IAMClient
Auto-generated documentation for IAM type annotations stubs module mypy-boto3-iam.
IAMClient
Type annotations and code completion for boto3.client("iam")
.
boto3 documentation
from boto3.session import Session
from mypy_boto3_iam.client import IAMClient
def get_iam_client() -> IAMClient:
return Session().client("iam")
Exceptions
boto3
client exceptions are generated in runtime.
This class provides code completion for boto3.client("iam").exceptions
structure.
client = boto3.client("iam")
try:
do_something(client)
except (
client.ClientError,
client.ConcurrentModificationException,
client.CredentialReportExpiredException,
client.CredentialReportNotPresentException,
client.CredentialReportNotReadyException,
client.DeleteConflictException,
client.DuplicateCertificateException,
client.DuplicateSSHPublicKeyException,
client.EntityAlreadyExistsException,
client.EntityTemporarilyUnmodifiableException,
client.InvalidAuthenticationCodeException,
client.InvalidCertificateException,
client.InvalidInputException,
client.InvalidPublicKeyException,
client.InvalidUserTypeException,
client.KeyPairMismatchException,
client.LimitExceededException,
client.MalformedCertificateException,
client.MalformedPolicyDocumentException,
client.NoSuchEntityException,
client.PasswordPolicyViolationException,
client.PolicyEvaluationException,
client.PolicyNotAttachableException,
client.ReportGenerationLimitExceededException,
client.ServiceFailureException,
client.ServiceNotSupportedException,
client.UnmodifiableEntityException,
client.UnrecognizedPublicKeyEncodingException,
) as e:
print(e)
from mypy_boto3_iam.client import Exceptions
def handle_error(exc: Exceptions.ClientError) -> None:
...
Methods
add_client_id_to_open_id_connect_provider
Adds a new client ID (also known as audience) to the list of client IDs already registered for the specified IAM OpenID Connect (OIDC) provider resource.
Type annotations and code completion for boto3.client("iam").add_client_id_to_open_id_connect_provider
method.
boto3 documentation
def add_client_id_to_open_id_connect_provider(
self,
*,
OpenIDConnectProviderArn: str,
ClientID: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: AddClientIDToOpenIDConnectProviderRequestRequestTypeDef = { # (1)
"OpenIDConnectProviderArn": ...,
"ClientID": ...,
}
parent.add_client_id_to_open_id_connect_provider(**kwargs)
add_role_to_instance_profile
Adds the specified IAM role to the specified instance profile.
Type annotations and code completion for boto3.client("iam").add_role_to_instance_profile
method.
boto3 documentation
def add_role_to_instance_profile(
self,
*,
InstanceProfileName: str,
RoleName: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: AddRoleToInstanceProfileRequestRequestTypeDef = { # (1)
"InstanceProfileName": ...,
"RoleName": ...,
}
parent.add_role_to_instance_profile(**kwargs)
add_user_to_group
Adds the specified user to the specified group.
Type annotations and code completion for boto3.client("iam").add_user_to_group
method.
boto3 documentation
def add_user_to_group(
self,
*,
GroupName: str,
UserName: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: AddUserToGroupRequestRequestTypeDef = { # (1)
"GroupName": ...,
"UserName": ...,
}
parent.add_user_to_group(**kwargs)
attach_group_policy
Attaches the specified managed policy to the specified IAM group.
Type annotations and code completion for boto3.client("iam").attach_group_policy
method.
boto3 documentation
def attach_group_policy(
self,
*,
GroupName: str,
PolicyArn: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: AttachGroupPolicyRequestRequestTypeDef = { # (1)
"GroupName": ...,
"PolicyArn": ...,
}
parent.attach_group_policy(**kwargs)
attach_role_policy
Attaches the specified managed policy to the specified IAM role.
Type annotations and code completion for boto3.client("iam").attach_role_policy
method.
boto3 documentation
def attach_role_policy(
self,
*,
RoleName: str,
PolicyArn: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: AttachRolePolicyRequestRequestTypeDef = { # (1)
"RoleName": ...,
"PolicyArn": ...,
}
parent.attach_role_policy(**kwargs)
attach_user_policy
Attaches the specified managed policy to the specified user.
Type annotations and code completion for boto3.client("iam").attach_user_policy
method.
boto3 documentation
def attach_user_policy(
self,
*,
UserName: str,
PolicyArn: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: AttachUserPolicyRequestRequestTypeDef = { # (1)
"UserName": ...,
"PolicyArn": ...,
}
parent.attach_user_policy(**kwargs)
can_paginate
Check if an operation can be paginated.
Type annotations and code completion for boto3.client("iam").can_paginate
method.
boto3 documentation
change_password
Changes the password of the IAM user who is calling this operation.
Type annotations and code completion for boto3.client("iam").change_password
method.
boto3 documentation
def change_password(
self,
*,
OldPassword: str,
NewPassword: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: ChangePasswordRequestRequestTypeDef = { # (1)
"OldPassword": ...,
"NewPassword": ...,
}
parent.change_password(**kwargs)
close
Closes underlying endpoint connections.
Type annotations and code completion for boto3.client("iam").close
method.
boto3 documentation
create_access_key
Creates a new Amazon Web Services secret access key and corresponding Amazon Web Services access key ID for the specified user.
Type annotations and code completion for boto3.client("iam").create_access_key
method.
boto3 documentation
def create_access_key(
self,
*,
UserName: str = ...,
) -> CreateAccessKeyResponseTypeDef: # (1)
...
kwargs: CreateAccessKeyRequestRequestTypeDef = { # (1)
"UserName": ...,
}
parent.create_access_key(**kwargs)
create_account_alias
Creates an alias for your Amazon Web Services account.
Type annotations and code completion for boto3.client("iam").create_account_alias
method.
boto3 documentation
def create_account_alias(
self,
*,
AccountAlias: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: CreateAccountAliasRequestRequestTypeDef = { # (1)
"AccountAlias": ...,
}
parent.create_account_alias(**kwargs)
create_group
Creates a new group.
Type annotations and code completion for boto3.client("iam").create_group
method.
boto3 documentation
def create_group(
self,
*,
GroupName: str,
Path: str = ...,
) -> CreateGroupResponseTypeDef: # (1)
...
kwargs: CreateGroupRequestRequestTypeDef = { # (1)
"GroupName": ...,
}
parent.create_group(**kwargs)
create_instance_profile
Creates a new instance profile.
Type annotations and code completion for boto3.client("iam").create_instance_profile
method.
boto3 documentation
def create_instance_profile(
self,
*,
InstanceProfileName: str,
Path: str = ...,
Tags: Sequence[TagTypeDef] = ..., # (1)
) -> CreateInstanceProfileResponseTypeDef: # (2)
...
kwargs: CreateInstanceProfileRequestRequestTypeDef = { # (1)
"InstanceProfileName": ...,
}
parent.create_instance_profile(**kwargs)
create_login_profile
Creates a password for the specified IAM user.
Type annotations and code completion for boto3.client("iam").create_login_profile
method.
boto3 documentation
def create_login_profile(
self,
*,
UserName: str,
Password: str,
PasswordResetRequired: bool = ...,
) -> CreateLoginProfileResponseTypeDef: # (1)
...
kwargs: CreateLoginProfileRequestRequestTypeDef = { # (1)
"UserName": ...,
"Password": ...,
}
parent.create_login_profile(**kwargs)
create_open_id_connect_provider
Creates an IAM entity to describe an identity provider (IdP) that supports
OpenID Connect (OIDC) <http://openid.net/connect/>
__.
Type annotations and code completion for boto3.client("iam").create_open_id_connect_provider
method.
boto3 documentation
def create_open_id_connect_provider(
self,
*,
Url: str,
ThumbprintList: Sequence[str],
ClientIDList: Sequence[str] = ...,
Tags: Sequence[TagTypeDef] = ..., # (1)
) -> CreateOpenIDConnectProviderResponseTypeDef: # (2)
...
kwargs: CreateOpenIDConnectProviderRequestRequestTypeDef = { # (1)
"Url": ...,
"ThumbprintList": ...,
}
parent.create_open_id_connect_provider(**kwargs)
create_policy
Creates a new managed policy for your Amazon Web Services account.
Type annotations and code completion for boto3.client("iam").create_policy
method.
boto3 documentation
def create_policy(
self,
*,
PolicyName: str,
PolicyDocument: str,
Path: str = ...,
Description: str = ...,
Tags: Sequence[TagTypeDef] = ..., # (1)
) -> CreatePolicyResponseTypeDef: # (2)
...
kwargs: CreatePolicyRequestRequestTypeDef = { # (1)
"PolicyName": ...,
"PolicyDocument": ...,
}
parent.create_policy(**kwargs)
create_policy_version
Creates a new version of the specified managed policy.
Type annotations and code completion for boto3.client("iam").create_policy_version
method.
boto3 documentation
def create_policy_version(
self,
*,
PolicyArn: str,
PolicyDocument: str,
SetAsDefault: bool = ...,
) -> CreatePolicyVersionResponseTypeDef: # (1)
...
kwargs: CreatePolicyVersionRequestRequestTypeDef = { # (1)
"PolicyArn": ...,
"PolicyDocument": ...,
}
parent.create_policy_version(**kwargs)
create_role
Creates a new role for your Amazon Web Services account.
Type annotations and code completion for boto3.client("iam").create_role
method.
boto3 documentation
def create_role(
self,
*,
RoleName: str,
AssumeRolePolicyDocument: str,
Path: str = ...,
Description: str = ...,
MaxSessionDuration: int = ...,
PermissionsBoundary: str = ...,
Tags: Sequence[TagTypeDef] = ..., # (1)
) -> CreateRoleResponseTypeDef: # (2)
...
- See TagTypeDef
- See CreateRoleResponseTypeDef
kwargs: CreateRoleRequestRequestTypeDef = { # (1)
"RoleName": ...,
"AssumeRolePolicyDocument": ...,
}
parent.create_role(**kwargs)
create_saml_provider
Creates an IAM resource that describes an identity provider (IdP) that supports SAML 2.0.
Type annotations and code completion for boto3.client("iam").create_saml_provider
method.
boto3 documentation
def create_saml_provider(
self,
*,
SAMLMetadataDocument: str,
Name: str,
Tags: Sequence[TagTypeDef] = ..., # (1)
) -> CreateSAMLProviderResponseTypeDef: # (2)
...
kwargs: CreateSAMLProviderRequestRequestTypeDef = { # (1)
"SAMLMetadataDocument": ...,
"Name": ...,
}
parent.create_saml_provider(**kwargs)
create_service_linked_role
Creates an IAM role that is linked to a specific Amazon Web Services service.
Type annotations and code completion for boto3.client("iam").create_service_linked_role
method.
boto3 documentation
def create_service_linked_role(
self,
*,
AWSServiceName: str,
Description: str = ...,
CustomSuffix: str = ...,
) -> CreateServiceLinkedRoleResponseTypeDef: # (1)
...
kwargs: CreateServiceLinkedRoleRequestRequestTypeDef = { # (1)
"AWSServiceName": ...,
}
parent.create_service_linked_role(**kwargs)
create_service_specific_credential
Generates a set of credentials consisting of a user name and password that can be used to access the service specified in the request.
Type annotations and code completion for boto3.client("iam").create_service_specific_credential
method.
boto3 documentation
def create_service_specific_credential(
self,
*,
UserName: str,
ServiceName: str,
) -> CreateServiceSpecificCredentialResponseTypeDef: # (1)
...
kwargs: CreateServiceSpecificCredentialRequestRequestTypeDef = { # (1)
"UserName": ...,
"ServiceName": ...,
}
parent.create_service_specific_credential(**kwargs)
create_user
Creates a new IAM user for your Amazon Web Services account.
Type annotations and code completion for boto3.client("iam").create_user
method.
boto3 documentation
def create_user(
self,
*,
UserName: str,
Path: str = ...,
PermissionsBoundary: str = ...,
Tags: Sequence[TagTypeDef] = ..., # (1)
) -> CreateUserResponseTypeDef: # (2)
...
- See TagTypeDef
- See CreateUserResponseTypeDef
kwargs: CreateUserRequestRequestTypeDef = { # (1)
"UserName": ...,
}
parent.create_user(**kwargs)
create_virtual_mfa_device
Creates a new virtual MFA device for the Amazon Web Services account.
Type annotations and code completion for boto3.client("iam").create_virtual_mfa_device
method.
boto3 documentation
def create_virtual_mfa_device(
self,
*,
VirtualMFADeviceName: str,
Path: str = ...,
Tags: Sequence[TagTypeDef] = ..., # (1)
) -> CreateVirtualMFADeviceResponseTypeDef: # (2)
...
kwargs: CreateVirtualMFADeviceRequestRequestTypeDef = { # (1)
"VirtualMFADeviceName": ...,
}
parent.create_virtual_mfa_device(**kwargs)
deactivate_mfa_device
Deactivates the specified MFA device and removes it from association with the user name for which it was originally enabled.
Type annotations and code completion for boto3.client("iam").deactivate_mfa_device
method.
boto3 documentation
def deactivate_mfa_device(
self,
*,
UserName: str,
SerialNumber: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: DeactivateMFADeviceRequestRequestTypeDef = { # (1)
"UserName": ...,
"SerialNumber": ...,
}
parent.deactivate_mfa_device(**kwargs)
delete_access_key
Deletes the access key pair associated with the specified IAM user.
Type annotations and code completion for boto3.client("iam").delete_access_key
method.
boto3 documentation
def delete_access_key(
self,
*,
AccessKeyId: str,
UserName: str = ...,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: DeleteAccessKeyRequestRequestTypeDef = { # (1)
"AccessKeyId": ...,
}
parent.delete_access_key(**kwargs)
delete_account_alias
Deletes the specified Amazon Web Services account alias.
Type annotations and code completion for boto3.client("iam").delete_account_alias
method.
boto3 documentation
def delete_account_alias(
self,
*,
AccountAlias: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: DeleteAccountAliasRequestRequestTypeDef = { # (1)
"AccountAlias": ...,
}
parent.delete_account_alias(**kwargs)
delete_account_password_policy
Deletes the password policy for the Amazon Web Services account.
Type annotations and code completion for boto3.client("iam").delete_account_password_policy
method.
boto3 documentation
def delete_account_password_policy(
self,
) -> EmptyResponseMetadataTypeDef: # (1)
...
delete_group
Deletes the specified IAM group.
Type annotations and code completion for boto3.client("iam").delete_group
method.
boto3 documentation
def delete_group(
self,
*,
GroupName: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: DeleteGroupRequestRequestTypeDef = { # (1)
"GroupName": ...,
}
parent.delete_group(**kwargs)
delete_group_policy
Deletes the specified inline policy that is embedded in the specified IAM group.
Type annotations and code completion for boto3.client("iam").delete_group_policy
method.
boto3 documentation
def delete_group_policy(
self,
*,
GroupName: str,
PolicyName: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: DeleteGroupPolicyRequestRequestTypeDef = { # (1)
"GroupName": ...,
"PolicyName": ...,
}
parent.delete_group_policy(**kwargs)
delete_instance_profile
Deletes the specified instance profile.
Type annotations and code completion for boto3.client("iam").delete_instance_profile
method.
boto3 documentation
def delete_instance_profile(
self,
*,
InstanceProfileName: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: DeleteInstanceProfileRequestRequestTypeDef = { # (1)
"InstanceProfileName": ...,
}
parent.delete_instance_profile(**kwargs)
delete_login_profile
Deletes the password for the specified IAM user, For more information, see Managing passwords for IAM users_.
Type annotations and code completion for boto3.client("iam").delete_login_profile
method.
boto3 documentation
def delete_login_profile(
self,
*,
UserName: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: DeleteLoginProfileRequestRequestTypeDef = { # (1)
"UserName": ...,
}
parent.delete_login_profile(**kwargs)
delete_open_id_connect_provider
Deletes an OpenID Connect identity provider (IdP) resource object in IAM.
Type annotations and code completion for boto3.client("iam").delete_open_id_connect_provider
method.
boto3 documentation
def delete_open_id_connect_provider(
self,
*,
OpenIDConnectProviderArn: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: DeleteOpenIDConnectProviderRequestRequestTypeDef = { # (1)
"OpenIDConnectProviderArn": ...,
}
parent.delete_open_id_connect_provider(**kwargs)
delete_policy
Deletes the specified managed policy.
Type annotations and code completion for boto3.client("iam").delete_policy
method.
boto3 documentation
def delete_policy(
self,
*,
PolicyArn: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: DeletePolicyRequestRequestTypeDef = { # (1)
"PolicyArn": ...,
}
parent.delete_policy(**kwargs)
delete_policy_version
Deletes the specified version from the specified managed policy.
Type annotations and code completion for boto3.client("iam").delete_policy_version
method.
boto3 documentation
def delete_policy_version(
self,
*,
PolicyArn: str,
VersionId: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: DeletePolicyVersionRequestRequestTypeDef = { # (1)
"PolicyArn": ...,
"VersionId": ...,
}
parent.delete_policy_version(**kwargs)
delete_role
Deletes the specified role.
Type annotations and code completion for boto3.client("iam").delete_role
method.
boto3 documentation
def delete_role(
self,
*,
RoleName: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: DeleteRoleRequestRequestTypeDef = { # (1)
"RoleName": ...,
}
parent.delete_role(**kwargs)
delete_role_permissions_boundary
Deletes the permissions boundary for the specified IAM role.
Type annotations and code completion for boto3.client("iam").delete_role_permissions_boundary
method.
boto3 documentation
def delete_role_permissions_boundary(
self,
*,
RoleName: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: DeleteRolePermissionsBoundaryRequestRequestTypeDef = { # (1)
"RoleName": ...,
}
parent.delete_role_permissions_boundary(**kwargs)
delete_role_policy
Deletes the specified inline policy that is embedded in the specified IAM role.
Type annotations and code completion for boto3.client("iam").delete_role_policy
method.
boto3 documentation
def delete_role_policy(
self,
*,
RoleName: str,
PolicyName: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: DeleteRolePolicyRequestRequestTypeDef = { # (1)
"RoleName": ...,
"PolicyName": ...,
}
parent.delete_role_policy(**kwargs)
delete_saml_provider
Deletes a SAML provider resource in IAM.
Type annotations and code completion for boto3.client("iam").delete_saml_provider
method.
boto3 documentation
def delete_saml_provider(
self,
*,
SAMLProviderArn: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: DeleteSAMLProviderRequestRequestTypeDef = { # (1)
"SAMLProviderArn": ...,
}
parent.delete_saml_provider(**kwargs)
delete_server_certificate
Deletes the specified server certificate.
Type annotations and code completion for boto3.client("iam").delete_server_certificate
method.
boto3 documentation
def delete_server_certificate(
self,
*,
ServerCertificateName: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: DeleteServerCertificateRequestRequestTypeDef = { # (1)
"ServerCertificateName": ...,
}
parent.delete_server_certificate(**kwargs)
delete_service_linked_role
Submits a service-linked role deletion request and returns a DeletionTaskId
,
which you can use to check the status of the deletion.
Type annotations and code completion for boto3.client("iam").delete_service_linked_role
method.
boto3 documentation
def delete_service_linked_role(
self,
*,
RoleName: str,
) -> DeleteServiceLinkedRoleResponseTypeDef: # (1)
...
kwargs: DeleteServiceLinkedRoleRequestRequestTypeDef = { # (1)
"RoleName": ...,
}
parent.delete_service_linked_role(**kwargs)
delete_service_specific_credential
Deletes the specified service-specific credential.
Type annotations and code completion for boto3.client("iam").delete_service_specific_credential
method.
boto3 documentation
def delete_service_specific_credential(
self,
*,
ServiceSpecificCredentialId: str,
UserName: str = ...,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: DeleteServiceSpecificCredentialRequestRequestTypeDef = { # (1)
"ServiceSpecificCredentialId": ...,
}
parent.delete_service_specific_credential(**kwargs)
delete_signing_certificate
Deletes a signing certificate associated with the specified IAM user.
Type annotations and code completion for boto3.client("iam").delete_signing_certificate
method.
boto3 documentation
def delete_signing_certificate(
self,
*,
CertificateId: str,
UserName: str = ...,
) -> EmptyResponseMetadataTypeDef: # (1)
...
kwargs: DeleteSigningCertificateRequestRequestTypeDef = { # (1)
"CertificateId": ...,
}
parent.delete_signing_certificate(**kwargs)
delete_ssh_public_key
Deletes the specified SSH public key.
Type annotations and code completion for boto3.client("iam").delete_ssh_public_key
method.
boto3 documentation
def delete_ssh_public_key(
self,
*,
UserName: str,
SSHPublicKeyId: str,
) -> EmptyResponseMetadataTypeDef: # (1)
...