credential_report method. boto3 documentation

# generate_credential_report method definition

def generate_credential_report(
    self,
) -> GenerateCredentialReportResponseTypeDef:  # (1)
    ...
  1. See GenerateCredentialReportResponseTypeDef

generate_organizations_access_report#

Generates a report for service last accessed data for Organizations.

Type annotations and code completion for boto3.client("iam").generate_organizations_access_report method. boto3 documentation

# generate_organizations_access_report method definition

def generate_organizations_access_report(
    self,
    *,
    EntityPath: str,
    OrganizationsPolicyId: str = ...,
) -> GenerateOrganizationsAccessReportResponseTypeDef:  # (1)
    ...
  1. See GenerateOrganizationsAccessReportResponseTypeDef
# generate_organizations_access_report method usage example with argument unpacking

kwargs: GenerateOrganizationsAccessReportRequestRequestTypeDef = {  # (1)
    "EntityPath": ...,
}

parent.generate_organizations_access_report(**kwargs)
  1. See GenerateOrganizationsAccessReportRequestRequestTypeDef

generate_presigned_url#

Generate a presigned url given a client, its method, and arguments.

Type annotations and code completion for boto3.client("iam").generate_presigned_url method. boto3 documentation

# generate_presigned_url method definition

def generate_presigned_url(
    self,
    ClientMethod: str,
    Params: Mapping[str, Any] = ...,
    ExpiresIn: int = 3600,
    HttpMethod: str = ...,
) -> str:
    ...

generate_service_last_accessed_details#

Generates a report that includes details about when an IAM resource (user, group, role, or policy) was last used in an attempt to access Amazon Web Services services.

Type annotations and code completion for boto3.client("iam").generate_service_last_accessed_details method. boto3 documentation

# generate_service_last_accessed_details method definition

def generate_service_last_accessed_details(
    self,
    *,
    Arn: str,
    Granularity: AccessAdvisorUsageGranularityTypeType = ...,  # (1)
) -> GenerateServiceLastAccessedDetailsResponseTypeDef:  # (2)
    ...
  1. See AccessAdvisorUsageGranularityTypeType
  2. See GenerateServiceLastAccessedDetailsResponseTypeDef
# generate_service_last_accessed_details method usage example with argument unpacking

kwargs: GenerateServiceLastAccessedDetailsRequestRequestTypeDef = {  # (1)
    "Arn": ...,
}

parent.generate_service_last_accessed_details(**kwargs)
  1. See GenerateServiceLastAccessedDetailsRequestRequestTypeDef

get_access_key_last_used#

Retrieves information about when the specified access key was last used.

Type annotations and code completion for boto3.client("iam").get_access_key_last_used method. boto3 documentation

# get_access_key_last_used method definition

def get_access_key_last_used(
    self,
    *,
    AccessKeyId: str,
) -> GetAccessKeyLastUsedResponseTypeDef:  # (1)
    ...
  1. See GetAccessKeyLastUsedResponseTypeDef
# get_access_key_last_used method usage example with argument unpacking

kwargs: GetAccessKeyLastUsedRequestRequestTypeDef = {  # (1)
    "AccessKeyId": ...,
}

parent.get_access_key_last_used(**kwargs)
  1. See GetAccessKeyLastUsedRequestRequestTypeDef

get_account_authorization_details#

Retrieves information about all IAM users, groups, roles, and policies in your Amazon Web Services account, including their relationships to one another.

Type annotations and code completion for boto3.client("iam").get_account_authorization_details method. boto3 documentation

# get_account_authorization_details method definition

def get_account_authorization_details(
    self,
    *,
    Filter: Sequence[EntityTypeType] = ...,  # (1)
    MaxItems: int = ...,
    Marker: str = ...,
) -> GetAccountAuthorizationDetailsResponseTypeDef:  # (2)
    ...
  1. See EntityTypeType
  2. See GetAccountAuthorizationDetailsResponseTypeDef
# get_account_authorization_details method usage example with argument unpacking

kwargs: GetAccountAuthorizationDetailsRequestRequestTypeDef = {  # (1)
    "Filter": ...,
}

parent.get_account_authorization_details(**kwargs)
  1. See GetAccountAuthorizationDetailsRequestRequestTypeDef

get_account_password_policy#

Retrieves the password policy for the Amazon Web Services account.

Type annotations and code completion for boto3.client("iam").get_account_password_policy method. boto3 documentation

# get_account_password_policy method definition

def get_account_password_policy(
    self,
) -> GetAccountPasswordPolicyResponseTypeDef:  # (1)
    ...
  1. See GetAccountPasswordPolicyResponseTypeDef

get_account_summary#

Retrieves information about IAM entity usage and IAM quotas in the Amazon Web Services account.

Type annotations and code completion for boto3.client("iam").get_account_summary method. boto3 documentation

# get_account_summary method definition

def get_account_summary(
    self,
) -> GetAccountSummaryResponseTypeDef:  # (1)
    ...
  1. See GetAccountSummaryResponseTypeDef

get_context_keys_for_custom_policy#

Gets a list of all of the context keys referenced in the input policies.

Type annotations and code completion for boto3.client("iam").get_context_keys_for_custom_policy method. boto3 documentation

# get_context_keys_for_custom_policy method definition

def get_context_keys_for_custom_policy(
    self,
    *,
    PolicyInputList: Sequence[str],
) -> GetContextKeysForPolicyResponseTypeDef:  # (1)
    ...
  1. See GetContextKeysForPolicyResponseTypeDef
# get_context_keys_for_custom_policy method usage example with argument unpacking

kwargs: GetContextKeysForCustomPolicyRequestRequestTypeDef = {  # (1)
    "PolicyInputList": ...,
}

parent.get_context_keys_for_custom_policy(**kwargs)
  1. See GetContextKeysForCustomPolicyRequestRequestTypeDef

get_context_keys_for_principal_policy#

Gets a list of all of the context keys referenced in all the IAM policies that are attached to the specified IAM entity.

Type annotations and code completion for boto3.client("iam").get_context_keys_for_principal_policy method. boto3 documentation

# get_context_keys_for_principal_policy method definition

def get_context_keys_for_principal_policy(
    self,
    *,
    PolicySourceArn: str,
    PolicyInputList: Sequence[str] = ...,
) -> GetContextKeysForPolicyResponseTypeDef:  # (1)
    ...
  1. See GetContextKeysForPolicyResponseTypeDef
# get_context_keys_for_principal_policy method usage example with argument unpacking

kwargs: GetContextKeysForPrincipalPolicyRequestRequestTypeDef = {  # (1)
    "PolicySourceArn": ...,
}

parent.get_context_keys_for_principal_policy(**kwargs)
  1. See GetContextKeysForPrincipalPolicyRequestRequestTypeDef

get_credential_report#

Retrieves a credential report for the Amazon Web Services account.

Type annotations and code completion for boto3.client("iam").get_credential_report method.